Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   C:\Users\XXp\wgsdgsdgdsgsd.exe - Trojaner entfernen (https://www.trojaner-board.de/128965-c-users-xxp-wgsdgsdgdsgsd-exe-trojaner-entfernen.html)

XXp 02.01.2013 19:36
C:\Users\XXp\wgsdgsdgdsgsd.exe - Trojaner entfernen
 
Hallo Leute, hier mein Problem:

beim Öffnen einer Website (27.12.2012) poppten plötzlich Fenster hoch ala "sie laden unerlaubte Software runter... bezahlen Sie ...". Ich habe das Internet abgeklemmt und neugestartet. Kann mich leider nicht mehr erinnern, wie ich die hartnäckigen Fenster wegbekommen habe. Inzwischen bekomme ich nach dem Neustart die Fehlermeldung: "Problem beim Starten von C:\Users\XXp\wgsdgsdgdsgsd.exe - Das angegebene Modul wurde nicht gefunden."
Ich habe in Autostart den Link gelöscht, der versuchte diese Datei zu starten, denke aber, daß damit der Trojaner noch nicht von meinem Rechner entfernt ist.

Der Versuch eine Systemwiederherstellung zu machen schlug fehl (Systemwdh. vom 27.12.12 führt zu blaum Bildschirm nach Login und der Benutzer wird nicht ordnungsgemäß eingeloggt).
Systemwiederherstellung habe ich rückgängig gemacht.

Malwarebytes findet 1 bösartiges Programm, was ich aber nicht verändert habe: Anbieter: Exploit.Drop.GSA File Objekt: C:\ProgrammData\dsgsdgdsgdsgw.pad

Wäre nett, wenn mir jemand beim Bereinigen meines PCs helfen könnte.
Danke
XXp

markusg 02.01.2013 20:09
Hi
keine Systemwiederherstellung bei Malware befall nutzen!
Öffne bitte Malwarebytes, Logdateien, poste Berichte mit Funden.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

XXp 02.01.2013 20:50
Malwarebytes Log:
Code:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.02.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Gaby :: XANTHIPPE [Administrator]

02.01.2013 20:12:28
MBAM-log-2013-01-02 (20-21-17).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 305794
Laufzeit: 6 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Keine Aktion durchgeführt.

(Ende)
OTL Log:
Code:
OTL logfile created on: 1/2/2013 8:23:00 PM - Run 3
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\XXp\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.99 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 51.05% Memory free
5.98 Gb Paging File | 4.20 Gb Available in Paging File | 70.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 280.79 Gb Total Space | 52.03 Gb Free Space | 18.53% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.49 Gb Free Space | 74.76% Space Free | Partition Type: FAT32
 
Computer Name: XANTHIPPE | User Name: XXp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/01/02 11:48:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XXp\Desktop\OTL.exe
PRC - [2012/12/03 17:11:19 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/11/02 15:37:08 | 001,668,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
PRC - [2012/11/02 15:37:08 | 001,093,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
PRC - [2012/10/04 15:57:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/08/15 16:16:46 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/03 19:28:53 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/07/03 19:28:47 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/07/03 19:28:47 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/10/19 11:26:46 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) -- C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2010/07/16 13:54:06 | 000,300,880 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
PRC - [2010/06/26 01:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/06/22 20:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
PRC - [2010/05/06 01:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2010/04/27 16:06:02 | 000,138,072 | ---- | M] () -- C:\Program Files\Join Air\UIExec.exe
PRC - [2010/04/27 15:57:32 | 000,247,152 | ---- | M] () -- C:\Program Files\Join Air\AssistantServices.exe
PRC - [2009/11/18 01:31:42 | 000,101,944 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
PRC - [2009/11/18 01:31:22 | 001,690,680 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
PRC - [2009/11/04 22:46:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/11/04 22:46:54 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/10/22 01:35:48 | 000,363,064 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
PRC - [2009/10/22 01:35:48 | 000,101,944 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
PRC - [2009/10/20 06:18:02 | 000,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/10/20 06:17:32 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/10/15 18:36:42 | 000,277,096 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2009/10/12 23:51:52 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009/10/12 23:51:52 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\stacsv.exe
PRC - [2009/10/02 13:53:24 | 001,107,232 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
PRC - [2009/10/02 13:51:16 | 000,312,608 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
PRC - [2009/10/02 13:47:44 | 000,214,304 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
PRC - [2009/10/02 13:13:10 | 000,988,448 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
PRC - [2009/09/04 20:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/08/25 17:57:52 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/08/25 17:57:44 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/08/03 21:32:22 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/07/28 15:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009/06/04 01:16:42 | 000,207,400 | ---- | M] (ActivIdentity) -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
PRC - [2009/06/04 01:16:34 | 000,153,640 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2009/06/04 01:13:28 | 000,400,936 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2009/03/02 22:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\AEstSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/12/03 17:11:18 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/11/15 19:10:10 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll
MOD - [2012/11/14 18:26:27 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
MOD - [2012/11/14 18:26:15 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
MOD - [2012/11/14 18:26:09 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/14 18:25:56 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
MOD - [2012/11/14 18:25:42 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/14 18:25:35 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/14 18:25:29 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
MOD - [2012/11/14 18:25:16 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/14 18:25:08 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/14 18:25:04 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/14 18:25:02 | 007,988,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/14 18:24:50 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/02/17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll
MOD - [2010/11/13 01:02:22 | 000,434,176 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 01:02:21 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/06/13 22:54:28 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010/05/09 08:53:24 | 001,695,744 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3579.36926__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2010/05/09 08:53:24 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3579.36895__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/05/09 08:53:24 | 000,368,640 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3579.36805__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:24 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3579.36824__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/05/09 08:53:24 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3579.36876__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:24 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3579.36857__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:24 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3579.36848__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:24 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3579.36819__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010/05/09 08:53:24 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3579.36814__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:23 | 000,356,352 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3579.36862__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:23 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3579.36895__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:23 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3579.36863__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/05/09 08:53:23 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3579.36813__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:23 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Runtime\2.0.3579.36918__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:23 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3579.36862__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:23 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3579.36896__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:23 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3579.36894__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:23 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Runtime\2.0.3579.36911__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:22 | 001,138,688 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3579.36922__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:22 | 000,823,296 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3579.36850__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:22 | 000,573,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3579.36825__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:22 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3579.36871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010/05/09 08:53:22 | 000,323,584 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3579.36856__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:22 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3579.36829__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010/05/09 08:53:22 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3579.36825__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:22 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3579.36849__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:22 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3579.36855__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:22 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3579.36855__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:22 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3579.36829__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:21 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3579.36849__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:21 | 000,368,640 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3579.36844__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:21 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/05/09 08:53:21 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3579.36848__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:21 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3579.36849__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:21 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3579.36856__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010/05/09 08:53:21 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3574.20483__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010/05/09 08:53:21 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3574.20475__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010/05/09 08:53:21 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3574.20511__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010/05/09 08:53:21 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3574.20570__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010/05/09 08:53:21 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3574.20566__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010/05/09 08:53:21 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3574.20505__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010/05/09 08:53:21 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3574.20565__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010/05/09 08:53:21 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010/05/09 08:53:20 | 000,147,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3574.20469__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,098,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3574.20459__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/05/09 08:53:20 | 000,069,632 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.FramelockGenlock.Graphics.Shared\2.0.3574.20536__90ba9c70f846762e\CLI.Aspect.FramelockGenlock.Graphics.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3574.20534__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010/05/09 08:53:20 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3574.20557__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3574.20454__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/05/09 08:53:20 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3574.20457__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010/05/09 08:53:20 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3574.20638__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010/05/09 08:53:20 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3574.20555__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3574.20492__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.WorkstationConfig2.Graphics.Shared\2.0.3574.20554__90ba9c70f846762e\CLI.Aspect.WorkstationConfig2.Graphics.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3574.20491__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3574.20472__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3574.20501__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/05/09 08:53:20 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010/05/09 08:53:20 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3574.20524__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/05/09 08:53:20 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/05/09 08:53:20 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3574.20485__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3574.20528__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010/05/09 08:53:20 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3574.20495__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3579.36890__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010/05/09 08:53:19 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3574.20535__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3574.20496__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3574.20530__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3574.20502__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3579.36901__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010/05/09 08:53:19 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3574.20489__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3574.20496__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3574.20464__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010/05/09 08:53:19 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3574.20529__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3574.20525__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3574.20482__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3574.20532__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3574.20480__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010/05/09 08:53:19 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3574.20506__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3574.20504__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/05/09 08:53:19 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3574.20484__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010/05/09 08:53:19 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3579.36802__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010/05/09 08:53:18 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3579.36819__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010/05/09 08:53:18 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3579.36889__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010/05/09 08:53:18 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3579.36804__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010/05/09 08:53:18 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3579.36802__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010/05/09 08:53:18 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3574.20509__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010/05/09 08:53:18 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3574.20476__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010/05/09 08:53:18 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3574.20498__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010/05/09 08:53:18 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3574.20494__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010/05/09 08:53:18 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3574.20499__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/05/09 08:53:17 | 001,220,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3579.36809__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010/05/09 08:53:17 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3579.36801__90ba9c70f846762e\APM.Server.dll
MOD - [2010/05/09 08:53:17 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3579.36802__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/05/09 08:53:17 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3574.20487__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010/05/09 08:53:17 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010/05/09 08:53:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3574.20537__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010/05/09 08:53:17 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3579.36890__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010/04/27 16:06:02 | 000,138,072 | ---- | M] () -- C:\Program Files\Join Air\UIExec.exe
MOD - [2009/12/16 20:15:24 | 000,249,856 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009/12/16 20:15:24 | 000,110,592 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2009/12/16 20:15:24 | 000,090,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_de_31bf3856ad364e35\WindowsBase.resources.dll
MOD - [2009/12/16 20:15:24 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_de_b77a5c561934e089\System.Core.resources.dll
MOD - [2009/12/16 19:31:40 | 000,236,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll
MOD - [2009/12/16 19:31:40 | 000,010,808 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Interop.HPQWMIEXLib\1.0.0.0__67b8d1b5179ba5f8\Interop.HPQWMIEXLib.dll
MOD - [2009/11/18 01:32:10 | 000,052,280 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
MOD - [2009/11/18 01:32:06 | 000,054,328 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
MOD - [2009/10/22 01:35:50 | 000,052,280 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
MOD - [2009/10/22 01:35:42 | 000,030,264 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
MOD - [2009/06/11 00:30:18 | 000,098,304 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe -- (PhotoshopElementsDeviceConnect)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor)
SRV - [2012/12/03 17:11:19 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/12 11:42:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/01 15:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/03 19:28:53 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/07/03 19:28:47 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/10/19 11:26:46 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2010/08/20 16:57:28 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/07/16 13:54:06 | 000,300,880 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV - [2010/05/23 13:22:47 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/05/06 10:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ)
SRV - [2010/05/06 01:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2010/04/27 15:57:32 | 000,247,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Join Air\AssistantServices.exe -- (UI Assistant Service)
SRV - [2009/11/18 01:31:42 | 000,101,944 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV - [2009/11/04 22:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/11/04 22:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/10/22 01:35:48 | 000,101,944 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2009/10/20 06:17:32 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/10/15 18:36:42 | 000,277,096 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2009/10/12 23:51:52 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\stacsv.exe -- (STacSV)
SRV - [2009/10/06 17:51:36 | 001,639,728 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
SRV - [2009/10/06 03:43:54 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)
SRV - [2009/10/02 13:53:24 | 001,107,232 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe -- (IFXSpMgtSrv)
SRV - [2009/10/02 13:47:44 | 000,214,304 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2009/10/02 13:13:10 | 000,988,448 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Embedded Security Software\ifxtcs.exe -- (IFXTCS)
SRV - [2009/09/28 09:22:00 | 000,364,544 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc)
SRV - [2009/09/04 20:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/08/25 17:57:52 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009/08/03 21:32:22 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/07/28 15:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/06/13 06:13:20 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/04 01:16:42 | 000,207,400 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV - [2009/03/02 22:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\AEstSrv.exe -- (AESTFilters)
SRV - [2009/02/06 16:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2007/05/31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012/11/01 21:52:48 | 000,064,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/07/03 19:28:54 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/07/03 19:28:54 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/06/27 14:18:52 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/04/24 11:17:07 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio)
DRV - [2012/01/09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012/01/09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012/01/09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012/01/09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/11/21 11:52:06 | 000,144,896 | ---- | M] (1&1 Internet AG) [File_System | System | Running] -- C:\Windows\System32\drivers\ui11rdr.SYS -- (ui11rdr)
DRV - [2011/10/11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/05/13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011/05/13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010/11/20 13:30:17 | 000,296,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010/11/20 13:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/11/20 11:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/26 17:03:03 | 000,230,736 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/26 17:47:34 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaura.sys -- (avmaura)
DRV - [2010/03/18 10:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2010/03/18 10:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/03/18 10:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/02/26 16:31:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010/01/13 15:36:40 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32)
DRV - [2010/01/05 10:31:26 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/01/05 10:31:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/01/05 10:31:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010/01/05 10:31:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/10/29 02:55:00 | 000,047,616 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2009/10/26 23:39:00 | 000,048,640 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimspe86.sys -- (rimspci)
DRV - [2009/10/20 06:49:32 | 005,089,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/10/15 18:37:38 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2009/10/15 18:37:24 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2009/10/15 18:37:24 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009/10/15 18:37:22 | 000,110,520 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009/10/12 23:51:52 | 000,420,864 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/10/02 13:47:10 | 000,039,712 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2009/09/30 18:33:58 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/09/28 23:47:00 | 000,038,912 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdpe86.sys -- (rixdpcie)
DRV - [2009/09/28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/09/18 03:04:28 | 001,765,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/09/17 21:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/09/08 18:14:10 | 000,032,312 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2009/08/03 21:32:22 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/06/26 01:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/26 01:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/26 01:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/05/16 03:15:14 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/05/16 03:15:14 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (MfeAVFK)
DRV - [2009/05/16 03:15:14 | 000,055,336 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009/05/16 03:15:14 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (MfeBOPK)
DRV - [2009/05/16 03:15:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (MfeRKDK)
DRV - [2009/04/29 17:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009/02/20 18:09:16 | 000,044,032 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GigasetGenericUSB.sys -- (GigasetGenericUSB)
DRV - [2007/12/12 12:11:08 | 000,012,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Spyder3.sys -- (Spyder3)
DRV - [2006/11/10 14:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
IE - HKLM\..\SearchScopes,DefaultScope = {009652DF-1177-499A-872B-B3D00B1A74F8}
IE - HKLM\..\SearchScopes\{009652DF-1177-499A-872B-B3D00B1A74F8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1066535224-2566255850-1686074581-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
IE - HKU\S-1-5-21-1066535224-2566255850-1686074581-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1066535224-2566255850-1686074581-1003\..\SearchScopes,DefaultScope = {009652DF-1177-499A-872B-B3D00B1A74F8}
IE - HKU\S-1-5-21-1066535224-2566255850-1686074581-1003\..\SearchScopes\{009652DF-1177-499A-872B-B3D00B1A74F8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1066535224-2566255850-1686074581-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.0
FF - prefs.js..extensions.enabledAddons: maps%40ovi.com:5.9.2.0
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: otis%40digitalpersona.com:5.0.0.4254
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.5.1205
FF - prefs.js..extensions.enabledAddons: %7B2d4271b9-cc9f-4f37-8b1e-340293eacd5c%7D:0.9.9.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: otis@digitalpersona.com:5.0.0.4179
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.76
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/05/26 22:06:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2011/10/12 10:30:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/03 17:11:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/24 12:53:04 | 000,000,000 | ---D | M]
 
