Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Fenster werden automatisch inaktiv

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.02.2013, 09:51   #1
KlausdieMaus
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Hallo,

ich habe seit kurz nach meiner Neuinstallation von Windows 7 Prof. das Problem, dass alle Fenster nach einer bestimmten Zeit automatisch inaktiv werden. Das ist vorallem dann nervig, wenn man irgendwelche Texte verfasst, da man dann immer erst wieder ins Fenster klicken muss bevor man weiterschreiben kann.
In der Suche habe ich gefunden, dass es schoneinmal ein ähliches Thema gab:

http://www.trojaner-board.de/104766-...h-inaktiv.html

Jedoch steht dort auch, dass die angebotene Hilfe nur für diejenige Person erstellt wurde und nicht für andere Übertragbar ist.

Einen Suchlauf mit Malwarebytes habe ich bereits durchgeführt, jedoch hat er nichts gefunden.

Woran könnte es sonst noch liegen?

Ich danke euch schonmal im vorraus für eure Hilfe.

Hier noch das Log-File:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.20.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
XXX :: XXX-PC [Administrator]

20.02.2013 17:53:08
mbam-log-2013-02-20 (17-53-08).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 814624
Laufzeit: 1 Stunde(n), 28 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Alt 21.02.2013, 23:49   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Hallo und

Zitat:
von Windows 7 Prof. das Problem
Warum bitte eine Professional Edition für Windows? Wer braucht das als Heimanwender?
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?


Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________

__________________

Alt 22.02.2013, 17:39   #3
KlausdieMaus
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Hallo,

danke für deine Antwort.
Es handelt sich um einen Privaten Laptop. Ich bin Student und habe mir zum Start von Windows 7 die Professional Version zum Studentenpreis gekauft. (War genauso teuer wie die Home-Version).

Hier jetzt die beiden Textfiles von OTL:

Code:
ATTFilter
OTL logfile created on: 22.02.2013 17:13:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\XXX\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 58,34% Memory free
7,80 Gb Paging File | 5,92 Gb Available in Paging File | 75,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 15,19 Gb Free Space | 25,48% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 149,98 Gb Free Space | 32,20% Space Free | Partition Type: NTFS
Drive E: | 7,45 Gb Total Space | 6,84 Gb Free Space | 91,81% Space Free | Partition Type: FAT32
 
Computer Name: XXX-PC | User Name: XXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\XXX\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
PRC - C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\XXX\AppData\Local\Smartbar\Application\QuickShare.exe (Smartbar)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - D:\Program Files (x86)\UGS\UGSLicensing\ugslmd.exe ()
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\USB Server\Networking USB Server\Networking USB Server.exe ()
PRC - D:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe (Acresso Software Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\MACTrackBarLib.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll ()
MOD - C:\Users\XXX\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\Networking USB Server.exe ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\PSMDLL.dll ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\DCPDLL.dll ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\UNTPDLL.dll ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\ESTLogDLL.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (dtsvc) -- C:\Windows\SysNative\DTS.exe ()
SRV:64bit: - (ADMonitor) -- C:\Windows\SysNative\ADMonitor.exe ()
SRV:64bit: - (ATService) -- C:\Windows\SysNative\ATService.exe (AuthenTec, Inc.)
SRV:64bit: - (hasplms) -- C:\Windows\SysNative\hasplms.exe (SafeNet Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SplashtopRemoteService) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SSUService) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
SRV - (SolidWorks Licensing Service) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (NPWService) -- C:\Program Files (x86)\Generic\Network Printer Wizard\NPWService.exe ()
SRV - (CoordinatorServiceHost) -- D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (Remote Solver for Flow Simulation 2012) -- D:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe (Mentor Graphics Corporation)
SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (UGS License Server (ugslmd) -- D:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe (Acresso Software Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ATSwpWDF) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (NUS_Bus) -- C:\Windows\SysNative\drivers\NUS_Bus.sys (Elite Silicon Technology Inc.)
DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV:64bit: - (EST_Server) -- C:\Windows\SysNative\drivers\GenHC.sys ( )
DRV:64bit: - (EST_BusEnum) -- C:\Windows\SysNative\drivers\GenBus.sys ( )
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (aksdf) -- C:\Windows\SysNative\drivers\aksdf.sys (Aladdin Knowledge Systems Ltd.)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (aksfridge) -- C:\Windows\SysNative\drivers\aksfridge.sys (Aladdin Knowledge Systems Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 12 11 B4 A2 B2 CD 01  [binary data]
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: D:\Programme\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2013.02.02 12:10:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.20 11:52:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.10.25 12:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXX\AppData\Roaming\mozilla\Extensions
[2013.02.14 19:40:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXX\AppData\Roaming\mozilla\Firefox\Profiles\52p3ld99.default\extensions
[2013.01.30 16:23:56 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\XXX\AppData\Roaming\mozilla\Firefox\Profiles\52p3ld99.default\extensions\helperbar@helperbar.com
[2012.12.11 18:10:40 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\XXX\AppData\Roaming\mozilla\firefox\profiles\52p3ld99.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.14 19:40:57 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\XXX\AppData\Roaming\mozilla\firefox\profiles\52p3ld99.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.20 11:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.20 11:52:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.20 11:52:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.20 11:52:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.20 11:52:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.20 11:52:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.20 11:52:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.20 11:52:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (AuthenTec)
O4:64bit: - HKLM..\Run: [FingerPrintSoftwareSplashScreen] C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe (AuthenTec, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-116213940-2147198843-1770016352-1001..\Run: [Browser Infrastructure Helper] C:\Users\XXX\AppData\Local\Smartbar\Application\QuickShare.exe (Smartbar)
O4 - HKU\S-1-5-21-116213940-2147198843-1770016352-1001..\Run: [Networking USB Server] C:\Program Files (x86)\USB Server\Networking USB Server\Networking USB Server.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\XXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\XXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files (x86)\Generic\Network Printer Wizard\NPWprint.dll (Elite Silicon Technology Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82136C0A-C63B-4089-86B7-98BE6EF9754C}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBE22D0F-ADEA-42D7-8D20-3FA6425D1123}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\ATFUS: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f945a9c8-1ea7-11e2-b39b-001c259abb7e}\Shell - "" = AutoRun
O33 - MountPoints2\{f945a9c8-1ea7-11e2-b39b-001c259abb7e}\Shell\AutoRun\command - "" = F:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.20 13:45:22 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Sony Corporation
[2013.02.20 13:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
[2013.02.20 13:27:24 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.02.20 13:27:24 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.02.20 13:27:23 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.02.20 13:27:23 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013.02.20 13:21:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2013.02.20 13:21:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013.02.20 13:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Data Converter
[2013.02.20 11:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.19 18:01:08 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\SysNative\rixdicon.dll
[2013.02.19 18:01:08 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\snymsico.dll
[2013.02.19 18:01:08 | 000,067,072 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimmpx64.sys
[2013.02.19 18:01:08 | 000,057,856 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rixdpx64.sys
[2013.02.19 18:01:08 | 000,054,784 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimspx64.sys
[2013.02.16 11:42:06 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Malwarebytes
[2013.02.16 11:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.16 11:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.16 11:41:51 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.16 11:41:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.16 11:41:44 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Programs
[2013.02.15 17:54:22 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\CAM2 Measure 10
[2013.02.15 17:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\FARO Technologies
[2013.02.15 17:53:57 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\CAM2 Measure
[2013.02.15 17:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FARO
[2013.02.15 17:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FARO Shared
[2013.02.15 17:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\FARO Shared
[2013.02.15 17:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\FARO
[2013.02.15 17:51:32 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Downloaded Installations
[2013.02.15 17:50:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.02.15 17:43:28 | 000,071,040 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksdf.sys
[2013.02.15 17:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aladdin Shared
[2013.02.15 17:43:26 | 003,750,400 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\hasplms.exe
[2013.02.15 17:43:26 | 003,750,400 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\aksllmtp.exe
[2013.02.15 17:43:25 | 000,130,816 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksfridge.sys
[2013.02.15 17:43:23 | 000,318,464 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\hardlock.sys
[2013.02.15 16:07:05 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\MAGIX_Guitar_Backing_Maker
[2013.02.15 16:07:05 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\MAGIX Downloads
[2013.02.15 16:05:41 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\MAGIX
[2013.02.15 16:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2013.02.14 22:11:43 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.14 22:11:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.14 22:11:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.14 22:11:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.14 22:11:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.14 22:11:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.14 22:11:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.14 22:11:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.14 22:11:41 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 22:11:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.14 22:11:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.14 22:11:40 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 22:11:39 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 22:11:38 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 22:11:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.14 19:20:59 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.14 19:20:59 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.14 19:20:58 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.14 19:20:53 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.14 19:20:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.14 19:20:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.14 19:20:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.14 19:20:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.14 19:20:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.14 19:20:50 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.06 10:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2013.02.06 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\{DFCD66BE-CB4F-42AE-A6D3-E634BBBD94E9}
[2013.02.04 08:39:16 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2013.02.04 08:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twixtor 5, After Effects-compatible plugin set
[2013.02.04 08:35:30 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REVisionEffects
[2013.02.04 08:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REVisionEffects
[2013.02.02 17:27:32 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.02.02 12:10:38 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Adobe
[2013.02.02 12:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013.02.02 12:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2013.02.02 11:58:07 | 000,000,000 | ---D | C] -- C:\Users\XXX\Adobe Flash Builder 4
[2013.02.02 11:56:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2013.02.02 11:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2013.02.02 11:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013.02.02 11:52:57 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2013.02.02 11:52:57 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2013.02.02 11:52:57 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2013.02.02 11:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013.02.02 11:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013.02.02 11:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2013.02.02 11:51:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.02.02 11:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.02.02 11:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
[2013.02.02 11:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013.01.30 11:32:47 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Smartbar
[2013.01.30 11:32:35 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\My Cheat Tables
[2013.01.30 11:32:26 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\OpenCandy
[2013.01.30 09:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2013.01.30 09:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2013.01.30 09:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2012.12.13 16:20:29 | 000,047,104 | --S- | C] (WexTech Systems, Inc.) -- C:\Users\XXX\ntuser.sys
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.22 17:13:19 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.22 17:13:19 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.22 17:13:19 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.22 17:13:19 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.22 17:13:19 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.22 17:13:15 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 17:13:15 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.22 17:11:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.22 17:06:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.22 17:06:00 | 3139,457,024 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.20 13:28:41 | 000,002,099 | ---- | M] () -- C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
[2013.02.20 13:28:41 | 000,001,303 | ---- | M] () -- C:\Users\Public\Desktop\PlayMemories Home.lnk
[2013.02.20 13:21:37 | 000,002,354 | ---- | M] () -- C:\Users\Public\Desktop\Image Data Converter Ver. 4.lnk
[2013.02.19 22:35:47 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.02.16 15:35:02 | 004,994,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.16 15:31:33 | 001,590,506 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.16 11:41:56 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.08 13:11:22 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.08 13:11:22 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.05 19:52:21 | 000,000,132 | ---- | M] () -- C:\Users\XXX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013.01.26 10:26:50 | 000,001,051 | ---- | M] () -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
 
========== Files Created - No Company Name ==========
 
[2013.02.20 13:51:58 | 002,897,913 | ---- | C] () -- C:\Users\XXX\Desktop\Handbook Sony Alpha 57.pdf
[2013.02.20 13:28:41 | 000,002,099 | ---- | C] () -- C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
[2013.02.20 13:28:41 | 000,001,315 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
[2013.02.20 13:28:41 | 000,001,303 | ---- | C] () -- C:\Users\Public\Desktop\PlayMemories Home.lnk
[2013.02.20 13:21:37 | 000,002,354 | ---- | C] () -- C:\Users\Public\Desktop\Image Data Converter Ver. 4.lnk
[2013.02.16 11:41:56 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.15 17:48:27 | 001,590,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.05 19:48:36 | 000,000,132 | ---- | C] () -- C:\Users\XXX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013.02.02 11:50:50 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012.12.02 15:23:04 | 000,007,605 | ---- | C] () -- C:\Users\XXX\AppData\Local\resmon.resmoncfg
[2012.10.28 15:21:06 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012.10.28 15:21:05 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012.10.27 12:17:31 | 000,000,000 | ---- | C] () -- C:\Users\XXX\AppData\Local\Temptable.xml
[2012.10.27 12:00:17 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2012.10.25 12:29:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.10.25 12:28:24 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.10.25 12:26:57 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012.10.25 12:26:57 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012.10.25 12:26:55 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012.10.25 12:26:52 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.10.11 14:51:44 | 000,045,568 | ---- | C] () -- C:\Windows\SysWow64\spwini.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 22.02.2013 17:13:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxx\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 58,34% Memory free
7,80 Gb Paging File | 5,92 Gb Available in Paging File | 75,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 15,19 Gb Free Space | 25,48% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 149,98 Gb Free Space | 32,20% Space Free | Partition Type: NTFS
Drive E: | 7,45 Gb Total Space | 6,84 Gb Free Space | 91,81% Space Free | Partition Type: FAT32
 
