Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.03.2013, 17:04   #1
amelie77
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Hallo,
habe seit ein paar Tagen das Problem, dass die gelöschten Dateien nicht im Papierkorb landen, sondern sofort gelöscht werden. Der Papierkorb ist korrekt eingestellt. Habe die Dateien shell.dll und explorer.exe, wie hier im Forum beschrieben, unter VirusTotal prüfen lassen. War ok. Habe den Computer mit dem Antivirenprogramm vollständig durchlaufen lassen, aber da habe ich komischerweise nie ein Problem.
Hab ein HiJack-Log gemacht, kann aber nicht so viel damit anfangen.

Grüße und vielen Dank
Amelie

Habe mittlerweile auch die Logs von OTL und Gmer. Bei den Extras springt die Markierung allerdings beim Scan-Beginn wieder auf aus.

Alt 20.03.2013, 15:22   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Hallo und

Zitat:
Habe mittlerweile auch die Logs von OTL und Gmer.
Diese dann auch posten, ohne die wird das nichts

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 21.03.2013, 15:04   #3
amelie77
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Hallo,

danke für die schnelle Antwort!

Hier also das OTL-Log:

Code:
ATTFilter
OTL logfile created on: 19.03.2013 21:01:56 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Lexikon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,96 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 52,49% Memory free
7,92 Gb Paging File | 6,24 Gb Available in Paging File | 78,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 134,36 Gb Total Space | 77,89 Gb Free Space | 57,97% Space Free | Partition Type: NTFS
 
Computer Name: ZUHAUSE-PC | User Name: Privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Lexikon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
PRC - C:\Program Files (x86)\0190 Warner\Warn0190.exe (Mirko Böer)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE ()
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe (IDT, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NitroReaderDriverReadSpool2) -- C:\Programme\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software)
SRV - (nosGetPlusHelper) -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe (IDT, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\Sandra.sys File not found
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV:64bit: - (77014092) -- C:\Windows\SysNative\drivers\77014092.sys (Kaspersky Lab)
DRV:64bit: - (36351792) -- C:\Windows\SysNative\drivers\36351792.sys (Kaspersky Lab)
DRV:64bit: - (97504712) -- C:\Windows\SysNative\drivers\97504712.sys (Kaspersky Lab)
DRV:64bit: - (93592522) -- C:\Windows\SysNative\drivers\93592522.sys (Kaspersky Lab)
DRV:64bit: - (79665282) -- C:\Windows\SysNative\drivers\79665282.sys (Kaspersky Lab)
DRV:64bit: - (70264452) -- C:\Windows\SysNative\drivers\70264452.sys (Kaspersky Lab)
DRV:64bit: - (31597942) -- C:\Windows\SysNative\drivers\31597942.sys (Kaspersky Lab)
DRV:64bit: - (13558342) -- C:\Windows\SysNative\drivers\13558342.sys (Kaspersky Lab)
DRV:64bit: - (setup_9.0.0.722_06.07.2012_12-35drv) -- C:\Windows\SysNative\drivers\7026445.sys (Kaspersky Lab)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (77014091) -- C:\Windows\SysNative\drivers\77014091.sys (Kaspersky Lab)
DRV:64bit: - (36351791) -- C:\Windows\SysNative\drivers\36351791.sys (Kaspersky Lab)
DRV:64bit: - (97504711) -- C:\Windows\SysNative\drivers\97504711.sys (Kaspersky Lab)
DRV:64bit: - (93592521) -- C:\Windows\SysNative\drivers\93592521.sys (Kaspersky Lab)
DRV:64bit: - (79665281) -- C:\Windows\SysNative\drivers\79665281.sys (Kaspersky Lab)
DRV:64bit: - (70264451) -- C:\Windows\SysNative\drivers\70264451.sys (Kaspersky Lab)
DRV:64bit: - (31597941) -- C:\Windows\SysNative\drivers\31597941.sys (Kaspersky Lab)
DRV:64bit: - (13558341) -- C:\Windows\SysNative\drivers\13558341.sys (Kaspersky Lab)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CC04B2F9-F507-4C02-B862-27447E6B6138}
IE:64bit: - HKLM\..\SearchScopes\{CC04B2F9-F507-4C02-B862-27447E6B6138}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {78BB7703-48FC-48AD-9EE0-D8327EF260A2}
IE - HKLM\..\SearchScopes\{78BB7703-48FC-48AD-9EE0-D8327EF260A2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Lexikon\Desktop
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\..\SearchScopes,DefaultScope = {78BB7703-48FC-48AD-9EE0-D8327EF260A2}
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com?o=10148&l=dis&tb=AVR-4
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\..\SearchScopes,DefaultScope = {78BB7703-48FC-48AD-9EE0-D8327EF260A2}
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.99: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.10.29 14:04:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.11.04 21:06:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.26 20:55:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.08 19:26:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.16 15:44:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.17 00:16:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.26 20:55:42 | 000,000,000 | ---D | M]
 
[2013.03.16 15:36:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.12.11 21:04:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [0190 Warner] C:\PROGRA~2\0190WA~1\WARN0190.EXE (Mirko Böer)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1003..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft)
O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1005..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.16 15:44:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.03.16 15:44:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013.03.16 15:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.03.16 15:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.03.16 15:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.03.16 15:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.03.15 13:04:50 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\Amazon
[2013.03.08 19:27:19 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.03.08 19:27:19 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.03.08 19:27:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.03.08 19:27:18 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.03.08 19:27:17 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.03.08 19:27:16 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.03.08 19:27:15 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.03.08 19:26:44 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.08 19:18:36 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013.02.25 11:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.02.23 21:11:07 | 000,000,000 | ---D | C] -- C:\Users\Privat\NTUSER
[2013.02.22 20:45:56 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\Programs
[2013.02.22 20:44:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.02.17 22:04:39 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\temp
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.19 14:23:10 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 14:23:10 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.19 14:15:53 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.03.19 14:15:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.19 14:15:39 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.08 19:27:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.03.07 00:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.03.07 00:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.02.25 11:12:59 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.25 11:12:59 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.25 11:12:59 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.25 11:12:59 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.25 11:12:59 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.23 21:30:11 | 000,376,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.19 12:40:01 | 000,016,572 | ---- | M] () -- C:\Users\Privat\Documents\cc_20130219_123955.reg
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.16 15:39:32 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.03.08 19:27:16 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.03.08 19:27:16 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.02.25 11:13:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.02.19 12:39:59 | 000,016,572 | ---- | C] () -- C:\Users\Privat\Documents\cc_20130219_123955.reg
[2012.11.26 20:51:40 | 000,245,473 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012.11.26 20:51:40 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011.10.05 10:19:22 | 000,007,600 | ---- | C] () -- C:\Users\Privat\AppData\Local\Resmon.ResmonCfg
[2011.09.26 13:42:54 | 000,000,680 | RHS- | C] () -- C:\Users\Privat\ntuser.pol
[2011.06.19 21:46:46 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.19 14:56:15 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.06.19 14:56:15 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2010.02.22 03:45:21 | 3190,050,816 | -HS- | C] () -- \hiberfil.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.12.11 21:09:10 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData
[2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2013.03.08 19:26:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2012.12.08 23:06:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\blekko toolbars
[2012.12.15 13:25:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.12.15 13:46:49 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2012.01.07 20:34:10 | 000,000,000 | ---D | M] -- C:\Users\All Users\CPA_VA
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.02.17 21:22:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\firebird
[2012.02.17 16:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\JanitosTarifrechner
[2012.12.15 16:13:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\MFAData
[2011.11.04 20:44:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nitro PDF
[2010.02.22 11:08:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\PCDr
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.02.22 11:08:29 | 000,000,000 | ---D | M] -- C:\Users\All Users\SupportSoft
[2011.10.29 14:04:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Swiss Academic Software
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.02.22 11:19:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uninstall
[2010.02.26 12:43:45 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2011.09.25 21:30:28 | 000,000,000 | ---D | M] -- C:\Users\All Users\WildTangent
[2011.04.22 21:04:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\ZA_PreservedFiles
[2010.02.27 00:07:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Zylom
[2013.01.27 18:07:45 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData
[2011.11.01 15:46:03 | 000,000,000 | ---D | M] -- C:\Users\Lexikon\.mediathek
[2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Anwendungsdaten
[2011.03.08 22:17:22 | 000,000,000 | -H-D | M] -- C:\Users\Lexikon\AppData
[2013.03.15 10:09:19 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Contacts
[2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Cookies
[2013.03.19 21:05:29 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Desktop
[2013.03.18 17:32:24 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Documents
[2013.03.18 18:55:42 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Downloads
[2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Druckumgebung
[2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Eigene Dateien
[2013.02.23 22:11:56 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Favorites
[2013.02.23 22:12:32 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Links
[2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Lokale Einstellungen
[2013.03.18 18:01:13 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Music
[2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Netzwerkumgebung
[2013.03.18 18:53:08 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Pictures
[2013.03.18 17:32:41 | 000,000,000 | ---D | M] -- C:\Users\Lexikon\Private Dokumente
[2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Recent
[2013.02.23 22:12:39 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Saved Games
[2013.02.23 22:11:39 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Searches
[2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\SendTo
[2011.03.08 22:17:22 | 000,000,000 | RH-D | M] -- C:\Users\Lexikon\Startmenü
[2012.06.27 13:45:14 | 000,000,000 | ---D | M] -- C:\Users\Lexikon\Tracing
[2013.03.18 17:44:07 | 000,000,000 | R--D | M] -- C:\Users\Lexikon\Videos
[2011.03.08 22:17:22 | 000,000,000 | -HSD | M] -- C:\Users\Lexikon\Vorlagen
[2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Anwendungsdaten
[2012.01.29 16:44:45 | 000,000,000 | -H-D | M] -- C:\Users\Privat\AppData
[2013.02.23 22:14:13 | 000,000,000 | R--D | M] -- C:\Users\Privat\Contacts
[2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Cookies
[2013.03.19 20:25:47 | 000,000,000 | R--D | M] -- C:\Users\Privat\Desktop
[2013.02.23 22:14:23 | 000,000,000 | R--D | M] -- C:\Users\Privat\Documents
[2013.02.23 22:08:04 | 000,000,000 | R--D | M] -- C:\Users\Privat\Downloads
[2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Druckumgebung
[2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Eigene Dateien
[2013.02.23 22:08:16 | 000,000,000 | R--D | M] -- C:\Users\Privat\Favorites
[2013.02.23 21:07:12 | 000,000,000 | R--D | M] -- C:\Users\Privat\Links
[2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Lokale Einstellungen
[2013.02.23 22:08:16 | 000,000,000 | R--D | M] -- C:\Users\Privat\Music
[2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Netzwerkumgebung
[2013.02.23 21:11:07 | 000,000,000 | ---D | M] -- C:\Users\Privat\NTUSER
[2013.02.23 22:10:58 | 000,000,000 | R--D | M] -- C:\Users\Privat\Pictures
[2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Recent
[2013.02.23 22:12:50 | 000,000,000 | R--D | M] -- C:\Users\Privat\Saved Games
[2013.02.23 22:13:53 | 000,000,000 | R--D | M] -- C:\Users\Privat\Searches
[2013.03.15 15:00:23 | 000,000,000 | ---D | M] -- C:\Users\Privat\SecurityScans
[2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\SendTo
[2011.09.26 13:42:53 | 000,000,000 | RH-D | M] -- C:\Users\Privat\Startmenü
[2012.02.27 18:28:39 | 000,000,000 | ---D | M] -- C:\Users\Privat\Tracing
[2013.02.23 22:08:04 | 000,000,000 | R--D | M] -- C:\Users\Privat\Videos
[2011.09.26 13:42:53 | 000,000,000 | -HSD | M] -- C:\Users\Privat\Vorlagen
[2013.03.19 20:10:45 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
 
========== Purity Check ==========
 
 

< End of report >
         
Das GmerLog ist allerdings zu groß. Würde ich dann, wenn das ok ist, als txt, zip etc. anhängen.