[2010/05/23 11:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXp\AppData\Roaming\Mozilla\Extensions
[2010/05/23 11:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXp\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/12/15 12:35:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\extensions
[2012/11/30 07:53:51 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/10/06 10:56:32 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\extensions\2020Player_IKEA@2020Technologies.com
[2012/12/06 00:31:43 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\extensions\donottrackplus@abine.com
[2012/04/09 10:30:02 | 000,000,000 | ---D | M] (Nokia Maps 3D browser plugin) -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\extensions\maps@ovi.com
[2012/12/15 12:35:33 | 000,037,832 | ---- | M] () (No name found) -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\extensions\{2d4271b9-cc9f-4f37-8b1e-340293eacd5c}.xpi
[2012/12/05 16:11:56 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\extensions\donottrackplus@abine.com\chrome\content\ff\view_expiry.js
[2012/03/05 15:40:50 | 000,000,003 | ---- | M] () (No name found) -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\extensions\maps@ovi.com\plugins\package.XPI
[2011/10/08 09:09:47 | 000,002,289 | ---- | M] () -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\searchplugins\ecosia.xml
[2011/10/08 09:15:32 | 000,002,647 | ---- | M] () -- C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\searchplugins\ixquick-ssl.xml
[2012/03/22 10:24:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/10/12 10:30:57 | 000,000,000 | ---D | M] (DigitalPersona Extension) -- C:\PROGRAM FILES\HEWLETT-PACKARD\HP PROTECTTOOLS SECURITY MANAGER\BIN\FIREFOXEXT
[2012/12/03 17:11:19 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/11 16:31:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/11/12 11:41:04 | 000,171,136 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012/10/12 10:22:35 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/10/12 10:22:35 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/12 10:22:35 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/10/12 10:22:35 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/12 10:22:35 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/12 10:22:35 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKU\S-1-5-21-1066535224-2566255850-1686074581-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [acevents] C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IFXSPMGT] C:\Program Files\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe (Infineon Technologies AG)
O4 - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UIExec] C:\Program Files\Join Air\UIExec.exe ()
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-1066535224-2566255850-1686074581-1003..\Run: []  File not found
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe (Sonic Solutions)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1066535224-2566255850-1686074581-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{529599EC-5F8D-4676-8588-51DB21FDCAE4}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{23c0713b-9cc6-11df-bdbf-705ab6aa41ee}\Shell - "" = AutoRun
O33 - MountPoints2\{23c0713b-9cc6-11df-bdbf-705ab6aa41ee}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: ArcSoft Connection Service - hkey= - key= - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
MsConfig - StartUpReg: File Sanitizer - hkey= - key= - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: LexwareInfoService - hkey= - key= - C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
MsConfig - StartUpReg: QlbCtrl.exe - hkey= - key= - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SansaDispatch - hkey= - key= - C:\Users\XXp\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/02 18:14:09 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\Malwarebytes
[2013/01/02 18:13:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/02 18:13:53 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2013/01/02 18:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/02 18:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/02 11:48:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\XXp\Desktop\OTL.exe
[2012/12/28 12:34:02 | 000,000,000 | R--D | C] -- C:\Users\XXp\Dropbox
[2012/12/28 12:31:11 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/12/28 12:30:36 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\Dropbox
[2012/12/26 23:02:53 | 000,000,000 | ---D | C] -- C:\Users\XXp\Eigene Dokumente\Productions
[2012/12/24 17:11:02 | 000,000,000 | ---D | C] -- C:\Users\XXp\Eigene Dokumente\Lexware
[2012/12/24 12:53:04 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
[2012/12/24 12:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software
[2012/12/24 12:44:28 | 000,000,000 | ---D | C] -- C:\Users\XXp\Local Settings
[2012/12/20 19:49:06 | 000,000,000 | ---D | C] -- C:\MyTools
[2012/12/20 18:13:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2012/12/20 18:13:08 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft ICE
[2012/12/17 09:19:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2012/12/17 09:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HDX4
[2012/12/15 23:43:06 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\pdfforge
[2012/12/15 23:43:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012/12/15 23:43:04 | 000,088,576 | ---- | C] (pdfforge GbR) -- C:\windows\System32\pdfcmon.dll
[2012/12/15 23:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Architect
[2012/12/15 23:11:38 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\PDF Architect
[2012/12/15 23:08:42 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\APP_NAME_NON_STRING
[2012/12/15 11:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\DriveCleanup
[2012/12/15 11:46:38 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DriveCleanup
[2012/12/15 11:39:06 | 000,000,000 | ---D | C] -- C:\Users\XXp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\USB-Dev-View
 
========== Files - Modified Within 30 Days ==========
 
[2013/01/02 20:03:01 | 000,670,018 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013/01/02 20:03:01 | 000,628,218 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/01/02 20:03:01 | 000,136,414 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013/01/02 20:03:01 | 000,111,796 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/01/02 19:34:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/01/02 18:26:43 | 000,050,672 | ---- | M] () -- C:\Users\XXp\Desktop\malwarbytes.jpg
[2013/01/02 18:13:54 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/02 18:01:37 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/02 18:01:37 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/02 17:53:46 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/01/02 17:53:35 | 2407,952,384 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/02 13:46:42 | 000,107,108 | ---- | M] () -- C:\Users\XXp\Eigene Dokumente\2013-01-02-Rechner-Setup-Delta.JPG
[2013/01/02 12:30:22 | 000,856,731 | ---- | M] () -- C:\Users\XXp\Desktop\SecurityCheck.exe
[2013/01/02 11:59:57 | 000,021,276 | ---- | M] () -- C:\Users\XXp\Desktop\trojaner.jpg
[2013/01/02 11:48:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\XXp\Desktop\OTL.exe
[2012/12/29 18:32:43 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/12/28 13:40:56 | 000,033,588 | ---- | M] () -- C:\Users\XXp\Desktop\cover.jpg
[2012/12/28 13:17:55 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2012/12/24 23:02:20 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012/12/24 18:44:59 | 000,945,254 | ---- | M] () -- C:\Users\XXp\AppData\Local\recently-used.xbel
[2012/12/24 17:24:28 | 000,001,078 | ---- | M] () -- C:\Users\XXp\Desktop\EBook-Downloads.lnk
[2012/12/24 11:09:11 | 000,008,476 | -HS- | M] () -- C:\Users\XXp\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2012/12/24 11:09:11 | 000,008,476 | -HS- | M] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2012/12/21 16:14:19 | 000,543,392 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/12/20 19:50:27 | 000,001,455 | ---- | M] () -- C:\Users\XXp\Desktop\ExifToolGUI.lnk
[2012/12/20 18:18:43 | 000,003,029 | ---- | M] () -- C:\Users\XXp\Desktop\Microsoft ICE.lnk
[2012/12/15 18:54:44 | 029,787,821 | ---- | M] () -- C:\Users\XXp\Eigene Dokumente\2012-09 Rechner-Setup.rtf
[2012/12/15 12:45:35 | 000,045,584 | ---- | M] () -- C:\Users\XXp\Eigene Dokumente\2006-10-Installation.rtf
[2012/12/15 10:25:03 | 000,052,981 | ---- | M] () -- C:\Users\XXp\Desktop\pearson-Gutschein-4.jpg
[2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/12/14 11:41:27 | 000,030,333 | ---- | M] () -- C:\Users\XXp\Desktop\Voelkner-Gutschein-17.JPG
[2012/12/12 10:15:56 | 000,054,799 | ---- | M] () -- C:\Users\XXp\Desktop\pearson-Gutschein-3.jpg
[2012/12/12 09:29:31 | 000,047,305 | ---- | M] () -- C:\Users\XXp\Desktop\pearson-Gutschein-2.jpg
[2012/12/10 17:51:24 | 000,000,972 | ---- | M] () -- C:\Users\XXp\Desktop\IrfanView.lnk
[2012/12/06 13:58:51 | 000,050,996 | ---- | M] () -- C:\Users\XXp\Desktop\bookshop.pearson.de-Gutschein.JPG
 
========== Files Created - No Company Name ==========
 
[2013/01/02 18:26:43 | 000,050,672 | ---- | C] () -- C:\Users\XXp\Desktop\malwarbytes.jpg
[2013/01/02 18:13:54 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/02 13:46:41 | 000,107,108 | ---- | C] () -- C:\Users\XXp\Eigene Dokumente\2013-01-02-Rechner-Setup-Delta.JPG
[2013/01/02 12:30:10 | 000,856,731 | ---- | C] () -- C:\Users\XXp\Desktop\SecurityCheck.exe
[2013/01/02 11:59:56 | 000,021,276 | ---- | C] () -- C:\Users\XXp\Desktop\trojaner.jpg
[2012/12/27 15:37:08 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012/12/24 23:02:20 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2012/12/24 18:44:59 | 000,945,254 | ---- | C] () -- C:\Users\XXp\AppData\Local\recently-used.xbel
[2012/12/24 17:24:28 | 000,001,078 | ---- | C] () -- C:\Users\XXp\Desktop\EBook-Downloads.lnk
[2012/12/24 11:24:31 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk
[2012/12/24 11:02:03 | 000,008,476 | -HS- | C] () -- C:\Users\XXp\AppData\Local\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2012/12/24 11:02:03 | 000,008,476 | -HS- | C] () -- C:\ProgramData\1pb78m8n6he1l1565b3k36w7o7of8ksb88y53s63tpqg0vl
[2012/12/20 18:18:43 | 000,003,029 | ---- | C] () -- C:\Users\XXp\Desktop\Microsoft ICE.lnk
[2012/12/15 10:25:02 | 000,052,981 | ---- | C] () -- C:\Users\XXp\Desktop\pearson-Gutschein-4.jpg
[2012/12/14 11:41:27 | 000,030,333 | ---- | C] () -- C:\Users\XXp\Desktop\Voelkner-Gutschein-17.JPG
[2012/12/12 10:15:56 | 000,054,799 | ---- | C] () -- C:\Users\XXp\Desktop\pearson-Gutschein-3.jpg
[2012/12/12 09:29:31 | 000,047,305 | ---- | C] () -- C:\Users\XXp\Desktop\pearson-Gutschein-2.jpg
[2012/12/06 13:58:50 | 000,050,996 | ---- | C] () -- C:\Users\XXp\Desktop\bookshop.pearson.de-Gutschein.JPG
[2012/08/22 15:24:02 | 000,020,531 | -H-- | C] () -- C:\ProgramData\M33KI
[2012/08/22 14:09:01 | 000,196,608 | ---- | C] () -- C:\windows\System32\PSlide.dll
[2012/08/22 14:09:01 | 000,094,208 | ---- | C] () -- C:\windows\System32\PF1800U.dll
[2012/08/22 14:09:01 | 000,049,152 | ---- | C] () -- C:\windows\System32\PWiaExt.dll
[2012/08/22 14:01:35 | 000,000,209 | ---- | C] () -- C:\windows\ODBCINST.INI
[2012/08/13 12:10:24 | 004,503,728 | ---- | C] () -- C:\ProgramData\ism_0_llatsni.pad
[2012/01/14 19:38:08 | 000,010,599 | R--- | C] () -- C:\Users\XXp\GaZi01_elster_2048.pfx
[2012/01/11 17:27:44 | 000,007,603 | ---- | C] () -- C:\Users\XXp\AppData\Local\resmon.resmoncfg
[2012/01/03 01:16:07 | 000,175,616 | ---- | C] () -- C:\windows\System32\unrar.dll
[2011/12/27 14:52:35 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2011/10/12 10:56:12 | 000,003,120 | ---- | C] () -- C:\windows\System32\drivers\wdbbagh.sys
[2011/07/02 23:22:06 | 000,000,023 | ---- | C] () -- C:\windows\System32\sysmwwod.dll
[2011/05/19 07:50:58 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPPassFilter.dll.hpsign
[2011/05/19 07:50:58 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPCrProv.dll.hpsign
[2011/01/17 20:14:18 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2010/12/27 12:05:04 | 000,189,104 | ---- | C] () -- C:\Users\XXp\AppData\Roaming\mdbu.bin
[2010/05/24 16:21:55 | 000,013,824 | ---- | C] () -- C:\Users\XXp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/24 11:24:39 | 000,004,096 | -H-- | C] () -- C:\Users\XXp\AppData\Local\keyfile3.drm
[2010/05/23 12:54:25 | 000,000,092 | ---- | C] () -- C:\Users\XXp\AppData\Local\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010/08/29 20:16:43 | 000,000,000 | ---D | M] -- C:\Users\Doof\AppData\Roaming\DigitalPersona
[2011/10/12 11:26:45 | 000,000,000 | ---D | M] -- C:\Users\Doof\AppData\Roaming\Infineon
[2010/08/29 20:18:08 | 000,000,000 | ---D | M] -- C:\Users\Doof\AppData\Roaming\Lexware
[2011/09/16 15:45:36 | 000,000,000 | ---D | M] -- C:\Users\Doof\AppData\Roaming\PC Suite
[2011/03/07 10:27:42 | 000,000,000 | ---D | M] -- C:\Users\Doof\AppData\Roaming\TrueCrypt
[2010/10/31 19:08:21 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\1&1
[2012/12/15 23:08:42 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\APP_NAME_NON_STRING
[2012/11/23 14:19:33 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\BitTorrent
[2012/12/24 13:46:16 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\calibre
[2011/12/29 12:33:35 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\com.unitedinternet.ums.sms-mms-manager
[2010/05/23 13:10:00 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\DataDesign
[2010/05/23 08:21:47 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\DigitalPersona
[2013/01/02 17:51:51 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Dropbox
[2011/10/26 11:34:01 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Egmo
[2011/11/04 22:24:46 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\elsterformular
[2012/12/17 14:31:23 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Engelmann Media
[2012/11/20 13:32:23 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\EurekaLog
[2010/07/31 12:57:52 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\FileZilla
[2011/10/13 16:36:57 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Fingerfox (SE)
[2012/10/20 18:07:24 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\freac
[2010/10/21 21:35:49 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\FreeAudioPack
[2010/05/26 22:24:30 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\FRITZ!
[2012/11/12 15:20:42 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\GalileoPress
[2012/06/25 11:21:36 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Garmin
[2011/10/12 11:26:45 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Infineon
[2012/01/11 17:37:36 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\IrfanView
[2010/09/18 11:14:36 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\JAM Software
[2012/12/19 10:43:22 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Lasersoft Imaging
[2010/07/31 12:58:48 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Leadertech
[2010/06/11 20:56:34 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Lexware
[2011/07/22 12:03:24 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\MAGIX
[2012/10/20 17:01:12 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\MediaType Converter2
[2012/07/23 08:34:25 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Mp3tag
[2011/10/26 11:35:41 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Muvele
[2012/04/09 09:51:12 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Nokia
[2011/06/13 18:24:33 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Nokia Ovi Suite
[2011/11/22 12:22:18 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Nokia Suite
[2011/06/13 17:54:32 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\PC Suite
[2012/12/15 23:11:56 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\PDF Architect
[2012/12/15 23:43:06 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\pdfforge
[2012/01/29 11:11:06 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\pdftoepub
[2012/08/22 14:13:48 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\PIE
[2012/10/25 09:06:36 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\SanDisk
[2010/11/03 00:04:58 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\Thunderbird
[2012/08/09 11:13:28 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\TrueCrypt
[2012/12/15 17:52:04 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\TV-Browser
[2012/06/03 13:33:22 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\XMedia Recode
[2012/07/23 08:18:17 | 000,000,000 | ---D | M] -- C:\Users\XXp\AppData\Roaming\YourFileDownloader
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013/01/02 17:52:15 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009/07/27 09:31:13 | 000,000,000 | -HSD | M] -- C:\boot
[2012/12/28 13:18:11 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2009/12/16 18:29:21 | 000,000,000 | ---D | M] -- C:\EFI
[2009/12/16 20:12:13 | 000,000,000 | -H-D | M] -- C:\hp
[2012/01/16 18:39:01 | 000,000,000 | ---D | M] -- C:\Intel
[2010/05/24 13:28:20 | 000,000,000 | ---D | M] -- C:\KPCMS
[2010/05/23 12:53:24 | 000,000,000 | ---D | M] -- C:\Lexware
[2011/03/08 14:57:18 | 000,000,000 | ---D | M] -- C:\Lib
[2010/05/24 10:59:42 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012/12/20 19:49:52 | 000,000,000 | ---D | M] -- C:\MyTools
[2009/07/14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013/01/02 18:13:53 | 000,000,000 | R--D | M] -- C:\Program Files
[2013/01/02 18:13:53 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012/10/21 16:40:32 | 000,000,000 | ---D | M] -- C:\Samsung
[2012/01/16 18:38:58 | 000,000,000 | ---D | M] -- C:\swsetup
[2013/01/02 20:25:36 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010/05/23 08:54:38 | 000,000,000 | -H-D | M] -- C:\SYSTEM.SAV
[2013/01/02 17:51:57 | 000,000,000 | ---D | M] -- C:\Users
[2013/01/02 17:52:27 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2011/11/24 17:22:18 | 000,495,616 | ---- | M] (Gigaset Communications GmbH) -- C:\Windows\system32\Gqstsp.tsp
[2009/07/14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009/07/14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009/07/14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009/07/14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010/11/20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009/07/14 05:53:46 | 000,032,640 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2012/05/14 20:18:10 | 000,000,884 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_dda3f0f09bf1f8b2\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009/10/06 07:06:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2009/10/06 06:53:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2009/08/07 13:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/08/07 13:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\swsetup\Drivers\32\HDD\IaStor.sys
[2009/08/07 13:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\swsetup\INTELMSM\Winall\Driver\IaStor.sys
[2009/08/07 13:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\drivers\iaStor.sys
[2009/08/07 13:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_1f2a8fa4448bd5bf\iaStor.sys
[2009/08/07 13:17:26 | 000,330,264 | ---- | M] (Intel Corporation) MD5=01446278D4563B3013C92830AE6CBB26 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_x86_neutral_e0df85a86191e9fe\iaStor.sys
[2009/08/07 13:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/08/07 13:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\swsetup\Drivers\64\HDD\IaStor.sys
[2009/08/07 13:24:14 | 000,408,600 | ---- | M] (Intel Corporation) MD5=BBB3B6DF1ABB0FE35802EDE85CC1C011 -- C:\swsetup\INTELMSM\Winall\Driver64\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010/05/12 10:05:35 | 000,332,168 | ---- | M] (Intel Corporation) MD5=2D2918606673C46769FB516A5ACE958E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_aed9db9de9265a3a\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
[2010/05/12 10:20:41 | 000,332,160 | ---- | M] (Intel Corporation) MD5=FE8186428F0AB44F0E500C7AA33E9B51 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_afb9f9af020317a3\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2010/05/12 10:05:45 | 000,143,752 | ---- | M] (NVIDIA Corporation) MD5=1D8B6A440DFF2BDEAA4EB209FCBA21BF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_39a34c4d205d0412\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
[2010/05/12 10:20:52 | 000,143,752 | ---- | M] (NVIDIA Corporation) MD5=F3596C8A63D3871890B0D3A0DFFEF0D0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_3a836a5e3939c17b\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009/10/15 18:37:22 | 000,110,520 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\SafeBoot.sys
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012/01/14 19:38:19 | 000,010,599 | R--- | M] () -- C:\Users\XXp\GaZi01_elster_2048.pfx
[2013/01/02 20:40:29 | 008,126,464 | -HS- | M] () -- C:\Users\XXp\ntuser.dat
[2013/01/02 20:40:29 | 000,262,144 | -HS- | M] () -- C:\Users\XXp\ntuser.dat.LOG1
[2011/07/01 16:31:25 | 000,262,144 | -HS- | M] () -- C:\Users\XXp\ntuser.dat.LOG2
[2012/08/15 15:30:34 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{091b03ef-e538-11e1-a838-705ab6aa41ee}.TM.blf
[2012/08/15 15:30:34 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{091b03ef-e538-11e1-a838-705ab6aa41ee}.TMContainer00000000000000000001.regtrans-ms
[2012/08/15 15:30:34 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{091b03ef-e538-11e1-a838-705ab6aa41ee}.TMContainer00000000000000000002.regtrans-ms
[2013/01/02 17:11:39 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{4345932c-54f2-11e2-8c8d-705ab6aa41ee}.TM.blf
[2013/01/02 17:11:39 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{4345932c-54f2-11e2-8c8d-705ab6aa41ee}.TMContainer00000000000000000001.regtrans-ms
[2013/01/02 17:11:39 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{4345932c-54f2-11e2-8c8d-705ab6aa41ee}.TMContainer00000000000000000002.regtrans-ms
[2013/01/02 11:19:28 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{4527e3f0-534f-11e2-a984-705ab6aa41ee}.TM.blf
[2013/01/02 11:19:28 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{4527e3f0-534f-11e2-a984-705ab6aa41ee}.TMContainer00000000000000000001.regtrans-ms
[2013/01/02 11:19:28 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{4527e3f0-534f-11e2-a984-705ab6aa41ee}.TMContainer00000000000000000002.regtrans-ms
[2013/01/02 16:36:18 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{5a1efcbb-54c9-11e2-8cf6-705ab6aa41ee}.TM.blf
[2013/01/02 16:36:18 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{5a1efcbb-54c9-11e2-8cf6-705ab6aa41ee}.TMContainer00000000000000000001.regtrans-ms
[2013/01/02 16:36:18 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{5a1efcbb-54c9-11e2-8cf6-705ab6aa41ee}.TMContainer00000000000000000002.regtrans-ms
[2010/05/23 09:04:29 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/05/23 09:04:29 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/05/23 09:04:29 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012/02/20 10:31:45 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{7b16620d-587a-11e1-b37c-705ab6aa41ee}.TM.blf
[2012/02/20 10:31:45 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{7b16620d-587a-11e1-b37c-705ab6aa41ee}.TMContainer00000000000000000001.regtrans-ms
[2012/02/20 10:31:45 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{7b16620d-587a-11e1-b37c-705ab6aa41ee}.TMContainer00000000000000000002.regtrans-ms
[2012/12/24 20:38:55 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{881bd6b2-4db1-11e2-abc8-705ab6aa41ee}.TM.blf
[2012/12/24 20:38:55 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{881bd6b2-4db1-11e2-abc8-705ab6aa41ee}.TMContainer00000000000000000001.regtrans-ms
[2012/12/24 20:38:55 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{881bd6b2-4db1-11e2-abc8-705ab6aa41ee}.TMContainer00000000000000000002.regtrans-ms
[2012/12/31 14:42:24 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{8962de49-5338-11e2-ac99-9195cb7bc381}.TM.blf
[2012/12/31 14:42:24 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{8962de49-5338-11e2-ac99-9195cb7bc381}.TMContainer00000000000000000001.regtrans-ms
[2012/12/31 14:42:24 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{8962de49-5338-11e2-ac99-9195cb7bc381}.TMContainer00000000000000000002.regtrans-ms
[2012/07/23 08:49:22 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{9d4ba41b-d369-11e1-8b12-705ab6aa41ee}.TM.blf
[2012/07/23 08:49:22 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{9d4ba41b-d369-11e1-8b12-705ab6aa41ee}.TMContainer00000000000000000001.regtrans-ms
[2012/07/23 08:49:22 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{9d4ba41b-d369-11e1-8b12-705ab6aa41ee}.TMContainer00000000000000000002.regtrans-ms
[2013/01/02 17:54:29 | 000,065,536 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{eefd65fd-54fc-11e2-b411-705ab6aa41ee}.TM.blf
[2013/01/02 17:54:29 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{eefd65fd-54fc-11e2-b411-705ab6aa41ee}.TMContainer00000000000000000001.regtrans-ms
[2013/01/02 17:54:29 | 000,524,288 | -HS- | M] () -- C:\Users\XXp\ntuser.dat{eefd65fd-54fc-11e2-b411-705ab6aa41ee}.TMContainer00000000000000000002.regtrans-ms
[2009/07/27 08:37:06 | 000,000,020 | -HS- | M] () -- C:\Users\XXp\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<          >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:5F64C164