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B7B144B-7434-4F08-9E05-7F8A69594780}" = rport=445 | protocol=6 | dir=out | app=system | 
"{1FC0706E-2BCA-4A2B-BF23-6298FEB4A3B5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2C702A08-9994-4ECF-9F0C-A48685C7E4A2}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3C27CB04-906A-4C88-A33C-8BB8312066F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3E2331FE-E635-4845-9915-6C4B7BBFB3F9}" = rport=137 | protocol=17 | dir=out | app=system | 
"{59AB1611-4003-4CB0-917A-66D275D66DCF}" = lport=137 | protocol=17 | dir=in | app=system | 
"{63A3A89D-EAB9-45F3-8958-F96B04F2CF29}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{766B0694-8150-4372-9B29-EB7E8BBB39BE}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8B46BFF3-DD19-4800-97E6-FDCA3BCFB7D1}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{92F1444D-09AB-4817-AEC3-110C48C44C2A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{97D24A08-496C-4E2C-BABD-0AADCFD270E2}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A07088F2-4D92-4D48-B5A0-A05915C6BACE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A2A98502-C940-47C7-A0B4-4586317DBDF6}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A30310CF-53F5-4C6D-A125-445EF734762D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A37BDF22-FD34-413D-A084-F09412CC3F3A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A49AC1CC-0636-467A-9F5F-FE1764446BBD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AE9E086F-CD6D-443B-958E-A44153BDE676}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B6A3986F-3895-4DB7-BCC8-C410888A9F33}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{BA096E2A-E65D-4B56-9699-337423363FBB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BF03673E-99AF-4D0B-A717-A08B5860F658}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{D040CB78-E0C6-4A03-88B5-FD0FE1FE9F00}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D803ABB1-4952-4DEC-80A9-BBD9D184B21B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{D9CB038E-CEAA-4F86-B7DD-653E334DC2F3}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BB1AB8-1C65-46BB-828B-09729F60B8C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{09021C51-3DC6-4F9E-95EB-71DF6A199A22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0E19A5D3-184F-414B-B8A8-20261689F6E4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{1A36516A-12A6-4F56-A98F-41BF600C81B3}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe | 
"{1D78FED2-AE03-4982-A439-BF13DBA29E0D}" = protocol=17 | dir=in | app=d:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
"{1EBA4EF4-6505-4B04-8C68-5C5A9A6CC591}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{2278E8C5-FB51-43FA-8C5D-3B369296C716}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{270D3CCB-27C1-4F0F-8D5A-8CBEB1D3237F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{30ADEE46-BEB7-48FB-90DC-96C1264D1702}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{34DAEBB2-2374-42D8-A608-7AECEABBD4C5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{3D6D5714-AB97-494A-ADB4-B0523154AFDA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{47DC1C61-8500-4859-886E-A1E0D3BA2BEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{48C2C648-FAD6-47C1-98E7-4B68A392D156}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{4A042569-E1BC-484B-8F65-0988CE8F35B1}" = protocol=17 | dir=in | app=c:\program files (x86)\usb server\networking usb server\networking usb server.exe | 
"{4DFFFF5A-A241-44AD-971F-87EE0008212E}" = protocol=6 | dir=out | app=system | 
"{4E8AA6C7-FCB6-4704-A54C-F102ADFF514B}" = protocol=6 | dir=in | app=d:\program files\solidworks corp\solidworks\photoview\photoview360_cl.exe | 
"{501BA514-13B2-461C-9B0B-252567A2E436}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{54EF3DF0-5C01-47D9-A134-AED252FA1B57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5647406C-82A2-4D02-B128-A2C9CAAEC2BE}" = protocol=6 | dir=in | app=d:\program files\solidworks corp\solidworks\photoview\photoview360.exe | 
"{5776C540-8C85-46FC-9274-A95C3346C888}" = protocol=6 | dir=in | app=d:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
"{63F41220-A9A7-4ED4-9A5A-DF9E0031F271}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{69E78976-18B3-4070-873D-C0D9F0674A85}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{713498CE-D9B7-4F6E-B7FC-2B1BB9CE2252}" = protocol=17 | dir=in | app=d:\program files\solidworks corp\solidworks\photoview\photoview360_cl.exe | 
"{84458044-0361-4793-9BF7-27488537DB28}" = protocol=6 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8EA2F6A6-2C35-4726-AED1-8D1D17FB68B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{94F1334C-D4A6-4688-AD1F-75EC1B5ABE0F}" = protocol=17 | dir=in | app=c:\windows\system32\hasplms.exe | 
"{9A149BA2-7E80-4377-8D94-06F607953238}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9C9B3407-6CC6-4575-91DC-7BB1ADF76F4C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A28672CB-5B15-41B5-A0DA-E52A41B7C422}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A5C6EC92-6F76-4E33-AEE8-B30EE32F0B6D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AE0F4F8A-CE36-4E21-A048-2824789594CD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B9D25BB2-7467-4976-AB8F-6756BD9ACF59}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe | 
"{C094958D-9D14-40D9-8F13-99F5EA9A195E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C18B2E6B-A757-4877-BD81-5F613261600E}" = protocol=17 | dir=in | app=d:\program files\solidworks corp\solidworks\photoview\photoview360.exe | 
"{C939D117-EEDC-482A-8125-CF95783EB072}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe | 
"{CC994CA2-29FB-4AC5-AA67-A31E7D6C2AF1}" = protocol=17 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe | 
"{CDBAEAA5-EF90-43EB-B05D-34E4B4102E8C}" = protocol=6 | dir=in | app=c:\windows\system32\hasplms.exe | 
"{DFC755FC-DEEB-42B5-874B-69B77348A660}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{E9EF17D2-104B-41EE-B107-4D8F25886B9C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EA59C951-5CFA-4043-9C56-55C50BC3149C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{F4868C94-3181-4107-972C-AE9BCB455DCC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{F9D5B83E-2944-44CA-8C77-4B4E37858B0D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{FD43CC32-B0F7-488E-B5F1-534C338C003C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"TCP Query User{4D9EED15-B5E2-4612-B5B2-95775EEA6B5F}C:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{6052858E-2E86-4690-84EB-7A70098966E3}D:\program files\siemens\nx 8.0\ugii\ugraf.exe" = protocol=6 | dir=in | app=d:\program files\siemens\nx 8.0\ugii\ugraf.exe | 
"TCP Query User{A65A2546-9C25-4A0C-B317-47A2610DF763}D:\program files\siemens\nx 8.0\ugii\ugraf.exe" = protocol=6 | dir=in | app=d:\program files\siemens\nx 8.0\ugii\ugraf.exe | 
"UDP Query User{5F83B2DE-C8EA-49F9-8E65-40B22135665F}D:\program files\siemens\nx 8.0\ugii\ugraf.exe" = protocol=17 | dir=in | app=d:\program files\siemens\nx 8.0\ugii\ugraf.exe | 
"UDP Query User{C581FA28-F36A-44EF-AD4D-0B8BAF4AFE9D}C:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{CE80F44C-5440-45AB-A772-15CC3C04E1B2}D:\program files\siemens\nx 8.0\ugii\ugraf.exe" = protocol=17 | dir=in | app=d:\program files\siemens\nx 8.0\ugii\ugraf.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{215D88B7-661F-4C71-A7F9-75E53E9A5061}" = SolidWorks eDrawings 2012 x64 Edition SP02
"{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}" = Lenovo Fingerprint Software
"{32F9B623-BDF7-18AC-80F1-32E9B0E25F3A}" = ccc-utility64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C66F076-D3AB-49C8-85D4-BAA6D82FCAE2}" = SolidWorks 2012 x64 Edition SP02
"{4E22D0BC-2A2E-4723-B7E7-F34701EE501E}" = 3Dconnexion 3DxWare (x64)
"{51676C0E-2D18-49F3-A1BE-005DE2654168}" = Siemens NX 8.0
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64E6DF7A-E726-4001-8573-E6A6D6F35454}" = Networking USB Server
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{923D3F31-64AD-4620-88C5-E2451E5E25ED}" = MELTEC Device Drivers x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9B0EAC89-4331-A96E-C7D3-754192589BEE}" = ATI Catalyst Install Manager
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1BF0EE8-216A-4212-9CF3-FC9551507556}" = FaroArm USB Driver 5
"{B8F5E355-C43B-4860-B690-D79CB5B0186D}" = 3Dconnexion Add-In for Solid Edge V18 - ST5
"{C2DBF59B-1D2C-44E9-A52A-93ACDAD9D27B}" = 3Dconnexion Plug-In for NX v3.0 - v8.5
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEECF49B-552B-44E7-8F59-CCD9C98378AE}" = 3Dconnexion Add-In for SolidWorks 2005 - 2013
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D3CB988F-2A25-4AD5-BE84-24349E9CCCD8}" = SolidWorks 2012 x64 German Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{EB9400D5-6289-4F9F-9B79-B3528101C0C7}" = SolidWorks Flow Simulation 2012 SP02 x64 Edition 
"{F2DF59A0-5C1F-4454-9B67-538F43E2D335}" = Network Printer Wizard
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"05FBE63CF9C9B3424152207E7278CD6DA193C56C" = Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (07/02/2010 8.6.0.29)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"ATI Uninstaller" = ATI Uninstaller
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant 20561 SmartAudio HD
"DE7217D2A8B057F15EC6E52329FDAB84231521E8" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430)
"Logitech Unifying" = Logitech Unifying-Software 2.10
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"Power Management Driver" = ThinkPad Power Management Driver
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06A8F063-C727-95AA-F10B-CD8E6B23ED16}" = CCC Help Italian
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2898B91C-B75B-2EC5-4D4C-DD6C286F9485}" = Catalyst Control Center InstallProxy
"{2C4FD7D3-6F3A-45C2-AAAD-929B40346E3F}" = Catalyst Control Center - Branding
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite DCP-7055
"{3DF5B915-A374-78B4-EE86-58346774DEC8}" = PX Profile Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5506986E-3173-E510-82BB-033C18299878}" = Catalyst Control Center Graphics Previews Vista
"{55532499-5676-4DAE-9A57-AEB907A0A1DD}" = QuickShare
"{5626FEDC-04D2-E67D-8261-3C6E7637A923}" = CCC Help German
"{563BBE0C-35F3-B1FF-1AD9-A5426CDEB388}" = CCC Help Korean
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.64.02
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66F6BD4B-4C2C-B10C-B3D4-7A311EC4FC1C}" = Catalyst Control Center Localization All
"{6AAB8068-BEB6-4CB6-958E-717EA6402467}" = 3Dconnexion Trainer
"{6D236956-B79D-4748-BEA3-A039334A66AB}" = 3Dconnexion Collage
"{6D46B934-2ACE-DC9A-800B-C1831ED0FF85}" = CCC Help English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DA16880-5718-E907-9A9F-EA8F5CBC51DA}" = CCC Help French
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87998E4E-6D9C-411B-AAE9-B8523FFE357D}" = Image Data Converter
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91F4AE26-4989-D770-A6BB-B50EB5BC938D}" = CCC Help Chinese Traditional
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6085E33-3DC7-1B94-C717-6B9D6686F183}" = CCC Help Chinese Standard
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B40EED7A-63D4-4ED2-910D-9A64FF94DF22}" = UGSLicensing
"{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}" = 3Dconnexion 3DxSoftware (x64 Edition)
"{C85DF163-6DB3-2A03-5E8E-2B059AAA4882}" = CCC Help Dutch
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CF36D287-4610-69E4-A69A-9EF2BFEDB258}" = CCC Help Portuguese
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB042BA1-BD6A-9E4A-C5ED-2CC523D92C7D}" = CCC Help Swedish
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF3FBAA8-A959-72A0-8530-D715855137E1}" = CCC Help Japanese
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{EB325412-D54D-B320-7D77-D4B4A6B9F276}" = ccc-core-static
"{EFB4E818-8A4D-B230-6D41-213D48A2C7B3}" = CCC Help Spanish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{64E6DF7A-E726-4001-8573-E6A6D6F35454}" = Networking USB Server
"InstallShield_{F2DF59A0-5C1F-4454-9B67-538F43E2D335}" = Network Printer Wizard
"JabRef 2.8.1" = JabRef 2.8.1
"LyX205" = LyX 2.0.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NauticTools_is1" = NauticTools
"SolidWorks Installation Manager 20120-40200-1100-100" = SolidWorks 2012 x64 Edition SP02
"Splashtop Software Updater" = Splashtop Software Updater
"Twixtor 5, After Effects-compatible plugin set" = Twixtor 5, After Effects-compatible plugin set
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.5
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"FLV Player" = FLV Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19.02.2013 10:01:00 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.02.2013 02:53:23 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.02.2013 05:49:30 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.02.2013 11:56:14 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.02.2013 04:21:04 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.02.2013 06:13:56 | Computer Name = xxx-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 21.02.2013 06:13:56 | Computer Name = xxx-PC | Source = System Restore | ID = 8211
Description = 
 
Error - 21.02.2013 06:25:04 | Computer Name = xxx-PC | Source = VSS | ID = 12289
Description = 
 
Error - 22.02.2013 04:41:28 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.02.2013 12:07:56 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 26.01.2013 05:25:23 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 26.01.2013 09:29:44 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen 
Status gemeldet: 0
 
Error - 27.01.2013 07:59:25 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 27.01.2013 08:01:57 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines 
Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
 
Error - 27.01.2013 08:01:57 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen 
Status gemeldet: 0
 
Error - 27.01.2013 08:02:46 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 27.01.2013 10:08:55 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen 
Status gemeldet: 0
 
Error - 27.01.2013 11:11:36 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 27.01.2013 18:04:58 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen 
Status gemeldet: 0
 
Error - 28.01.2013 05:09:00 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
 
< End of report >
         
__________________

Alt 22.02.2013, 22:32   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Ok, danke für die Erklärung

Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus.

Anleitung MBAR:

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 23.02.2013, 16:01   #5
KlausdieMaus
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



MBAR: Da er nichts gefunden hat, wurde auch kein CleanUp durchgeführt und nicht neugestartet.
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org

Database version: v2013.02.23.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
XXX :: XXX-PC [administrator]

23.02.2013 15:59:31
mbar-log-2013-02-23 (15-59-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 31625
Time elapsed: 4 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
GMER Logfile:
Code:
ATTFilter
GMER 2.1.19081 - hxxp://www.gmer.net
Rootkit scan 2013-02-23 16:45:22
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_MMCRE64G5MXP-0VB rev.VBM1801Q 59,63GB
Running: gmer_2.1.19081.exe; Driver: C:\Users\XXX\AppData\Local\Temp\uwdirpod.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\USB Server\Networking USB Server\Networking USB Server.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000076151465 2 bytes [15, 76]
.text   C:\Program Files (x86)\USB Server\Networking USB Server\Networking USB Server.exe[3428] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  00000000761514bb 2 bytes [15, 76]
.text   ...                                                                                                                                               * 2
.text   C:\Users\XXX\AppData\Local\Smartbar\Application\QuickShare.exe[3500] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                   0000000076151465 2 bytes [15, 76]
.text   C:\Users\XXX\AppData\Local\Smartbar\Application\QuickShare.exe[3500] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                  00000000761514bb 2 bytes [15, 76]
.text   ...                                                                                                                                               * 2
.text   C:\Users\XXX\AppData\Roaming\Dropbox\bin\Dropbox.exe[3580] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                             0000000076151465 2 bytes [15, 76]
.text   C:\Users\XXXl\AppData\Roaming\Dropbox\bin\Dropbox.exe[3580] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                            00000000761514bb 2 bytes [15, 76]
.text   ...                                                                                                                                               * 2

---- Devices - GMER 2.1 ----

Device  \Driver\atapi \Device\Dev_fffffa800442e680                                                                                                        fffffa80079cd880
Device  \Driver\atapi \Device\Dev_fffffa800443a060                                                                                                        fffffa80079cd880

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001fe2e796f4                                                                       
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001fe2e796f4 (not active ControlSet)                                                   

---- EOF - GMER 2.1 ----
         
--- --- ---


Geändert von KlausdieMaus (23.02.2013 um 16:52 Uhr)

Alt 24.02.2013, 21:28   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Fenster werden automatisch inaktiv

Alt 25.02.2013, 14:56   #7
KlausdieMaus
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



aswMBR:

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-25 14:30:00
-----------------------------
14:30:00.626    OS Version: Windows x64 6.1.7601 Service Pack 1
14:30:00.626    Number of processors: 2 586 0x1706
14:30:00.626    ComputerName: xxx-PC  UserName: xxx
14:30:00.797    Initialize success
14:34:42.806    AVAST engine defs: 13022500
14:35:05.645    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:35:05.645    Disk 0 Vendor: SAMSUNG_MMCRE64G5MXP-0VB VBM1801Q Size: 61057MB BusType: 11
14:35:05.645    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
14:35:05.645    Disk 1 Vendor: SAMSUNG_HM500JJ 2AK10001 Size: 476940MB BusType: 11
14:35:05.661    Disk 0 MBR read successfully
14:35:05.661    Disk 0 MBR scan
14:35:05.661    Disk 0 Windows 7 default MBR code
14:35:05.661    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        61055 MB offset 2048
14:35:05.707    Disk 0 scanning C:\Windows\system32\drivers
14:35:14.639    Service scanning
14:35:34.154    Modules scanning
14:35:34.154    Disk 0 trace - called modules:
14:35:34.164    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
14:35:34.494    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048fb060]
14:35:34.494    3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004415680]
14:35:34.755    AVAST engine scan C:\Windows
14:35:35.761    AVAST engine scan C:\Windows\system32
14:37:54.120    AVAST engine scan C:\Windows\system32\drivers
14:38:05.033    AVAST engine scan C:\Users\xxx
14:41:00.486    AVAST engine scan C:\ProgramData
14:41:35.443    Scan finished successfully
14:47:30.922    Disk 0 MBR has been saved successfully to "C:\Users\xxx\Desktop\MBR.dat"
14:47:30.985    The log file has been saved successfully to "C:\Users\xxx\Desktop\aswMBR.txt"
         