Gruß Amelie
__________________

Geändert von amelie77 (21.03.2013 um 15:15 Uhr)

Alt 21.03.2013, 15:59   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Zitat:
Würde ich dann, wenn das ok ist, als txt, zip etc. anhängen.
Ja das ist ok, aber auch nur wenn die Logs wirklich zu groß sind
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.03.2013, 16:56   #5
amelie77
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Hab es dann mal gezippt:


Alt 22.03.2013, 09:48   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!



    Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten


    MBAR (Malwarebytes Anti-Rootkit)

    Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
    • Starte bitte die mbar.exe.
    • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
    • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
    • Klicke auf den CleanUp Button und erlaube den Neustart.
    • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
    • Nach dem Neustart starte die mbar.exe erneut.
    • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
    Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

    Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


    aswMBR

    Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
    • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
      Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
    • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
      Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
    • Klicke auf Scan.
    • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
    • Drücke auf Save Log und speichere diese auf dem Desktop.
    Poste mir die aswMBR.txt in deiner nächsten Antwort.

    Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

    Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



    TDSS-Killer

    Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
    • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
    • Drücke Start Scan
    • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
      TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
      Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
    Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.
__________________
--> Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden

Alt 23.03.2013, 16:52   #7
amelie77
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Hallo,

hier also die Logs:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org

Database version: v2013.03.23.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16521
Privat :: ZUHAUSE-PC [administrator]

23.03.2013 17:08:41
mbar-log-2013-03-23 (17-08-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 28766
Time elapsed: 11 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-23 17:11:22
-----------------------------
17:11:22.950    OS Version: Windows x64 6.1.7601 Service Pack 1
17:11:22.950    Number of processors: 2 586 0x170A
17:11:22.950    ComputerName: ZUHAUSE-PC  UserName: Privat
17:11:23.870    Initialize success
17:11:24.916    AVAST engine defs: 13032200
17:13:45.955    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:13:45.955    Disk 0 Vendor: SAMSUNG_ HH10 Size: 152627MB BusType: 3
17:13:46.205    Disk 0 MBR read successfully
17:13:46.205    Disk 0 MBR scan
17:13:46.221    Disk 0 Windows VISTA default MBR code
17:13:46.221    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63
17:13:46.236    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 81920
17:13:46.252    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       137586 MB offset 30801920
17:13:46.299    Disk 0 scanning C:\Windows\system32\drivers
17:14:02.991    Service scanning
17:14:28.356    Modules scanning
17:14:28.356    Disk 0 trace - called modules:
17:14:28.372    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
17:14:28.887    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004298060]
17:14:28.887    3 CLASSPNP.SYS[fffff88000c7743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80040c0050]
17:14:29.635    AVAST engine scan C:\Windows
17:14:32.350    AVAST engine scan C:\Windows\system32
17:17:39.940    AVAST engine scan C:\Windows\system32\drivers
17:17:55.727    AVAST engine scan C:\Users\Privat
17:23:17.759    AVAST engine scan C:\ProgramData
17:26:01.918    Scan finished successfully
17:27:24.754    Disk 0 MBR has been saved successfully to "C:\Users\Lexikon\Desktop\MBR.dat"
17:27:24.754    The log file has been saved successfully to "C:\Users\Lexikon\Desktop\aswMBR.txt"
         