< End of report >
Eine Extras.txt wurde nicht erzeugt.

markusg 03.01.2013 16:18
Hi,
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

XXp 03.01.2013 16:32
Hi,
hier das log von TDSkiller:
Code:
16:28:27.0025 7704  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:28:27.0243 7704  ============================================================
16:28:27.0243 7704  Current date / time: 2013/01/03 16:28:27.0243
16:28:27.0243 7704  SystemInfo:
16:28:27.0243 7704 
16:28:27.0243 7704  OS Version: 6.1.7601 ServicePack: 1.0
16:28:27.0243 7704  Product type: Workstation
16:28:27.0243 7704  ComputerName: XANTHIPPE
16:28:27.0243 7704  UserName: XXp
16:28:27.0243 7704  Windows directory: C:\windows
16:28:27.0243 7704  System windows directory: C:\windows
16:28:27.0243 7704  Processor architecture: Intel x86
16:28:27.0243 7704  Number of processors: 4
16:28:27.0243 7704  Page size: 0x1000
16:28:27.0243 7704  Boot type: Normal boot
16:28:27.0243 7704  ============================================================
16:28:27.0898 7704  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:28:27.0914 7704  ============================================================
16:28:27.0914 7704  \Device\Harddisk0\DR0:
16:28:27.0914 7704  MBR partitions:
16:28:27.0914 7704  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
16:28:27.0914 7704  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x23196800
16:28:27.0914 7704  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2322D000, BlocksNum 0x1E00000
16:28:27.0914 7704  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x2502D000, BlocksNum 0x3FD800
16:28:27.0914 7704  ============================================================
16:28:27.0929 7704  C: <-> \Device\Harddisk0\DR0\Partition2
16:28:27.0961 7704  F: <-> \Device\Harddisk0\DR0\Partition4
16:28:27.0961 7704  ============================================================
16:28:27.0961 7704  Initialize success
16:28:27.0961 7704  ============================================================
16:28:35.0261 7300  ============================================================
16:28:35.0261 7300  Scan started
16:28:35.0261 7300  Mode: Manual; SigCheck; TDLFS;
16:28:35.0261 7300  ============================================================
16:28:35.0729 7300  ================ Scan system memory ========================
16:28:35.0729 7300  System memory - ok
16:28:35.0729 7300  ================ Scan services =============================
16:28:35.0932 7300  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
16:28:36.0119 7300  1394ohci - ok
16:28:36.0197 7300  [ 00659E56339389469473AEC41587E706 ] ac.sharedstore  C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
16:28:36.0229 7300  ac.sharedstore - ok
16:28:36.0291 7300  [ CC1F1D3D70DC13C2C281488D347D4415 ] Accelerometer  C:\windows\system32\DRIVERS\Accelerometer.sys
16:28:36.0307 7300  Accelerometer - ok
16:28:36.0338 7300  [ 769DB4F484957CC98153B3C1B5D1162F ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:28:36.0743 7300  ACDaemon - ok
16:28:36.0821 7300  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\windows\system32\drivers\ACPI.sys
16:28:36.0853 7300  ACPI - ok
16:28:36.0946 7300  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi        C:\windows\system32\drivers\acpipmi.sys
16:28:37.0024 7300  AcpiPmi - ok
16:28:37.0149 7300  AdobeActiveFileMonitor - ok
16:28:37.0274 7300  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:28:37.0289 7300  AdobeARMservice - ok
16:28:37.0414 7300  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
16:28:37.0430 7300  AdobeFlashPlayerUpdateSvc - ok
16:28:37.0461 7300  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx        C:\windows\system32\DRIVERS\adp94xx.sys
16:28:37.0492 7300  adp94xx - ok
16:28:37.0523 7300  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci        C:\windows\system32\DRIVERS\adpahci.sys
16:28:37.0555 7300  adpahci - ok
16:28:37.0570 7300  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320        C:\windows\system32\DRIVERS\adpu320.sys
16:28:37.0601 7300  adpu320 - ok
16:28:37.0617 7300  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc    C:\windows\System32\aelupsvc.dll
16:28:37.0695 7300  AeLookupSvc - ok
16:28:37.0759 7300  [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters    C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\aestsrv.exe
16:28:37.0837 7300  AESTFilters - ok
16:28:37.0869 7300  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc            C:\windows\system32\drivers\Afc.sys
16:28:37.0884 7300  Afc - ok
16:28:37.0947 7300  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD            C:\windows\system32\drivers\afd.sys
16:28:38.0025 7300  AFD - ok
16:28:38.0056 7300  [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
16:28:38.0118 7300  AgereModemAudio - ok
16:28:38.0165 7300  [ 07758C2196A62F207F77556311E7459A ] AgereSoftModem  C:\windows\system32\DRIVERS\AGRSM.sys
16:28:38.0243 7300  AgereSoftModem - ok
16:28:38.0321 7300  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\windows\system32\drivers\agp440.sys
16:28:38.0337 7300  agp440 - ok
16:28:38.0368 7300  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx        C:\windows\system32\DRIVERS\djsvs.sys
16:28:38.0383 7300  aic78xx - ok
16:28:38.0415 7300  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG            C:\windows\System32\alg.exe
16:28:38.0461 7300  ALG - ok
16:28:38.0493 7300  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\windows\system32\drivers\aliide.sys
16:28:38.0493 7300  aliide - ok
16:28:38.0555 7300  [ 66B11EF9FC95B42BA65D38687C0988D7 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:28:38.0602 7300  AMD External Events Utility - ok
16:28:38.0617 7300  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\windows\system32\drivers\amdagp.sys
16:28:38.0649 7300  amdagp - ok
16:28:38.0649 7300  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\windows\system32\drivers\amdide.sys
16:28:38.0680 7300  amdide - ok
16:28:38.0695 7300  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8          C:\windows\system32\DRIVERS\amdk8.sys
16:28:38.0742 7300  AmdK8 - ok
16:28:38.0742 7300  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
16:28:38.0789 7300  AmdPPM - ok
16:28:38.0836 7300  [ D320BF87125326F996D4904FE24300FC ] amdsata        C:\windows\system32\drivers\amdsata.sys
16:28:38.0851 7300  amdsata - ok
16:28:38.0883 7300  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
16:28:38.0914 7300  amdsbs - ok
16:28:38.0945 7300  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata        C:\windows\system32\drivers\amdxata.sys
16:28:38.0961 7300  amdxata - ok
16:28:39.0101 7300  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:28:39.0117 7300  AntiVirSchedulerService - ok
16:28:39.0210 7300  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:28:39.0226 7300  AntiVirService - ok
16:28:39.0273 7300  [ AEA177F783E20150ACE5383EE368DA19 ] AppID          C:\windows\system32\drivers\appid.sys
16:28:39.0335 7300  AppID - ok
16:28:39.0382 7300  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\windows\System32\appidsvc.dll
16:28:39.0429 7300  AppIDSvc - ok
16:28:39.0507 7300  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo        C:\windows\System32\appinfo.dll
16:28:39.0553 7300  Appinfo - ok
16:28:39.0600 7300  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt        C:\windows\System32\appmgmts.dll
16:28:39.0647 7300  AppMgmt - ok
16:28:39.0678 7300  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc            C:\windows\system32\DRIVERS\arc.sys
16:28:39.0694 7300  arc - ok
16:28:39.0709 7300  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
16:28:39.0725 7300  arcsas - ok
16:28:39.0787 7300  [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state    C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:28:39.0803 7300  aspnet_state - ok
16:28:39.0819 7300  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
16:28:39.0943 7300  AsyncMac - ok
16:28:40.0006 7300  [ 338C86357871C167A96AB976519BF59E ] atapi          C:\windows\system32\drivers\atapi.sys
16:28:40.0021 7300  atapi - ok
16:28:40.0068 7300  [ 40A07E6916AC098E31A9E39AC202B8A1 ] AtiHdmiService  C:\windows\system32\drivers\AtiHdmi.sys
16:28:40.0084 7300  AtiHdmiService - ok
16:28:40.0193 7300  [ 4EA924FCF60AC2AC06EEF6F074BC1FD5 ] atikmdag        C:\windows\system32\DRIVERS\atikmdag.sys
16:28:40.0365 7300  atikmdag - ok
16:28:40.0443 7300  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:28:40.0505 7300  AudioEndpointBuilder - ok
16:28:40.0505 7300  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\windows\System32\Audiosrv.dll
16:28:40.0552 7300  Audiosrv - ok
16:28:40.0599 7300  [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
16:28:40.0630 7300  avgntflt - ok
16:28:40.0692 7300  [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
16:28:40.0708 7300  avipbb - ok
16:28:40.0755 7300  [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
16:28:40.0755 7300  avkmgr - ok
16:28:40.0817 7300  [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio        C:\windows\system32\DRIVERS\avmaudio.sys
16:28:40.0864 7300  avmaudio - ok
16:28:40.0895 7300  [ 728C4A6C722535C16D1025F51AA31E22 ] avmaura        C:\windows\system32\DRIVERS\avmaura.sys
16:28:40.0911 7300  avmaura - ok
16:28:40.0957 7300  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\windows\System32\AxInstSV.dll
16:28:41.0035 7300  AxInstSV - ok
16:28:41.0067 7300  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv        C:\windows\system32\DRIVERS\bxvbdx.sys
16:28:41.0145 7300  b06bdrv - ok
16:28:41.0160 7300  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\windows\system32\DRIVERS\b57nd60x.sys
16:28:41.0191 7300  b57nd60x - ok
16:28:41.0238 7300  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\windows\System32\bdesvc.dll
16:28:41.0301 7300  BDESVC - ok
16:28:41.0316 7300  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\windows\system32\drivers\Beep.sys
16:28:41.0363 7300  Beep - ok
16:28:41.0441 7300  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE            C:\windows\System32\bfe.dll
16:28:41.0519 7300  BFE - ok
16:28:41.0550 7300  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\windows\System32\qmgr.dll
16:28:41.0613 7300  BITS - ok
16:28:41.0628 7300  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
16:28:41.0675 7300  blbdrive - ok
16:28:41.0706 7300  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
16:28:41.0753 7300  bowser - ok
16:28:41.0784 7300  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
16:28:41.0847 7300  BrFiltLo - ok
16:28:41.0862 7300  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
16:28:41.0909 7300  BrFiltUp - ok
16:28:41.0940 7300  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser        C:\windows\System32\browser.dll
16:28:42.0018 7300  Browser - ok
16:28:42.0034 7300  [ 845B8CE732E67F3B4133164868C666EA ] Brserid        C:\windows\System32\Drivers\Brserid.sys
16:28:42.0112 7300  Brserid - ok
16:28:42.0112 7300  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
16:28:42.0143 7300  BrSerWdm - ok
16:28:42.0159 7300  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
16:28:42.0205 7300  BrUsbMdm - ok
16:28:42.0205 7300  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
16:28:42.0237 7300  BrUsbSer - ok
16:28:42.0299 7300  [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum        C:\windows\system32\drivers\BthEnum.sys
16:28:42.0408 7300  BthEnum - ok
16:28:42.0408 7300  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
16:28:42.0455 7300  BTHMODEM - ok
16:28:42.0486 7300  [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
16:28:42.0549 7300  BthPan - ok
16:28:42.0596 7300  [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT        C:\windows\System32\Drivers\BTHport.sys
16:28:42.0643 7300  BTHPORT - ok
16:28:42.0674 7300  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv        C:\windows\system32\bthserv.dll
16:28:42.0752 7300  bthserv - ok
16:28:42.0799 7300  [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
16:28:42.0830 7300  BTHUSB - ok
16:28:42.0862 7300  [ CE5833C144CA6623BCBDE93B188AA850 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys
16:28:42.0877 7300  btwaudio - ok
16:28:42.0908 7300  [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt        C:\windows\system32\DRIVERS\btwavdt.sys
16:28:42.0924 7300  btwavdt - ok
16:28:42.0971 7300  [ F55C99818FD1EACFC7784958A8592536 ] btwdins        C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:28:43.0002 7300  btwdins - ok
16:28:43.0018 7300  [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys
16:28:43.0018 7300  btwl2cap - ok
16:28:43.0049 7300  [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys
16:28:43.0064 7300  btwrchid - ok
16:28:43.0096 7300  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
16:28:43.0142 7300  cdfs - ok
16:28:43.0220 7300  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom          C:\windows\system32\DRIVERS\cdrom.sys
16:28:43.0252 7300  cdrom - ok
16:28:43.0330 7300  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc    C:\windows\System32\certprop.dll
16:28:43.0392 7300  CertPropSvc - ok
16:28:43.0423 7300  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
16:28:43.0470 7300  circlass - ok
16:28:43.0517 7300  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\windows\system32\CLFS.sys
16:28:43.0564 7300  CLFS - ok
16:28:43.0595 7300  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:28:43.0626 7300  clr_optimization_v2.0.50727_32 - ok
16:28:43.0704 7300  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:28:43.0735 7300  clr_optimization_v4.0.30319_32 - ok
16:28:43.0766 7300  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
16:28:43.0782 7300  CmBatt - ok
16:28:43.0782 7300  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\windows\system32\drivers\cmdide.sys
16:28:43.0798 7300  cmdide - ok
16:28:43.0860 7300  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG            C:\windows\system32\Drivers\cng.sys
16:28:43.0938 7300  CNG - ok
16:28:44.0000 7300  [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx      C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
16:28:44.0032 7300  Com4QLBEx - ok
16:28:44.0063 7300  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
16:28:44.0078 7300  Compbatt - ok
16:28:44.0141 7300  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
16:28:44.0203 7300  CompositeBus - ok
16:28:44.0234 7300  COMSysApp - ok
16:28:44.0266 7300  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk        C:\windows\system32\DRIVERS\crcdisk.sys
16:28:44.0281 7300  crcdisk - ok
16:28:44.0344 7300  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\windows\system32\cryptsvc.dll
16:28:44.0406 7300  CryptSvc - ok
16:28:44.0468 7300  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC            C:\windows\system32\drivers\csc.sys
16:28:44.0578 7300  CSC - ok
16:28:44.0640 7300  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\windows\System32\cscsvc.dll
16:28:44.0687 7300  CscService - ok
16:28:44.0734 7300  [ A05433F6218DCB8F0DEC232DE65F8B26 ] DAMDrv          C:\windows\system32\DRIVERS\DAMDrv.sys
16:28:44.0749 7300  DAMDrv - ok
16:28:44.0796 7300  [ 0C527B30712D735D8CB61B5187C36587 ] dc3d            C:\windows\system32\DRIVERS\dc3d.sys
16:28:44.0827 7300  dc3d - ok
16:28:44.0858 7300  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\windows\system32\rpcss.dll
16:28:44.0921 7300  DcomLaunch - ok