kaspersky:
Code:
ATTFilter
14:50:01.0555 4136  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:50:01.0679 4136  ============================================================
14:50:01.0679 4136  Current date / time: 2013/02/25 14:50:01.0679
14:50:01.0679 4136  SystemInfo:
14:50:01.0679 4136  
14:50:01.0679 4136  OS Version: 6.1.7601 ServicePack: 1.0
14:50:01.0679 4136  Product type: Workstation
14:50:01.0679 4136  ComputerName: xxx-PC
14:50:01.0679 4136  UserName: xxx
14:50:01.0679 4136  Windows directory: C:\Windows
14:50:01.0679 4136  System windows directory: C:\Windows
14:50:01.0679 4136  Running under WOW64
14:50:01.0679 4136  Processor architecture: Intel x64
14:50:01.0679 4136  Number of processors: 2
14:50:01.0679 4136  Page size: 0x1000
14:50:01.0679 4136  Boot type: Normal boot
14:50:01.0679 4136  ============================================================
14:50:02.0210 4136  Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x204E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:50:02.0553 4136  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:50:02.0600 4136  ============================================================
14:50:02.0600 4136  \Device\Harddisk0\DR0:
14:50:02.0600 4136  MBR partitions:
14:50:02.0600 4136  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x773F800
14:50:02.0600 4136  \Device\Harddisk1\DR1:
14:50:02.0600 4136  MBR partitions:
14:50:02.0600 4136  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
14:50:02.0600 4136  ============================================================
14:50:02.0631 4136  C: <-> \Device\Harddisk0\DR0\Partition1
14:50:02.0647 4136  D: <-> \Device\Harddisk1\DR1\Partition1
14:50:02.0647 4136  ============================================================
14:50:02.0647 4136  Initialize success
14:50:02.0647 4136  ============================================================
14:51:22.0369 1164  ============================================================
14:51:22.0369 1164  Scan started
14:51:22.0369 1164  Mode: Manual; SigCheck; TDLFS; 
14:51:22.0369 1164  ============================================================
14:51:22.0728 1164  ================ Scan system memory ========================
14:51:22.0728 1164  System memory - ok
14:51:22.0728 1164  ================ Scan services =============================
14:51:22.0774 1164  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
14:51:22.0821 1164  1394ohci - ok
14:51:22.0837 1164  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:51:22.0852 1164  ACPI - ok
14:51:22.0852 1164  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:51:22.0884 1164  AcpiPmi - ok
14:51:22.0884 1164  [ 92E9D1DEBDC9C6C367064EA403C68874 ] ADMonitor       C:\Windows\system32\ADMonitor.exe
14:51:22.0884 1164  ADMonitor ( UnsignedFile.Multi.Generic ) - warning
14:51:22.0884 1164  ADMonitor - detected UnsignedFile.Multi.Generic (1)
14:51:22.0899 1164  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:51:22.0899 1164  AdobeARMservice - ok
14:51:22.0930 1164  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:51:22.0946 1164  AdobeFlashPlayerUpdateSvc - ok
14:51:22.0946 1164  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:51:22.0977 1164  adp94xx - ok
14:51:22.0977 1164  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:51:22.0993 1164  adpahci - ok
14:51:22.0993 1164  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:51:23.0008 1164  adpu320 - ok
14:51:23.0024 1164  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:51:23.0071 1164  AeLookupSvc - ok
14:51:23.0086 1164  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:51:23.0102 1164  AFD - ok
14:51:23.0102 1164  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:51:23.0118 1164  agp440 - ok
14:51:23.0118 1164  [ 95BC4330FA44240CA00C641A73C7E62D ] aksdf           C:\Windows\system32\drivers\aksdf.sys
14:51:23.0133 1164  aksdf - ok
14:51:23.0133 1164  [ E2E5CF34D6C56ACE5E986969A3D9B0B5 ] aksfridge       C:\Windows\system32\drivers\aksfridge.sys
14:51:23.0149 1164  aksfridge - ok
14:51:23.0149 1164  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:51:23.0164 1164  ALG - ok
14:51:23.0180 1164  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:51:23.0180 1164  aliide - ok
14:51:23.0196 1164  [ F23C8B2011900E7D0F1940CA75975B90 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:51:23.0211 1164  AMD External Events Utility - ok
14:51:23.0211 1164  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:51:23.0227 1164  amdide - ok
14:51:23.0227 1164  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:51:23.0242 1164  AmdK8 - ok
14:51:23.0336 1164  [ F9F4A7CC75C3101AD5A66FD035525CC3 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:51:23.0445 1164  amdkmdag - ok
14:51:23.0461 1164  [ 7FDAAE73445C2C9F8360AB45E22C03BE ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:51:23.0476 1164  amdkmdap - ok
14:51:23.0476 1164  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:51:23.0492 1164  AmdPPM - ok
14:51:23.0492 1164  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:51:23.0508 1164  amdsata - ok
14:51:23.0523 1164  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:51:23.0523 1164  amdsbs - ok
14:51:23.0539 1164  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:51:23.0539 1164  amdxata - ok
14:51:23.0554 1164  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:51:23.0617 1164  AppID - ok
14:51:23.0617 1164  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:51:23.0648 1164  AppIDSvc - ok
14:51:23.0648 1164  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
14:51:23.0679 1164  Appinfo - ok
14:51:23.0695 1164  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:51:23.0695 1164  Apple Mobile Device - ok
14:51:23.0710 1164  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:51:23.0710 1164  AppMgmt - ok
14:51:23.0726 1164  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
14:51:23.0726 1164  arc - ok
14:51:23.0742 1164  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:51:23.0757 1164  arcsas - ok
14:51:23.0773 1164  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:51:23.0773 1164  aspnet_state - ok
14:51:23.0788 1164  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:51:23.0820 1164  AsyncMac - ok
14:51:23.0820 1164  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:51:23.0835 1164  atapi - ok
14:51:23.0913 1164  [ F9F4A7CC75C3101AD5A66FD035525CC3 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:51:23.0991 1164  atikmdag - ok
14:51:24.0022 1164  [ 7FE1E7697D611E3638E237543D51B56A ] ATService       C:\Windows\system32\ATService.exe
14:51:24.0085 1164  ATService - ok
14:51:24.0100 1164  [ 599FDE158B87EB33538FB0CEA1A5813F ] ATSwpWDF        C:\Windows\system32\Drivers\ATSwpWDF.sys
14:51:24.0132 1164  ATSwpWDF - ok
14:51:24.0132 1164  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:51:24.0178 1164  AudioEndpointBuilder - ok
14:51:24.0178 1164  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:51:24.0210 1164  AudioSrv - ok
14:51:24.0225 1164  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:51:24.0241 1164  AxInstSV - ok
14:51:24.0256 1164  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:51:24.0272 1164  b06bdrv - ok
14:51:24.0272 1164  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:51:24.0288 1164  b57nd60a - ok
14:51:24.0303 1164  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:51:24.0319 1164  BDESVC - ok
14:51:24.0319 1164  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:51:24.0350 1164  Beep - ok
14:51:24.0366 1164  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:51:24.0397 1164  BFE - ok
14:51:24.0412 1164  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:51:24.0444 1164  BITS - ok
14:51:24.0459 1164  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:51:24.0459 1164  blbdrive - ok
14:51:24.0475 1164  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:51:24.0490 1164  Bonjour Service - ok
14:51:24.0490 1164  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:51:24.0506 1164  bowser - ok
14:51:24.0506 1164  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:51:24.0522 1164  BrFiltLo - ok
14:51:24.0522 1164  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:51:24.0537 1164  BrFiltUp - ok
14:51:24.0537 1164  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:51:24.0553 1164  Browser - ok
14:51:24.0568 1164  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:51:24.0584 1164  Brserid - ok
14:51:24.0584 1164  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:51:24.0600 1164  BrSerWdm - ok
14:51:24.0600 1164  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:51:24.0615 1164  BrUsbMdm - ok
14:51:24.0615 1164  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:51:24.0631 1164  BrUsbSer - ok
14:51:24.0646 1164  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
14:51:24.0646 1164  BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
14:51:24.0646 1164  BrYNSvc - detected UnsignedFile.Multi.Generic (1)
14:51:24.0646 1164  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
14:51:24.0662 1164  BthEnum - ok
14:51:24.0662 1164  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:51:24.0678 1164  BTHMODEM - ok
14:51:24.0693 1164  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:51:24.0693 1164  BthPan - ok
14:51:24.0709 1164  [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
14:51:24.0724 1164  BTHPORT - ok
14:51:24.0724 1164  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:51:24.0771 1164  bthserv - ok
14:51:24.0771 1164  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
14:51:24.0787 1164  BTHUSB - ok
14:51:24.0787 1164  [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
14:51:24.0802 1164  btusbflt - ok
14:51:24.0818 1164  [ FFE8C1C3ABBF75CE4E74E9A0942DAE7D ] btwdins         C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
14:51:24.0834 1164  btwdins - ok
14:51:24.0834 1164  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:51:24.0865 1164  cdfs - ok
14:51:24.0880 1164  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:51:24.0880 1164  cdrom - ok
14:51:24.0896 1164  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:51:24.0927 1164  CertPropSvc - ok
14:51:24.0927 1164  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
14:51:24.0943 1164  circlass - ok
14:51:24.0943 1164  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:51:24.0958 1164  CLFS - ok
14:51:24.0974 1164  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:51:24.0990 1164  clr_optimization_v2.0.50727_32 - ok
14:51:24.0990 1164  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:51:25.0005 1164  clr_optimization_v2.0.50727_64 - ok
14:51:25.0021 1164  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:51:25.0036 1164  clr_optimization_v4.0.30319_32 - ok
14:51:25.0036 1164  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:51:25.0052 1164  clr_optimization_v4.0.30319_64 - ok
14:51:25.0052 1164  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:51:25.0068 1164  CmBatt - ok
14:51:25.0068 1164  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:51:25.0083 1164  cmdide - ok
14:51:25.0083 1164  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
14:51:25.0114 1164  CNG - ok
14:51:25.0130 1164  [ D3C4F72E8F8DC523B02A0C313CEEEA99 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:51:25.0146 1164  CnxtHdAudService - ok
14:51:25.0146 1164  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:51:25.0161 1164  Compbatt - ok
14:51:25.0161 1164  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:51:25.0177 1164  CompositeBus - ok
14:51:25.0177 1164  COMSysApp - ok
14:51:25.0614 1164  [ 4FC12A217DDA92C303B13A9C539D2B2E ] CoordinatorServiceHost D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
14:51:25.0645 1164  CoordinatorServiceHost - ok
14:51:25.0645 1164  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:51:25.0660 1164  crcdisk - ok
14:51:25.0660 1164  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:51:25.0676 1164  CryptSvc - ok
14:51:25.0692 1164  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
14:51:25.0707 1164  CSC - ok
14:51:25.0707 1164  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
14:51:25.0738 1164  CscService - ok
14:51:25.0738 1164  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:51:25.0785 1164  DcomLaunch - ok
14:51:25.0785 1164  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:51:25.0816 1164  defragsvc - ok
14:51:25.0832 1164  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:51:25.0863 1164  DfsC - ok
14:51:25.0863 1164  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:51:25.0894 1164  Dhcp - ok
14:51:25.0894 1164  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:51:25.0941 1164  discache - ok
14:51:25.0941 1164  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
14:51:25.0957 1164  Disk - ok
14:51:25.0957 1164  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
14:51:25.0972 1164  dmvsc - ok
14:51:25.0972 1164  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:51:25.0988 1164  Dnscache - ok
14:51:25.0988 1164  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:51:26.0019 1164  dot3svc - ok
14:51:26.0035 1164  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:51:26.0066 1164  DPS - ok
14:51:26.0066 1164  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:51:26.0082 1164  drmkaud - ok
14:51:26.0082 1164  [ 369E422B4BB5641718D212F713E646D0 ] dtsvc           C:\Windows\system32\DTS.exe
14:51:26.0082 1164  dtsvc ( UnsignedFile.Multi.Generic ) - warning
14:51:26.0082 1164  dtsvc - detected UnsignedFile.Multi.Generic (1)
14:51:26.0097 1164  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:51:26.0128 1164  DXGKrnl - ok
14:51:26.0128 1164  [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
14:51:26.0144 1164  e1yexpress - ok
14:51:26.0160 1164  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:51:26.0191 1164  EapHost - ok
14:51:26.0222 1164  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:51:26.0284 1164  ebdrv - ok
14:51:26.0284 1164  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:51:26.0300 1164  EFS - ok
14:51:26.0300 1164  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:51:26.0331 1164  ehRecvr - ok
14:51:26.0331 1164  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:51:26.0347 1164  ehSched - ok
14:51:26.0362 1164  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
14:51:26.0362 1164  ElbyCDIO - ok
14:51:26.0378 1164  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:51:26.0394 1164  elxstor - ok
14:51:26.0394 1164  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:51:26.0409 1164  ErrDev - ok
14:51:26.0409 1164  [ 917DFF97525B7D70C46D4DEDA240089F ] EST_BusEnum     C:\Windows\system32\DRIVERS\GenBus.sys
14:51:26.0425 1164  EST_BusEnum - ok
14:51:26.0425 1164  [ B63CB796F3FC7DF6DB5C0DD7E4A6F16D ] EST_Server      C:\Windows\system32\DRIVERS\GenHC.sys
14:51:26.0440 1164  EST_Server - ok
14:51:26.0456 1164  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:51:26.0487 1164  EventSystem - ok
14:51:26.0487 1164  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:51:26.0518 1164  exfat - ok
14:51:26.0534 1164  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:51:26.0565 1164  fastfat - ok
14:51:26.0565 1164  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:51:26.0596 1164  Fax - ok
14:51:26.0596 1164  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
14:51:26.0612 1164  fdc - ok
14:51:26.0612 1164  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:51:26.0643 1164  fdPHost - ok
14:51:26.0643 1164  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:51:26.0674 1164  FDResPub - ok
14:51:26.0674 1164  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:51:26.0690 1164  FileInfo - ok
14:51:26.0690 1164  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:51:26.0721 1164  Filetrace - ok
14:51:26.0737 1164  [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:51:26.0846 1164  FLEXnet Licensing Service - ok
14:51:26.0862 1164  [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
14:51:26.0971 1164  FLEXnet Licensing Service 64 - ok
14:51:26.0971 1164  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:51:26.0986 1164  flpydisk - ok
14:51:26.0986 1164  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:51:27.0002 1164  FltMgr - ok
14:51:27.0018 1164  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
14:51:27.0064 1164  FontCache - ok
14:51:27.0064 1164  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:51:27.0080 1164  FontCache3.0.0.0 - ok
14:51:27.0080 1164  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:51:27.0096 1164  FsDepends - ok
14:51:27.0096 1164  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:51:27.0111 1164  Fs_Rec - ok
14:51:27.0111 1164  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:51:27.0127 1164  fvevol - ok
14:51:27.0127 1164  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:51:27.0142 1164  gagp30kx - ok
14:51:27.0142 1164  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:51:27.0158 1164  GEARAspiWDM - ok
14:51:27.0174 1164  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:51:27.0205 1164  gpsvc - ok
14:51:27.0205 1164  [ 78FAD9117E4527F2CA82259DA10F40BD ] hardlock        C:\Windows\system32\drivers\hardlock.sys
14:51:27.0220 1164  hardlock - ok
14:51:27.0236 1164  hasplms - ok
14:51:27.0236 1164  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:51:27.0252 1164  hcw85cir - ok
14:51:27.0252 1164  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:51:27.0267 1164  HdAudAddService - ok
14:51:27.0267 1164  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:51:27.0283 1164  HDAudBus - ok
14:51:27.0298 1164  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:51:27.0314 1164  HidBatt - ok
14:51:27.0314 1164  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:51:27.0330 1164  HidBth - ok
14:51:27.0330 1164  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:51:27.0345 1164  HidIr - ok
14:51:27.0345 1164  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:51:27.0376 1164  hidserv - ok
14:51:27.0376 1164  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:51:27.0392 1164  HidUsb - ok
14:51:27.0392 1164  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:51:27.0423 1164  hkmsvc - ok
14:51:27.0439 1164  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:51:27.0454 1164  HomeGroupListener - ok
14:51:27.0454 1164  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:51:27.0470 1164  HomeGroupProvider - ok
14:51:27.0470 1164  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:51:27.0486 1164  HpSAMD - ok
14:51:27.0501 1164  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:51:27.0532 1164  HTTP - ok
14:51:27.0532 1164  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:51:27.0548 1164  hwpolicy - ok
14:51:27.0548 1164  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:51:27.0564 1164  i8042prt - ok
14:51:27.0579 1164  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:51:27.0595 1164  iaStorV - ok
14:51:27.0595 1164  [ 16A43ABB5A334C7842F4A60CF9FF8041 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
14:51:27.0610 1164  IBMPMDRV - ok
14:51:27.0610 1164  [ 32B778CCF1F3B1458EDDA98FB8431EAC ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
14:51:27.0610 1164  IBMPMSVC - ok
14:51:27.0626 1164  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:51:27.0657 1164  idsvc - ok
14:51:27.0751 1164  [ 4EAA4261E1AD4B860657CADA790B9B38 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:51:27.0919 1164  igfx - ok
14:51:27.0919 1164  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:51:27.0929 1164  iirsp - ok
14:51:27.0949 1164  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:51:27.0989 1164  IKEEXT - ok
14:51:27.0989 1164  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:51:27.0999 1164  intelide - ok
14:51:28.0109 1164  [ 4EAA4261E1AD4B860657CADA790B9B38 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
14:51:28.0269 1164  intelkmd - ok
14:51:28.0279 1164  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:51:28.0289 1164  intelppm - ok
14:51:28.0299 1164  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:51:28.0329 1164  IPBusEnum - ok
14:51:28.0329 1164  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:51:28.0369 1164  IpFilterDriver - ok
14:51:28.0369 1164  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:51:28.0409 1164  iphlpsvc - ok
14:51:28.0419 1164  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:51:28.0429 1164  IPMIDRV - ok
14:51:28.0429 1164  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:51:28.0459 1164  IPNAT - ok
14:51:28.0469 1164  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:51:28.0489 1164  iPod Service - ok
14:51:28.0499 1164  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:51:28.0509 1164  IRENUM - ok
14:51:28.0519 1164  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:51:28.0529 1164  isapnp - ok
14:51:28.0539 1164  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:51:28.0549 1164  iScsiPrt - ok
14:51:28.0549 1164  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:51:28.0569 1164  kbdclass - ok
14:51:28.0569 1164  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:51:28.0579 1164  kbdhid - ok
14:51:28.0579 1164  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:51:28.0599 1164  KeyIso - ok
14:51:28.0599 1164  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:51:28.0609 1164  KSecDD - ok
14:51:28.0619 1164  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:51:28.0629 1164  KSecPkg - ok
14:51:28.0629 1164  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:51:28.0659 1164  ksthunk - ok
14:51:28.0669 1164  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:51:28.0709 1164  KtmRm - ok
14:51:28.0709 1164  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:51:28.0749 1164  LanmanServer - ok
14:51:28.0749 1164  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:51:28.0779 1164  LanmanWorkstation - ok
14:51:28.0789 1164  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:51:28.0819 1164  lltdio - ok
14:51:28.0829 1164  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:51:28.0859 1164  lltdsvc - ok
14:51:28.0869 1164  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:51:28.0899 1164  lmhosts - ok
14:51:28.0899 1164  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:51:28.0919 1164  LSI_FC - ok
14:51:28.0919 1164  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:51:28.0929 1164  LSI_SAS - ok
14:51:28.0939 1164  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:51:28.0949 1164  LSI_SAS2 - ok
14:51:28.0949 1164  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:51:28.0959 1164  LSI_SCSI - ok
14:51:28.0969 1164  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:51:28.0999 1164  luafv - ok
14:51:29.0009 1164  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:51:29.0019 1164  Mcx2Svc - ok
14:51:29.0019 1164  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:51:29.0029 1164  megasas - ok
14:51:29.0039 1164  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:51:29.0059 1164  MegaSR - ok
14:51:29.0059 1164  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:51:29.0069 1164  Microsoft Office Groove Audit Service - ok
14:51:29.0079 1164  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:51:29.0109 1164  MMCSS - ok
14:51:29.0109 1164  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:51:29.0149 1164  Modem - ok
14:51:29.0149 1164  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:51:29.0159 1164  monitor - ok
14:51:29.0169 1164  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:51:29.0179 1164  mouclass - ok
14:51:29.0179 1164  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:51:29.0189 1164  mouhid - ok
14:51:29.0199 1164  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:51:29.0209 1164  mountmgr - ok
14:51:29.0219 1164  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:51:29.0229 1164  MozillaMaintenance - ok
14:51:29.0229 1164  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:51:29.0249 1164  MpFilter - ok
14:51:29.0249 1164  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:51:29.0269 1164  mpio - ok
14:51:29.0269 1164  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:51:29.0299 1164  mpsdrv - ok
14:51:29.0309 1164  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:51:29.0349 1164  MpsSvc - ok
14:51:29.0359 1164  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:51:29.0379 1164  MRxDAV - ok
14:51:29.0379 1164  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:51:29.0399 1164  mrxsmb - ok
14:51:29.0399 1164  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:51:29.0419 1164  mrxsmb10 - ok
14:51:29.0419 1164  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:51:29.0429 1164  mrxsmb20 - ok
14:51:29.0439 1164  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:51:29.0449 1164  msahci - ok
14:51:29.0449 1164  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:51:29.0469 1164  msdsm - ok
14:51:29.0469 1164  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:51:29.0489 1164  MSDTC - ok
14:51:29.0489 1164  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:51:29.0529 1164  Msfs - ok
14:51:29.0529 1164  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:51:29.0559 1164  mshidkmdf - ok
14:51:29.0559 1164  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:51:29.0569 1164  msisadrv - ok
14:51:29.0579 1164  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:51:29.0609 1164  MSiSCSI - ok
14:51:29.0609 1164  msiserver - ok
14:51:29.0619 1164  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:51:29.0649 1164  MSKSSRV - ok
14:51:29.0649 1164  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:51:29.0669 1164  MsMpSvc - ok
14:51:29.0669 1164  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:51:29.0699 1164  MSPCLOCK - ok
14:51:29.0699 1164  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:51:29.0729 1164  MSPQM - ok
14:51:29.0739 1164  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:51:29.0759 1164  MsRPC - ok
14:51:29.0759 1164  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:51:29.0769 1164  mssmbios - ok
14:51:29.0779 1164  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:51:30.0099 1164  MSTEE - ok
14:51:30.0099 1164  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:51:30.0109 1164  MTConfig - ok
14:51:30.0119 1164  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:51:30.0129 1164  Mup - ok
14:51:30.0139 1164  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:51:30.0179 1164  napagent - ok
14:51:30.0179 1164  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:51:30.0199 1164  NativeWifiP - ok
14:51:30.0209 1164  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:51:30.0239 1164  NDIS - ok
14:51:30.0239 1164  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:51:30.0279 1164  NdisCap - ok
14:51:30.0279 1164  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:51:30.0309 1164  NdisTapi - ok
14:51:30.0309 1164  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:51:30.0349 1164  Ndisuio - ok
14:51:30.0349 1164  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:51:30.0379 1164  NdisWan - ok
14:51:30.0389 1164  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:51:30.0419 1164  NDProxy - ok