Code:
ATTFilter
17:30:18.0442 3164  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:30:18.0489 3164  ============================================================
17:30:18.0489 3164  Current date / time: 2013/03/23 17:30:18.0489
17:30:18.0489 3164  SystemInfo:
17:30:18.0489 3164  
17:30:18.0505 3164  OS Version: 6.1.7601 ServicePack: 1.0
17:30:18.0505 3164  Product type: Workstation
17:30:18.0505 3164  ComputerName: ZUHAUSE-PC
17:30:18.0505 3164  UserName: Privat
17:30:18.0505 3164  Windows directory: C:\Windows
17:30:18.0505 3164  System windows directory: C:\Windows
17:30:18.0505 3164  Running under WOW64
17:30:18.0505 3164  Processor architecture: Intel x64
17:30:18.0505 3164  Number of processors: 2
17:30:18.0505 3164  Page size: 0x1000
17:30:18.0505 3164  Boot type: Normal boot
17:30:18.0505 3164  ============================================================
17:30:19.0035 3164  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:30:19.0035 3164  ============================================================
17:30:19.0035 3164  \Device\Harddisk0\DR0:
17:30:19.0035 3164  MBR partitions:
17:30:19.0035 3164  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
17:30:19.0035 3164  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CB96B0
17:30:19.0035 3164  ============================================================
17:30:19.0082 3164  C: <-> \Device\Harddisk0\DR0\Partition2
17:30:19.0082 3164  ============================================================
17:30:19.0082 3164  Initialize success
17:30:19.0082 3164  ============================================================
17:30:33.0808 4804  ============================================================
17:30:33.0808 4804  Scan started
17:30:33.0808 4804  Mode: Manual; SigCheck; TDLFS; 
17:30:33.0808 4804  ============================================================
17:30:34.0276 4804  ================ Scan system memory ========================
17:30:34.0276 4804  System memory - ok
17:30:34.0276 4804  ================ Scan services =============================
17:30:34.0620 4804  [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 13558341        C:\Windows\system32\DRIVERS\13558341.sys
17:30:34.0947 4804  13558341 - ok
17:30:34.0994 4804  [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 13558342        C:\Windows\system32\DRIVERS\13558342.sys
17:30:35.0010 4804  13558342 - ok
17:30:35.0072 4804  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:30:35.0181 4804  1394ohci - ok
17:30:35.0244 4804  [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 31597941        C:\Windows\system32\DRIVERS\31597941.sys
17:30:35.0275 4804  31597941 - ok
17:30:35.0306 4804  [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 31597942        C:\Windows\system32\DRIVERS\31597942.sys
17:30:35.0337 4804  31597942 - ok
17:30:35.0462 4804  [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 36351791        C:\Windows\system32\DRIVERS\36351791.sys
17:30:35.0478 4804  36351791 - ok
17:30:35.0509 4804  [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 36351792        C:\Windows\system32\DRIVERS\36351792.sys
17:30:35.0540 4804  36351792 - ok
17:30:35.0634 4804  [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 70264451        C:\Windows\system32\DRIVERS\70264451.sys
17:30:35.0665 4804  70264451 - ok
17:30:35.0727 4804  [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 70264452        C:\Windows\system32\DRIVERS\70264452.sys
17:30:35.0743 4804  70264452 - ok
17:30:35.0821 4804  [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 77014091        C:\Windows\system32\DRIVERS\77014091.sys
17:30:35.0852 4804  77014091 - ok
17:30:35.0899 4804  [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 77014092        C:\Windows\system32\DRIVERS\77014092.sys
17:30:35.0930 4804  77014092 - ok
17:30:35.0992 4804  [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 79665281        C:\Windows\system32\DRIVERS\79665281.sys
17:30:36.0024 4804  79665281 - ok
17:30:36.0039 4804  [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 79665282        C:\Windows\system32\DRIVERS\79665282.sys
17:30:36.0055 4804  79665282 - ok
17:30:36.0117 4804  [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 93592521        C:\Windows\system32\DRIVERS\93592521.sys
17:30:36.0133 4804  93592521 - ok
17:30:36.0180 4804  [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 93592522        C:\Windows\system32\DRIVERS\93592522.sys
17:30:36.0211 4804  93592522 - ok
17:30:36.0273 4804  [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 97504711        C:\Windows\system32\DRIVERS\97504711.sys
17:30:36.0304 4804  97504711 - ok
17:30:36.0351 4804  [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 97504712        C:\Windows\system32\DRIVERS\97504712.sys
17:30:36.0382 4804  97504712 - ok
17:30:36.0445 4804  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:30:36.0476 4804  ACPI - ok
17:30:36.0492 4804  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:30:36.0616 4804  AcpiPmi - ok
17:30:36.0819 4804  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:36.0850 4804  AdobeARMservice - ok
17:30:36.0944 4804  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:30:36.0975 4804  adp94xx - ok
17:30:37.0038 4804  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:30:37.0069 4804  adpahci - ok
17:30:37.0084 4804  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:30:37.0116 4804  adpu320 - ok
17:30:37.0162 4804  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:30:37.0381 4804  AeLookupSvc - ok
17:30:37.0474 4804  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:30:37.0552 4804  AFD - ok
17:30:37.0615 4804  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:30:37.0630 4804  agp440 - ok
17:30:37.0677 4804  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:30:37.0755 4804  ALG - ok
17:30:37.0786 4804  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:30:37.0818 4804  aliide - ok
17:30:37.0849 4804  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:30:37.0880 4804  amdide - ok
17:30:37.0942 4804  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:30:38.0067 4804  AmdK8 - ok
17:30:38.0114 4804  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:30:38.0192 4804  AmdPPM - ok
17:30:38.0317 4804  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:30:38.0332 4804  amdsata - ok
17:30:38.0395 4804  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:30:38.0410 4804  amdsbs - ok
17:30:38.0442 4804  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:30:38.0457 4804  amdxata - ok
17:30:38.0551 4804  [ 1412E9A88FE1F7E35CE6058A2EF03664 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
17:30:38.0582 4804  ApfiltrService - ok
17:30:38.0644 4804  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:30:38.0910 4804  AppID - ok
17:30:38.0956 4804  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:30:39.0034 4804  AppIDSvc - ok
17:30:39.0097 4804  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
17:30:39.0190 4804  Appinfo - ok
17:30:39.0268 4804  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:30:39.0300 4804  arc - ok
17:30:39.0331 4804  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:30:39.0362 4804  arcsas - ok
17:30:39.0456 4804  [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
17:30:39.0471 4804  aswFsBlk - ok
17:30:39.0565 4804  [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
17:30:39.0596 4804  aswMonFlt - ok
17:30:39.0627 4804  [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
17:30:39.0643 4804  aswRdr - ok
17:30:39.0690 4804  [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
17:30:39.0721 4804  aswRvrt - ok
17:30:39.0783 4804  [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
17:30:39.0846 4804  aswSnx - ok
17:30:39.0877 4804  [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
17:30:39.0908 4804  aswSP - ok
17:30:39.0939 4804  [ D62C10D1829C65115111C160EA956260 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
17:30:39.0955 4804  aswTdi - ok
17:30:39.0986 4804  [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
17:30:40.0017 4804  aswVmm - ok
17:30:40.0080 4804  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:40.0142 4804  AsyncMac - ok
17:30:40.0220 4804  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:30:40.0236 4804  atapi - ok
17:30:40.0360 4804  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:30:40.0438 4804  AudioEndpointBuilder - ok
17:30:40.0454 4804  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:30:40.0516 4804  AudioSrv - ok
17:30:40.0672 4804  [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:30:40.0688 4804  avast! Antivirus - ok
17:30:40.0750 4804  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:30:40.0875 4804  AxInstSV - ok
17:30:40.0938 4804  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:30:41.0031 4804  b06bdrv - ok
17:30:41.0109 4804  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:30:41.0156 4804  b57nd60a - ok
17:30:41.0203 4804  [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
17:30:41.0234 4804  BCM42RLY - ok
17:30:41.0359 4804  [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
17:30:41.0437 4804  BCM43XX - ok
17:30:41.0530 4804  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:30:41.0593 4804  BDESVC - ok
17:30:41.0655 4804  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:30:41.0733 4804  Beep - ok
17:30:41.0827 4804  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:30:41.0889 4804  BFE - ok
17:30:41.0952 4804  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:30:42.0045 4804  BITS - ok
17:30:42.0092 4804  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:42.0139 4804  blbdrive - ok
17:30:42.0201 4804  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:30:42.0295 4804  bowser - ok
17:30:42.0373 4804  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:30:42.0498 4804  BrFiltLo - ok
17:30:42.0513 4804  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:30:42.0544 4804  BrFiltUp - ok
17:30:42.0607 4804  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:30:42.0685 4804  BridgeMP - ok
17:30:42.0732 4804  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:30:42.0810 4804  Browser - ok
17:30:42.0841 4804  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:30:42.0903 4804  Brserid - ok
17:30:42.0950 4804  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:43.0028 4804  BrSerWdm - ok
17:30:43.0059 4804  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:43.0106 4804  BrUsbMdm - ok
17:30:43.0153 4804  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:43.0200 4804  BrUsbSer - ok
17:30:43.0246 4804  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:30:43.0324 4804  BTHMODEM - ok
17:30:43.0418 4804  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:30:43.0512 4804  bthserv - ok
17:30:43.0543 4804  catchme - ok
17:30:43.0574 4804  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:30:43.0652 4804  cdfs - ok
17:30:43.0746 4804  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:30:43.0824 4804  cdrom - ok
17:30:43.0886 4804  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:30:43.0980 4804  CertPropSvc - ok
17:30:44.0011 4804  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:30:44.0042 4804  circlass - ok
17:30:44.0120 4804  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:30:44.0151 4804  CLFS - ok
17:30:44.0276 4804  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:44.0307 4804  clr_optimization_v2.0.50727_32 - ok
17:30:44.0401 4804  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:30:44.0416 4804  clr_optimization_v2.0.50727_64 - ok
17:30:44.0541 4804  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:44.0557 4804  clr_optimization_v4.0.30319_32 - ok
17:30:44.0604 4804  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:30:44.0619 4804  clr_optimization_v4.0.30319_64 - ok
17:30:44.0650 4804  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:30:44.0713 4804  CmBatt - ok
17:30:44.0760 4804  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:30:44.0775 4804  cmdide - ok
17:30:44.0853 4804  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
17:30:44.0900 4804  CNG - ok
17:30:44.0978 4804  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:30:44.0994 4804  Compbatt - ok
17:30:45.0025 4804  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:30:45.0087 4804  CompositeBus - ok
17:30:45.0087 4804  COMSysApp - ok
17:30:45.0118 4804  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:30:45.0150 4804  crcdisk - ok
17:30:45.0212 4804  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:30:45.0306 4804  CryptSvc - ok
17:30:45.0384 4804  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:30:45.0477 4804  DcomLaunch - ok
17:30:45.0571 4804  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:30:45.0649 4804  defragsvc - ok
17:30:45.0696 4804  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:30:45.0805 4804  DfsC - ok
17:30:45.0867 4804  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:30:45.0945 4804  Dhcp - ok
17:30:45.0976 4804  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:30:46.0054 4804  discache - ok
17:30:46.0101 4804  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:30:46.0117 4804  Disk - ok
17:30:46.0179 4804  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:30:46.0242 4804  Dnscache - ok
17:30:46.0351 4804  [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
17:30:46.0632 4804  DockLoginService ( UnsignedFile.Multi.Generic ) - warning
17:30:46.0632 4804  DockLoginService - detected UnsignedFile.Multi.Generic (1)
17:30:46.0678 4804  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:30:46.0756 4804  dot3svc - ok
17:30:46.0850 4804  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
17:30:46.0912 4804  Dot4 - ok
17:30:46.0990 4804  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:30:47.0037 4804  Dot4Print - ok
17:30:47.0068 4804  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
17:30:47.0131 4804  dot4usb - ok
17:30:47.0162 4804  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:30:47.0256 4804  DPS - ok
17:30:47.0287 4804  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:30:47.0334 4804  drmkaud - ok
17:30:47.0396 4804  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:30:47.0443 4804  DXGKrnl - ok
17:30:47.0505 4804  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:30:47.0583 4804  EapHost - ok
17:30:47.0677 4804  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:30:47.0802 4804  ebdrv - ok
17:30:47.0864 4804  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:30:47.0958 4804  EFS - ok
17:30:48.0067 4804  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:30:48.0207 4804  ehRecvr - ok
17:30:48.0285 4804  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:30:48.0363 4804  ehSched - ok
17:30:48.0441 4804  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:30:48.0472 4804  elxstor - ok
17:30:48.0504 4804  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:30:48.0550 4804  ErrDev - ok
17:30:48.0644 4804  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:30:48.0722 4804  EventSystem - ok
17:30:48.0753 4804  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:30:48.0831 4804  exfat - ok
17:30:48.0862 4804  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:30:48.0940 4804  fastfat - ok
17:30:49.0034 4804  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:30:49.0128 4804  Fax - ok
17:30:49.0174 4804  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:30:49.0237 4804  fdc - ok
17:30:49.0284 4804  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:30:49.0362 4804  fdPHost - ok
17:30:49.0408 4804  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:30:49.0486 4804  FDResPub - ok
17:30:49.0533 4804  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:30:49.0564 4804  FileInfo - ok
17:30:49.0580 4804  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:30:49.0658 4804  Filetrace - ok
17:30:49.0689 4804  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:30:49.0736 4804  flpydisk - ok
17:30:49.0783 4804  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:30:49.0814 4804  FltMgr - ok
17:30:49.0892 4804  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
17:30:49.0954 4804  FontCache - ok
17:30:50.0048 4804  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:50.0064 4804  FontCache3.0.0.0 - ok
17:30:50.0079 4804  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:30:50.0110 4804  FsDepends - ok
17:30:50.0142 4804  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:30:50.0157 4804  Fs_Rec - ok
17:30:50.0220 4804  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:30:50.0251 4804  fvevol - ok
17:30:50.0282 4804  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:30:50.0313 4804  gagp30kx - ok
17:30:50.0391 4804  [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
17:30:50.0422 4804  GameConsoleService - ok
17:30:50.0485 4804  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:30:50.0563 4804  gpsvc - ok
17:30:50.0610 4804  gupdate - ok
17:30:50.0625 4804  gupdatem - ok
17:30:50.0656 4804  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:30:50.0719 4804  hcw85cir - ok