16:28:44.0936 7300  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc      C:\windows\System32\defragsvc.dll
16:28:45.0014 7300  defragsvc - ok
16:28:45.0046 7300  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
16:28:45.0092 7300  DfsC - ok
16:28:45.0139 7300  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\windows\system32\dhcpcore.dll
16:28:45.0202 7300  Dhcp - ok
16:28:45.0233 7300  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\windows\system32\drivers\discache.sys
16:28:45.0295 7300  discache - ok
16:28:45.0358 7300  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\windows\system32\DRIVERS\disk.sys
16:28:45.0389 7300  Disk - ok
16:28:45.0436 7300  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\windows\System32\dnsrslvr.dll
16:28:45.0467 7300  Dnscache - ok
16:28:45.0514 7300  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc        C:\windows\System32\dot3svc.dll
16:28:45.0576 7300  dot3svc - ok
16:28:45.0654 7300  [ B5E479EB83707DD698F66953E922042C ] Dot4            C:\windows\system32\DRIVERS\Dot4.sys
16:28:45.0716 7300  Dot4 - ok
16:28:45.0779 7300  [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print      C:\windows\system32\DRIVERS\Dot4Prt.sys
16:28:45.0826 7300  Dot4Print - ok
16:28:45.0841 7300  [ CF491FF38D62143203C065260567E2F7 ] dot4usb        C:\windows\system32\DRIVERS\dot4usb.sys
16:28:45.0888 7300  dot4usb - ok
16:28:45.0950 7300  [ CACE0FDD5D1EA41A36AC8CE590330834 ] DpHost          C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
16:28:45.0982 7300  DpHost - ok
16:28:46.0028 7300  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS            C:\windows\system32\dps.dll
16:28:46.0122 7300  DPS - ok
16:28:46.0153 7300  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud        C:\windows\system32\drivers\drmkaud.sys
16:28:46.0200 7300  drmkaud - ok
16:28:46.0247 7300  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl        C:\windows\System32\drivers\dxgkrnl.sys
16:28:46.0294 7300  DXGKrnl - ok
16:28:46.0325 7300  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost        C:\windows\System32\eapsvc.dll
16:28:46.0387 7300  EapHost - ok
16:28:46.0481 7300  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv          C:\windows\system32\DRIVERS\evbdx.sys
16:28:46.0590 7300  ebdrv - ok
16:28:46.0637 7300  [ 81951F51E318AECC2D68559E47485CC4 ] EFS            C:\windows\System32\lsass.exe
16:28:46.0699 7300  EFS - ok
16:28:46.0793 7300  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr        C:\windows\ehome\ehRecvr.exe
16:28:46.0886 7300  ehRecvr - ok
16:28:46.0902 7300  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched        C:\windows\ehome\ehsched.exe
16:28:46.0980 7300  ehSched - ok
16:28:46.0996 7300  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor        C:\windows\system32\DRIVERS\elxstor.sys
16:28:47.0027 7300  elxstor - ok
16:28:47.0074 7300  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\windows\system32\drivers\errdev.sys
16:28:47.0120 7300  ErrDev - ok
16:28:47.0167 7300  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem    C:\windows\system32\es.dll
16:28:47.0230 7300  EventSystem - ok
16:28:47.0276 7300  [ 2DC9108D74081149CC8B651D3A26207F ] exfat          C:\windows\system32\drivers\exfat.sys
16:28:47.0323 7300  exfat - ok
16:28:47.0354 7300  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat        C:\windows\system32\drivers\fastfat.sys
16:28:47.0401 7300  fastfat - ok
16:28:47.0479 7300  [ 967EA5B213E9984CBE270205DF37755B ] Fax            C:\windows\system32\fxssvc.exe
16:28:47.0557 7300  Fax - ok
16:28:47.0573 7300  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc            C:\windows\system32\DRIVERS\fdc.sys
16:28:47.0620 7300  fdc - ok
16:28:47.0651 7300  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost        C:\windows\system32\fdPHost.dll
16:28:47.0713 7300  fdPHost - ok
16:28:47.0729 7300  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\windows\system32\fdrespub.dll
16:28:47.0760 7300  FDResPub - ok
16:28:47.0776 7300  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
16:28:47.0791 7300  FileInfo - ok
16:28:47.0791 7300  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace      C:\windows\system32\drivers\filetrace.sys
16:28:47.0822 7300  Filetrace - ok
16:28:47.0854 7300  [ 58B43566FF67F2255AF1CA916D2FDACB ] FLCDLOCK        c:\Windows\system32\flcdlock.exe
16:28:47.0885 7300  FLCDLOCK - ok
16:28:47.0885 7300  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
16:28:47.0932 7300  flpydisk - ok
16:28:47.0963 7300  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
16:28:47.0978 7300  FltMgr - ok
16:28:48.0041 7300  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache      C:\windows\system32\FntCache.dll
16:28:48.0134 7300  FontCache - ok
16:28:48.0181 7300  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:28:48.0197 7300  FontCache3.0.0.0 - ok
16:28:48.0212 7300  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends      C:\windows\system32\drivers\FsDepends.sys
16:28:48.0228 7300  FsDepends - ok
16:28:48.0275 7300  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
16:28:48.0290 7300  Fs_Rec - ok
16:28:48.0353 7300  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
16:28:48.0384 7300  fvevol - ok
16:28:48.0415 7300  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
16:28:48.0431 7300  gagp30kx - ok
16:28:48.0462 7300  [ 997527391DEC418DC62D784D848D73BE ] GigasetGenericUSB C:\windows\system32\DRIVERS\GigasetGenericUSB.sys
16:28:48.0524 7300  GigasetGenericUSB - ok
16:28:48.0556 7300  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc          C:\windows\System32\gpsvc.dll
16:28:48.0602 7300  gpsvc - ok
16:28:48.0649 7300  [ CEC45180029F1012054A41CEEEA9CEAB ] grmnusb        C:\windows\system32\drivers\grmnusb.sys
16:28:48.0665 7300  grmnusb - ok
16:28:48.0774 7300  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files\Google\Update\GoogleUpdate.exe
16:28:48.0805 7300  gupdate - ok
16:28:48.0821 7300  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:28:48.0836 7300  gupdatem - ok
16:28:48.0899 7300  [ C1B577B2169900F4CF7190C39F085794 ] gusvc          C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:28:48.0914 7300  gusvc - ok
16:28:48.0946 7300  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
16:28:49.0008 7300  hcw85cir - ok
16:28:49.0070 7300  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:28:49.0148 7300  HdAudAddService - ok
16:28:49.0180 7300  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
16:28:49.0226 7300  HDAudBus - ok
16:28:49.0242 7300  [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI            C:\windows\system32\DRIVERS\HECI.sys
16:28:49.0320 7300  HECI - ok
16:28:49.0336 7300  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt        C:\windows\system32\DRIVERS\HidBatt.sys
16:28:49.0351 7300  HidBatt - ok
16:28:49.0382 7300  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
16:28:49.0429 7300  HidBth - ok
16:28:49.0460 7300  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr          C:\windows\system32\DRIVERS\hidir.sys
16:28:49.0476 7300  HidIr - ok
16:28:49.0492 7300  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv        C:\windows\system32\hidserv.dll
16:28:49.0570 7300  hidserv - ok
16:28:49.0601 7300  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
16:28:49.0632 7300  HidUsb - ok
16:28:49.0679 7300  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\windows\system32\kmsvc.dll
16:28:49.0726 7300  hkmsvc - ok
16:28:49.0788 7300  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:28:49.0866 7300  HomeGroupListener - ok
16:28:49.0913 7300  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:28:49.0960 7300  HomeGroupProvider - ok
16:28:50.0022 7300  [ C84BCC03858DAEAC4DB1E95EFCCE1934 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
16:28:50.0038 7300  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
16:28:50.0038 7300  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
16:28:50.0053 7300  [ 9374C0E511F8763B56567E2E80B2DB6E ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
16:28:50.0069 7300  HP Power Assistant Service - ok
16:28:50.0116 7300  [ 657E81DF0625198C97F91C09AE9611FC ] HP ProtectTools Service C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
16:28:50.0131 7300  HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - warning
16:28:50.0131 7300  HP ProtectTools Service - detected UnsignedFile.Multi.Generic (1)
16:28:50.0162 7300  [ AEAD49B76830B89EBD5E079BD5209186 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
16:28:50.0178 7300  HP Wireless Assistant Service - ok
16:28:50.0225 7300  [ A48A151D3FA7CB032A51453F087221C7 ] HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:28:50.0240 7300  HPDrvMntSvc.exe - ok
16:28:50.0272 7300  [ 4EF10B866C62ABBEAF7511CDD05A19BE ] hpdskflt        C:\windows\system32\DRIVERS\hpdskflt.sys
16:28:50.0272 7300  hpdskflt - ok
16:28:50.0318 7300  [ 5B254F65973D4958D2BB5B153961891C ] HpFkCryptService c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
16:28:50.0350 7300  HpFkCryptService - ok
16:28:50.0396 7300  [ E123B122D5217F724B1D2641010C9D3C ] HPFSService    C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
16:28:50.0428 7300  HPFSService ( UnsignedFile.Multi.Generic ) - warning
16:28:50.0428 7300  HPFSService - detected UnsignedFile.Multi.Generic (1)
16:28:50.0568 7300  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:28:50.0584 7300  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:28:50.0584 7300  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:28:50.0599 7300  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:28:50.0630 7300  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:28:50.0630 7300  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:28:50.0677 7300  [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr      C:\windows\system32\DRIVERS\HpqKbFiltr.sys
16:28:50.0740 7300  HpqKbFiltr - ok
16:28:50.0771 7300  [ 71BD8A611E0677175D3938C9CEA7339A ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:28:50.0802 7300  hpqwmiex - ok
16:28:50.0864 7300  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
16:28:50.0880 7300  HpSAMD - ok
16:28:50.0958 7300  [ 79737E0F7D25DE8405CB34D4C9882253 ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
16:28:51.0005 7300  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:28:51.0005 7300  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:28:51.0052 7300  [ C0BEB56ED79B59B7B33D0AA6C38A0BA6 ] hpsrv          C:\windows\system32\Hpservice.exe
16:28:51.0052 7300  hpsrv - ok
16:28:51.0130 7300  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\windows\system32\drivers\HTTP.sys
16:28:51.0208 7300  HTTP - ok
16:28:51.0239 7300  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
16:28:51.0254 7300  hwpolicy - ok
16:28:51.0286 7300  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
16:28:51.0317 7300  i8042prt - ok
16:28:51.0410 7300  [ F54B3DB096ABD6E9BBBD052FD3878A48 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:28:51.0442 7300  IAANTMON - ok
16:28:51.0457 7300  [ 01446278D4563B3013C92830AE6CBB26 ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
16:28:51.0473 7300  iaStor - ok
16:28:51.0504 7300  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV        C:\windows\system32\drivers\iaStorV.sys
16:28:51.0520 7300  iaStorV - ok
16:28:51.0582 7300  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc          C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:28:51.0644 7300  idsvc - ok
16:28:51.0754 7300  [ 455FE9A193385ED81396322678F28C4C ] IFXSpMgtSrv    C:\Program Files\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
16:28:51.0816 7300  IFXSpMgtSrv - ok
16:28:51.0863 7300  [ 59D8A7933AC75A2E2823DDD5DA4A2182 ] IFXTCS          C:\Program Files\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
16:28:51.0910 7300  IFXTCS - ok
16:28:51.0941 7300  [ 506801C7D47BE8CD1CF342BF28EB17EC ] IGDCTRL        C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
16:28:51.0956 7300  IGDCTRL - ok
16:28:52.0066 7300  [ AD626F6964F4D364D226C39E06872DD3 ] igfx            C:\windows\system32\DRIVERS\igdkmd32.sys
16:28:52.0222 7300  igfx - ok
16:28:52.0253 7300  [ 4173FF5708F3236CF25195FECD742915 ] iirsp          C:\windows\system32\DRIVERS\iirsp.sys
16:28:52.0268 7300  iirsp - ok
16:28:52.0315 7300  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\windows\System32\ikeext.dll
16:28:52.0409 7300  IKEEXT - ok
16:28:52.0487 7300  [ E3C36AC5AE87EC970AE8EA2A93D59AE1 ] Impcd          C:\windows\system32\DRIVERS\Impcd.sys
16:28:52.0518 7300  Impcd - ok
16:28:52.0565 7300  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\windows\system32\drivers\intelide.sys
16:28:52.0580 7300  intelide - ok
16:28:52.0596 7300  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
16:28:52.0612 7300  intelppm - ok
16:28:52.0627 7300  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum      C:\windows\system32\ipbusenum.dll
16:28:52.0690 7300  IPBusEnum - ok
16:28:52.0705 7300  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
16:28:52.0783 7300  IpFilterDriver - ok
16:28:52.0830 7300  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
16:28:52.0892 7300  iphlpsvc - ok
16:28:52.0939 7300  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV        C:\windows\system32\drivers\IPMIDrv.sys
16:28:52.0986 7300  IPMIDRV - ok
16:28:53.0017 7300  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT          C:\windows\system32\drivers\ipnat.sys
16:28:53.0080 7300  IPNAT - ok
16:28:53.0111 7300  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\windows\system32\drivers\irenum.sys
16:28:53.0189 7300  IRENUM - ok
16:28:53.0251 7300  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\windows\system32\drivers\isapnp.sys
16:28:53.0282 7300  isapnp - ok
16:28:53.0298 7300  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
16:28:53.0329 7300  iScsiPrt - ok
16:28:53.0360 7300  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
16:28:53.0376 7300  kbdclass - ok
16:28:53.0423 7300  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
16:28:53.0470 7300  kbdhid - ok
16:28:53.0501 7300  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\windows\system32\lsass.exe
16:28:53.0516 7300  KeyIso - ok
16:28:53.0563 7300  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
16:28:53.0594 7300  KSecDD - ok
16:28:53.0641 7300  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg        C:\windows\system32\Drivers\ksecpkg.sys
16:28:53.0672 7300  KSecPkg - ok
16:28:53.0704 7300  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm          C:\windows\system32\msdtckrm.dll
16:28:53.0782 7300  KtmRm - ok
16:28:53.0844 7300  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\windows\system32\srvsvc.dll
16:28:53.0922 7300  LanmanServer - ok
16:28:53.0984 7300  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:28:54.0031 7300  LanmanWorkstation - ok
16:28:54.0156 7300  [ AB097D0F93B30A6D79D430422AC6A7E8 ] LBTServ        C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:28:54.0187 7300  LBTServ - ok
16:28:54.0265 7300  [ B68309F25C5787385DA842EB5B496958 ] LHidFilt        C:\windows\system32\DRIVERS\LHidFilt.Sys
16:28:54.0281 7300  LHidFilt - ok
16:28:54.0312 7300  [ EE963D96BFD97E54BA6CE6D2AC58DE35 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
16:28:54.0328 7300  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:28:54.0328 7300  LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:28:54.0359 7300  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
16:28:54.0421 7300  lltdio - ok