14:51:30.0429 1164  [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
14:51:30.0439 1164  Netaapl - ok
14:51:30.0439 1164  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:51:30.0469 1164  NetBIOS - ok
14:51:30.0479 1164  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:51:30.0509 1164  NetBT - ok
14:51:30.0519 1164  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:51:30.0529 1164  Netlogon - ok
14:51:30.0529 1164  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:51:30.0569 1164  Netman - ok
14:51:30.0569 1164  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:51:30.0589 1164  NetMsmqActivator - ok
14:51:30.0589 1164  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:51:30.0599 1164  NetPipeActivator - ok
14:51:30.0609 1164  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:51:30.0649 1164  netprofm - ok
14:51:30.0649 1164  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:51:30.0659 1164  NetTcpActivator - ok
14:51:30.0669 1164  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:51:30.0679 1164  NetTcpPortSharing - ok
14:51:30.0729 1164  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
14:51:30.0819 1164  netw5v64 - ok
14:51:30.0829 1164  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:51:30.0839 1164  nfrd960 - ok
14:51:30.0839 1164  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:51:30.0859 1164  NisDrv - ok
14:51:30.0859 1164  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
14:51:30.0879 1164  NisSrv - ok
14:51:30.0889 1164  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:51:30.0919 1164  NlaSvc - ok
14:51:30.0929 1164  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:51:30.0959 1164  Npfs - ok
14:51:30.0969 1164  [ 394BE69E33DF78FD1A942124B985F7EA ] NPWService      C:\Program Files (x86)\Generic\Network Printer Wizard\NPWService.exe
14:51:31.0019 1164  NPWService ( UnsignedFile.Multi.Generic ) - warning
14:51:31.0019 1164  NPWService - detected UnsignedFile.Multi.Generic (1)
14:51:31.0029 1164  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:51:31.0059 1164  nsi - ok
14:51:31.0069 1164  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:51:31.0099 1164  nsiproxy - ok
14:51:31.0119 1164  [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:51:31.0159 1164  Ntfs - ok
14:51:31.0159 1164  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:51:31.0189 1164  Null - ok
14:51:31.0199 1164  [ D4FA3EA39C6E919103DAA24FAB48B329 ] NUS_Bus         C:\Windows\system32\DRIVERS\NUS_Bus.sys
14:51:31.0209 1164  NUS_Bus - ok
14:51:31.0209 1164  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:51:31.0229 1164  nvraid - ok
14:51:31.0229 1164  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:51:31.0239 1164  nvstor - ok
14:51:31.0249 1164  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:51:31.0259 1164  nv_agp - ok
14:51:31.0269 1164  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:51:31.0289 1164  odserv - ok
14:51:31.0289 1164  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:51:31.0299 1164  ohci1394 - ok
14:51:31.0309 1164  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:51:31.0319 1164  ose - ok
14:51:31.0329 1164  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:51:31.0339 1164  p2pimsvc - ok
14:51:31.0349 1164  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:51:31.0369 1164  p2psvc - ok
14:51:31.0369 1164  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:51:31.0389 1164  Parport - ok
14:51:31.0389 1164  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:51:31.0399 1164  partmgr - ok
14:51:31.0409 1164  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:51:31.0429 1164  PcaSvc - ok
14:51:31.0429 1164  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:51:31.0449 1164  pci - ok
14:51:31.0449 1164  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:51:31.0459 1164  pciide - ok
14:51:31.0469 1164  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:51:31.0479 1164  pcmcia - ok
14:51:31.0479 1164  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:51:31.0489 1164  pcw - ok
14:51:31.0499 1164  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:51:31.0539 1164  PEAUTH - ok
14:51:31.0559 1164  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:51:31.0589 1164  PeerDistSvc - ok
14:51:31.0609 1164  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:51:31.0629 1164  PerfHost - ok
14:51:31.0649 1164  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:51:31.0699 1164  pla - ok
14:51:31.0699 1164  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:51:31.0719 1164  PlugPlay - ok
14:51:31.0739 1164  [ 30A72FBE14196E659714566571763785 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
14:51:31.0759 1164  PMBDeviceInfoProvider - ok
14:51:31.0759 1164  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:51:31.0769 1164  PNRPAutoReg - ok
14:51:31.0779 1164  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:51:31.0789 1164  PNRPsvc - ok
14:51:31.0799 1164  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:51:31.0839 1164  PolicyAgent - ok
14:51:31.0849 1164  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:51:31.0879 1164  Power - ok
14:51:31.0879 1164  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:51:31.0919 1164  PptpMiniport - ok
14:51:31.0919 1164  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
14:51:31.0929 1164  Processor - ok
14:51:31.0939 1164  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
14:51:31.0969 1164  ProfSvc - ok
14:51:31.0969 1164  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:51:31.0989 1164  ProtectedStorage - ok
14:51:31.0989 1164  [ C2C5F5D150605FD14FA2ABDE88DB2020 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
14:51:31.0999 1164  psadd - ok
14:51:31.0999 1164  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:51:32.0029 1164  Psched - ok
14:51:32.0039 1164  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:51:32.0049 1164  PxHlpa64 - ok
14:51:32.0069 1164  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:51:32.0099 1164  ql2300 - ok
14:51:32.0109 1164  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:51:32.0119 1164  ql40xx - ok
14:51:32.0119 1164  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:51:32.0139 1164  QWAVE - ok
14:51:32.0149 1164  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:51:32.0159 1164  QWAVEdrv - ok
14:51:32.0169 1164  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:51:32.0199 1164  RasAcd - ok
14:51:32.0199 1164  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:51:32.0229 1164  RasAgileVpn - ok
14:51:32.0239 1164  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:51:32.0269 1164  RasAuto - ok
14:51:32.0279 1164  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:51:32.0309 1164  Rasl2tp - ok
14:51:32.0309 1164  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:51:32.0349 1164  RasMan - ok
14:51:32.0349 1164  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:51:32.0389 1164  RasPppoe - ok
14:51:32.0389 1164  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:51:32.0419 1164  RasSstp - ok
14:51:32.0429 1164  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:51:32.0459 1164  rdbss - ok
14:51:32.0469 1164  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:51:32.0479 1164  rdpbus - ok
14:51:32.0479 1164  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:51:32.0509 1164  RDPCDD - ok
14:51:32.0519 1164  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:51:32.0529 1164  RDPDR - ok
14:51:32.0539 1164  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:51:32.0569 1164  RDPENCDD - ok
14:51:32.0569 1164  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:51:32.0599 1164  RDPREFMP - ok
14:51:32.0609 1164  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:51:32.0619 1164  RDPWD - ok
14:51:32.0629 1164  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:51:32.0639 1164  rdyboost - ok
14:51:32.0669 1164  [ 164B20F948F662995E4435A0BEC270F2 ] Remote Solver for Flow Simulation 2012 D:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe
14:51:32.0689 1164  Remote Solver for Flow Simulation 2012 - ok
14:51:32.0699 1164  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:51:32.0729 1164  RemoteAccess - ok
14:51:32.0729 1164  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:51:32.0769 1164  RemoteRegistry - ok
14:51:32.0769 1164  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:51:32.0789 1164  RFCOMM - ok
14:51:32.0789 1164  [ F45D6E12EB99A668F52201637C67C8F5 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
14:51:32.0809 1164  rimmptsk - ok
14:51:32.0809 1164  [ EAC02ED935A9C1F2DDD8D985C465B854 ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
14:51:32.0819 1164  rimsptsk - ok
14:51:32.0829 1164  [ 931A8F843B4120DF527C3684DAF77FD9 ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
14:51:32.0839 1164  rismxdp - ok
14:51:32.0839 1164  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:51:32.0879 1164  RpcEptMapper - ok
14:51:32.0879 1164  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:51:32.0889 1164  RpcLocator - ok
14:51:32.0899 1164  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:51:32.0939 1164  RpcSs - ok
14:51:32.0939 1164  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:51:32.0969 1164  rspndr - ok
14:51:32.0979 1164  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:51:32.0989 1164  s3cap - ok
14:51:32.0989 1164  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:51:32.0999 1164  SamSs - ok
14:51:33.0009 1164  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:51:33.0019 1164  sbp2port - ok
14:51:33.0029 1164  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:51:33.0059 1164  SCardSvr - ok
14:51:33.0059 1164  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:51:33.0089 1164  scfilter - ok
14:51:33.0109 1164  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:51:33.0149 1164  Schedule - ok
14:51:33.0159 1164  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:51:33.0189 1164  SCPolicySvc - ok
14:51:33.0189 1164  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
14:51:33.0209 1164  sdbus - ok
14:51:33.0209 1164  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:51:33.0229 1164  SDRSVC - ok
14:51:33.0229 1164  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:51:33.0259 1164  secdrv - ok
14:51:33.0269 1164  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:51:33.0299 1164  seclogon - ok
14:51:33.0299 1164  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:51:33.0329 1164  SENS - ok
14:51:33.0339 1164  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:51:33.0349 1164  SensrSvc - ok
14:51:33.0349 1164  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:51:33.0369 1164  Serenum - ok
14:51:33.0369 1164  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:51:33.0379 1164  Serial - ok
14:51:33.0389 1164  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:51:33.0399 1164  sermouse - ok
14:51:33.0409 1164  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:51:33.0439 1164  SessionEnv - ok
14:51:33.0439 1164  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
14:51:33.0459 1164  sffdisk - ok
14:51:33.0459 1164  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:51:33.0479 1164  sffp_mmc - ok
14:51:33.0479 1164  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
14:51:33.0489 1164  sffp_sd - ok
14:51:33.0499 1164  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:51:33.0509 1164  sfloppy - ok
14:51:33.0519 1164  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:51:33.0549 1164  SharedAccess - ok
14:51:33.0559 1164  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:51:33.0599 1164  ShellHWDetection - ok
14:51:33.0599 1164  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:51:33.0609 1164  SiSRaid2 - ok
14:51:33.0619 1164  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:51:33.0629 1164  SiSRaid4 - ok
14:51:33.0629 1164  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:51:33.0659 1164  Smb - ok
14:51:33.0669 1164  [ E11C9E13E92DA6747363924CFFCBD7EF ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
14:51:33.0679 1164  SmbDrvI - ok
14:51:33.0689 1164  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:51:33.0699 1164  SNMPTRAP - ok
14:51:33.0699 1164  [ 4945020BC094C322571184A6E8056B3A ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
14:51:33.0799 1164  SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - warning
14:51:33.0799 1164  SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic (1)
14:51:33.0809 1164  [ 777B4A39A65854C39C581DD129F946B3 ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
14:51:33.0829 1164  SplashtopRemoteService - ok
14:51:33.0829 1164  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:51:33.0839 1164  spldr - ok
14:51:33.0849 1164  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
14:51:33.0889 1164  Spooler - ok
14:51:33.0929 1164  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:51:34.0009 1164  sppsvc - ok
14:51:34.0009 1164  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:51:34.0049 1164  sppuinotify - ok
14:51:34.0059 1164  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:51:34.0069 1164  srv - ok
14:51:34.0079 1164  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:51:34.0099 1164  srv2 - ok
14:51:34.0099 1164  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:51:34.0119 1164  SrvHsfHDA - ok
14:51:34.0139 1164  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:51:34.0169 1164  SrvHsfV92 - ok
14:51:34.0179 1164  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:51:34.0199 1164  SrvHsfWinac - ok
14:51:34.0209 1164  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:51:34.0219 1164  srvnet - ok
14:51:34.0219 1164  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:51:34.0259 1164  SSDPSRV - ok
14:51:34.0259 1164  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:51:34.0289 1164  SstpSvc - ok
14:51:34.0309 1164  [ F9AEDD871E1CD759B95728C9B935D203 ] SSUService      C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
14:51:34.0319 1164  SSUService - ok
14:51:34.0329 1164  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:51:34.0339 1164  stexstor - ok
14:51:34.0349 1164  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:51:34.0369 1164  stisvc - ok
14:51:34.0379 1164  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:51:34.0389 1164  storflt - ok
14:51:34.0389 1164  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
14:51:34.0399 1164  StorSvc - ok
14:51:34.0409 1164  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:51:34.0419 1164  storvsc - ok
14:51:34.0419 1164  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:51:34.0429 1164  swenum - ok
14:51:34.0439 1164  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:51:34.0459 1164  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:51:34.0459 1164  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:51:34.0469 1164  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:51:34.0499 1164  swprv - ok
14:51:34.0509 1164  [ BB3E8D7B5165672A71392DB27028144B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:51:34.0529 1164  SynTP - ok
14:51:34.0549 1164  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:51:34.0589 1164  SysMain - ok
14:51:34.0589 1164  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:51:34.0609 1164  TabletInputService - ok
14:51:34.0619 1164  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:51:34.0649 1164  TapiSrv - ok
14:51:34.0659 1164  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:51:34.0689 1164  TBS - ok
14:51:34.0709 1164  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:51:34.0749 1164  Tcpip - ok
14:51:34.0779 1164  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:51:34.0809 1164  TCPIP6 - ok
14:51:34.0819 1164  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:51:34.0849 1164  tcpipreg - ok
14:51:34.0849 1164  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:51:34.0859 1164  TDPIPE - ok
14:51:34.0869 1164  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:51:34.0879 1164  TDTCP - ok
14:51:34.0879 1164  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:51:34.0909 1164  tdx - ok
14:51:34.0919 1164  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:51:34.0929 1164  TermDD - ok
14:51:34.0939 1164  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:51:34.0979 1164  TermService - ok
14:51:34.0979 1164  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:51:34.0999 1164  Themes - ok
14:51:34.0999 1164  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:51:35.0039 1164  THREADORDER - ok
14:51:35.0039 1164  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
14:51:35.0049 1164  TPM - ok
14:51:35.0059 1164  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:51:35.0089 1164  TrkWks - ok
14:51:35.0099 1164  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:51:35.0129 1164  TrustedInstaller - ok
14:51:35.0129 1164  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:51:35.0169 1164  tssecsrv - ok
14:51:35.0169 1164  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:51:35.0179 1164  TsUsbFlt - ok
14:51:35.0189 1164  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:51:35.0199 1164  TsUsbGD - ok
14:51:35.0199 1164  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:51:35.0229 1164  tunnel - ok
14:51:35.0239 1164  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:51:35.0249 1164  uagp35 - ok
14:51:35.0259 1164  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:51:35.0289 1164  udfs - ok
14:51:35.0359 1164  [ A3A5DCF65B4AC8D98C7E2DD9B58B37A3 ] UGS License Server (ugslmd) D:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe
14:51:35.0619 1164  UGS License Server (ugslmd) - ok
14:51:35.0619 1164  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:51:35.0639 1164  UI0Detect - ok
14:51:35.0639 1164  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:51:35.0649 1164  uliagpkx - ok
14:51:35.0659 1164  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:51:35.0669 1164  umbus - ok
14:51:35.0669 1164  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:51:35.0679 1164  UmPass - ok
14:51:35.0689 1164  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
14:51:35.0699 1164  UmRdpService - ok
14:51:35.0709 1164  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:51:35.0749 1164  upnphost - ok
14:51:35.0749 1164  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:51:35.0759 1164  USBAAPL64 - ok
14:51:35.0769 1164  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:51:35.0779 1164  usbccgp - ok
14:51:35.0789 1164  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:51:35.0799 1164  usbcir - ok
14:51:35.0809 1164  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:51:35.0819 1164  usbehci - ok
14:51:35.0829 1164  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:51:35.0839 1164  usbhub - ok
14:51:35.0849 1164  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:51:35.0859 1164  usbohci - ok
14:51:35.0859 1164  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:51:35.0869 1164  usbprint - ok
14:51:35.0879 1164  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:51:35.0889 1164  usbscan - ok
14:51:35.0899 1164  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:51:35.0909 1164  USBSTOR - ok
14:51:35.0909 1164  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:51:35.0919 1164  usbuhci - ok
14:51:35.0929 1164  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:51:35.0959 1164  UxSms - ok
14:51:35.0959 1164  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:51:35.0979 1164  VaultSvc - ok
14:51:35.0979 1164  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
14:51:35.0989 1164  VClone - ok
14:51:35.0989 1164  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:51:35.0999 1164  vdrvroot - ok
14:51:36.0009 1164  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:51:36.0049 1164  vds - ok
14:51:36.0059 1164  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:51:36.0069 1164  vga - ok
14:51:36.0069 1164  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:51:36.0099 1164  VgaSave - ok
14:51:36.0109 1164  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:51:36.0119 1164  vhdmp - ok
14:51:36.0129 1164  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:51:36.0139 1164  viaide - ok
14:51:36.0139 1164  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:51:36.0159 1164  vmbus - ok
14:51:36.0159 1164  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:51:36.0169 1164  VMBusHID - ok
14:51:36.0179 1164  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:51:36.0189 1164  volmgr - ok
14:51:36.0199 1164  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:51:36.0209 1164  volmgrx - ok
14:51:36.0219 1164  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:51:36.0229 1164  volsnap - ok
14:51:36.0239 1164  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:51:36.0249 1164  vsmraid - ok
14:51:36.0269 1164  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:51:36.0329 1164  VSS - ok
14:51:36.0329 1164  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:51:36.0339 1164  vwifibus - ok
14:51:36.0359 1164  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:51:36.0389 1164  W32Time - ok
14:51:36.0399 1164  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:51:36.0409 1164  WacomPen - ok
14:51:36.0419 1164  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:51:36.0449 1164  WANARP - ok
14:51:36.0449 1164  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:51:36.0479 1164  Wanarpv6 - ok
14:51:36.0499 1164  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:51:36.0529 1164  wbengine - ok
14:51:36.0539 1164  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:51:36.0559 1164  WbioSrvc - ok
14:51:36.0559 1164  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:51:36.0579 1164  wcncsvc - ok
14:51:36.0589 1164  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:51:36.0599 1164  WcsPlugInService - ok
14:51:36.0609 1164  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
14:51:36.0619 1164  Wd - ok
14:51:36.0629 1164  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:51:36.0640 1164  Wdf01000 - ok
14:51:36.0650 1164  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:51:36.0680 1164  WdiServiceHost - ok
14:51:36.0680 1164  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:51:36.0700 1164  WdiSystemHost - ok
14:51:36.0710 1164  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:51:36.0730 1164  WebClient - ok
14:51:36.0730 1164  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:51:36.0770 1164  Wecsvc - ok
14:51:36.0770 1164  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:51:36.0810 1164  wercplsupport - ok
14:51:36.0810 1164  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:51:36.0840 1164  WerSvc - ok
14:51:36.0850 1164  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:51:36.0880 1164  WfpLwf - ok
14:51:36.0880 1164  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:51:36.0890 1164  WIMMount - ok
14:51:36.0900 1164  WinDefend - ok
14:51:36.0900 1164  WinHttpAutoProxySvc - ok
14:51:36.0910 1164  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:51:36.0950 1164  Winmgmt - ok
14:51:36.0970 1164  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:51:37.0030 1164  WinRM - ok
14:51:37.0040 1164  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:51:37.0050 1164  WinUsb - ok
14:51:37.0070 1164  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:51:37.0090 1164  Wlansvc - ok
14:51:37.0100 1164  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:51:37.0110 1164  WmiAcpi - ok
14:51:37.0120 1164  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:51:37.0130 1164  wmiApSrv - ok
14:51:37.0130 1164  WMPNetworkSvc - ok
14:51:37.0140 1164  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:51:37.0150 1164  WPCSvc - ok
14:51:37.0160 1164  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:51:37.0170 1164  WPDBusEnum - ok
14:51:37.0180 1164  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:51:37.0210 1164  ws2ifsl - ok
14:51:37.0210 1164  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:51:37.0230 1164  wscsvc - ok
14:51:37.0230 1164  WSearch - ok
14:51:37.0270 1164  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:51:37.0320 1164  wuauserv - ok
14:51:37.0320 1164  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:51:37.0360 1164  WudfPf - ok
14:51:37.0360 1164  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:51:37.0390 1164  WUDFRd - ok
14:51:37.0400 1164  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:51:37.0430 1164  wudfsvc - ok
14:51:37.0440 1164  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:51:37.0460 1164  WwanSvc - ok
14:51:37.0470 1164  ================ Scan global ===============================
14:51:37.0470 1164  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:51:37.0480 1164  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:51:37.0480 1164  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:51:37.0490 1164  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:51:37.0500 1164  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:51:37.0500 1164  [Global] - ok
14:51:37.0500 1164  ================ Scan MBR ==================================
14:51:37.0500 1164  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:51:37.0630 1164  \Device\Harddisk0\DR0 - ok
14:51:37.0630 1164  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:51:37.0680 1164  \Device\Harddisk1\DR1 - ok
14:51:37.0680 1164  ================ Scan VBR ==================================
14:51:37.0680 1164  [ 23511E1029063AE482916C6D60D85F82 ] \Device\Harddisk0\DR0\Partition1
14:51:37.0680 1164  \Device\Harddisk0\DR0\Partition1 - ok
14:51:37.0680 1164  [ 805205F65B5D201FC954EEE1F9353421 ] \Device\Harddisk1\DR1\Partition1
14:51:37.0680 1164  \Device\Harddisk1\DR1\Partition1 - ok
14:51:37.0680 1164  ============================================================
14:51:37.0680 1164  Scan finished
14:51:37.0680 1164  ============================================================
14:51:37.0690 3852  Detected object count: 6
14:51:37.0690 3852  Actual detected object count: 6
14:52:42.0133 3852  ADMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:52:42.0133 3852  ADMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:52:42.0133 3852  BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:52:42.0133 3852  BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:52:42.0133 3852  dtsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:52:42.0133 3852  dtsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:52:42.0148 3852  NPWService ( UnsignedFile.Multi.Generic ) - skipped by user
14:52:42.0148 3852  NPWService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:52:42.0148 3852  SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:52:42.0148 3852  SolidWorks Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:52:42.0148 3852  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:52:42.0148 3852  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 25.02.2013, 15:21   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.02.2013, 16:47   #9
KlausdieMaus
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Hier jetzt das Log-Filfe von Combofix:

[code]
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-24.01 - xxx 25.02.2013  15:54:39.1.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.3992.2050 [GMT 1:00]
ausgeführt von:: c:\users\xxx\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-25 bis 2013-02-25  ))))))))))))))))))))))))))))))
.
.
2013-02-25 14:58 . 2013-02-25 14:58	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-24 19:56 . 2013-02-08 00:28	9162192	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{64A82D3E-E09E-43C9-AF44-B93AE3C61CF3}\mpengine.dll
2013-02-24 19:52 . 2013-02-24 19:52	--------	d-----w-	c:\users\xxx\AppData\Roaming\dvdcss
2013-02-23 15:49 . 2013-02-08 00:28	9162192	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-20 12:45 . 2013-02-20 12:51	--------	d-----w-	c:\users\xxx\AppData\Roaming\Sony Corporation
2013-02-20 12:27 . 2007-07-19 17:14	5073256	----a-w-	c:\windows\system32\d3dx9_35.dll
2013-02-20 12:27 . 2007-07-19 17:14	3727720	----a-w-	c:\windows\SysWow64\d3dx9_35.dll
2013-02-20 12:27 . 2006-03-31 11:41	3927248	----a-w-	c:\windows\system32\d3dx9_30.dll
2013-02-20 12:21 . 2013-02-20 12:21	--------	d-----w-	c:\programdata\Sony Corporation
2013-02-20 12:21 . 2013-02-20 12:26	--------	d-----w-	c:\program files (x86)\Sony
2013-02-19 17:01 . 2009-09-03 19:14	57856	----a-w-	c:\windows\system32\drivers\rixdpx64.sys
2013-02-19 17:01 . 2009-09-03 18:59	54784	----a-w-	c:\windows\system32\drivers\rimspx64.sys
2013-02-19 17:01 . 2009-09-03 18:37	67072	----a-w-	c:\windows\system32\drivers\rimmpx64.sys
2013-02-19 17:01 . 2007-07-25 11:48	172032	----a-w-	c:\windows\system32\rixdicon.dll
2013-02-19 17:01 . 2004-09-04 02:00	90112	----a-w-	c:\windows\system32\snymsico.dll
2013-02-16 10:42 . 2013-02-16 10:42	--------	d-----w-	c:\users\xxx\AppData\Roaming\Malwarebytes
2013-02-16 10:41 . 2013-02-16 10:41	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-16 10:41 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-16 10:41 . 2013-02-16 10:41	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-16 10:41 . 2013-02-16 10:41	--------	d-----w-	c:\users\xxx\AppData\Local\Programs
2013-02-15 22:04 . 2013-02-15 22:04	208448	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 16:54 . 2013-02-15 16:54	--------	d-----w-	c:\programdata\FARO Technologies
2013-02-15 16:53 . 2013-02-15 16:53	--------	d-----w-	c:\users\xxx\AppData\Roaming\CAM2 Measure
2013-02-15 16:52 . 2013-02-16 13:57	--------	d-----w-	c:\program files\Common Files\FARO Shared
2013-02-15 16:52 . 2013-02-16 13:57	--------	d-----w-	c:\program files (x86)\Common Files\FARO Shared
2013-02-15 16:52 . 2013-02-15 16:52	--------	d-----w-	c:\programdata\FARO
2013-02-15 16:51 . 2013-02-15 16:51	--------	d-----w-	c:\users\xxx\AppData\Local\Downloaded Installations
2013-02-15 16:43 . 2009-09-21 07:07	71040	----a-w-	c:\windows\system32\drivers\aksdf.sys
2013-02-15 16:43 . 2013-02-15 16:43	--------	d-----w-	c:\program files (x86)\Common Files\Aladdin Shared
2013-02-15 16:43 . 2009-12-16 15:44	3750400	----a-w-	c:\windows\system32\hasplms.exe
2013-02-15 16:43 . 2009-12-16 15:44	3750400	----a-w-	c:\windows\system32\aksllmtp.exe
2013-02-15 16:43 . 2009-08-20 06:02	130816	----a-w-	c:\windows\system32\drivers\aksfridge.sys
2013-02-15 16:43 . 2009-03-13 09:55	318464	----a-w-	c:\windows\system32\drivers\hardlock.sys
2013-02-15 15:05 . 2013-02-15 15:07	--------	d-----w-	c:\programdata\MAGIX
2013-02-15 15:05 . 2013-02-15 15:05	--------	d-----w-	c:\users\xxx\AppData\Roaming\MAGIX
2013-02-14 21:12 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 21:12 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 18:20 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-14 18:20 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-14 18:20 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-14 18:20 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-14 18:20 . 2013-01-04 03:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-02-14 18:20 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-14 18:20 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-14 18:20 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-14 18:20 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-14 18:20 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-02-14 18:20 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-14 18:20 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-06 09:23 . 2013-02-06 09:23	--------	d-----w-	c:\programdata\Splashtop
2013-02-06 09:23 . 2013-02-06 09:23	--------	d-----w-	c:\users\xxx\AppData\Local\{DFCD66BE-CB4F-42AE-A6D3-E634BBBD94E9}
2013-02-04 07:39 . 2008-01-30 16:36	90112	----a-w-	c:\windows\unvise32.exe
2013-02-04 07:35 . 2013-02-04 07:46	--------	d-----w-	c:\program files (x86)\REVisionEffects
2013-02-02 16:27 . 2013-02-02 16:27	--------	d-----w-	c:\users\xxx\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-02-02 11:10 . 2013-02-05 18:48	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2013-02-02 11:02 . 2013-02-02 11:02	--------	d-----w-	c:\programdata\ALM
2013-02-02 10:58 . 2013-02-02 10:58	--------	d-----w-	c:\users\xxx\Adobe Flash Builder 4
2013-02-02 10:53 . 2013-02-02 10:53	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2013-02-02 10:52 . 2013-02-02 10:52	--------	d-----w-	c:\program files (x86)\My Company Name
2013-02-02 10:52 . 2013-02-02 10:52	--------	d-----w-	c:\program files (x86)\Common Files\Sonic Shared
2013-02-02 10:52 . 2013-02-02 10:52	--------	d-----w-	c:\program files (x86)\Common Files\PX Storage Engine
2013-02-02 10:52 . 2009-07-09 02:00	55280	------w-	c:\windows\system32\drivers\PxHlpa64.sys
2013-02-02 10:52 . 2009-06-23 02:00	10224	------w-	c:\windows\system32\drivers\cdralw2k.sys
2013-02-02 10:52 . 2009-06-23 02:00	10224	------w-	c:\windows\system32\drivers\cdr4_xp.sys
2013-02-02 10:51 . 2013-02-02 11:05	--------	d-----w-	c:\program files\Common Files\Adobe
2013-02-02 10:51 . 2013-02-02 11:04	--------	d-----w-	c:\program files\Adobe
2013-02-02 10:50 . 2013-02-02 10:50	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2013-01-30 10:32 . 2013-01-30 10:33	--------	d-----w-	c:\users\xxx\AppData\Local\Smartbar
2013-01-30 10:32 . 2013-01-30 10:32	--------	d-----w-	c:\users\xxx\AppData\Roaming\OpenCandy
2013-01-30 08:30 . 2013-01-30 08:30	--------	d-----w-	c:\programdata\LogiShrd
2013-01-30 08:30 . 2013-01-30 08:30	--------	d-----w-	c:\program files\Common Files\LogiShrd
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-08 12:11 . 2012-10-25 11:53	74096	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 12:11 . 2012-10-25 11:53	697712	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-30 10:53 . 2010-11-21 03:27	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-20 14:59 . 2013-01-20 14:59	230320	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59 . 2012-08-30 20:03	130008	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-04 04:43 . 2013-02-14 18:20	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 12:42	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 12:42	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 12:42	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 12:42	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-11-28 12:21 . 2012-11-28 12:21	95208	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-28 12:21 . 2012-11-28 12:21	821736	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-11-28 12:21 . 2012-11-28 12:21	746984	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-11-28 08:38 . 2012-11-28 08:38	972264	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{094B82FB-40D7-4FA5-8915-0B2A2B511EF8}\gapaengine.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2010-11-21 03:24	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Networking USB Server"="c:\program files (x86)\USB Server\Networking USB Server\Networking USB Server.exe" [2011-01-14 2449408]
"Browser Infrastructure Helper"="c:\users\xxx\AppData\Local\Smartbar\Application\QuickShare.exe" [2013-01-09 13824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-05-04 98304]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"VirtualCloneDrive"="d:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2011-12-16 694328]
.
c:\users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2011-1-24 1090848]
Start 3DxWare.lnk - d:\program files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3dxsrv.exe [2012-10-11 134656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2011-05-31 130048]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;d:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2012-01-20 89160]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-27 1431888]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2012-03-26 22528]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 Remote Solver for Flow Simulation 2012;Remote Solver for Flow Simulation 2012;d:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2011-12-09 113800]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys [2009-09-21 71040]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-05-04 203776]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\ATService.exe [2011-05-31 2715976]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2011-05-31 117760]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe  -run [x]
S2 NPWService;NPWService;c:\program files (x86)\Generic\Network Printer Wizard\NPWService.exe [2012-03-20 798720]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2011-12-16 475192]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2013-01-28 551264]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-01-25 583456]
S2 UGS License Server (ugslmd);UGS-Lizenzserver (ugslmd);d:\program files (x86)\UGS\UGSLicensing\lmgrd.exe [2009-07-07 1510152]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2011-05-31 735616]
S3 e1yexpress;Intel(R) Gigabit-Netzwerkverbindungstreiber;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 EST_BusEnum;Network USB Device Bus;c:\windows\system32\DRIVERS\GenBus.sys [2009-10-06 29696]
S3 EST_Server;Network USB Device;c:\windows\system32\DRIVERS\GenHC.sys [2009-10-06 199168]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-10-13 10629184]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 NUS_Bus;Network USB Server Bus;c:\windows\system32\DRIVERS\NUS_Bus.sys [2010-01-28 30208]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-10-17 44344]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 59779178
*NewlyCreated* - ASWMBR
*Deregistered* - 59779178
*Deregistered* - aswMBR
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-25 12:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\xxx\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"FingerPrintSoftwareSplashScreen"="c:\program files\Lenovo Fingerprint Software\SplashScreen.exe \s" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to MP3 Converter - c:\users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\52p3ld99.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - ExtSQL: 2013-01-30 16:23; helperbar@helperbar.com; c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\52p3ld99.default\extensions\helperbar@helperbar.com
FF - ExtSQL: 2013-02-02 12:10; {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}; d:\programme\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-25  16:00:34
ComboFix-quarantined-files.txt  2013-02-25 15:00
.
Vor Suchlauf: 13 Verzeichnis(se), 14.711.508.992 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 14.854.184.960 Bytes frei
.
- - End Of File - - EC6F2B8F4467AAACAFE9F2448528EDBD
         