17:30:50.0781 4804  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:30:50.0844 4804  HDAudBus - ok
17:30:50.0875 4804  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:30:50.0922 4804  HidBatt - ok
17:30:50.0953 4804  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:30:50.0984 4804  HidBth - ok
17:30:51.0015 4804  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:30:51.0062 4804  HidIr - ok
17:30:51.0109 4804  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
17:30:51.0187 4804  hidserv - ok
17:30:51.0234 4804  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:30:51.0249 4804  HidUsb - ok
17:30:51.0296 4804  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:30:51.0358 4804  hkmsvc - ok
17:30:51.0405 4804  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:30:51.0483 4804  HomeGroupListener - ok
17:30:51.0546 4804  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:30:51.0592 4804  HomeGroupProvider - ok
17:30:51.0795 4804  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:30:51.0858 4804  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:30:51.0858 4804  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:30:51.0936 4804  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:30:51.0982 4804  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:30:51.0982 4804  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:30:52.0045 4804  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:30:52.0060 4804  HpSAMD - ok
17:30:52.0185 4804  [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:30:52.0279 4804  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:30:52.0279 4804  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:30:52.0357 4804  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:30:52.0450 4804  HTTP - ok
17:30:52.0482 4804  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:30:52.0513 4804  hwpolicy - ok
17:30:52.0575 4804  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:30:52.0606 4804  i8042prt - ok
17:30:52.0700 4804  [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:30:52.0731 4804  IAANTMON - ok
17:30:52.0794 4804  [ 4F6FB2CDBDEEFC47E7D2066E78254580 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:30:52.0825 4804  iaStor - ok
17:30:52.0887 4804  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:30:52.0918 4804  iaStorV - ok
17:30:52.0996 4804  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:30:53.0043 4804  idsvc - ok
17:30:53.0230 4804  [ BABD5F9B2BCC82CE556A0BAF1AE208A7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:30:53.0402 4804  igfx - ok
17:30:53.0480 4804  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:30:53.0496 4804  iirsp - ok
17:30:53.0574 4804  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:30:53.0667 4804  IKEEXT - ok
17:30:53.0698 4804  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:30:53.0714 4804  intelide - ok
17:30:53.0745 4804  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:30:53.0792 4804  intelppm - ok
17:30:53.0839 4804  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:30:53.0917 4804  IPBusEnum - ok
17:30:53.0948 4804  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:54.0026 4804  IpFilterDriver - ok
17:30:54.0104 4804  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:30:54.0198 4804  iphlpsvc - ok
17:30:54.0260 4804  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:30:54.0276 4804  IPMIDRV - ok
17:30:54.0307 4804  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:30:54.0369 4804  IPNAT - ok
17:30:54.0416 4804  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:30:54.0525 4804  IRENUM - ok
17:30:54.0541 4804  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:30:54.0572 4804  isapnp - ok
17:30:54.0588 4804  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:30:54.0619 4804  iScsiPrt - ok
17:30:54.0634 4804  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:30:54.0650 4804  kbdclass - ok
17:30:54.0681 4804  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:30:54.0712 4804  kbdhid - ok
17:30:54.0728 4804  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:30:54.0759 4804  KeyIso - ok
17:30:54.0806 4804  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:30:54.0837 4804  KSecDD - ok
17:30:54.0884 4804  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:30:54.0900 4804  KSecPkg - ok
17:30:54.0946 4804  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:30:55.0024 4804  ksthunk - ok
17:30:55.0087 4804  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:30:55.0165 4804  KtmRm - ok
17:30:55.0243 4804  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:30:55.0368 4804  LanmanServer - ok
17:30:55.0446 4804  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:30:55.0539 4804  LanmanWorkstation - ok
17:30:55.0570 4804  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:30:55.0633 4804  lltdio - ok
17:30:55.0648 4804  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:30:55.0711 4804  lltdsvc - ok
17:30:55.0742 4804  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:30:55.0789 4804  lmhosts - ok
17:30:55.0836 4804  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:30:55.0867 4804  LSI_FC - ok
17:30:55.0898 4804  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:30:55.0929 4804  LSI_SAS - ok
17:30:55.0929 4804  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:30:55.0960 4804  LSI_SAS2 - ok
17:30:55.0992 4804  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:30:56.0007 4804  LSI_SCSI - ok
17:30:56.0038 4804  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:30:56.0116 4804  luafv - ok
17:30:56.0163 4804  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:30:56.0210 4804  Mcx2Svc - ok
17:30:56.0241 4804  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:30:56.0257 4804  megasas - ok
17:30:56.0304 4804  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:30:56.0335 4804  MegaSR - ok
17:30:56.0350 4804  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:30:56.0428 4804  MMCSS - ok
17:30:56.0460 4804  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:30:56.0506 4804  Modem - ok
17:30:56.0538 4804  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:30:56.0584 4804  monitor - ok
17:30:56.0662 4804  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
17:30:56.0694 4804  mouclass - ok
17:30:56.0709 4804  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:30:56.0740 4804  mouhid - ok
17:30:56.0818 4804  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:30:56.0834 4804  mountmgr - ok
17:30:56.0959 4804  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:30:56.0974 4804  MozillaMaintenance - ok
17:30:56.0990 4804  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:30:57.0021 4804  mpio - ok
17:30:57.0037 4804  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:30:57.0084 4804  mpsdrv - ok
17:30:57.0146 4804  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:30:57.0240 4804  MpsSvc - ok
17:30:57.0286 4804  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:30:57.0349 4804  MRxDAV - ok
17:30:57.0396 4804  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:30:57.0474 4804  mrxsmb - ok
17:30:57.0536 4804  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:30:57.0583 4804  mrxsmb10 - ok
17:30:57.0614 4804  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:30:57.0661 4804  mrxsmb20 - ok
17:30:57.0739 4804  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:30:57.0754 4804  msahci - ok
17:30:57.0770 4804  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:30:57.0801 4804  msdsm - ok
17:30:57.0848 4804  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:30:57.0879 4804  MSDTC - ok
17:30:57.0942 4804  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:30:57.0988 4804  Msfs - ok
17:30:58.0020 4804  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:30:58.0082 4804  mshidkmdf - ok
17:30:58.0129 4804  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:30:58.0144 4804  msisadrv - ok
17:30:58.0207 4804  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:30:58.0285 4804  MSiSCSI - ok
17:30:58.0300 4804  msiserver - ok
17:30:58.0347 4804  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:30:58.0410 4804  MSKSSRV - ok
17:30:58.0441 4804  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:30:58.0503 4804  MSPCLOCK - ok
17:30:58.0534 4804  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:30:58.0612 4804  MSPQM - ok
17:30:58.0659 4804  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:30:58.0690 4804  MsRPC - ok
17:30:58.0737 4804  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:30:58.0753 4804  mssmbios - ok
17:30:58.0784 4804  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:30:58.0846 4804  MSTEE - ok
17:30:58.0893 4804  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:30:58.0924 4804  MTConfig - ok
17:30:58.0971 4804  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:30:58.0987 4804  Mup - ok
17:30:59.0049 4804  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:30:59.0127 4804  napagent - ok
17:30:59.0205 4804  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:30:59.0252 4804  NativeWifiP - ok
17:30:59.0330 4804  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:30:59.0377 4804  NDIS - ok
17:30:59.0439 4804  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:30:59.0517 4804  NdisCap - ok
17:30:59.0548 4804  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:30:59.0626 4804  NdisTapi - ok
17:30:59.0673 4804  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:30:59.0736 4804  Ndisuio - ok
17:30:59.0767 4804  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:30:59.0845 4804  NdisWan - ok
17:30:59.0892 4804  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:30:59.0970 4804  NDProxy - ok
17:31:00.0032 4804  [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:31:00.0063 4804  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:31:00.0063 4804  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:31:00.0110 4804  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:31:00.0172 4804  NetBIOS - ok
17:31:00.0219 4804  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:31:00.0297 4804  NetBT - ok
17:31:00.0344 4804  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:31:00.0375 4804  Netlogon - ok
17:31:00.0438 4804  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:31:00.0516 4804  Netman - ok
17:31:00.0562 4804  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:31:00.0640 4804  netprofm - ok
17:31:00.0687 4804  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:31:00.0718 4804  NetTcpPortSharing - ok
17:31:00.0781 4804  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:31:00.0796 4804  nfrd960 - ok
17:31:00.0921 4804  [ D8ADFBEB3F7F4AE4C32E7EEDE4E59E15 ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
17:31:00.0952 4804  NitroReaderDriverReadSpool2 - ok
17:31:01.0015 4804  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:31:01.0077 4804  NlaSvc - ok
17:31:01.0155 4804  [ 25D6B2EB0A1FC4AB413AFE7EC4793EC1 ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
17:31:01.0171 4804  nosGetPlusHelper - ok
17:31:01.0186 4804  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:31:01.0249 4804  Npfs - ok
17:31:01.0280 4804  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:31:01.0358 4804  nsi - ok
17:31:01.0389 4804  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:31:01.0467 4804  nsiproxy - ok
17:31:01.0561 4804  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:31:01.0623 4804  Ntfs - ok
17:31:01.0639 4804  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:31:01.0701 4804  Null - ok
17:31:01.0732 4804  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:31:01.0764 4804  nvraid - ok
17:31:01.0810 4804  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:31:01.0842 4804  nvstor - ok
17:31:01.0904 4804  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:31:01.0920 4804  nv_agp - ok
17:31:02.0029 4804  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:31:02.0060 4804  odserv - ok
17:31:02.0091 4804  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:31:02.0122 4804  ohci1394 - ok
17:31:02.0185 4804  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:31:02.0200 4804  ose - ok
17:31:02.0263 4804  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:31:02.0341 4804  p2pimsvc - ok
17:31:02.0388 4804  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:31:02.0419 4804  p2psvc - ok
17:31:02.0481 4804  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:31:02.0497 4804  Parport - ok
17:31:02.0544 4804  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:31:02.0559 4804  partmgr - ok
17:31:02.0622 4804  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:31:02.0668 4804  PcaSvc - ok
17:31:02.0715 4804  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:31:02.0731 4804  pci - ok
17:31:02.0746 4804  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:31:02.0778 4804  pciide - ok
17:31:02.0778 4804  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:31:02.0809 4804  pcmcia - ok
17:31:02.0840 4804  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:31:02.0856 4804  pcw - ok
17:31:02.0887 4804  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:31:02.0980 4804  PEAUTH - ok
17:31:03.0105 4804  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:31:03.0168 4804  PerfHost - ok
17:31:03.0230 4804  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:31:03.0339 4804  pla - ok
17:31:03.0433 4804  [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\SysWOW64\IoctlSvc.exe
17:31:03.0464 4804  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
17:31:03.0464 4804  PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
17:31:03.0558 4804  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:31:03.0589 4804  PlugPlay - ok
17:31:03.0745 4804  [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:31:03.0776 4804  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:31:03.0776 4804  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:31:03.0823 4804  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:31:03.0854 4804  PNRPAutoReg - ok
17:31:03.0885 4804  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:31:03.0916 4804  PNRPsvc - ok
17:31:03.0979 4804  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:31:04.0057 4804  PolicyAgent - ok
17:31:04.0104 4804  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:31:04.0182 4804  Power - ok
17:31:04.0260 4804  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:31:04.0338 4804  PptpMiniport - ok
17:31:04.0384 4804  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:31:04.0431 4804  Processor - ok
17:31:04.0462 4804  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:31:04.0572 4804  ProfSvc - ok
17:31:04.0603 4804  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:04.0618 4804  ProtectedStorage - ok
17:31:04.0650 4804  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:31:04.0728 4804  Psched - ok
17:31:04.0774 4804  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
17:31:04.0790 4804  PxHlpa64 - ok
17:31:04.0852 4804  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:31:04.0915 4804  ql2300 - ok
17:31:04.0946 4804  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:31:04.0977 4804  ql40xx - ok
17:31:05.0024 4804  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:31:05.0086 4804  QWAVE - ok
17:31:05.0102 4804  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:31:05.0164 4804  QWAVEdrv - ok
17:31:05.0196 4804  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:31:05.0258 4804  RasAcd - ok
17:31:05.0320 4804  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:05.0398 4804  RasAgileVpn - ok
17:31:05.0414 4804  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:31:05.0508 4804  RasAuto - ok
17:31:05.0554 4804  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:05.0632 4804  Rasl2tp - ok
17:31:05.0679 4804  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:31:05.0773 4804  RasMan - ok
17:31:05.0804 4804  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:05.0882 4804  RasPppoe - ok
17:31:05.0913 4804  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:31:05.0991 4804  RasSstp - ok
17:31:06.0022 4804  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:31:06.0069 4804  rdbss - ok
17:31:06.0085 4804  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:31:06.0132 4804  rdpbus - ok
17:31:06.0178 4804  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:06.0225 4804  RDPCDD - ok
17:31:06.0256 4804  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:31:06.0334 4804  RDPENCDD - ok
17:31:06.0366 4804  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:31:06.0428 4804  RDPREFMP - ok
17:31:06.0522 4804  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:31:06.0584 4804  RdpVideoMiniport - ok
17:31:06.0646 4804  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:31:06.0709 4804  RDPWD - ok
17:31:06.0771 4804  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:31:06.0802 4804  rdyboost - ok
17:31:06.0834 4804  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:31:06.0912 4804  RemoteAccess - ok