16:28:54.0452 7300  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc        C:\windows\System32\lltdsvc.dll
16:28:54.0515 7300  lltdsvc - ok
16:28:54.0530 7300  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts        C:\windows\System32\lmhsvc.dll
16:28:54.0562 7300  lmhosts - ok
16:28:54.0577 7300  [ 63D3B1D3CD267FCC186A0146B80D453B ] LMouFilt        C:\windows\system32\DRIVERS\LMouFilt.Sys
16:28:54.0577 7300  LMouFilt - ok
16:28:54.0624 7300  [ BB4E55778D8DE3885E1CDAC795DE7BCE ] LMS            C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:28:54.0655 7300  LMS - ok
16:28:54.0686 7300  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
16:28:54.0718 7300  LSI_FC - ok
16:28:54.0733 7300  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS        C:\windows\system32\DRIVERS\lsi_sas.sys
16:28:54.0749 7300  LSI_SAS - ok
16:28:54.0749 7300  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
16:28:54.0764 7300  LSI_SAS2 - ok
16:28:54.0780 7300  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
16:28:54.0796 7300  LSI_SCSI - ok
16:28:54.0811 7300  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv          C:\windows\system32\drivers\luafv.sys
16:28:54.0874 7300  luafv - ok
16:28:54.0920 7300  [ 0C62957912D4DF1E4BA9795E6BE3ED38 ] LUsbFilt        C:\windows\system32\Drivers\LUsbFilt.Sys
16:28:54.0920 7300  LUsbFilt - ok
16:28:54.0998 7300  [ 59A2783ABA6019BED0C843C706E10A6A ] massfilter      C:\windows\system32\drivers\massfilter.sys
16:28:55.0045 7300  massfilter - ok
16:28:55.0092 7300  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc        C:\windows\system32\Mcx2Svc.dll
16:28:55.0139 7300  Mcx2Svc - ok
16:28:55.0170 7300  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas        C:\windows\system32\DRIVERS\megasas.sys
16:28:55.0186 7300  megasas - ok
16:28:55.0201 7300  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
16:28:55.0217 7300  MegaSR - ok
16:28:55.0248 7300  [ 64B96DE8C492BD435372D9130A535F1D ] MfeAVFK        C:\windows\system32\drivers\MfeAVFK.sys
16:28:55.0264 7300  MfeAVFK - ok
16:28:55.0264 7300  [ 078E87A89D36CC3516F19D5FB518BDDC ] MfeBOPK        C:\windows\system32\drivers\MfeBOPK.sys
16:28:55.0279 7300  MfeBOPK - ok
16:28:55.0295 7300  [ 168C565101FD5B9DB694EFDEC91FAFA9 ] mfehidk        C:\windows\system32\drivers\mfehidk.sys
16:28:55.0326 7300  mfehidk - ok
16:28:55.0326 7300  [ E0842F67DC9BC4D21D1E319610EBE9E5 ] MfeRKDK        C:\windows\system32\drivers\MfeRKDK.sys
16:28:55.0342 7300  MfeRKDK - ok
16:28:55.0357 7300  [ 43A7ACBBD70ECD62F0B63486C72089A3 ] mfetdik        C:\windows\system32\drivers\mfetdik.sys
16:28:55.0373 7300  mfetdik - ok
16:28:55.0451 7300  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:28:55.0482 7300  Microsoft Office Groove Audit Service - ok
16:28:55.0498 7300  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS          C:\windows\system32\mmcss.dll
16:28:55.0544 7300  MMCSS - ok
16:28:55.0560 7300  [ F001861E5700EE84E2D4E52C712F4964 ] Modem          C:\windows\system32\drivers\modem.sys
16:28:55.0622 7300  Modem - ok
16:28:55.0654 7300  [ 79D10964DE86B292320E9DFE02282A23 ] monitor        C:\windows\system32\DRIVERS\monitor.sys
16:28:55.0685 7300  monitor - ok
16:28:55.0732 7300  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
16:28:55.0732 7300  mouclass - ok
16:28:55.0747 7300  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
16:28:55.0794 7300  mouhid - ok
16:28:55.0856 7300  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
16:28:55.0888 7300  mountmgr - ok
16:28:55.0981 7300  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:28:56.0028 7300  MozillaMaintenance - ok
16:28:56.0044 7300  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\windows\system32\drivers\mpio.sys
16:28:56.0075 7300  mpio - ok
16:28:56.0075 7300  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
16:28:56.0137 7300  mpsdrv - ok
16:28:56.0184 7300  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\windows\system32\mpssvc.dll
16:28:56.0278 7300  MpsSvc - ok
16:28:56.0293 7300  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
16:28:56.0356 7300  MRxDAV - ok
16:28:56.0387 7300  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
16:28:56.0480 7300  mrxsmb - ok
16:28:56.0496 7300  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
16:28:56.0527 7300  mrxsmb10 - ok
16:28:56.0558 7300  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
16:28:56.0590 7300  mrxsmb20 - ok
16:28:56.0636 7300  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\windows\system32\drivers\msahci.sys
16:28:56.0652 7300  msahci - ok
16:28:56.0699 7300  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm          C:\windows\system32\drivers\msdsm.sys
16:28:56.0730 7300  msdsm - ok
16:28:56.0746 7300  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC          C:\windows\System32\msdtc.exe
16:28:56.0808 7300  MSDTC - ok
16:28:56.0855 7300  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\windows\system32\drivers\Msfs.sys
16:28:56.0917 7300  Msfs - ok
16:28:56.0948 7300  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf      C:\windows\System32\drivers\mshidkmdf.sys
16:28:56.0995 7300  mshidkmdf - ok
16:28:57.0011 7300  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
16:28:57.0026 7300  msisadrv - ok
16:28:57.0058 7300  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI        C:\windows\system32\iscsiexe.dll
16:28:57.0136 7300  MSiSCSI - ok
16:28:57.0136 7300  msiserver - ok
16:28:57.0167 7300  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV        C:\windows\system32\drivers\MSKSSRV.sys
16:28:57.0229 7300  MSKSSRV - ok
16:28:57.0276 7300  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
16:28:57.0338 7300  MSPCLOCK - ok
16:28:57.0354 7300  [ F456E973590D663B1073E9C463B40932 ] MSPQM          C:\windows\system32\drivers\MSPQM.sys
16:28:57.0401 7300  MSPQM - ok
16:28:57.0432 7300  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC          C:\windows\system32\drivers\MsRPC.sys
16:28:57.0448 7300  MsRPC - ok
16:28:57.0463 7300  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
16:28:57.0463 7300  mssmbios - ok
16:28:57.0479 7300  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE          C:\windows\system32\drivers\MSTEE.sys
16:28:57.0526 7300  MSTEE - ok
16:28:57.0557 7300  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
16:28:57.0572 7300  MTConfig - ok
16:28:57.0572 7300  [ 159FAD02F64E6381758C990F753BCC80 ] Mup            C:\windows\system32\Drivers\mup.sys
16:28:57.0588 7300  Mup - ok
16:28:57.0650 7300  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\windows\system32\qagentRT.dll
16:28:57.0697 7300  napagent - ok
16:28:57.0728 7300  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP    C:\windows\system32\DRIVERS\nwifi.sys
16:28:57.0760 7300  NativeWifiP - ok
16:28:57.0822 7300  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\windows\system32\drivers\ndis.sys
16:28:57.0884 7300  NDIS - ok
16:28:57.0884 7300  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap        C:\windows\system32\DRIVERS\ndiscap.sys
16:28:57.0916 7300  NdisCap - ok
16:28:57.0931 7300  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
16:28:57.0978 7300  NdisTapi - ok
16:28:58.0040 7300  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio        C:\windows\system32\DRIVERS\ndisuio.sys
16:28:58.0118 7300  Ndisuio - ok
16:28:58.0150 7300  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan        C:\windows\system32\DRIVERS\ndiswan.sys
16:28:58.0212 7300  NdisWan - ok
16:28:58.0259 7300  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy        C:\windows\system32\drivers\NDProxy.sys
16:28:58.0306 7300  NDProxy - ok
16:28:58.0368 7300  [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
16:28:58.0368 7300  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:28:58.0368 7300  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:28:58.0384 7300  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS        C:\windows\system32\DRIVERS\netbios.sys
16:28:58.0446 7300  NetBIOS - ok
16:28:58.0493 7300  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT          C:\windows\system32\DRIVERS\netbt.sys
16:28:58.0571 7300  NetBT - ok
16:28:58.0586 7300  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\windows\system32\lsass.exe
16:28:58.0602 7300  Netlogon - ok
16:28:58.0633 7300  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\windows\System32\netman.dll
16:28:58.0664 7300  Netman - ok
16:28:58.0680 7300  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\windows\System32\netprofm.dll
16:28:58.0742 7300  netprofm - ok
16:28:58.0758 7300  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:28:58.0774 7300  NetTcpPortSharing - ok
16:28:58.0961 7300  [ 5B2DFA9C5C02DDF2A113CC0F551B59DF ] NETw5s32        C:\windows\system32\DRIVERS\NETw5s32.sys
16:28:59.0195 7300  NETw5s32 - ok
16:28:59.0210 7300  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960        C:\windows\system32\DRIVERS\nfrd960.sys
16:28:59.0257 7300  nfrd960 - ok
16:28:59.0320 7300  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\windows\System32\nlasvc.dll
16:28:59.0366 7300  NlaSvc - ok
16:28:59.0460 7300  [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd          C:\windows\system32\drivers\ccdcmb.sys
16:28:59.0569 7300  nmwcd - ok
16:28:59.0632 7300  [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc          C:\windows\system32\drivers\ccdcmbo.sys
16:28:59.0694 7300  nmwcdc - ok
16:28:59.0725 7300  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\windows\system32\drivers\Npfs.sys
16:28:59.0756 7300  Npfs - ok
16:28:59.0788 7300  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi            C:\windows\system32\nsisvc.dll
16:28:59.0819 7300  nsi - ok
16:28:59.0834 7300  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
16:28:59.0881 7300  nsiproxy - ok
16:28:59.0975 7300  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
16:29:00.0037 7300  Ntfs - ok
16:29:00.0053 7300  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\windows\system32\drivers\Null.sys
16:29:00.0084 7300  Null - ok
16:29:00.0100 7300  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\windows\system32\drivers\nvraid.sys
16:29:00.0115 7300  nvraid - ok
16:29:00.0162 7300  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\windows\system32\drivers\nvstor.sys
16:29:00.0193 7300  nvstor - ok
16:29:00.0209 7300  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
16:29:00.0224 7300  nv_agp - ok
16:29:00.0318 7300  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:29:00.0349 7300  odserv - ok
16:29:00.0396 7300  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
16:29:00.0458 7300  ohci1394 - ok
16:29:00.0521 7300  [ 5A432A042DAE460ABE7199B758E8606C ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:29:00.0552 7300  ose - ok
16:29:00.0568 7300  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
16:29:00.0646 7300  p2pimsvc - ok
16:29:00.0677 7300  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\windows\system32\p2psvc.dll
16:29:00.0692 7300  p2psvc - ok
16:29:00.0724 7300  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport        C:\windows\system32\DRIVERS\parport.sys
16:29:00.0739 7300  Parport - ok
16:29:00.0786 7300  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr        C:\windows\system32\drivers\partmgr.sys
16:29:00.0817 7300  partmgr - ok
16:29:00.0817 7300  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\windows\system32\DRIVERS\parvdm.sys
16:29:00.0864 7300  Parvdm - ok
16:29:00.0880 7300  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\windows\System32\pcasvc.dll
16:29:00.0911 7300  PcaSvc - ok
16:29:00.0958 7300  [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd        C:\windows\system32\DRIVERS\pccsmcfd.sys
16:29:01.0036 7300  pccsmcfd - ok
16:29:01.0145 7300  [ 673E55C3498EB970088E812EA820AA8F ] pci            C:\windows\system32\drivers\pci.sys
16:29:01.0176 7300  pci - ok
16:29:01.0192 7300  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\windows\system32\drivers\pciide.sys
16:29:01.0223 7300  pciide - ok
16:29:01.0270 7300  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
16:29:01.0301 7300  pcmcia - ok
16:29:01.0363 7300  [ 250F6B43D2B613172035C6747AEEB19F ] pcw            C:\windows\system32\drivers\pcw.sys
16:29:01.0379 7300  pcw - ok
16:29:01.0441 7300  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\windows\system32\drivers\peauth.sys
16:29:01.0504 7300  PEAUTH - ok
16:29:01.0582 7300  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc    C:\windows\system32\peerdistsvc.dll
16:29:01.0675 7300  PeerDistSvc - ok
16:29:01.0753 7300  [ B6FAEDF5356A5C0954487F7381C88CC3 ] PersonalSecureDrive C:\windows\System32\drivers\psd.sys
16:29:01.0784 7300  PersonalSecureDrive - ok
16:29:01.0800 7300  [ 01C1F728874BAFFB02C7DAF682BFD562 ] PersonalSecureDriveService C:\Program Files\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
16:29:01.0831 7300  PersonalSecureDriveService - ok
16:29:01.0909 7300  PhotoshopElementsDeviceConnect - ok
16:29:01.0987 7300  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla            C:\windows\system32\pla.dll
16:29:02.0065 7300  pla - ok
16:29:02.0143 7300  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\windows\system32\umpnpmgr.dll
16:29:02.0206 7300  PlugPlay - ok
16:29:02.0252 7300  [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
16:29:02.0268 7300  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:29:02.0268 7300  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:29:02.0299 7300  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg    C:\windows\system32\pnrpauto.dll
16:29:02.0346 7300  PNRPAutoReg - ok
16:29:02.0362 7300  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc        C:\windows\system32\pnrpsvc.dll
16:29:02.0393 7300  PNRPsvc - ok
16:29:02.0440 7300  [ 0648C9DB881557749039CFEE5E97E1A3 ] Point32        C:\windows\system32\DRIVERS\point32.sys
16:29:02.0471 7300  Point32 - ok
16:29:02.0518 7300  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent    C:\windows\System32\ipsecsvc.dll
16:29:02.0596 7300  PolicyAgent - ok
16:29:02.0627 7300  [ F87D30E72E03D579A5199CCB3831D6EA ] Power          C:\windows\system32\umpo.dll
16:29:02.0705 7300  Power - ok
16:29:02.0736 7300  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
16:29:02.0798 7300  PptpMiniport - ok
16:29:02.0830 7300  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor      C:\windows\system32\DRIVERS\processr.sys
16:29:02.0876 7300  Processor - ok
16:29:02.0939 7300  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc        C:\windows\system32\profsvc.dll
16:29:03.0001 7300  ProfSvc - ok
16:29:03.0032 7300  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
16:29:03.0048 7300  ProtectedStorage - ok
16:29:03.0064 7300  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\windows\system32\DRIVERS\pacer.sys
16:29:03.0110 7300  Psched - ok
16:29:03.0126 7300  [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20        C:\windows\system32\Drivers\PxHelp20.sys
16:29:03.0142 7300  PxHelp20 - ok
16:29:03.0173 7300  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
16:29:03.0235 7300  ql2300 - ok
16:29:03.0266 7300  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
16:29:03.0266 7300  ql40xx - ok
16:29:03.0298 7300  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE          C:\windows\system32\qwave.dll
16:29:03.0313 7300  QWAVE - ok
16:29:03.0329 7300  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
16:29:03.0344 7300  QWAVEdrv - ok