--- --- ---

Alt 25.02.2013, 16:57   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.02.2013, 17:22   #11
KlausdieMaus
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Windows 7 Professional x64
Ran by xxx on 25.02.2013 at 17:01:54,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\windows\currentversion\run\\browser infrastructure helper
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} 



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\smartbarbackup
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{31ad400d-1b06-4e33-a59a-90c2c140cba0}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ae07101b-46d4-4a98-af68-0333ea26e113}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\xxx\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\xxx\AppData\Roaming\opencandy"
Failed to delete: [Folder] "C:\Users\xxx\appdata\local\smartbar"
Successfully deleted: [Folder] "C:\Users\xxx\appdata\locallow\smartbar"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\52p3ld99.default\extensions\helperbar@helperbar.com
Emptied folder: C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\52p3ld99.default\minidumps [92 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.02.2013 at 17:08:02,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.113 - Datei am 25/02/2013 um 17:09:58 erstellt
# Aktualisiert am 23/02/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : xxx - xxx-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\xxx\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\xxx\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\xxx\AppData\Local\Temp\Smartbar

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\SmartbarLog
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0 (de)

Datei : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\52p3ld99.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1792 octets] - [25/02/2013 17:09:58]

########## EOF - C:\AdwCleaner[S1].txt - [1852 octets] ##########
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 25.02.2013 17:15:39 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxx\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 64,76% Memory free
7,80 Gb Paging File | 6,26 Gb Available in Paging File | 80,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 14,55 Gb Free Space | 24,41% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 151,41 Gb Free Space | 32,51% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\xxx\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
PRC - C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - D:\Program Files (x86)\UGS\UGSLicensing\ugslmd.exe ()
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.)
PRC - C:\Program Files (x86)\USB Server\Networking USB Server\Networking USB Server.exe ()
PRC - D:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe (Acresso Software Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\Networking USB Server.exe ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\PSMDLL.dll ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\DCPDLL.dll ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\UNTPDLL.dll ()
MOD - C:\Program Files (x86)\USB Server\Networking USB Server\ESTLogDLL.dll ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (dtsvc) -- C:\Windows\SysNative\DTS.exe ()
SRV:64bit: - (ADMonitor) -- C:\Windows\SysNative\ADMonitor.exe ()
SRV:64bit: - (ATService) -- C:\Windows\SysNative\ATService.exe (AuthenTec, Inc.)
SRV:64bit: - (hasplms) -- C:\Windows\SysNative\hasplms.exe (SafeNet Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SplashtopRemoteService) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe (Splashtop Inc.)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SSUService) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe (Splashtop Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
SRV - (SolidWorks Licensing Service) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (NPWService) -- C:\Program Files (x86)\Generic\Network Printer Wizard\NPWService.exe ()
SRV - (CoordinatorServiceHost) -- D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (Remote Solver for Flow Simulation 2012) -- D:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe (Mentor Graphics Corporation)
SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (UGS License Server (ugslmd) -- D:\Program Files (x86)\UGS\UGSLicensing\lmgrd.exe (Acresso Software Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ATSwpWDF) -- C:\Windows\SysNative\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (NUS_Bus) -- C:\Windows\SysNative\drivers\NUS_Bus.sys (Elite Silicon Technology Inc.)
DRV:64bit: - (psadd) -- C:\Windows\SysNative\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV:64bit: - (EST_Server) -- C:\Windows\SysNative\drivers\GenHC.sys ( )
DRV:64bit: - (EST_BusEnum) -- C:\Windows\SysNative\drivers\GenBus.sys ( )
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (aksdf) -- C:\Windows\SysNative\drivers\aksdf.sys (Aladdin Knowledge Systems Ltd.)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (aksfridge) -- C:\Windows\SysNative\drivers\aksfridge.sys (Aladdin Knowledge Systems Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hardlock) -- C:\Windows\SysNative\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 12 11 B4 A2 B2 CD 01  [binary data]
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: D:\Programme\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2013.02.02 12:10:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.20 11:52:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.10.25 12:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2013.02.25 17:07:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\52p3ld99.default\extensions
[2012.12.11 18:10:40 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\52p3ld99.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.14 19:40:57 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\52p3ld99.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.20 11:52:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.20 11:52:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.02.20 11:52:25 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.20 11:52:25 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.20 11:52:25 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.20 11:52:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.20 11:52:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.20 11:52:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programme\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [FingerPrintSoftware] C:\Program Files\Lenovo Fingerprint Software\fpapp.exe (AuthenTec)
O4:64bit: - HKLM..\Run: [FingerPrintSoftwareSplashScreen] C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe (AuthenTec, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-116213940-2147198843-1770016352-1001..\Run: [Networking USB Server] C:\Program Files (x86)\USB Server\Networking USB Server\Networking USB Server.exe ()
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files (x86)\Generic\Network Printer Wizard\NPWprint.dll (Elite Silicon Technology Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82136C0A-C63B-4089-86B7-98BE6EF9754C}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBE22D0F-ADEA-42D7-8D20-3FA6425D1123}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\ATFUS: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.25 17:01:52 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.02.25 17:01:42 | 000,000,000 | ---D | C] -- C:\JRT
[2013.02.25 16:59:07 | 000,547,439 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\xxx\Desktop\JRT.exe
[2013.02.25 16:44:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.25 15:43:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.02.25 15:43:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.02.25 15:43:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.02.25 15:43:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.02.25 15:43:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.02.25 15:41:25 | 005,034,894 | R--- | C] (Swearware) -- C:\Users\xxx\Desktop\ComboFix.exe
[2013.02.25 14:48:59 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\xxx\Desktop\tdsskiller.exe
[2013.02.25 14:27:19 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\xxx\Desktop\aswMBR.exe
[2013.02.24 20:52:04 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\dvdcss
[2013.02.23 15:40:35 | 000,000,000 | ---D | C] -- C:\Users\xxx\Desktop\mbar
[2013.02.22 17:11:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2013.02.20 13:45:22 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Sony Corporation
[2013.02.20 13:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
[2013.02.20 13:27:24 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013.02.20 13:27:24 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2013.02.20 13:27:23 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013.02.20 13:27:23 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013.02.20 13:21:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2013.02.20 13:21:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013.02.20 13:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Data Converter
[2013.02.20 11:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.19 18:01:08 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\SysNative\rixdicon.dll
[2013.02.19 18:01:08 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\snymsico.dll
[2013.02.19 18:01:08 | 000,067,072 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimmpx64.sys
[2013.02.19 18:01:08 | 000,057,856 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rixdpx64.sys
[2013.02.19 18:01:08 | 000,054,784 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimspx64.sys
[2013.02.16 11:42:06 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Malwarebytes
[2013.02.16 11:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.16 11:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.16 11:41:51 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.16 11:41:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.16 11:41:44 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Programs
[2013.02.15 17:54:22 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\CAM2 Measure 10
[2013.02.15 17:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\FARO Technologies
[2013.02.15 17:53:57 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\CAM2 Measure
[2013.02.15 17:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FARO
[2013.02.15 17:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FARO Shared
[2013.02.15 17:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\FARO Shared
[2013.02.15 17:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\FARO
[2013.02.15 17:51:32 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Downloaded Installations
[2013.02.15 17:50:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2013.02.15 17:43:28 | 000,071,040 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksdf.sys
[2013.02.15 17:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aladdin Shared
[2013.02.15 17:43:26 | 003,750,400 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\hasplms.exe
[2013.02.15 17:43:26 | 003,750,400 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\aksllmtp.exe
[2013.02.15 17:43:25 | 000,130,816 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksfridge.sys
[2013.02.15 17:43:23 | 000,318,464 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\hardlock.sys
[2013.02.15 16:07:05 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\MAGIX_Guitar_Backing_Maker
[2013.02.15 16:07:05 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\MAGIX Downloads
[2013.02.15 16:05:41 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\MAGIX
[2013.02.15 16:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2013.02.14 22:11:43 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.14 22:11:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.14 22:11:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.14 22:11:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.14 22:11:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.14 22:11:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.14 22:11:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.14 22:11:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.14 22:11:41 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.14 22:11:41 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.14 22:11:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.14 22:11:40 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.14 22:11:39 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.14 22:11:38 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.14 22:11:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.14 19:20:59 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.14 19:20:59 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.14 19:20:58 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.14 19:20:53 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.14 19:20:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.14 19:20:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.14 19:20:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.14 19:20:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.14 19:20:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.14 19:20:50 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.06 10:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2013.02.06 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\{DFCD66BE-CB4F-42AE-A6D3-E634BBBD94E9}
[2013.02.04 08:39:16 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2013.02.04 08:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twixtor 5, After Effects-compatible plugin set
[2013.02.04 08:35:30 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REVisionEffects
[2013.02.04 08:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REVisionEffects
[2013.02.02 17:27:32 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.02.02 12:10:38 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\Adobe
[2013.02.02 12:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013.02.02 12:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2013.02.02 11:58:07 | 000,000,000 | ---D | C] -- C:\Users\xxx\Adobe Flash Builder 4
[2013.02.02 11:56:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2013.02.02 11:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2013.02.02 11:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013.02.02 11:52:57 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2013.02.02 11:52:57 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2013.02.02 11:52:57 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2013.02.02 11:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013.02.02 11:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013.02.02 11:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2013.02.02 11:51:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.02.02 11:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.02.02 11:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
[2013.02.02 11:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013.01.30 11:32:35 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\My Cheat Tables
[2013.01.30 09:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2013.01.30 09:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2013.01.30 09:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2012.12.13 16:20:29 | 000,047,104 | --S- | C] (WexTech Systems, Inc.) -- C:\Users\xxx\ntuser.sys
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.25 17:15:30 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.25 17:15:30 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.25 17:15:30 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.25 17:15:30 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.25 17:15:30 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.25 17:11:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.25 17:11:00 | 3139,457,024 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.25 17:00:18 | 000,594,019 | ---- | M] () -- C:\Users\xxx\Desktop\adwcleaner.exe
[2013.02.25 16:59:38 | 000,547,439 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\xxx\Desktop\JRT.exe
[2013.02.25 16:59:18 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.25 16:59:18 | 000,020,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.25 16:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.25 15:41:47 | 005,034,894 | R--- | M] (Swearware) -- C:\Users\xxx\Desktop\ComboFix.exe
[2013.02.25 14:49:04 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\xxx\Desktop\tdsskiller.exe
[2013.02.25 14:47:30 | 000,000,512 | ---- | M] () -- C:\Users\xxx\Desktop\MBR.dat
[2013.02.25 14:28:46 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\xxx\Desktop\aswMBR.exe
[2013.02.23 16:05:54 | 000,376,832 | ---- | M] () -- C:\Users\xxx\Desktop\gmer_2.1.19081.exe
[2013.02.23 15:40:29 | 013,711,621 | ---- | M] () -- C:\Users\xxx\Desktop\mbar-1.01.0.1020.zip
[2013.02.22 17:11:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe
[2013.02.20 13:28:41 | 000,002,099 | ---- | M] () -- C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
[2013.02.20 13:28:41 | 000,001,303 | ---- | M] () -- C:\Users\Public\Desktop\PlayMemories Home.lnk
[2013.02.20 13:21:37 | 000,002,354 | ---- | M] () -- C:\Users\Public\Desktop\Image Data Converter Ver. 4.lnk
[2013.02.19 22:35:47 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.02.16 15:35:02 | 004,994,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.16 15:31:33 | 001,590,506 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.16 11:41:56 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.08 13:11:22 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.08 13:11:22 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.05 19:52:21 | 000,000,132 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Adobe PNG Format CS5 Prefs
 
========== Files Created - No Company Name ==========
 
[2013.02.25 17:00:13 | 000,594,019 | ---- | C] () -- C:\Users\xxx\Desktop\adwcleaner.exe
[2013.02.25 15:43:50 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.02.25 15:43:50 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.02.25 15:43:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.02.25 15:43:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.02.25 15:43:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.02.25 14:47:30 | 000,000,512 | ---- | C] () -- C:\Users\xxx\Desktop\MBR.dat
[2013.02.23 16:05:53 | 000,376,832 | ---- | C] () -- C:\Users\xxx\Desktop\gmer_2.1.19081.exe
[2013.02.23 15:36:41 | 013,711,621 | ---- | C] () -- C:\Users\xxx\Desktop\mbar-1.01.0.1020.zip
[2013.02.20 13:51:58 | 002,897,913 | ---- | C] () -- C:\Users\xxx\Desktop\Handbook Sony Alpha 57.pdf
[2013.02.20 13:28:41 | 000,002,099 | ---- | C] () -- C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
[2013.02.20 13:28:41 | 000,001,315 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
[2013.02.20 13:28:41 | 000,001,303 | ---- | C] () -- C:\Users\Public\Desktop\PlayMemories Home.lnk
[2013.02.20 13:21:37 | 000,002,354 | ---- | C] () -- C:\Users\Public\Desktop\Image Data Converter Ver. 4.lnk
[2013.02.16 11:41:56 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.15 17:48:27 | 001,590,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.05 19:48:36 | 000,000,132 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013.02.02 11:50:50 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012.12.02 15:23:04 | 000,007,605 | ---- | C] () -- C:\Users\xxx\AppData\Local\resmon.resmoncfg
[2012.10.28 15:21:06 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012.10.28 15:21:05 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012.10.27 12:17:31 | 000,000,000 | ---- | C] () -- C:\Users\xxx\AppData\Local\Temptable.xml
[2012.10.27 12:00:17 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2012.10.25 12:29:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.10.25 12:28:24 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.10.25 12:26:57 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012.10.25 12:26:57 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012.10.25 12:26:55 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012.10.25 12:26:52 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.10.11 14:51:44 | 000,045,568 | ---- | C] () -- C:\Windows\SysWow64\spwini.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 25.02.2013 17:15:39 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\xxx\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 64,76% Memory free
7,80 Gb Paging File | 6,26 Gb Available in Paging File | 80,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 14,55 Gb Free Space | 24,41% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 151,41 Gb Free Space | 32,51% Space Free | Partition Type: NTFS
 
Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- D:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B7B144B-7434-4F08-9E05-7F8A69594780}" = rport=445 | protocol=6 | dir=out | app=system | 
"{1FC0706E-2BCA-4A2B-BF23-6298FEB4A3B5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2C702A08-9994-4ECF-9F0C-A48685C7E4A2}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3C27CB04-906A-4C88-A33C-8BB8312066F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{3E2331FE-E635-4845-9915-6C4B7BBFB3F9}" = rport=137 | protocol=17 | dir=out | app=system | 
"{59AB1611-4003-4CB0-917A-66D275D66DCF}" = lport=137 | protocol=17 | dir=in | app=system | 
"{63A3A89D-EAB9-45F3-8958-F96B04F2CF29}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{766B0694-8150-4372-9B29-EB7E8BBB39BE}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8B46BFF3-DD19-4800-97E6-FDCA3BCFB7D1}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{92F1444D-09AB-4817-AEC3-110C48C44C2A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{97D24A08-496C-4E2C-BABD-0AADCFD270E2}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A07088F2-4D92-4D48-B5A0-A05915C6BACE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A2A98502-C940-47C7-A0B4-4586317DBDF6}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A30310CF-53F5-4C6D-A125-445EF734762D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A37BDF22-FD34-413D-A084-F09412CC3F3A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A49AC1CC-0636-467A-9F5F-FE1764446BBD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AE9E086F-CD6D-443B-958E-A44153BDE676}" = rport=139 | protocol=6 | dir=out | app=system | 
"{B6A3986F-3895-4DB7-BCC8-C410888A9F33}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{BA096E2A-E65D-4B56-9699-337423363FBB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BF03673E-99AF-4D0B-A717-A08B5860F658}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{D040CB78-E0C6-4A03-88B5-FD0FE1FE9F00}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D803ABB1-4952-4DEC-80A9-BBD9D184B21B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{D9CB038E-CEAA-4F86-B7DD-653E334DC2F3}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01BB1AB8-1C65-46BB-828B-09729F60B8C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{09021C51-3DC6-4F9E-95EB-71DF6A199A22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0E19A5D3-184F-414B-B8A8-20261689F6E4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{1D78FED2-AE03-4982-A439-BF13DBA29E0D}" = protocol=17 | dir=in | app=d:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
"{1EBA4EF4-6505-4B04-8C68-5C5A9A6CC591}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{2278E8C5-FB51-43FA-8C5D-3B369296C716}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{270D3CCB-27C1-4F0F-8D5A-8CBEB1D3237F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{30ADEE46-BEB7-48FB-90DC-96C1264D1702}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{34DAEBB2-2374-42D8-A608-7AECEABBD4C5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{3D6D5714-AB97-494A-ADB4-B0523154AFDA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{47DC1C61-8500-4859-886E-A1E0D3BA2BEB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{48C2C648-FAD6-47C1-98E7-4B68A392D156}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{4A042569-E1BC-484B-8F65-0988CE8F35B1}" = protocol=17 | dir=in | app=c:\program files (x86)\usb server\networking usb server\networking usb server.exe | 
"{4DFFFF5A-A241-44AD-971F-87EE0008212E}" = protocol=6 | dir=out | app=system | 
"{4E8AA6C7-FCB6-4704-A54C-F102ADFF514B}" = protocol=6 | dir=in | app=d:\program files\solidworks corp\solidworks\photoview\photoview360_cl.exe | 
"{501BA514-13B2-461C-9B0B-252567A2E436}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{54EF3DF0-5C01-47D9-A134-AED252FA1B57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5647406C-82A2-4D02-B128-A2C9CAAEC2BE}" = protocol=6 | dir=in | app=d:\program files\solidworks corp\solidworks\photoview\photoview360.exe | 
"{5776C540-8C85-46FC-9274-A95C3346C888}" = protocol=6 | dir=in | app=d:\program files\solidworks corp\solidworks\swscheduler\dtscoordinatorservice.exe | 
"{63F41220-A9A7-4ED4-9A5A-DF9E0031F271}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{69E78976-18B3-4070-873D-C0D9F0674A85}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{713498CE-D9B7-4F6E-B7FC-2B1BB9CE2252}" = protocol=17 | dir=in | app=d:\program files\solidworks corp\solidworks\photoview\photoview360_cl.exe | 
"{84458044-0361-4793-9BF7-27488537DB28}" = protocol=6 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8EA2F6A6-2C35-4726-AED1-8D1D17FB68B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{94F1334C-D4A6-4688-AD1F-75EC1B5ABE0F}" = protocol=17 | dir=in | app=c:\windows\system32\hasplms.exe | 
"{9A149BA2-7E80-4377-8D94-06F607953238}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9C9B3407-6CC6-4575-91DC-7BB1ADF76F4C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A28672CB-5B15-41B5-A0DA-E52A41B7C422}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A51EFC27-E5EC-486A-9202-321F0BABA172}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe | 
"{A5C6EC92-6F76-4E33-AEE8-B30EE32F0B6D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AE0F4F8A-CE36-4E21-A048-2824789594CD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{C094958D-9D14-40D9-8F13-99F5EA9A195E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C18B2E6B-A757-4877-BD81-5F613261600E}" = protocol=17 | dir=in | app=d:\program files\solidworks corp\solidworks\photoview\photoview360.exe | 
"{CBC9A6F0-78A8-4074-A0D8-B786021EAF1C}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe | 
"{CC994CA2-29FB-4AC5-AA67-A31E7D6C2AF1}" = protocol=17 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe | 
"{CDBAEAA5-EF90-43EB-B05D-34E4B4102E8C}" = protocol=6 | dir=in | app=c:\windows\system32\hasplms.exe | 
"{DFC755FC-DEEB-42B5-874B-69B77348A660}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{E9EF17D2-104B-41EE-B107-4D8F25886B9C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EA59C951-5CFA-4043-9C56-55C50BC3149C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{F0D658EF-5C83-414A-8787-6FAD3218684B}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe | 
"{F4868C94-3181-4107-972C-AE9BCB455DCC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{F9D5B83E-2944-44CA-8C77-4B4E37858B0D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{FD43CC32-B0F7-488E-B5F1-534C338C003C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"TCP Query User{4D9EED15-B5E2-4612-B5B2-95775EEA6B5F}C:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{6052858E-2E86-4690-84EB-7A70098966E3}D:\program files\siemens\nx 8.0\ugii\ugraf.exe" = protocol=6 | dir=in | app=d:\program files\siemens\nx 8.0\ugii\ugraf.exe | 
"TCP Query User{A65A2546-9C25-4A0C-B317-47A2610DF763}D:\program files\siemens\nx 8.0\ugii\ugraf.exe" = protocol=6 | dir=in | app=d:\program files\siemens\nx 8.0\ugii\ugraf.exe | 
"UDP Query User{5F83B2DE-C8EA-49F9-8E65-40B22135665F}D:\program files\siemens\nx 8.0\ugii\ugraf.exe" = protocol=17 | dir=in | app=d:\program files\siemens\nx 8.0\ugii\ugraf.exe | 
"UDP Query User{C581FA28-F36A-44EF-AD4D-0B8BAF4AFE9D}C:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{CE80F44C-5440-45AB-A772-15CC3C04E1B2}D:\program files\siemens\nx 8.0\ugii\ugraf.exe" = protocol=17 | dir=in | app=d:\program files\siemens\nx 8.0\ugii\ugraf.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{215D88B7-661F-4C71-A7F9-75E53E9A5061}" = SolidWorks eDrawings 2012 x64 Edition SP02
"{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}" = Lenovo Fingerprint Software
"{32F9B623-BDF7-18AC-80F1-32E9B0E25F3A}" = ccc-utility64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C66F076-D3AB-49C8-85D4-BAA6D82FCAE2}" = SolidWorks 2012 x64 Edition SP02
"{4E22D0BC-2A2E-4723-B7E7-F34701EE501E}" = 3Dconnexion 3DxWare (x64)
"{51676C0E-2D18-49F3-A1BE-005DE2654168}" = Siemens NX 8.0
"{542DDF04-9F91-4F36-B2F4-2638B788A4C8}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64E6DF7A-E726-4001-8573-E6A6D6F35454}" = Networking USB Server
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{923D3F31-64AD-4620-88C5-E2451E5E25ED}" = MELTEC Device Drivers x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9B0EAC89-4331-A96E-C7D3-754192589BEE}" = ATI Catalyst Install Manager
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1BF0EE8-216A-4212-9CF3-FC9551507556}" = FaroArm USB Driver 5
"{B8F5E355-C43B-4860-B690-D79CB5B0186D}" = 3Dconnexion Add-In for Solid Edge V18 - ST5
"{C2DBF59B-1D2C-44E9-A52A-93ACDAD9D27B}" = 3Dconnexion Plug-In for NX v3.0 - v8.5
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CEECF49B-552B-44E7-8F59-CCD9C98378AE}" = 3Dconnexion Add-In for SolidWorks 2005 - 2013
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D3CB988F-2A25-4AD5-BE84-24349E9CCCD8}" = SolidWorks 2012 x64 German Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{EB9400D5-6289-4F9F-9B79-B3528101C0C7}" = SolidWorks Flow Simulation 2012 SP02 x64 Edition 
"{F2DF59A0-5C1F-4454-9B67-538F43E2D335}" = Network Printer Wizard
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"05FBE63CF9C9B3424152207E7278CD6DA193C56C" = Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric  (07/02/2010 8.6.0.29)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"ATI Uninstaller" = ATI Uninstaller
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant 20561 SmartAudio HD
"DE7217D2A8B057F15EC6E52329FDAB84231521E8" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430)
"Logitech Unifying" = Logitech Unifying-Software 2.10
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"Power Management Driver" = ThinkPad Power Management Driver
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06A8F063-C727-95AA-F10B-CD8E6B23ED16}" = CCC Help Italian
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2898B91C-B75B-2EC5-4D4C-DD6C286F9485}" = Catalyst Control Center InstallProxy
"{2C4FD7D3-6F3A-45C2-AAAD-929B40346E3F}" = Catalyst Control Center - Branding
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite DCP-7055
"{3DF5B915-A374-78B4-EE86-58346774DEC8}" = PX Profile Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5506986E-3173-E510-82BB-033C18299878}" = Catalyst Control Center Graphics Previews Vista
"{55532499-5676-4DAE-9A57-AEB907A0A1DD}" = QuickShare
"{5626FEDC-04D2-E67D-8261-3C6E7637A923}" = CCC Help German
"{563BBE0C-35F3-B1FF-1AD9-A5426CDEB388}" = CCC Help Korean
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.64.02
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{66F6BD4B-4C2C-B10C-B3D4-7A311EC4FC1C}" = Catalyst Control Center Localization All
"{6AAB8068-BEB6-4CB6-958E-717EA6402467}" = 3Dconnexion Trainer
"{6D236956-B79D-4748-BEA3-A039334A66AB}" = 3Dconnexion Collage
"{6D46B934-2ACE-DC9A-800B-C1831ED0FF85}" = CCC Help English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DA16880-5718-E907-9A9F-EA8F5CBC51DA}" = CCC Help French
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87998E4E-6D9C-411B-AAE9-B8523FFE357D}" = Image Data Converter
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91F4AE26-4989-D770-A6BB-B50EB5BC938D}" = CCC Help Chinese Traditional
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A6085E33-3DC7-1B94-C717-6B9D6686F183}" = CCC Help Chinese Standard
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B40EED7A-63D4-4ED2-910D-9A64FF94DF22}" = UGSLicensing
"{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}" = 3Dconnexion 3DxSoftware (x64 Edition)
"{C85DF163-6DB3-2A03-5E8E-2B059AAA4882}" = CCC Help Dutch
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CF36D287-4610-69E4-A69A-9EF2BFEDB258}" = CCC Help Portuguese
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB042BA1-BD6A-9E4A-C5ED-2CC523D92C7D}" = CCC Help Swedish
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF3FBAA8-A959-72A0-8530-D715855137E1}" = CCC Help Japanese
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{EB325412-D54D-B320-7D77-D4B4A6B9F276}" = ccc-core-static
"{EFB4E818-8A4D-B230-6D41-213D48A2C7B3}" = CCC Help Spanish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{64E6DF7A-E726-4001-8573-E6A6D6F35454}" = Networking USB Server
"InstallShield_{F2DF59A0-5C1F-4454-9B67-538F43E2D335}" = Network Printer Wizard
"JabRef 2.8.1" = JabRef 2.8.1
"LyX205" = LyX 2.0.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NauticTools_is1" = NauticTools
"SolidWorks Installation Manager 20120-40200-1100-100" = SolidWorks 2012 x64 Edition SP02
"Splashtop Software Updater" = Splashtop Software Updater
"Twixtor 5, After Effects-compatible plugin set" = Twixtor 5, After Effects-compatible plugin set
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.5
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-116213940-2147198843-1770016352-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"FLV Player" = FLV Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.02.2013 12:12:56 | Computer Name = xxx-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 25.02.2013 12:10:24 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen 
Status gemeldet: 0
 
Error - 25.02.2013 12:11:12 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
 
< End of report >
         
--- --- ---

Alt 26.02.2013, 00:08   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 26.02.2013, 14:32   #13
KlausdieMaus
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Gestern Abend sind die Fenster wieder automatisch in den Hintergrund gegangen.

Viel hat sich durch die ganzen Programme ja nicht verändert, da nie irgendwas gefunden wurde, oder?

Code:
ATTFilter
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.26.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
xxx :: xxx-PC [Administrator]

26.02.2013 09:28:16
mbam-log-2013-02-26 (09-28-16).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 210146
Laufzeit: 1 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
ESET:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ee36f035a5427541a89448cc301e33cf
# engine=13241
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-02-26 12:31:59
# local_time=2013-02-26 01:31:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 59287696 113511769 0 0
# scanned=440696
# found=0
# cleaned=0
# scan_time=11175
         

Alt 26.02.2013, 23:25   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.02.2013, 09:12   #15
KlausdieMaus
 
Fenster werden automatisch inaktiv - Standard

Fenster werden automatisch inaktiv



Ich habe genau jetzt wieder das Problem, dass die Fenster automatisch inaktiv werden. Das passiert so etwa alle 30s.

Antwort

Themen zu Fenster werden automatisch inaktiv
administrator, aktiv, anti-malware, automatisch, autostart, bestimmte, dateien, erstellt, explorer, klicke, log-file, malwarebytes, nervig, neuinstallation, nichts, problem, service, speicher, suche, texte, thema, version, windows, windows 7



Ähnliche Themen: Fenster werden automatisch inaktiv


  1. Alle Fenster minimieren sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 20.06.2015 (35)
  2. Aktive Fenster werden nach kurzer Zeit inaktiv, fliege aus Spielen, diese sind dann minimiert.
    Plagegeister aller Art und deren Bekämpfung - 15.04.2015 (3)
  3. Chrome öffnet Ads Fenster automatisch
    Plagegeister aller Art und deren Bekämpfung - 10.02.2015 (26)
  4. IE öffnet automatisch Fenster im Firefox
    Plagegeister aller Art und deren Bekämpfung - 28.12.2014 (23)
  5. Fenster öffnet sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 22.09.2014 (1)
  6. Spiele minimieren sich von selbst bzw. Fenster wie zb. Firefox sind einfach inaktiv.
    Plagegeister aller Art und deren Bekämpfung - 10.11.2013 (5)
  7. Fenster werden automatisch inaktiv
    Alles rund um Windows - 02.03.2013 (2)
  8. Aktive Fenster werden nach kurzer Zeit inaktiv, fliege aus Spielen, diese sind dann minimiert...
    Plagegeister aller Art und deren Bekämpfung - 05.12.2012 (20)
  9. Fenster werden Inaktiv / Rechner startet neu
    Log-Analyse und Auswertung - 19.06.2012 (1)
  10. Fenster werden automatisch inaktiv
    Plagegeister aller Art und deren Bekämpfung - 08.11.2011 (23)
  11. Fenster schließen automatisch
    Log-Analyse und Auswertung - 14.09.2011 (1)
  12. Fenster schließen sich automatisch
    Log-Analyse und Auswertung - 18.11.2009 (20)
  13. IE langsam ! AntiVir Guard inaktiv ! Firewall inaktiv ! Bitte helft !
    Log-Analyse und Auswertung - 09.01.2009 (11)
  14. Fenster öffnen sich automatisch im IE
    Log-Analyse und Auswertung - 21.02.2008 (4)
  15. Win2000: aktives Fenster wird inaktiv; DFÜ-Fenster erscheint von selbst
    Log-Analyse und Auswertung - 21.01.2007 (2)
  16. IE-Fenster öffnet sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 20.07.2006 (8)
  17. Fenster schliessen sich Automatisch
    Plagegeister aller Art und deren Bekämpfung - 30.12.2005 (7)

Zum Thema Fenster werden automatisch inaktiv - Hallo, ich habe seit kurz nach meiner Neuinstallation von Windows 7 Prof. das Problem, dass alle Fenster nach einer bestimmten Zeit automatisch inaktiv werden. Das ist vorallem dann nervig, wenn - Fenster werden automatisch inaktiv...
Archiv
Du betrachtest: Fenster werden automatisch inaktiv auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.