17:31:06.0958 4804  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:31:07.0036 4804  RemoteRegistry - ok
17:31:07.0068 4804  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:31:07.0146 4804  RpcEptMapper - ok
17:31:07.0177 4804  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:31:07.0239 4804  RpcLocator - ok
17:31:07.0302 4804  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:31:07.0348 4804  RpcSs - ok
17:31:07.0411 4804  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:31:07.0473 4804  rspndr - ok
17:31:07.0551 4804  [ 4A25DC970C58104602ED274DACAFD784 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
17:31:07.0598 4804  RSUSBSTOR - ok
17:31:07.0614 4804  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:31:07.0645 4804  SamSs - ok
17:31:07.0645 4804  SANDRA - ok
17:31:07.0692 4804  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:31:07.0723 4804  sbp2port - ok
17:31:07.0785 4804  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:31:07.0832 4804  SCardSvr - ok
17:31:07.0879 4804  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:31:07.0941 4804  scfilter - ok
17:31:08.0004 4804  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:31:08.0082 4804  Schedule - ok
17:31:08.0128 4804  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:31:08.0191 4804  SCPolicySvc - ok
17:31:08.0253 4804  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:31:08.0331 4804  SDRSVC - ok
17:31:08.0425 4804  [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:31:08.0456 4804  SeaPort - ok
17:31:08.0518 4804  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:31:08.0596 4804  secdrv - ok
17:31:08.0628 4804  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:31:08.0706 4804  seclogon - ok
17:31:08.0752 4804  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
17:31:08.0815 4804  SENS - ok
17:31:08.0862 4804  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:31:08.0924 4804  SensrSvc - ok
17:31:08.0940 4804  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:31:08.0971 4804  Serenum - ok
17:31:08.0986 4804  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:31:09.0033 4804  Serial - ok
17:31:09.0064 4804  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:31:09.0080 4804  sermouse - ok
17:31:09.0142 4804  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:31:09.0205 4804  SessionEnv - ok
17:31:09.0298 4804  [ 8423DB42808E94847EC4E53EFDA6BEE2 ] setup_9.0.0.722_06.07.2012_12-35drv C:\Windows\system32\DRIVERS\7026445.sys
17:31:09.0330 4804  setup_9.0.0.722_06.07.2012_12-35drv - ok
17:31:09.0376 4804  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:31:09.0439 4804  sffdisk - ok
17:31:09.0470 4804  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:31:09.0517 4804  sffp_mmc - ok
17:31:09.0564 4804  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:31:09.0626 4804  sffp_sd - ok
17:31:09.0673 4804  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:31:09.0720 4804  sfloppy - ok
17:31:09.0813 4804  [ 16A5CC62F79A32A974B55110A898945C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:31:09.0844 4804  SftService - ok
17:31:09.0907 4804  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:31:09.0985 4804  SharedAccess - ok
17:31:10.0047 4804  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:10.0125 4804  ShellHWDetection - ok
17:31:10.0156 4804  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:31:10.0172 4804  SiSRaid2 - ok
17:31:10.0234 4804  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:31:10.0250 4804  SiSRaid4 - ok
17:31:10.0297 4804  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:31:10.0344 4804  Smb - ok
17:31:10.0422 4804  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:31:10.0468 4804  SNMPTRAP - ok
17:31:10.0500 4804  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:31:10.0531 4804  spldr - ok
17:31:10.0593 4804  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:31:10.0671 4804  Spooler - ok
17:31:10.0796 4804  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:31:10.0952 4804  sppsvc - ok
17:31:10.0983 4804  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:31:11.0061 4804  sppuinotify - ok
17:31:11.0139 4804  [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
17:31:11.0155 4804  sprtsvc_DellSupportCenter - ok
17:31:11.0217 4804  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:31:11.0280 4804  srv - ok
17:31:11.0342 4804  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:31:11.0389 4804  srv2 - ok
17:31:11.0420 4804  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:31:11.0482 4804  srvnet - ok
17:31:11.0545 4804  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:31:11.0623 4804  SSDPSRV - ok
17:31:11.0654 4804  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:31:11.0701 4804  SstpSvc - ok
17:31:11.0888 4804  [ 444109453A2B87E6C16BCDA5953E81A9 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
17:31:11.0966 4804  STacSV - ok
17:31:12.0013 4804  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:31:12.0028 4804  stexstor - ok
17:31:12.0075 4804  [ 02E784FA49032F84964DB90A3ED81890 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
17:31:12.0106 4804  STHDA - ok
17:31:12.0169 4804  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:31:12.0231 4804  stisvc - ok
17:31:12.0278 4804  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:31:12.0294 4804  swenum - ok
17:31:12.0372 4804  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:31:12.0450 4804  swprv - ok
17:31:12.0543 4804  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:31:12.0637 4804  SysMain - ok
17:31:12.0684 4804  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:12.0730 4804  TabletInputService - ok
17:31:12.0777 4804  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:31:12.0855 4804  TapiSrv - ok
17:31:12.0902 4804  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:31:12.0964 4804  TBS - ok
17:31:13.0058 4804  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:31:13.0120 4804  Tcpip - ok
17:31:13.0167 4804  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:31:13.0230 4804  TCPIP6 - ok
17:31:13.0276 4804  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:31:13.0323 4804  tcpipreg - ok
17:31:13.0370 4804  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:31:13.0448 4804  TDPIPE - ok
17:31:13.0479 4804  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:31:13.0526 4804  TDTCP - ok
17:31:13.0573 4804  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:31:13.0635 4804  tdx - ok
17:31:13.0713 4804  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:31:13.0729 4804  TermDD - ok
17:31:13.0791 4804  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:31:13.0885 4804  TermService - ok
17:31:13.0932 4804  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:31:13.0978 4804  Themes - ok
17:31:14.0041 4804  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:31:14.0088 4804  THREADORDER - ok
17:31:14.0088 4804  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:31:14.0166 4804  TrkWks - ok
17:31:14.0275 4804  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:14.0337 4804  TrustedInstaller - ok
17:31:14.0384 4804  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:14.0431 4804  tssecsrv - ok
17:31:14.0509 4804  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:31:14.0587 4804  TsUsbFlt - ok
17:31:14.0649 4804  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:31:14.0758 4804  tunnel - ok
17:31:14.0821 4804  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:31:14.0836 4804  uagp35 - ok
17:31:14.0883 4804  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:31:14.0992 4804  udfs - ok
17:31:15.0039 4804  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:31:15.0070 4804  UI0Detect - ok
17:31:15.0133 4804  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:31:15.0148 4804  uliagpkx - ok
17:31:15.0195 4804  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:31:15.0242 4804  umbus - ok
17:31:15.0304 4804  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:31:15.0320 4804  UmPass - ok
17:31:15.0351 4804  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:31:15.0398 4804  upnphost - ok
17:31:15.0460 4804  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:15.0538 4804  usbccgp - ok
17:31:15.0554 4804  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:31:15.0585 4804  usbcir - ok
17:31:15.0601 4804  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:31:15.0648 4804  usbehci - ok
17:31:15.0694 4804  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:31:15.0757 4804  usbhub - ok
17:31:15.0772 4804  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:31:15.0819 4804  usbohci - ok
17:31:15.0866 4804  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:31:15.0913 4804  usbprint - ok
17:31:15.0960 4804  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:31:15.0975 4804  usbscan - ok
17:31:16.0022 4804  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\drivers\usbser.sys
17:31:16.0100 4804  usbser - ok
17:31:16.0147 4804  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
17:31:16.0225 4804  USBSTOR - ok
17:31:16.0240 4804  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:31:16.0287 4804  usbuhci - ok
17:31:16.0334 4804  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:31:16.0412 4804  UxSms - ok
17:31:16.0443 4804  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:31:16.0474 4804  VaultSvc - ok
17:31:16.0537 4804  [ 1CB3C59EBD394DB0B869FDD804387E65 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:31:16.0552 4804  VBoxNetAdp - ok
17:31:16.0584 4804  VBoxNetFlt - ok
17:31:16.0599 4804  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:31:16.0630 4804  vdrvroot - ok
17:31:16.0677 4804  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:31:16.0740 4804  vds - ok
17:31:16.0802 4804  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:16.0818 4804  vga - ok
17:31:16.0849 4804  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:31:16.0911 4804  VgaSave - ok
17:31:16.0958 4804  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:31:16.0989 4804  vhdmp - ok
17:31:17.0036 4804  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:31:17.0067 4804  viaide - ok
17:31:17.0083 4804  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:31:17.0098 4804  volmgr - ok
17:31:17.0130 4804  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:31:17.0161 4804  volmgrx - ok
17:31:17.0176 4804  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:31:17.0208 4804  volsnap - ok
17:31:17.0239 4804  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:31:17.0254 4804  vsmraid - ok
17:31:17.0348 4804  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:31:17.0457 4804  VSS - ok
17:31:17.0473 4804  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:31:17.0520 4804  vwifibus - ok
17:31:17.0566 4804  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:31:17.0598 4804  vwififlt - ok
17:31:17.0629 4804  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:31:17.0691 4804  vwifimp - ok
17:31:17.0738 4804  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:31:17.0816 4804  W32Time - ok
17:31:17.0847 4804  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:31:17.0894 4804  WacomPen - ok
17:31:17.0988 4804  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0034 4804  WANARP - ok
17:31:18.0050 4804  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:31:18.0097 4804  Wanarpv6 - ok
17:31:18.0175 4804  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:31:18.0284 4804  wbengine - ok
17:31:18.0346 4804  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:31:18.0378 4804  WbioSrvc - ok
17:31:18.0440 4804  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:31:18.0471 4804  wcncsvc - ok
17:31:18.0502 4804  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:18.0534 4804  WcsPlugInService - ok
17:31:18.0596 4804  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:31:18.0612 4804  Wd - ok
17:31:18.0674 4804  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:31:18.0721 4804  Wdf01000 - ok
17:31:18.0736 4804  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:31:18.0861 4804  WdiServiceHost - ok
17:31:18.0877 4804  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:31:18.0908 4804  WdiSystemHost - ok
17:31:18.0939 4804  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:31:19.0002 4804  WebClient - ok
17:31:19.0048 4804  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:31:19.0126 4804  Wecsvc - ok
17:31:19.0158 4804  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:31:19.0236 4804  wercplsupport - ok
17:31:19.0298 4804  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:31:19.0376 4804  WerSvc - ok
17:31:19.0423 4804  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:19.0470 4804  WfpLwf - ok
17:31:19.0532 4804  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
17:31:19.0563 4804  WimFltr - ok
17:31:19.0610 4804  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:31:19.0641 4804  WIMMount - ok
17:31:19.0688 4804  WinDefend - ok
17:31:19.0704 4804  WinHttpAutoProxySvc - ok
17:31:19.0813 4804  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:31:19.0875 4804  Winmgmt - ok
17:31:19.0969 4804  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:31:20.0094 4804  WinRM - ok
17:31:20.0187 4804  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:31:20.0265 4804  Wlansvc - ok
17:31:20.0328 4804  [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc        C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
17:31:20.0359 4804  wltrysvc ( UnsignedFile.Multi.Generic ) - warning
17:31:20.0359 4804  wltrysvc - detected UnsignedFile.Multi.Generic (1)
17:31:20.0421 4804  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:31:20.0468 4804  WmiAcpi - ok
17:31:20.0515 4804  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:31:20.0562 4804  wmiApSrv - ok
17:31:20.0608 4804  WMPNetworkSvc - ok
17:31:20.0624 4804  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:31:20.0655 4804  WPCSvc - ok
17:31:20.0718 4804  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:31:20.0764 4804  WPDBusEnum - ok
17:31:20.0827 4804  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:31:20.0889 4804  ws2ifsl - ok
17:31:20.0936 4804  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
17:31:20.0983 4804  wscsvc - ok
17:31:20.0998 4804  WSearch - ok
17:31:21.0092 4804  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:31:21.0186 4804  wuauserv - ok
17:31:21.0232 4804  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:31:21.0310 4804  WudfPf - ok
17:31:21.0357 4804  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:21.0404 4804  WUDFRd - ok
17:31:21.0451 4804  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:31:21.0498 4804  wudfsvc - ok
17:31:21.0544 4804  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:31:21.0591 4804  WwanSvc - ok
17:31:21.0654 4804  [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
17:31:21.0747 4804  yukonw7 - ok
17:31:21.0778 4804  ================ Scan global ===============================
17:31:21.0825 4804  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:31:21.0888 4804  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:31:21.0903 4804  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:31:21.0950 4804  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:31:21.0997 4804  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:31:22.0012 4804  [Global] - ok
17:31:22.0012 4804  ================ Scan MBR ==================================
17:31:22.0028 4804  [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
17:31:22.0543 4804  \Device\Harddisk0\DR0 - ok
17:31:22.0543 4804  ================ Scan VBR ==================================
17:31:22.0590 4804  [ C587A4A9A3806AF99FA7391DD3F7C52B ] \Device\Harddisk0\DR0\Partition1
17:31:22.0590 4804  \Device\Harddisk0\DR0\Partition1 - ok
17:31:22.0605 4804  [ 7E439E0C0C6E1D3E1C1ADE3746341CBF ] \Device\Harddisk0\DR0\Partition2
17:31:22.0605 4804  \Device\Harddisk0\DR0\Partition2 - ok
17:31:22.0605 4804  ============================================================
17:31:22.0605 4804  Scan finished
17:31:22.0605 4804  ============================================================
17:31:22.0621 3764  Detected object count: 8
17:31:22.0621 3764  Actual detected object count: 8
17:31:50.0451 3764  DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764  DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:31:50.0467 3764  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:31:50.0467 3764  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:31:50.0467 3764  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:31:50.0467 3764  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:31:50.0467 3764  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0467 3764  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:31:50.0483 3764  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0483 3764  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:31:50.0483 3764  wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:31:50.0483 3764  wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:39:06.0258 4716  Deinitialize success
         