16:29:03.0407 7300  [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr        C:\windows\WindowsMobile\rapimgr.dll
16:29:03.0438 7300  RapiMgr - ok
16:29:03.0454 7300  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
16:29:03.0532 7300  RasAcd - ok
16:29:03.0563 7300  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn    C:\windows\system32\DRIVERS\AgileVpn.sys
16:29:03.0641 7300  RasAgileVpn - ok
16:29:03.0656 7300  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto        C:\windows\System32\rasauto.dll
16:29:03.0688 7300  RasAuto - ok
16:29:03.0703 7300  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp        C:\windows\system32\DRIVERS\rasl2tp.sys
16:29:03.0734 7300  Rasl2tp - ok
16:29:03.0797 7300  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\windows\System32\rasmans.dll
16:29:03.0844 7300  RasMan - ok
16:29:03.0859 7300  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
16:29:03.0906 7300  RasPppoe - ok
16:29:03.0937 7300  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp        C:\windows\system32\DRIVERS\rassstp.sys
16:29:03.0968 7300  RasSstp - ok
16:29:04.0031 7300  [ D528BC58A489409BA40334EBF96A311B ] rdbss          C:\windows\system32\DRIVERS\rdbss.sys
16:29:04.0062 7300  rdbss - ok
16:29:04.0109 7300  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
16:29:04.0109 7300  rdpbus - ok
16:29:04.0156 7300  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
16:29:04.0234 7300  RDPCDD - ok
16:29:04.0280 7300  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR          C:\windows\system32\drivers\rdpdr.sys
16:29:04.0312 7300  RDPDR - ok
16:29:04.0327 7300  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
16:29:04.0374 7300  RDPENCDD - ok
16:29:04.0374 7300  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
16:29:04.0421 7300  RDPREFMP - ok
16:29:04.0499 7300  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
16:29:04.0530 7300  RdpVideoMiniport - ok
16:29:04.0577 7300  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD          C:\windows\system32\drivers\RDPWD.sys
16:29:04.0624 7300  RDPWD - ok
16:29:04.0686 7300  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
16:29:04.0702 7300  rdyboost - ok
16:29:04.0733 7300  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\windows\System32\mprdim.dll
16:29:04.0780 7300  RemoteAccess - ok
16:29:04.0811 7300  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\windows\system32\regsvc.dll
16:29:04.0858 7300  RemoteRegistry - ok
16:29:04.0889 7300  [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
16:29:04.0920 7300  RFCOMM - ok
16:29:04.0936 7300  [ DF672613FBBCD58C38BB0BC2694BCFB0 ] rimmptsk        C:\windows\system32\DRIVERS\rimmptsk.sys
16:29:04.0998 7300  rimmptsk - ok
16:29:05.0029 7300  [ E891F07815AF88075705EF6A248711F6 ] rimspci        C:\windows\system32\DRIVERS\rimspe86.sys
16:29:05.0092 7300  rimspci - ok
16:29:05.0123 7300  [ 9BFB54D3559F2FF7301271D29D383564 ] rimsptsk        C:\windows\system32\DRIVERS\rimsptsk.sys
16:29:05.0185 7300  rimsptsk - ok
16:29:05.0201 7300  [ D853D35F792A3A44726A794BF9A0BBC3 ] risdpcie        C:\windows\system32\DRIVERS\risdpe86.sys
16:29:05.0248 7300  risdpcie - ok
16:29:05.0279 7300  [ DCB87DA83CC1010CBC9FC4DC9E395BBC ] rismxdp        C:\windows\system32\DRIVERS\rixdptsk.sys
16:29:05.0341 7300  rismxdp - ok
16:29:05.0357 7300  [ 6A60626412129C713CC30C81870A8095 ] rixdpcie        C:\windows\system32\DRIVERS\rixdpe86.sys
16:29:05.0372 7300  rixdpcie - ok
16:29:05.0466 7300  [ 85F9924FB26D924C4A10DC620AE2C350 ] RoxMediaDB10    c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
16:29:05.0528 7300  RoxMediaDB10 - ok
16:29:05.0560 7300  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
16:29:05.0622 7300  RpcEptMapper - ok
16:29:05.0669 7300  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\windows\system32\locator.exe
16:29:05.0669 7300  RpcLocator - ok
16:29:05.0731 7300  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs          C:\windows\system32\rpcss.dll
16:29:05.0794 7300  RpcSs - ok
16:29:05.0825 7300  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
16:29:05.0872 7300  rspndr - ok
16:29:05.0903 7300  [ 8CDC9BB9153CE42AEB3D5781A043B4F9 ] RsvLock        C:\windows\system32\drivers\RsvLock.sys
16:29:05.0918 7300  RsvLock - ok
16:29:05.0965 7300  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap          C:\windows\system32\drivers\vms3cap.sys
16:29:05.0996 7300  s3cap - ok
16:29:06.0012 7300  [ 5C8BC26DF69A16F3226A77C738CC44AB ] SafeBoot        C:\windows\system32\drivers\SafeBoot.sys
16:29:06.0012 7300  Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 5C8BC26DF69A16F3226A77C738CC44AB
16:29:06.0012 7300  SafeBoot ( LockedFile.Multi.Generic ) - warning
16:29:06.0012 7300  SafeBoot - detected LockedFile.Multi.Generic (1)
16:29:06.0028 7300  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs          C:\windows\system32\lsass.exe
16:29:06.0043 7300  SamSs - ok
16:29:06.0059 7300  [ EA15D2B45681E7D951791810C77F3530 ] SbAlg          C:\windows\system32\drivers\SbAlg.sys
16:29:06.0074 7300  SbAlg - ok
16:29:06.0074 7300  [ A8F24962054A1B711FC7B27EBC6AF798 ] SbFsLock        C:\windows\system32\drivers\SbFsLock.sys
16:29:06.0090 7300  SbFsLock - ok
16:29:06.0137 7300  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
16:29:06.0168 7300  sbp2port - ok
16:29:06.0184 7300  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\windows\System32\SCardSvr.dll
16:29:06.0215 7300  SCardSvr - ok
16:29:06.0262 7300  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
16:29:06.0308 7300  scfilter - ok
16:29:06.0340 7300  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\windows\system32\schedsvc.dll
16:29:06.0386 7300  Schedule - ok
16:29:06.0433 7300  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc    C:\windows\System32\certprop.dll
16:29:06.0480 7300  SCPolicySvc - ok
16:29:06.0511 7300  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus          C:\windows\system32\drivers\sdbus.sys
16:29:06.0542 7300  sdbus - ok
16:29:06.0574 7300  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\windows\System32\SDRSVC.dll
16:29:06.0636 7300  SDRSVC - ok
16:29:06.0667 7300  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\windows\system32\drivers\secdrv.sys
16:29:06.0730 7300  secdrv - ok
16:29:06.0761 7300  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\windows\system32\seclogon.dll
16:29:06.0792 7300  seclogon - ok
16:29:06.0808 7300  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\windows\System32\sens.dll
16:29:06.0839 7300  SENS - ok
16:29:06.0870 7300  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\windows\system32\sensrsvc.dll
16:29:06.0932 7300  SensrSvc - ok
16:29:06.0932 7300  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum        C:\windows\system32\DRIVERS\serenum.sys
16:29:06.0964 7300  Serenum - ok
16:29:06.0964 7300  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\windows\system32\DRIVERS\serial.sys
16:29:07.0010 7300  Serial - ok
16:29:07.0026 7300  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
16:29:07.0073 7300  sermouse - ok
16:29:07.0229 7300  [ E90CE237E99C5D26CB3872318A7799D0 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
16:29:07.0276 7300  ServiceLayer - ok
16:29:07.0322 7300  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\windows\system32\sessenv.dll
16:29:07.0385 7300  SessionEnv - ok
16:29:07.0432 7300  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk        C:\windows\system32\drivers\sffdisk.sys
16:29:07.0447 7300  sffdisk - ok
16:29:07.0463 7300  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
16:29:07.0510 7300  sffp_mmc - ok
16:29:07.0510 7300  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd        C:\windows\system32\drivers\sffp_sd.sys
16:29:07.0556 7300  sffp_sd - ok
16:29:07.0572 7300  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy        C:\windows\system32\DRIVERS\sfloppy.sys
16:29:07.0588 7300  sfloppy - ok
16:29:07.0619 7300  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\windows\System32\ipnathlp.dll
16:29:07.0681 7300  SharedAccess - ok
16:29:07.0728 7300  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:29:07.0775 7300  ShellHWDetection - ok
16:29:07.0837 7300  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\windows\system32\drivers\sisagp.sys
16:29:07.0853 7300  sisagp - ok
16:29:07.0900 7300  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
16:29:07.0915 7300  SiSRaid2 - ok
16:29:07.0931 7300  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
16:29:07.0946 7300  SiSRaid4 - ok
16:29:07.0978 7300  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate    C:\Program Files\Skype\Updater\Updater.exe
16:29:07.0978 7300  SkypeUpdate - ok
16:29:08.0024 7300  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb            C:\windows\system32\DRIVERS\smb.sys
16:29:08.0071 7300  Smb - ok
16:29:08.0118 7300  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
16:29:08.0149 7300  SNMPTRAP - ok
16:29:08.0212 7300  [ 4D8A49526AA035B1A8FF3FE6807783F5 ] SNP2UVC        C:\windows\system32\DRIVERS\snp2uvc.sys
16:29:08.0274 7300  SNP2UVC - ok
16:29:08.0290 7300  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr          C:\windows\system32\drivers\spldr.sys
16:29:08.0290 7300  spldr - ok
16:29:08.0352 7300  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler        C:\windows\System32\spoolsv.exe
16:29:08.0430 7300  Spooler - ok
16:29:08.0539 7300  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\windows\system32\sppsvc.exe
16:29:08.0680 7300  sppsvc - ok
16:29:08.0726 7300  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify    C:\windows\system32\sppuinotify.dll
16:29:08.0773 7300  sppuinotify - ok
16:29:08.0851 7300  [ 1C63FE706AB797BC3C24813FF969B4DE ] Spyder3        C:\windows\system32\DRIVERS\Spyder3.sys
16:29:08.0882 7300  Spyder3 - ok
16:29:08.0929 7300  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv            C:\windows\system32\DRIVERS\srv.sys
16:29:09.0023 7300  srv - ok
16:29:09.0070 7300  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\windows\system32\DRIVERS\srv2.sys
16:29:09.0116 7300  srv2 - ok
16:29:09.0148 7300  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
16:29:09.0194 7300  srvnet - ok
16:29:09.0226 7300  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV        C:\windows\System32\ssdpsrv.dll
16:29:09.0272 7300  SSDPSRV - ok
16:29:09.0335 7300  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\windows\system32\DRIVERS\ssmdrv.sys
16:29:09.0350 7300  ssmdrv - ok
16:29:09.0366 7300  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc        C:\windows\system32\sstpsvc.dll
16:29:09.0428 7300  SstpSvc - ok
16:29:09.0522 7300  [ 1816C34D3DC9A0F1745FB455506C7B58 ] STacSV          C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\STacSV.exe
16:29:09.0569 7300  STacSV - ok
16:29:09.0616 7300  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
16:29:09.0631 7300  stexstor - ok
16:29:09.0678 7300  [ 96CB9FD21207AF4456D37957441F6001 ] STHDA          C:\windows\system32\DRIVERS\stwrt.sys
16:29:09.0725 7300  STHDA - ok
16:29:09.0772 7300  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\windows\System32\wiaservc.dll
16:29:09.0834 7300  StiSvc - ok
16:29:09.0881 7300  [ AD989072596AB313D7FA13BCF69573F7 ] stllssvr        c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
16:29:09.0896 7300  stllssvr - ok
16:29:09.0959 7300  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt        C:\windows\system32\drivers\vmstorfl.sys
16:29:09.0974 7300  storflt - ok
16:29:10.0006 7300  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc        C:\windows\system32\storsvc.dll
16:29:10.0037 7300  StorSvc - ok
16:29:10.0052 7300  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc        C:\windows\system32\drivers\storvsc.sys
16:29:10.0068 7300  storvsc - ok
16:29:10.0084 7300  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\windows\system32\drivers\swenum.sys
16:29:10.0099 7300  swenum - ok
16:29:10.0130 7300  [ A28BD92DF340E57B024BA433165D34D7 ] swprv          C:\windows\System32\swprv.dll
16:29:10.0162 7300  swprv - ok
16:29:10.0240 7300  [ 0E8676FB3BB95AA40FDF7A4A31018C8B ] SynTP          C:\windows\system32\DRIVERS\SynTP.sys
16:29:10.0318 7300  SynTP - ok
16:29:10.0380 7300  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain        C:\windows\system32\sysmain.dll
16:29:10.0474 7300  SysMain - ok
16:29:10.0505 7300  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
16:29:10.0552 7300  TabletInputService - ok
16:29:10.0583 7300  [ 613BF4820361543956909043A265C6AC ] TapiSrv        C:\windows\System32\tapisrv.dll
16:29:10.0614 7300  TapiSrv - ok
16:29:10.0630 7300  [ B799D9FDB26111737F58288D8DC172D9 ] TBS            C:\windows\System32\tbssvc.dll
16:29:10.0692 7300  TBS - ok
16:29:10.0754 7300  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip          C:\windows\system32\drivers\tcpip.sys
16:29:10.0832 7300  Tcpip - ok
16:29:10.0864 7300  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
16:29:10.0926 7300  TCPIP6 - ok
16:29:10.0973 7300  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
16:29:11.0004 7300  tcpipreg - ok
16:29:11.0051 7300  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
16:29:11.0098 7300  TDPIPE - ok
16:29:11.0144 7300  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP          C:\windows\system32\drivers\tdtcp.sys
16:29:11.0176 7300  TDTCP - ok
16:29:11.0207 7300  [ B459575348C20E8121D6039DA063C704 ] tdx            C:\windows\system32\DRIVERS\tdx.sys
16:29:11.0254 7300  tdx - ok
16:29:11.0300 7300  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\windows\system32\drivers\termdd.sys
16:29:11.0316 7300  TermDD - ok
16:29:11.0363 7300  [ 382C804C92811BE57829D8E550A900E2 ] TermService    C:\windows\System32\termsrv.dll
16:29:11.0441 7300  TermService - ok
16:29:11.0472 7300  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\windows\system32\themeservice.dll
16:29:11.0503 7300  Themes - ok
16:29:11.0550 7300  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER    C:\windows\system32\mmcss.dll
16:29:11.0581 7300  THREADORDER - ok
16:29:11.0612 7300  [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM            C:\windows\system32\drivers\tpm.sys
16:29:11.0644 7300  TPM - ok
16:29:11.0675 7300  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\windows\System32\trkwks.dll
16:29:11.0737 7300  TrkWks - ok
16:29:11.0784 7300  [ 075B938565A580E0A880EB0E403A356B ] truecrypt      C:\windows\system32\drivers\truecrypt.sys
16:29:11.0815 7300  truecrypt - ok
16:29:11.0893 7300  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:29:11.0924 7300  TrustedInstaller - ok
16:29:11.0987 7300  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
16:29:12.0018 7300  tssecsrv - ok
16:29:12.0065 7300  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
16:29:12.0096 7300  TsUsbFlt - ok
16:29:12.0174 7300  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
16:29:12.0205 7300  tunnel - ok
16:29:12.0221 7300  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
16:29:12.0236 7300  uagp35 - ok
16:29:12.0283 7300  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\windows\system32\DRIVERS\udfs.sys
16:29:12.0314 7300  udfs - ok
16:29:12.0424 7300  [ 30B78A6296127B7A793CF42CA61B29B0 ] UI Assistant Service C:\Program Files\Join Air\AssistantServices.exe
16:29:12.0439 7300  UI Assistant Service - ok
16:29:12.0455 7300  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect      C:\windows\system32\UI0Detect.exe
16:29:12.0486 7300  UI0Detect - ok
16:29:12.0564 7300  [ 124668ECAC0EFE6E9312B4A4A797EFB8 ] ui11rdr        C:\windows\system32\DRIVERS\ui11rdr.sys
16:29:12.0595 7300  ui11rdr ( UnsignedFile.Multi.Generic ) - warning
16:29:12.0595 7300  ui11rdr - detected UnsignedFile.Multi.Generic (1)
16:29:12.0626 7300  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
16:29:12.0642 7300  uliagpkx - ok
16:29:12.0689 7300  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus          C:\windows\system32\drivers\umbus.sys
16:29:12.0704 7300  umbus - ok
16:29:12.0720 7300  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
16:29:12.0736 7300  UmPass - ok
16:29:12.0798 7300  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\windows\System32\umrdp.dll
16:29:12.0814 7300  UmRdpService - ok
16:29:12.0923 7300  [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C ] UNS            C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:29:13.0016 7300  UNS - ok
16:29:13.0048 7300  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\windows\System32\upnphost.dll
16:29:13.0094 7300  upnphost - ok
16:29:13.0141 7300  [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev        C:\windows\system32\DRIVERS\usbser_lowerflt.sys
16:29:13.0172 7300  upperdev - ok
16:29:13.0219 7300  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp        C:\windows\system32\DRIVERS\usbccgp.sys
16:29:13.0282 7300  usbccgp - ok
16:29:13.0328 7300  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\windows\system32\drivers\usbcir.sys
16:29:13.0344 7300  usbcir - ok
16:29:13.0391 7300  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci        C:\windows\system32\drivers\usbehci.sys
16:29:13.0406 7300  usbehci - ok
16:29:13.0438 7300  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
16:29:13.0469 7300  usbhub - ok
16:29:13.0500 7300  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci        C:\windows\system32\drivers\usbohci.sys
16:29:13.0516 7300  usbohci - ok
16:29:13.0547 7300  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
16:29:13.0578 7300  usbprint - ok
16:29:13.0609 7300  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan        C:\windows\system32\DRIVERS\usbscan.sys
16:29:13.0656 7300  usbscan - ok
16:29:13.0687 7300  [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser          C:\windows\system32\drivers\usbser.sys
16:29:13.0750 7300  usbser - ok
16:29:13.0796 7300  [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt      C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
16:29:13.0828 7300  UsbserFilt - ok
16:29:13.0874 7300  [ F991AB9CC6B908DB552166768176896A ] USBSTOR        C:\windows\system32\DRIVERS\USBSTOR.SYS
16:29:13.0937 7300  USBSTOR - ok
16:29:13.0952 7300  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci        C:\windows\system32\drivers\usbuhci.sys
16:29:13.0968 7300  usbuhci - ok
16:29:13.0984 7300  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
16:29:13.0999 7300  usbvideo - ok
16:29:14.0030 7300  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms          C:\windows\System32\uxsms.dll
16:29:14.0077 7300  UxSms - ok
16:29:14.0077 7300  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\windows\system32\lsass.exe
16:29:14.0093 7300  VaultSvc - ok
16:29:14.0155 7300  [ 66E37F038CF9067BA8FA02423CCA6DAB ] vcsFPService    C:\windows\system32\vcsFPService.exe
16:29:14.0249 7300  vcsFPService - ok
16:29:14.0264 7300  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
16:29:14.0280 7300  vdrvroot - ok
16:29:14.0342 7300  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds            C:\windows\System32\vds.exe
16:29:14.0389 7300  vds - ok
16:29:14.0405 7300  [ 17C408214EA61696CEC9C66E388B14F3 ] vga            C:\windows\system32\DRIVERS\vgapnp.sys
16:29:14.0420 7300  vga - ok
16:29:14.0436 7300  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave        C:\windows\System32\drivers\vga.sys
16:29:14.0498 7300  VgaSave - ok
16:29:14.0530 7300  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp          C:\windows\system32\drivers\vhdmp.sys
16:29:14.0545 7300  vhdmp - ok
16:29:14.0576 7300  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\windows\system32\drivers\viaagp.sys
16:29:14.0592 7300  viaagp - ok
16:29:14.0608 7300  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7          C:\windows\system32\DRIVERS\viac7.sys
16:29:14.0639 7300  ViaC7 - ok
16:29:14.0670 7300  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\windows\system32\drivers\viaide.sys
16:29:14.0686 7300  viaide - ok
16:29:14.0748 7300  [ C2F2911156FDC7817C52829C86DA494E ] vmbus          C:\windows\system32\drivers\vmbus.sys
16:29:14.0764 7300  vmbus - ok
16:29:14.0779 7300  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\windows\system32\drivers\VMBusHID.sys
16:29:14.0810 7300  VMBusHID - ok
16:29:14.0842 7300  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\windows\system32\drivers\volmgr.sys
16:29:14.0857 7300  volmgr - ok
16:29:14.0873 7300  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx        C:\windows\system32\drivers\volmgrx.sys
16:29:14.0888 7300  volmgrx - ok
16:29:14.0951 7300  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap        C:\windows\system32\drivers\volsnap.sys
16:29:14.0966 7300  volsnap - ok
16:29:14.0998 7300  [ B26536ADD1D748CDA104D856C979AE79 ] vpcbus          C:\windows\system32\DRIVERS\vpchbus.sys
16:29:15.0013 7300  vpcbus - ok
16:29:15.0076 7300  [ A0F7E923A6261760130F22B85DF9040E ] vpcnfltr        C:\windows\system32\DRIVERS\vpcnfltr.sys
16:29:15.0154 7300  vpcnfltr - ok
16:29:15.0169 7300  [ 5F4B55E91CE7E2523C9E1E0ECE858869 ] vpcusb          C:\windows\system32\DRIVERS\vpcusb.sys
16:29:15.0185 7300  vpcusb - ok
16:29:15.0263 7300  [ B487191FE18D6863381A1AC55482469A ] vpcvmm          C:\windows\system32\drivers\vpcvmm.sys
16:29:15.0294 7300  vpcvmm - ok
16:29:15.0310 7300  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid        C:\windows\system32\DRIVERS\vsmraid.sys
16:29:15.0325 7300  vsmraid - ok
16:29:15.0356 7300  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS            C:\windows\system32\vssvc.exe
16:29:15.0403 7300  VSS - ok
16:29:15.0434 7300  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
16:29:15.0481 7300  vwifibus - ok
16:29:15.0497 7300  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
16:29:15.0512 7300  vwififlt - ok
16:29:15.0544 7300  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp        C:\windows\system32\DRIVERS\vwifimp.sys
16:29:15.0559 7300  vwifimp - ok
16:29:15.0590 7300  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time        C:\windows\system32\w32time.dll
16:29:15.0637 7300  W32Time - ok
16:29:15.0653 7300  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
16:29:15.0684 7300  WacomPen - ok
16:29:15.0715 7300  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
16:29:15.0793 7300  WANARP - ok
16:29:15.0793 7300  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
16:29:15.0824 7300  Wanarpv6 - ok
16:29:15.0887 7300  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc    C:\windows\system32\Wat\WatAdminSvc.exe
16:29:15.0980 7300  WatAdminSvc - ok
16:29:16.0043 7300  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\windows\system32\wbengine.exe
16:29:16.0152 7300  wbengine - ok
16:29:16.0183 7300  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
16:29:16.0214 7300  WbioSrvc - ok
16:29:16.0324 7300  [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm        C:\windows\WindowsMobile\wcescomm.dll
16:29:16.0355 7300  WcesComm - ok
16:29:16.0402 7300  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc        C:\windows\System32\wcncsvc.dll
16:29:16.0464 7300  wcncsvc - ok
16:29:16.0495 7300  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:29:16.0526 7300  WcsPlugInService - ok
16:29:16.0542 7300  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\windows\system32\DRIVERS\wd.sys
16:29:16.0558 7300  Wd - ok
16:29:16.0620 7300  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
16:29:16.0651 7300  Wdf01000 - ok
16:29:16.0667 7300  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\windows\system32\wdi.dll
16:29:16.0714 7300  WdiServiceHost - ok
16:29:16.0729 7300  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost  C:\windows\system32\wdi.dll
16:29:16.0745 7300  WdiSystemHost - ok
16:29:16.0792 7300  [ A9D880F97530D5B8FEE278923349929D ] WebClient      C:\windows\System32\webclnt.dll
16:29:16.0838 7300  WebClient - ok
16:29:16.0870 7300  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\windows\system32\wecsvc.dll
16:29:16.0916 7300  Wecsvc - ok
16:29:16.0963 7300  [ AC804569BB2364FB6017370258A4091B ] wercplsupport  C:\windows\System32\wercplsupport.dll
16:29:17.0010 7300  wercplsupport - ok
16:29:17.0072 7300  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\windows\System32\WerSvc.dll
16:29:17.0119 7300  WerSvc - ok
16:29:17.0182 7300  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
16:29:17.0228 7300  WfpLwf - ok
16:29:17.0228 7300  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\windows\system32\drivers\wimmount.sys
16:29:17.0244 7300  WIMMount - ok
16:29:17.0306 7300  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend      C:\Program Files\Windows Defender\mpsvc.dll
16:29:17.0353 7300  WinDefend - ok
16:29:17.0369 7300  WinHttpAutoProxySvc - ok
16:29:17.0416 7300  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt        C:\windows\system32\wbem\WMIsvc.dll
16:29:17.0478 7300  Winmgmt - ok
16:29:17.0525 7300  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM          C:\windows\system32\WsmSvc.dll
16:29:17.0618 7300  WinRM - ok
16:29:17.0696 7300  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUSB          C:\windows\system32\DRIVERS\WinUsb.sys
16:29:17.0728 7300  WinUSB - ok
16:29:17.0759 7300  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc        C:\windows\System32\wlansvc.dll
16:29:17.0821 7300  Wlansvc - ok
16:29:17.0852 7300  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi        C:\windows\system32\drivers\wmiacpi.sys
16:29:17.0868 7300  WmiAcpi - ok
16:29:17.0884 7300  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
16:29:17.0899 7300  wmiApSrv - ok
16:29:18.0008 7300  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
16:29:18.0102 7300  WMPNetworkSvc - ok
16:29:18.0118 7300  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\windows\System32\wpcsvc.dll
16:29:18.0149 7300  WPCSvc - ok
16:29:18.0196 7300  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
16:29:18.0227 7300  WPDBusEnum - ok
16:29:18.0258 7300  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl        C:\windows\system32\drivers\ws2ifsl.sys
16:29:18.0305 7300  ws2ifsl - ok
16:29:18.0336 7300  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\windows\System32\wscsvc.dll
16:29:18.0383 7300  wscsvc - ok
16:29:18.0383 7300  WSearch - ok
16:29:18.0461 7300  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\windows\system32\wuaueng.dll
16:29:18.0586 7300  wuauserv - ok
16:29:18.0632 7300  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
16:29:18.0710 7300  WudfPf - ok
16:29:18.0742 7300  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
16:29:18.0788 7300  WUDFRd - ok
16:29:18.0820 7300  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc        C:\windows\System32\WUDFSvc.dll
16:29:18.0835 7300  wudfsvc - ok
16:29:18.0866 7300  [ 69D5B92C5A787E405534DCE9054B3922 ] WwanSvc        C:\windows\System32\wwansvc.dll
16:29:18.0898 7300  WwanSvc - ok
16:29:18.0991 7300  [ 253AFE12E831F28F9D745E25E6333DA2 ] yksvc          C:\windows\System32\yk62x86.dll
16:29:19.0038 7300  yksvc - ok
16:29:19.0069 7300  [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7        C:\windows\system32\DRIVERS\yk62x86.sys
16:29:19.0100 7300  yukonw7 - ok
16:29:19.0178 7300  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbmdm6k    C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys
16:29:19.0210 7300  ZTEusbmdm6k - ok
16:29:19.0225 7300  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbnmea      C:\windows\system32\DRIVERS\ZTEusbnmea.sys
16:29:19.0241 7300  ZTEusbnmea - ok
16:29:19.0272 7300  [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbser6k    C:\windows\system32\DRIVERS\ZTEusbser6k.sys
16:29:19.0288 7300  ZTEusbser6k - ok
16:29:19.0319 7300  ================ Scan global ===============================
16:29:19.0366 7300  [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
16:29:19.0412 7300  [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll
16:29:19.0428 7300  [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll
16:29:19.0459 7300  [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
16:29:19.0490 7300  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
16:29:19.0490 7300  [Global] - ok
16:29:19.0506 7300  ================ Scan MBR ==================================
16:29:19.0506 7300  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:29:19.0912 7300  \Device\Harddisk0\DR0 - ok
16:29:19.0912 7300  ================ Scan VBR ==================================
16:29:19.0912 7300  [ DAD5035771576784088C78B6F9EADAC7 ] \Device\Harddisk0\DR0\Partition1
16:29:19.0912 7300  \Device\Harddisk0\DR0\Partition1 - ok
16:29:19.0943 7300  [ 884C21594441C30E03C8BF9ED42F6DA1 ] \Device\Harddisk0\DR0\Partition2
16:29:19.0943 7300  \Device\Harddisk0\DR0\Partition2 - ok
16:29:19.0974 7300  [ 0953A2C5366B1EB73E79412F417AED70 ] \Device\Harddisk0\DR0\Partition3
16:29:19.0974 7300  \Device\Harddisk0\DR0\Partition3 - ok
16:29:19.0990 7300  [ D0947716EAF5F9E0D9251AEA541B48AD ] \Device\Harddisk0\DR0\Partition4
16:29:19.0990 7300  \Device\Harddisk0\DR0\Partition4 - ok
16:29:19.0990 7300  ============================================================
16:29:19.0990 7300  Scan finished
16:29:19.0990 7300  ============================================================
16:29:20.0005 7312  Detected object count: 11
16:29:20.0005 7312  Actual detected object count: 11
16:29:52.0767 7312  HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0767 7312  HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:29:52.0767 7312  HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0767 7312  HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:29:52.0767 7312  HPFSService ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0767 7312  HPFSService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:29:52.0767 7312  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0767 7312  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:29:52.0767 7312  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0767 7312  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:29:52.0767 7312  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0767 7312  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:29:52.0767 7312  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0767 7312  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:29:52.0783 7312  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0783 7312  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:29:52.0783 7312  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0783 7312  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:29:52.0783 7312  SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
16:29:52.0783 7312  SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip
16:29:52.0783 7312  ui11rdr ( UnsignedFile.Multi.Generic ) - skipped by user
16:29:52.0783 7312  ui11rdr ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg 03.01.2013 19:33
Hi
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