Alt 23.03.2013, 19:33   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 24.03.2013, 09:31   #9
amelie77
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Hier das ComboFix-Log:
Code:
ATTFilter
ComboFix 13-03-23.01 - Privat 24.03.2013   9:03.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4056.2780 [GMT 1:00]
ausgeführt von:: c:\users\Lexikon\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-02-24 bis 2013-03-24  ))))))))))))))))))))))))))))))
.
.
2013-03-24 08:11 . 2013-03-24 08:11	--------	d-----w-	c:\users\Privat\AppData\Local\temp
2013-03-24 08:11 . 2013-03-24 08:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-03-24 08:11 . 2013-03-24 08:11	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2013-03-22 17:39 . 2013-02-17 00:40	28672	----a-w-	c:\windows\system32\IEUDINIT.EXE
2013-03-22 17:31 . 2013-03-22 17:31	--------	d-----w-	c:\program files\Microsoft Silverlight
2013-03-22 17:31 . 2013-03-22 17:31	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2013-03-22 17:30 . 2013-03-22 17:30	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-03-22 17:29 . 2013-03-22 17:29	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-21 15:39 . 2013-02-08 00:28	9162192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{19B95E06-F646-45C3-AF5F-02B2D0B71519}\mpengine.dll
2013-03-21 15:38 . 2013-02-12 04:12	19968	----a-w-	c:\windows\system32\drivers\usb8023.sys
2013-03-19 21:45 . 2013-03-22 17:29	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-03-16 14:39 . 2013-03-16 14:39	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2013-03-16 14:39 . 2013-03-19 21:37	--------	d-----w-	c:\program files (x86)\Apple Software Update
2013-03-16 14:31 . 2013-03-19 21:30	--------	d-----w-	c:\program files\VideoLAN
2013-03-15 14:04 . 2009-10-27 18:31	3982240	----a-w-	c:\windows\SysWow64\Flash10d.ocx
2013-03-15 12:04 . 2013-03-15 12:04	--------	d-----w-	c:\users\Privat\AppData\Local\Amazon
2013-03-08 18:27 . 2013-03-06 23:33	377920	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-03-08 18:27 . 2013-03-06 23:33	33400	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-03-08 18:27 . 2013-03-06 23:33	70992	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-03-08 18:27 . 2013-03-06 23:33	68920	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-03-08 18:27 . 2013-03-06 23:33	65336	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-03-08 18:27 . 2013-03-06 23:33	178624	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-03-08 18:27 . 2013-03-06 23:33	1025808	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-03-08 18:27 . 2013-03-06 23:33	80816	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-03-08 18:26 . 2013-03-06 23:32	41664	----a-w-	c:\windows\avastSS.scr
2013-03-08 18:18 . 2013-03-08 18:18	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2013-02-25 22:01 . 2013-02-25 22:01	--------	d-----w-	c:\users\Lexikon\AppData\Local\Macromedia
2013-02-25 10:33 . 2013-03-08 18:26	--------	d-----w-	c:\program files\AVAST Software
2013-02-25 10:13 . 2013-03-19 21:30	--------	d-----r-	c:\users\Public
2013-02-23 20:11 . 2013-02-23 20:11	--------	d-----w-	c:\users\Privat\NTUSER
2013-02-22 19:45 . 2013-02-22 19:45	--------	d-----w-	c:\users\Privat\AppData\Local\Programs
2013-02-22 19:38 . 2013-02-22 19:41	--------	d-----w-	c:\users\Lexikon\AppData\Local\Amazon
2013-02-22 19:36 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-22 19:36 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-22 19:36 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-22 17:29 . 2011-04-08 09:32	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-03-21 14:07 . 2012-04-09 20:01	693976	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-21 14:07 . 2011-08-08 13:25	73432	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-06 23:32 . 2011-08-03 14:15	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-03-04 13:53 . 2011-06-19 13:23	72013344	----a-w-	c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2011-03-05 19:08	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-04 05:46 . 2013-02-16 20:09	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-16 20:09	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-16 20:09	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-16 19:52	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-16 20:09	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-16 20:09	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-16 20:09	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-16 20:09	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-16 20:06	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-16 20:06	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrowserMask"="c:\program files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe" [2010-09-23 96768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"0190 Warner"="c:\progra~2\0190WA~1\WARN0190.EXE" [2003-02-28 466944]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"="c:\users\Lexikon\Desktop\mbar-1.01.0.1021\mbar\mbar.exe" [2013-02-16 1363016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 aswVmm;aswVmm; [x]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 145360]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
S0 13558342;13558342 Boot Guard Driver;c:\windows\system32\DRIVERS\13558342.sys [2009-10-22 40464]
S0 31597942;31597942 Boot Guard Driver;c:\windows\system32\DRIVERS\31597942.sys [2009-10-22 40464]
S0 36351792;36351792 Boot Guard Driver;c:\windows\system32\DRIVERS\36351792.sys [2009-10-22 40464]
S0 70264452;70264452 Boot Guard Driver;c:\windows\system32\DRIVERS\70264452.sys [2009-10-22 40464]
S0 77014092;77014092 Boot Guard Driver;c:\windows\system32\DRIVERS\77014092.sys [2009-10-22 40464]
S0 79665282;79665282 Boot Guard Driver;c:\windows\system32\DRIVERS\79665282.sys [2009-10-22 40464]
S0 93592522;93592522 Boot Guard Driver;c:\windows\system32\DRIVERS\93592522.sys [2009-10-22 40464]
S0 97504712;97504712 Boot Guard Driver;c:\windows\system32\DRIVERS\97504712.sys [2009-10-22 40464]
S0 aswRvrt;aswRvrt; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 13558341;13558341;c:\windows\system32\DRIVERS\13558341.sys [2009-09-25 157712]
S1 31597941;31597941;c:\windows\system32\DRIVERS\31597941.sys [2009-09-25 157712]
S1 36351791;36351791;c:\windows\system32\DRIVERS\36351791.sys [2009-09-25 157712]
S1 70264451;70264451;c:\windows\system32\DRIVERS\70264451.sys [2009-09-25 157712]
S1 77014091;77014091;c:\windows\system32\DRIVERS\77014091.sys [2009-09-25 157712]
S1 79665281;79665281;c:\windows\system32\DRIVERS\79665281.sys [2009-09-25 157712]
S1 93592521;93592521;c:\windows\system32\DRIVERS\93592521.sys [2009-09-25 157712]
S1 97504711;97504711;c:\windows\system32\DRIVERS\97504711.sys [2009-09-25 157712]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 setup_9.0.0.722_06.07.2012_12-35drv;setup_9.0.0.722_06.07.2012_12-35drv;c:\windows\system32\DRIVERS\7026445.sys [2009-10-09 352784]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-10-25 341288]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-12-02 656624]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-08 215552]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper	REG_MULTI_SZ   	nosGetPlusHelper
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-01-23 305664]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"*Restore"="c:\windows\System32\rstrui.exe" [2010-11-20 296960]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.ask.com?o=10148&l=dis&tb=AVR-4
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\h3f9rtyq.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-24  09:14:19
ComboFix-quarantined-files.txt  2013-03-24 08:14
.
Vor Suchlauf: 16 Verzeichnis(se), 81.824.444.416 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 81.261.056.000 Bytes frei
.
- - End Of File - - DB7CD00020DDD2E07B4DC6604E7CB39C
         

Alt 24.03.2013, 12:53   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 24.03.2013, 18:40   #11
amelie77
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Der Papierkorb funktioniert wieder! Ich weiß nicht warum, aber die Dateien werden wieder dorthin verschoben. Vielleicht kannst Du mir noch mal kurz schreiben, woran es denn lag?

Habe übrigens beim Ausführen von JRT nen mächtigen Schreck bekommen... Sämtliche Dateien auf dem Bildschirm waren weg Dann merkte ich, dass das Programm mich vom Standard-Konto ins Administrator-Konto geschoben hatte. Puhh!

Hänge dann mal die restlichen Logs an:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.3 (03.23.2013:1)
OS: Windows 7 Home Premium x64
Ran by Privat on 24.03.2013 at 17:21:43,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-2433319336-712607344-602622529-1005\software\microsoft\internet explorer\main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\Users\Privat\appdata\locallow\adawaretb"



~~~ FireFox

Successfully deleted: [File] C:\Users\Privat\AppData\Roaming\mozilla\firefox\profiles\h3f9rtyq.default\searchplugins\askcom.xml
Successfully deleted: [Folder] C:\Users\Privat\AppData\Roaming\mozilla\firefox\profiles\h3f9rtyq.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
Successfully deleted: [Folder] C:\Users\Privat\AppData\Roaming\mozilla\firefox\profiles\h3f9rtyq.default\extensions\toolbar@ask.com



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.03.2013 at 17:38:19,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
# AdwCleaner v2.115 - Datei am 24/03/2013 um 18:00:41 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Privat - ZUHAUSE-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Lexikon\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Lexikon\AppData\Roaming\Mozilla\Firefox\Profiles\l3fkwzu1.default\searchplugins\11-suche.xml
Ordner Gelöscht : C:\Users\Lexikon\AppData\Roaming\Mozilla\Firefox\Profiles\l3fkwzu1.default\adawaretb
Ordner Gelöscht : C:\Users\Lexikon\AppData\Roaming\Mozilla\Firefox\Profiles\l3fkwzu1.default\jetpack
Ordner Gelöscht : C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\h3f9rtyq.default\adawaretb

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0.2 (de)

Datei : C:\Users\Lexikon\AppData\Roaming\Mozilla\Firefox\Profiles\l3fkwzu1.default\prefs.js

Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");

Datei : C:\Users\Privat\AppData\Roaming\Mozilla\Firefox\Profiles\h3f9rtyq.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [2054 octets] - [24/03/2013 17:59:23]
AdwCleaner[S1].txt - [1989 octets] - [24/03/2013 18:00:41]

########## EOF - \AdwCleaner[S1].txt - [2049 octets] ##########
         
Code:
ATTFilter
OTL logfile created on: 24.03.2013 18:05:50 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Lexikon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,96 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 73,06% Memory free
7,92 Gb Paging File | 6,74 Gb Available in Paging File | 85,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 134,36 Gb Total Space | 75,62 Gb Free Space | 56,28% Space Free | Partition Type: NTFS
 
Computer Name: ZUHAUSE-PC | User Name: Privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\AVAST Software\Avast\AvastEmUpdate.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Lexikon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
PRC - C:\Program Files (x86)\0190 Warner\Warn0190.exe (Mirko Böer)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE ()
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe (IDT, Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NitroReaderDriverReadSpool2) -- C:\Programme\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe (Nitro PDF Software)
SRV - (nosGetPlusHelper) -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe (IDT, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (sprtsvc_DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x64\Sandra.sys File not found
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV:64bit: - (77014092) -- C:\Windows\SysNative\drivers\77014092.sys (Kaspersky Lab)
DRV:64bit: - (36351792) -- C:\Windows\SysNative\drivers\36351792.sys (Kaspersky Lab)
DRV:64bit: - (97504712) -- C:\Windows\SysNative\drivers\97504712.sys (Kaspersky Lab)
DRV:64bit: - (93592522) -- C:\Windows\SysNative\drivers\93592522.sys (Kaspersky Lab)
DRV:64bit: - (79665282) -- C:\Windows\SysNative\drivers\79665282.sys (Kaspersky Lab)
DRV:64bit: - (70264452) -- C:\Windows\SysNative\drivers\70264452.sys (Kaspersky Lab)
DRV:64bit: - (31597942) -- C:\Windows\SysNative\drivers\31597942.sys (Kaspersky Lab)
DRV:64bit: - (13558342) -- C:\Windows\SysNative\drivers\13558342.sys (Kaspersky Lab)
DRV:64bit: - (setup_9.0.0.722_06.07.2012_12-35drv) -- C:\Windows\SysNative\drivers\7026445.sys (Kaspersky Lab)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (77014091) -- C:\Windows\SysNative\drivers\77014091.sys (Kaspersky Lab)
DRV:64bit: - (36351791) -- C:\Windows\SysNative\drivers\36351791.sys (Kaspersky Lab)
DRV:64bit: - (97504711) -- C:\Windows\SysNative\drivers\97504711.sys (Kaspersky Lab)
DRV:64bit: - (93592521) -- C:\Windows\SysNative\drivers\93592521.sys (Kaspersky Lab)
DRV:64bit: - (79665281) -- C:\Windows\SysNative\drivers\79665281.sys (Kaspersky Lab)
DRV:64bit: - (70264451) -- C:\Windows\SysNative\drivers\70264451.sys (Kaspersky Lab)
DRV:64bit: - (31597941) -- C:\Windows\SysNative\drivers\31597941.sys (Kaspersky Lab)
DRV:64bit: - (13558341) -- C:\Windows\SysNative\drivers\13558341.sys (Kaspersky Lab)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{CC04B2F9-F507-4C02-B862-27447E6B6138}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{78BB7703-48FC-48AD-9EE0-D8327EF260A2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Lexikon\Desktop
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2433319336-712607344-602622529-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.99: C:\Program Files (x86)\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.10.29 14:04:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013.03.19 22:30:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.26 20:55:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.19 22:43:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.19 22:40:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.19 22:40:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.26 20:55:42 | 000,000,000 | ---D | M]
 
[2013.03.19 22:35:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.07 15:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.07 16:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 16:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.07 16:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 16:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 16:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 16:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.12.11 21:04:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [0190 Warner] C:\PROGRA~2\0190WA~1\WARN0190.EXE (Mirko Böer)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1003..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft)
O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1005..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft)
O4:64bit: - HKLM..\RunOnce: [*Restore] C:\Windows\SysNative\rstrui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2433319336-712607344-602622529-1005..\RunOnce: [Report] \AdwCleaner[S1].txt ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.24 17:25:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.03.24 17:25:16 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN
[2013.03.24 17:21:41 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.03.24 17:21:33 | 000,000,000 | ---D | C] -- C:\JRT
[2013.03.24 17:21:33 | 000,000,000 | ---D | C] -- \JRT
[2013.03.24 09:36:04 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\temp
[2013.03.24 09:00:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.03.24 09:00:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.03.24 09:00:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.03.22 18:39:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2013.03.22 18:33:46 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.22 18:33:46 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.22 18:33:46 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.22 18:33:46 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.22 18:33:46 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.22 18:33:46 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.22 18:33:46 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.22 18:33:46 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.22 18:33:46 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.22 18:33:46 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.22 18:33:46 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.22 18:33:46 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.22 18:33:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.22 18:33:46 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.22 18:33:46 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.22 18:33:46 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.22 18:33:46 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.22 18:33:46 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.22 18:33:46 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.22 18:33:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.03.22 18:33:46 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.03.22 18:33:46 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.22 18:33:46 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.22 18:33:46 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.22 18:33:46 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.03.22 18:33:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.22 18:33:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.22 18:33:46 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.03.22 18:33:46 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.22 18:33:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.22 18:33:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.03.22 18:33:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.22 18:33:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.22 18:33:45 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.22 18:33:45 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.22 18:33:45 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.22 18:33:45 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.22 18:33:45 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.22 18:33:45 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.22 18:33:45 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.22 18:33:45 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.22 18:33:45 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.22 18:33:45 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.22 18:33:45 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.22 18:33:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.22 18:33:45 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.22 18:33:45 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.22 18:33:45 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.22 18:33:45 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.22 18:33:45 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.22 18:33:45 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.22 18:33:45 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.03.22 18:33:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.22 18:33:45 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.22 18:33:45 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.22 18:33:45 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.22 18:33:45 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.22 18:33:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.22 18:33:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.22 18:33:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.03.22 18:33:45 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.22 18:33:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.03.22 18:33:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.22 18:33:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.22 18:33:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.03.22 18:33:45 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.22 18:33:45 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.22 18:33:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.22 18:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.22 18:31:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.22 18:31:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.22 18:30:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.03.22 18:30:16 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.22 18:29:45 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.22 18:29:45 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.22 18:29:44 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.22 18:24:47 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.03.22 18:24:47 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.03.22 18:24:47 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.03.22 18:24:47 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.03.22 18:24:40 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.03.22 18:24:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.03.22 18:24:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.03.22 18:24:28 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.03.22 18:24:28 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.03.22 18:24:28 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.03.22 18:24:28 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.03.22 18:24:28 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.03.22 18:24:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.03.22 18:24:28 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.03.22 18:24:28 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.03.22 18:24:27 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.03.22 18:24:26 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.03.22 18:24:26 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.03.22 18:24:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.03.22 18:24:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.03.22 18:24:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.03.22 18:24:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.03.22 18:24:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.03.22 18:24:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.03.22 18:24:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.03.22 18:24:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.03.22 18:24:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.03.22 18:24:24 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.03.22 18:24:24 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.03.22 18:24:24 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.03.22 18:24:23 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.03.22 18:24:23 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.03.22 18:24:23 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.03.22 18:24:23 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.03.22 18:24:22 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.03.22 18:24:22 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.03.22 18:24:21 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.03.22 18:24:21 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.03.22 18:24:20 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.03.22 18:24:20 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.03.22 18:24:20 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.03.21 18:21:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.03.21 16:38:56 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.19 23:15:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2013.03.19 22:45:35 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.03.19 22:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.03.19 22:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013.03.16 15:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.03.16 15:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.03.16 15:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013.03.15 15:04:24 | 003,982,240 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\Flash10d.ocx
[2013.03.15 13:04:50 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\Amazon
[2013.03.08 19:27:19 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.03.08 19:27:19 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.03.08 19:27:18 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.03.08 19:27:17 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.03.08 19:27:16 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.03.08 19:27:15 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.03.08 19:26:44 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.08 19:18:36 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013.02.25 11:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.02.23 21:11:07 | 000,000,000 | ---D | C] -- C:\Users\Privat\NTUSER
[2013.02.22 20:45:56 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\Programs
[2013.02.22 20:44:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.02.22 20:36:55 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.22 20:36:52 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.22 20:36:51 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.24 18:10:08 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.24 18:10:08 | 000,022,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.24 18:02:37 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013.03.24 18:02:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.24 18:02:22 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.22 18:33:46 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.03.22 18:33:46 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.03.22 18:33:46 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.03.22 18:33:46 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.03.22 18:33:46 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.22 18:33:46 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.03.22 18:33:46 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.03.22 18:33:46 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.03.22 18:33:46 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.03.22 18:33:46 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.03.22 18:33:46 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.03.22 18:33:46 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.03.22 18:33:46 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.03.22 18:33:46 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.03.22 18:33:46 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.03.22 18:33:46 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.03.22 18:33:46 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.03.22 18:33:46 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.03.22 18:33:46 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.03.22 18:33:46 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.03.22 18:33:46 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.03.22 18:33:46 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.03.22 18:33:46 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.03.22 18:33:46 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.03.22 18:33:46 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.03.22 18:33:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.03.22 18:33:46 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.03.22 18:33:46 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.03.22 18:33:46 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.03.22 18:33:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.03.22 18:33:46 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.03.22 18:33:46 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.22 18:33:46 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.03.22 18:33:46 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.03.22 18:33:45 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.22 18:33:45 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.03.22 18:33:45 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.03.22 18:33:45 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.03.22 18:33:45 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.22 18:33:45 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.22 18:33:45 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.22 18:33:45 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.03.22 18:33:45 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.03.22 18:33:45 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.22 18:33:45 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.03.22 18:33:45 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.22 18:33:45 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.03.22 18:33:45 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.03.22 18:33:45 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.03.22 18:33:45 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.03.22 18:33:45 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.03.22 18:33:45 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.03.22 18:33:45 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.03.22 18:33:45 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.03.22 18:33:45 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.22 18:33:45 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.03.22 18:33:45 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.22 18:33:45 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.03.22 18:33:45 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.22 18:33:45 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.03.22 18:33:45 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.03.22 18:33:45 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.03.22 18:33:45 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.03.22 18:33:45 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.22 18:33:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.22 18:33:45 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.03.22 18:33:45 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.03.22 18:33:45 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.22 18:33:45 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.03.22 18:33:45 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.03.22 18:29:32 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.22 18:29:30 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.03.22 18:29:30 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.03.22 18:29:30 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.22 18:29:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.22 18:29:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.22 18:22:18 | 000,000,134 | ---- | M] () -- C:\Users\Privat\Desktop\Internet Explorer-Problembehebung.url
[2013.03.21 18:21:39 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013.03.21 15:07:46 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.21 15:07:46 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.03.07 00:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013.03.07 00:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.02.25 11:12:59 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.25 11:12:59 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.25 11:12:59 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.25 11:12:59 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.25 11:12:59 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.23 21:30:11 | 000,376,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.24 09:00:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.24 09:00:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.24 09:00:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.24 09:00:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.24 09:00:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.22 18:33:46 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.22 18:33:45 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.22 18:22:18 | 000,000,134 | ---- | C] () -- C:\Users\Privat\Desktop\Internet Explorer-Problembehebung.url
[2013.03.19 22:37:17 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.03.08 19:27:16 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.03.08 19:27:16 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013.02.25 11:13:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.11.26 20:51:40 | 000,245,473 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012.11.26 20:51:40 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2011.10.05 10:19:22 | 000,007,600 | ---- | C] () -- C:\Users\Privat\AppData\Local\Resmon.ResmonCfg
[2011.09.26 13:42:54 | 000,000,680 | RHS- | C] () -- C:\Users\Privat\ntuser.pol
[2011.06.19 21:46:46 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.19 14:56:15 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.06.19 14:56:15 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2010.02.22 03:45:21 | 3190,050,816 | -HS- | C] () -- \hiberfil.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 24.03.2013 18:05:50 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Lexikon\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,96 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 73,06% Memory free
7,92 Gb Paging File | 6,74 Gb Available in Paging File | 85,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 134,36 Gb Total Space | 75,62 Gb Free Space | 56,28% Space Free | Partition Type: NTFS
 
Computer Name: ZUHAUSE-PC | User Name: Privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
"DoNotAllowExceptions" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D3BEEB2-99FD-4929-9272-DC8F1DD664B7}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{169EF352-0216-4FE4-8B25-BEEDC0EE7596}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{18CCAE09-899A-4D60-BEDA-3C8754CBF47F}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{1B678221-371B-44B5-B995-B285C36F6A21}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{1C85168A-B022-4233-AB3B-AB8FC906445D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=datei- und druckerfreigabe (spoolerdienst - rpc-epmap) | 
"{30240EF1-93D4-4ACF-B89E-6DD066E34410}" = rport=445 | protocol=6 | dir=out | app=system | 
"{371A9E96-7B40-4550-B9FC-6C1B6151C35E}" = lport=139 | protocol=6 | dir=in | app=system | 
"{3821E25D-215E-4B5B-82BA-C96DD63A1EDB}" = lport=138 | protocol=17 | dir=in | app=system | 
"{38EEE73C-4F3E-41C2-B160-FC1E2AE460EF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3D7868B4-AA60-4745-9109-1DC58967DF81}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{48898B96-5E37-414C-A948-9DBB9C320A98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{58F37191-7AB4-46EC-AEE1-870661A0CD1A}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x64\rpcsandrasrv.exe | 
"{7F8D2C41-0F44-40A0-AB64-D1D09ABE880C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{8BB792EE-05D9-4C82-B25A-8CE24D8C1B6C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8D53051B-AEDF-427A-A192-1B16371D3B0A}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{92006AF4-32E3-447C-8D3C-BB9AA1D7BD55}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AAB36712-73B8-49FC-B836-62A25F3E6C9F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{B1D6DCF4-DFF3-4E2E-A664-2B66127229BB}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B7A9846D-921D-42EF-BBAA-431EE7D2A7FC}" = rport=139 | protocol=6 | dir=out | app=system | 
"{BB288BD9-9AF0-458C-8EB9-805E108A394A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DAFDD2DE-D080-4459-BBCC-B8DE4C6E0BC3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{E1542615-CFE1-4D3E-B6C4-5453C6D584E9}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{EFB9AC43-06DE-4F14-93C2-180557DD1A61}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0160F92F-4890-4F94-85FC-27A22680F0B2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{0752EADB-02C4-440C-A6C1-0C92AC1E7D37}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{0871D5CB-CF23-4450-892B-5C7F62E0D870}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{12968749-A132-486B-88EA-CC95C6C527A1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{12FA50E6-B627-402B-9A94-D318563E0366}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{1777FB9C-8E61-4A6C-A5D3-18FA4F732A65}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{3018C003-494C-4BEF-BFCB-E5047E9A3F8B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 
"{3883E3EE-FA7C-4048-BCFC-6DAF075ACEF8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{39B7F23E-DC7A-4C97-BFA5-4B958A6BBB6A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{3D9C9DA0-4AC6-4177-B149-6C97EB8459DE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{409CAAD4-F957-4066-9CBE-26C50968F3CD}" = protocol=17 | dir=in | app=c:\users\privat\appdata\local\temp\7zs594d\hpdiagnosticcoreui.exe | 
"{41F28F8A-6F95-4759-80F2-C04EFF59BFD8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 
"{4CECDB66-0172-476B-A73C-6C24BEB327BF}" = protocol=58 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv6 ausgehend) | 
"{4D75EFAE-813C-4869-9FA5-49A09ACC7E3B}" = protocol=58 | dir=in | name=gemeinsame nutzung der internetverbindung (routeranfrage, eingehend) | 
"{4E20D7B7-364C-487D-A21C-D2DADAE664FF}" = protocol=6 | dir=in | app=c:\users\privat\appdata\local\temp\7zs54c9\hpdiagnosticcoreui.exe | 
"{4FCDD0F8-1BB6-480B-9BD1-94A4E2D7188C}" = protocol=1 | dir=out | name=datei- und druckerfreigabe (echoanforderung - icmpv4 ausgehend) | 
"{50B61AAF-EF03-4D82-800F-90D1E0841B43}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"{51497F40-FE20-4E84-A1BE-890831F92479}" = protocol=17 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs56a9\hppiw.exe | 
"{5CC7EC3F-2EE2-4590-8026-DBFC890892EA}" = protocol=6 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs56a9\hppiw.exe | 
"{5DB4249E-EAA4-47FA-9D4D-D98A221013E0}" = protocol=17 | dir=in | app=c:\program files (x86)\avira\antivir desktop\update.exe | 
"{5F0D20F0-1A64-44AC-B365-658FE3745506}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{6748EACA-9B34-4AD3-9C68-85B6551BFBB6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{69698779-A8C6-4496-9E0A-2B253F2C2A35}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{6C509A7B-B48E-4B7B-B89B-1F540740525D}" = protocol=1 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2010c\wnt500x64\rpcsandrasrv.exe | 
"{6FCBD6E2-E56B-4C4A-89E2-36E0492A2B6B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{7258240C-2BAC-4C4A-B2E9-9F8F16C3CF4F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{7741CFF8-2872-49AF-AC5E-E34D93449C08}" = protocol=6 | dir=in | app=c:\program files (x86)\avira\antivir desktop\update.exe | 
"{7A05CA96-F03D-46AD-930F-77A2F894480E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe | 
"{7B5A9508-CDA0-41C9-A943-35A10D58A3FE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7D0DFA47-9E9A-44D2-8FCF-54BD462CFE5B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
"{8510761F-77C1-4E26-BE0E-1727050A6A5B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{890DF0A3-A78C-4946-B631-A8B77C3FCEFC}" = protocol=6 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs5b92\hppiw.exe | 
"{89BC8AE6-E6DA-4F6F-8344-4A39F28402B4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{8AA4B592-69F3-430A-90D4-26A59FEB0E7D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{8E7D0B6B-880E-476B-9064-F4210CD65AD3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe | 
"{9A72217D-C78D-4F85-89F6-3EBF8BB83AEF}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{9C74E43A-BA4F-427A-A90F-1AF4C4BEB418}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{B3BBD909-10B7-48B5-8FE5-3171D9D3052A}" = protocol=17 | dir=in | app=c:\users\privat\appdata\local\temp\7zs54c9\hpdiagnosticcoreui.exe | 
"{B7BA88CD-A241-40EE-9479-FFBE9BB3FD3F}" = protocol=17 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs53eb\hppiw.exe | 
"{B88F99B4-3C64-4A38-BF78-77CEC35ACD8E}" = protocol=6 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs53eb\hppiw.exe | 
"{C84205D6-149D-4E6A-97DB-3AB43F0188EB}" = protocol=6 | dir=in | app=c:\users\privat\appdata\local\temp\7zs594d\hpdiagnosticcoreui.exe | 
"{D1338203-3055-4DAF-895E-4054A152ED25}" = protocol=17 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs5130\hppiw.exe | 
"{D7A9B744-9A63-4893-9C40-F1B1DF56D7F9}" = protocol=58 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv6 eingehend) | 
"{DCEAB655-C4FD-416C-9188-43DB4BE551E8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{E54D5323-C487-427B-BD4A-51EB25EA2D5C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{E928AF9E-527A-4660-A5C9-E05E235044BF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{EC0E1D7A-8921-4EE6-B9FA-F5DD815B507B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{F265D8F0-6E66-4026-98D9-A51A1973A955}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe | 
"{F37152A9-C0A5-4676-BF27-B41C156C557F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 
"{F4732F9B-DDD7-41E0-AD21-B77BFF9AEE95}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{F5BDCF63-A93C-4D60-AB1F-63DF63A26A68}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{F6203B54-5890-47A6-9D22-274389EC9EAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{F724380A-6FF6-4CD9-AE5A-47AC538C0C79}" = protocol=1 | dir=in | name=datei- und druckerfreigabe (echoanforderung - icmpv4 eingehend) | 
"{F95177EF-AD55-4878-9205-CA3DD4669449}" = protocol=17 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs5b92\hppiw.exe | 
"{FCF22CE6-A6BB-4A97-8069-EB4E815657CA}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{FF1DCF63-355B-4FC8-970C-06425C511BB5}" = protocol=6 | dir=in | app=c:\users\lexikon\appdata\local\temp\7zs5130\hppiw.exe | 
"TCP Query User{37DC5125-3596-4C55-A68E-A2624CED6AC2}C:\program files (x86)\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\quicktime\quicktimeplayer.exe | 
"TCP Query User{3AC9D01C-63BC-4B1F-A1A5-B4AB5D18D95E}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe | 
"TCP Query User{3FA974A5-DE70-41FA-AFE0-C23C5C6F3C82}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"TCP Query User{684900E8-E090-4F7C-A534-33F43A9D114E}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe | 
"TCP Query User{83FD3689-580B-49FC-AD72-758C939667FE}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"TCP Query User{C92EC406-7717-48DA-B153-8A2B94A8542E}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe | 
"UDP Query User{07FC74A7-517D-4708-AFAA-BB5A5AD87F08}C:\program files (x86)\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\quicktime\quicktimeplayer.exe | 
"UDP Query User{2DEE06A5-89FB-43E6-AE70-13C4CC1DA322}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe | 
"UDP Query User{72C2C284-9A95-48C7-AC70-FE2E5D34694B}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe | 
"UDP Query User{7B7AB578-A0DC-42FF-BF8B-E9B66651863C}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spybot - search & destroy 2\sdfiles.exe | 
"UDP Query User{91EC5400-E85E-4C47-84C4-E30A4FE53FE8}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | 
"UDP Query User{A061C958-7E9B-444D-B051-B1578160D0D4}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{08C3441C-4FAF-48D3-A551-70DD6031734F}" = Microsoft Baseline Security Analyzer 2.2
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java(TM) 7 (64-bit)
"{369ABA06-0536-4E6A-A1FC-40983E268F47}" = Nitro PDF Reader 2
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"VLC media player" = VLC media player 2.0.5
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A9FE5C3-799E-4E41-AF4E-943F9BC4C4BD}_is1" = All My Books 1.3 for PC-WELT
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}" = Microsoft Windows Debugging Symbols
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73006B34-9743-4A39-AC37-38EDFCEB6DCE}" = Adobe Product/Adobe Studio Update 10/2001
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D88A7919-C81E-4F6A-8B77-D1B2E42EE0CD}" = One Button
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"0190Warner" = 0190 Warner 3.50
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Digital Editions" = Adobe Digital Editions
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Non Driver CIO Components" = Non Driver CIO Components
"PPTView97" = Microsoft PowerPoint Viewer 97
"RealPlayer 12.0" = RealPlayer
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2433319336-712607344-602622529-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2433319336-712607344-602622529-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 20 Event Log Errors ==========
 
[ Broadcom Wireless LAN Events ]
Error - 26.02.2010 07:49:36 | Computer Name = Home-PC | Source = WLAN-Tray | ID = 0
Description = 12:49:36, Fri, Feb 26, 10 Error - Unable to get current user admin 
status 
 
Error - 26.02.2010 07:50:01 | Computer Name = Home-PC | Source = WLAN-Tray | ID = 0
Description = 12:50:01, Fri, Feb 26, 10 Error - Unable to get current user admin 
status 
 
Error - 26.02.2010 07:51:44 | Computer Name = Home-PC | Source = WLAN-Tray | ID = 0
Description = 12:51:44, Fri, Feb 26, 10 Error - Unable to switch user context, authentication
 information not set correctly 
 
[ System Events ]
Error - 24.03.2013 12:42:15 | Computer Name = Zuhause-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 24.03.2013 13:05:01 | Computer Name = Zuhause-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%2
 
 
< End of report >
         
Das ist mir jetzt schon peinlich, aber habe plötzlich Probleme mit meinem E-Mail-Programm. Könnte das von den Programmen kommen? Vor ein paar Stunden konnte ich noch Mails abrufen, jetzt ist ein Haken vor Offline und lässt sich nicht rausnehmen.

Neuer Nachtrag:
Hatte kurzfristig auch Einwahlprobleme. Bin dann über eine andere Verbindung ins Netz gegangen. Danach funktionierte auch die vorherige Verbindung wieder und das Problem mit dem Mail-Programm hatte sich dann auch erledigt. Ist also, hoffentlich, alles wieder in Ordnung.

Alt 25.03.2013, 14:24   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 25.03.2013, 23:26   #13
amelie77
 
Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Standard

Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden



Hallo,

gibt es noch ein anderes Programm als Eset? Beim Download der Komponenten, also nach dem ersten Klick auf Start, tut sich hier nicht wirklich viel, wahrscheinlich weil ich hier hinter einem seeehr langsamen Modem sitze

Antwort

Themen zu Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden
antivirenprogramm, compu, computer, dateien, explorer.exe, forum, gelöscht, gelöschte, gelöschten, gespeichert, korrekt, landen, papierkorb, problem, programm, prüfen, sofort, tagen, virus, virustotal, vollständig



Ähnliche Themen: Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden


  1. Windows 7 - Lokaler Datenträger voll - Dateien könne NICHT gelöscht werden
    Alles rund um Windows - 15.11.2015 (3)
  2. Dateien auf dem Desktop werden beim bearbeiten gelöscht. Was steckt dahinter?
    Plagegeister aller Art und deren Bekämpfung - 12.12.2014 (1)
  3. auf meinem Stick kopierte Dateien werden sofort Verknüpfungen, die nicht mehr löschbar sind ?
    Log-Analyse und Auswertung - 25.09.2014 (25)
  4. Dateien werden gelöscht anstatt geöffnet und andere Probleme
    Plagegeister aller Art und deren Bekämpfung - 02.08.2013 (3)
  5. Infizierte Dateien können nach dem Scannen nicht gelöscht bzw. in den Container verschoben werden
    Plagegeister aller Art und deren Bekämpfung - 21.04.2011 (11)
  6. MP3 Dateien werden gelöscht
    Plagegeister aller Art und deren Bekämpfung - 14.03.2009 (0)
  7. Papierkorb leeren "desktop konnte nicht gelöscht werden"
    Mülltonne - 20.11.2008 (0)
  8. MP3 Dateien werden gelöscht
    Plagegeister aller Art und deren Bekämpfung - 20.10.2007 (2)
  9. Dateien können nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 09.09.2007 (1)
  10. Infizierte Dateien können nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 15.06.2007 (4)
  11. Können diese Dateien gelöscht werden?
    Plagegeister aller Art und deren Bekämpfung - 28.06.2006 (1)
  12. Mein Papierkorb meldet (Dc1 kann nich gelöscht werden)
    Log-Analyse und Auswertung - 17.03.2006 (12)
  13. Datei gelöscht, Papierkorb geleert und sollte nicht gelöscht werden.
    Alles rund um Windows - 17.05.2005 (2)
  14. können alle Dateien gelöscht werden ?
    Plagegeister aller Art und deren Bekämpfung - 31.03.2005 (3)
  15. Diverse Trojanloader von KAV gefunden, ohne das sie gelöscht werden können.
    Plagegeister aller Art und deren Bekämpfung - 26.10.2004 (16)
  16. 2 Risikobehaftete Dateien können nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 26.05.2004 (3)
  17. BugBear: wie können infizierte RESTORE\TEMP - Dateien gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 06.06.2003 (2)

Zum Thema Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden - Hallo, habe seit ein paar Tagen das Problem, dass die gelöschten Dateien nicht im Papierkorb landen, sondern sofort gelöscht werden. Der Papierkorb ist korrekt eingestellt. Habe die Dateien shell.dll und - Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden...
Archiv
Du betrachtest: Dateien werden sofort gelöscht ohne im Papierkorb zwischengespeichert zu werden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.