XXp 03.01.2013 20:19
Hi,

hier das log von ComboFix. Ich hab übrigens keine Fehlermeldung beim Neustart bekommen.
Code:
ComboFix 13-01-03.05 - XXp 03.01.2013  19:58:01.1.4 - x86
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.3062.1652 [GMT 1:00]
ausgeführt von:: c:\users\XXp\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1&1
c:\programdata\1&1\1&1 Upload-Manager\ULMSettings.xml
c:\programdata\dsgsdgdsgdsgw.pad
c:\programdata\ism_0_llatsni.pad
c:\users\XXp\AppData\Roaming\1&1
c:\users\XXp\AppData\Roaming\1&1\1&1 Upload-Manager\ULMSettings.xml
c:\users\XXp\ComboFix.exe.part
c:\windows\IsUn0407.exe
c:\windows\system32\pt
c:\windows\system32\pt\DPCont32.dll.mui
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-12-03 bis 2013-01-03  ))))))))))))))))))))))))))))))
.
.
2013-01-02 17:14 . 2013-01-02 17:14        --------        d-----w-        c:\users\XXp\AppData\Roaming\Malwarebytes
2013-01-02 17:13 . 2013-01-02 17:13        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2013-01-02 17:13 . 2013-01-02 17:13        --------        d-----w-        c:\programdata\Malwarebytes
2013-01-02 17:13 . 2012-12-14 15:49        21104        ----a-w-        c:\windows\system32\drivers\mbam.sys
2013-01-02 16:56 . 2012-11-08 18:00        6812136        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE6DDB0E-22FA-4939-9D47-6258DC92409D}\mpengine.dll
2013-01-02 16:14 . 2013-01-02 16:24        --------        d-----w-        c:\users\TEMP
2012-12-28 11:34 . 2013-01-03 16:28        --------        d-----r-        c:\users\XXp\Dropbox
2012-12-28 11:30 . 2013-01-03 16:41        --------        d-----w-        c:\users\XXp\AppData\Roaming\Dropbox
2012-12-24 11:53 . 2012-11-12 10:41        171136        ----a-w-        c:\program files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
2012-12-24 11:52 . 2012-12-24 11:53        --------        d-----w-        c:\program files\Tracker Software
2012-12-21 08:31 . 2012-12-16 14:13        295424        ----a-w-        c:\windows\system32\atmfd.dll
2012-12-21 08:31 . 2012-12-16 14:13        34304        ----a-w-        c:\windows\system32\atmlib.dll
2012-12-20 18:49 . 2012-12-20 18:49        --------        d-----w-        C:\MyTools
2012-12-20 17:13 . 2012-12-20 17:13        --------        d-----w-        c:\program files\Microsoft Research
2012-12-17 08:19 . 2012-12-17 08:19        --------        d-----w-        c:\programdata\Licenses
2012-12-17 08:14 . 2012-12-17 08:14        --------        d-----w-        c:\program files\Common Files\HDX4
2012-12-15 22:43 . 2012-12-15 22:43        --------        d-----w-        c:\users\XXp\AppData\Roaming\pdfforge
2012-12-15 22:43 . 2012-10-28 17:32        88576        ----a-w-        c:\windows\system32\pdfcmon.dll
2012-12-15 22:43 . 2012-05-05 09:54        137000        ----a-w-        c:\windows\system32\MSMAPI32.OCX
2012-12-15 22:43 . 1998-07-06 16:55        158208        ----a-w-        c:\windows\system32\MSCMCDE.DLL
2012-12-15 22:43 . 1998-07-06 16:55        64512        ----a-w-        c:\windows\system32\MSCC2DE.DLL
2012-12-15 22:43 . 2012-05-05 09:54        23552        ----a-w-        c:\windows\system32\MSMPIDE.DLL
2012-12-15 22:13 . 2012-12-15 22:13        --------        d-----w-        c:\programdata\PDF Architect
2012-12-15 22:11 . 2012-12-15 22:11        --------        d-----w-        c:\users\XXp\AppData\Roaming\PDF Architect
2012-12-15 22:08 . 2012-12-15 22:08        --------        d-----w-        c:\users\XXp\AppData\Roaming\APP_NAME_NON_STRING
2012-12-15 10:47 . 2012-12-15 10:47        --------        d-----w-        c:\program files\DriveCleanup
2012-12-12 08:17 . 2012-11-02 05:11        376832        ----a-w-        c:\windows\system32\dpnet.dll
2012-12-12 08:17 . 2012-11-09 04:42        2048        ----a-w-        c:\windows\system32\tzres.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 09:34 . 2012-04-14 16:18        697272        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-12-12 09:34 . 2011-05-15 08:55        73656        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-12 09:34 . 2012-10-09 09:34        16363960        ----a-w-        c:\windows\system32\FlashPlayerInstaller.exe
2012-12-03 09:48 . 2012-12-03 09:48        255352        ----a-w-        c:\windows\system32\awrdscdc.ax
2012-11-04 17:30 . 2010-07-31 11:58        16400        ----a-w-        c:\windows\system32\drivers\LNonPnP.sys
2012-11-02 14:37 . 2012-11-02 14:37        862664        ----a-w-        c:\windows\system32\msvcr110.dll
2012-11-02 14:37 . 2012-11-02 14:37        534480        ----a-w-        c:\windows\system32\msvcp110.dll
2012-11-02 14:37 . 2012-11-02 14:37        44184        ----a-w-        c:\windows\system32\drivers\point32.sys
2012-11-02 14:37 . 2012-11-02 14:37        251864        ----a-w-        c:\windows\system32\vccorlib110.dll
2012-11-01 20:52 . 2012-11-01 20:52        64664        ----a-w-        c:\windows\system32\drivers\dc3d.sys
2012-11-01 20:52 . 2012-11-01 20:52        1629040        ----a-w-        c:\windows\system32\WdfCoInstaller01011.dll
2012-10-16 07:39 . 2012-12-01 15:27        561664        ----a-w-        c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40 . 2012-11-14 10:12        44032        ----a-w-        c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 10:12        193536        ----a-w-        c:\windows\system32\dhcpcore6.dll
2012-12-03 16:11 . 2011-10-03 18:39        262112        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        129272        ----a-w-        c:\users\XXp\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        129272        ----a-w-        c:\users\XXp\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32        129272        ----a-w-        c:\users\XXp\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-25 186904]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2009-11-18 1690680]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" [2009-10-22 363064]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-04 153640]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-04 400936]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-10-20 98304]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-10-12 495708]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
"UIExec"="c:\program files\Join Air\UIExec.exe" [2010-04-27 138072]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"IFXSPMGT"="c:\program files\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2009-10-02 1107232]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-15 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"IntelliType Pro"="c:\program files\Microsoft Mouse and Keyboard Center\itype.exe" [2012-11-02 1093232]
"IntelliPoint"="c:\program files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2012-11-02 1668720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-10-06 02:43        75320        ----a-w-        c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29        64592        ----a-w-        c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages        REG_MULTI_SZ          DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51        919008        ----a-w-        c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 06:22        59240        ----a-w-        c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2009-06-19 09:44        195072        ----a-w-        c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
2010-05-06 00:30        11268096        ----a-w-        c:\program files\Hewlett-Packard\File Sanitizer\coreshredder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36        30040        ----a-w-        c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService]
2008-11-03 11:21        339240        ----a-w-        c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-09-03 17:07        288312        ----a-w-        c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28        421888        ----a-w-        c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SansaDispatch]
2012-10-25 08:06        79872        ----a-w-        c:\users\XXp\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
.
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [x]
R3 GigasetGenericUSB;GigasetGenericUSB;c:\windows\system32\DRIVERS\GigasetGenericUSB.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [x]
R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [x]
R4 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
R4 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\program files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [x]
S1 RsvLock;RsvLock; [x]
S1 ui11rdr;ui11rdr;c:\windows\system32\DRIVERS\ui11rdr.sys [x]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\aestsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [x]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [x]
S2 UI Assistant Service;UI Assistant Service;c:\program files\Join Air\AssistantServices.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [x]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys [x]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 NETw5s32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 32-Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
HPService        REG_MULTI_SZ          HPSLPSVC
WindowsMobile        REG_MULTI_SZ          wcescomm rapimgr
LocalServiceRestricted        REG_MULTI_SZ          WcesComm RapiMgr
GPSvcGroup        REG_MULTI_SZ          GPSvc
yksvcs        REG_MULTI_SZ          yksvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2012-07-02 14:40        453736        ----a-w-        c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 10:42]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - ExtSQL: 2012-12-15 12:35; {2d4271b9-cc9f-4f37-8b1e-340293eacd5c}; c:\users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\extensions\{2d4271b9-cc9f-4f37-8b1e-340293eacd5c}.xpi
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKU-Default-Run-FRITZ!protect - FwebProt.exe
AddRemove-Adobe Photoshop 5.0 Limited Edition - c:\windows\UNIN0407.EXE
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(708)
c:\windows\system32\DPFPApi.DLL
.
- - - - - - - > 'Explorer.exe'(4596)
c:\users\XXp\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-03  20:17:21 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-01-03 19:17
.
Vor Suchlauf: 13 Verzeichnis(se), 53.973.692.416 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 55.157.981.184 Bytes frei
.
- - End Of File - - EBBDF160CE26708A3B8E3F366ACF7C25

markusg 03.01.2013 21:14
Hi

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools,uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

XXp 03.01.2013 21:48
Hi,

habe CCleaner installiert.
Ich interpretiere dein "Tools,uninstall Llist, als txt speichern. öffnen" als "Extras"-"Programme deinstallieren"-"Als Textdatei speichern"-öffnen.
Die dann bearbeitete Liste ist:

Code:
1&1 Upload-Manager        1&1 Internet AG        09.08.2012                2.0.676        notwendig
7-Zip 9.20                24.07.2011                notwendig
ABBYY FineReader 11        ABBYY        09.04.2012        704MB        11.0.460        notwendig
ActivClient x86        ActivIdentity        16.12.2009        13,7MB        6.2        unbekannt
Adobe AIR        Adobe Systems Incorporated        29.12.2011                3.1.0.4880        notwendig
Adobe Digital Editions                09.04.2012                notwendig       
Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        12.12.2012        6,00MB        11.5.502.135 notwendig
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        12.12.2012        6,00MB        11.5.502.135 notwendig
Adobe Reader X (10.1.4) - Deutsch        Adobe Systems Incorporated        14.11.2012        120MB        10.1.4 notwendig
Apple Application Support        Apple Inc.        10.12.2011        61,2MB        2.1.5        unnötig
Apple Software Update        Apple Inc.        10.12.2011        2,38MB        2.1.3.127        unbekannt
ArcSoft Software Suite        ArcSoft        06.06.2010                1.0        notwendig
ATI Catalyst Install Manager        ATI Technologies, Inc.        09.05.2010        16,2MB        3.0.750.0        notwendig
AudibleManager        Audible, Inc.        03.12.2012                1997822576.48.56.29625714 unnötig
Avira Free Antivirus        Avira        15.11.2012        104MB        12.1.9.1236        notwendig
AVM FRITZ!Box USB-Fernanschluss        AVM Berlin        24.04.2012                2.2.1.0        notwendig
AVM FRITZ!DSL        AVM Berlin        26.05.2010        11,5MB        2.04.03        notwendig
BitTorrent                01.11.2010                7.1.0        notwendig
calibre        Kovid Goyal        28.12.2012        137MB        0.9.12        notwendig
Carcassonne                24.05.2010                        notwendig
Carcassonne Add-On                24.05.2010                notwendig
CCleaner        Piriform        19.12.2012                3.26        notwendig
CP2101 USB to UART Bridge Controller Driver Installation                13.06.2010                        notwendig
CyberView X Multiple-Slides Scanner v1.17.i                22.08.2012                1.17.i        notwendig
DDBAC        DataDesign        07.12.2010        8,45MB        4.3.51        notwendig
Device Access Manager for HP ProtectTools        Hewlett-Packard        16.12.2009        10,3MB        5.0.1.3        notwendig
DHTML Editing Component        Microsoft Corporation        24.05.2010        554KB        6.02.0001        unbekannt
Drive Encryption for HP ProtectTools        Hewlett-Packard        16.12.2009        65,5MB        5.0.2.8        notwendig
Dropbox        Dropbox, Inc.        28.12.2012                1.6.10        notwendig
ElsterFormular        Landesfinanzdirektion Thüringen        14.01.2012        158MB        13.0.0.8086p        notwendig
Embedded Security for HP ProtectTools        Hewlett-Packard        12.10.2011        82,0MB        5.7.000        notwendig
FastStone Photo Resizer 3.0        FastStone Soft.        13.01.2011                3.0        notwendig
File Sanitizer For HP ProtectTools        Hewlett-Packard        12.10.2011        53,1MB        5.0.1.4        notwendig
FileZilla Client 3.3.3                31.07.2010                3.3.3        notwendig
funScreenScraping Client Version        fun communications GmbH        24.05.2010        1,86MB        1.0.22        unbekannt
funScreenScraping Microsoft Systemdateien        fun communications GmbH        24.05.2010        1,61MB        1.0.6        unbekannt
Garmin MapSource        Garmin Ltd or its subsidiaries        25.06.2012        59,4MB        6.16.3        notwendig
Garmin USB Drivers        Garmin Ltd or its subsidiaries        25.06.2012        125KB        2.3.0.0        notwendig
Gigaset QuickSync        Gigaset Communications GmbH        19.01.2012        6,96MB        7.1.0841.3        notwendig
GIMP 2.8.2        The GIMP Team        14.10.2012        222MB        2.8.2        notwendig
Google Earth        Google        22.11.2011        92,7MB        6.1.0.5001        notwendig
HP 3D DriveGuard        Hewlett-Packard        16.12.2009        2,94MB        4.0.4.1        unbekannt
HP Advisor        Hewlett-Packard        16.12.2009        49,2MB        3.3.9512.3162        unbekannt
HP Business Card Reader        Hewlett-Packard        09.05.2010        62,2MB        0.6.2.0        unnötig
HP Common Access Service Library        Hewlett-Packard        16.12.2009        0,99MB        3.0.37.1        notwendig
HP Customer Participation Program 13.0        HP        26.05.2010                13.0        unnötig
HP ESU for Microsoft Windows 7        Hewlett-Packard Company        04.11.2011        16,7MB        1.1.13.2        notwendig
HP Imaging Device Functions 13.0        HP        26.05.2010                13.0        notwendig
HP Integrated Module with Bluetooth wireless technology        Broadcom Corporation        09.05.2010        88,4MB        6.2.1.500        notwendig
HP OfficeJet J5700        HP        18.10.2010                13.0        notwendig
HP Photosmart C4340 All-In-One Driver Software 13.0 Rel. 3        HP        26.05.2010                13.0        notwendig
HP Photosmart Essential 3.5        HP        26.05.2010                3.5        notwendig
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B        HP        28.10.2010                13.0        notwendig
HP Power Assistant        Hewlett-Packard        16.12.2009        6,76MB        1.0.1.12        notwendig
HP ProtectTools Security Manager        Hewlett-Packard Company        12.10.2011        63,1MB        5.12.754        notwendig
HP Quick Launch Buttons        Hewlett-Packard        16.12.2009                6.50.9.1        notwendig
HP QuickLook        Hewlett-Packard        09.05.2010        78,8MB        3.1.0.4        unbekannt
HP QuickWeb        DeviceVM, Inc.        09.05.2010        353MB        1.0.1.45 unbekannt
HP Setup        Hewlett-Packard        16.12.2009                1.2.3557.3169        notwendig
HP Smart Web Printing 4.51        HP        26.05.2010                4.51        unnötig
HP SoftPaq Download Manager        Hewlett-Packard Company        16.12.2009        14,5MB        3.0.5.0        notwendig
HP Software Setup        Hewlett-Packard Company        16.12.2009        11,6MB        7.0.1.5        notwendig
HP Solution Center 13.0        HP        26.05.2010                13.0        notwendig
HP Support Assistant        Hewlett-Packard        16.12.2009        32,2MB        4.2.8.3        notwendig
HP Update        Hewlett-Packard        23.05.2010        3,72MB        4.000.011.006        notwendig
HP User Guides 0142        Hewlett-Packard        16.12.2009        303MB        1.01.0001        notwendig
HP Wallpaper        Hewlett-Packard Company        16.12.2009        72,4MB        1.0.1.3        unbekannt
HP Webcam        Roxio        09.05.2010        8,78MB        1.0        notwendig
HP Webcam Driver        Sonix        09.05.2010                5.8.50009.1        notwendig
HP Wireless Assistant        Hewlett-Packard        16.12.2009        4,14MB        4.0.1.10        notwendig
IDT Audio        IDT        09.05.2010                1.0.6246.0        unbekannt
Intel(R) Management Engine Components        Intel Corporation        16.12.2009                6.0.0.1179        notwendig
Intel(R) Turbo Boost Technology Driver        Intel Corporation        16.01.2012                01.02.00.1002        notwendig
Intel® Matrix Storage Manager        Intel Corporation        09.05.2010                notwendig       
IrfanView (remove only)        Irfan Skiljan        10.12.2012        2,00MB        4.35        notwendig
Japanese Fonts Support For Adobe Reader X        Adobe Systems Incorporated        26.03.2012        61,6MB        10.0.0 unnötig
Java Card Security for HP ProtectTools        Hewlett-Packard        16.12.2009        1,01MB        5.0.4.1        notwendig
Java(TM) 6 Update 31        Oracle        11.03.2012        95,1MB        6.0.310        notwendig
JDownloader        AppWork UG (haftungsbeschränkt)        02.11.2010                notwendig
Join Air        ZTE Corporation        14.08.2010                1.0.0.2        notwendig
Lexware Info Service        Lexware GmbH & Co. KG        11.06.2010        10,1MB        2.61.00.0033        notwendig
Lexware online banking        Lexware GmbH & Co. KG        11.06.2010        29,2MB        10.00.00.0102        notwendig
LightScribe System Software        LightScribe        29.11.2012        26,3MB        1.18.26.7        notwendig
LightScribe Template Designs - Memories        LightScribe        29.11.2012        3,15MB        1.18.18.0        notwendig
logbookkonni_pi 1.1                19.11.2012                1.1        notwendig
Logitech SetPoint 6.15        Logitech        31.07.2010        39,0MB        6.15.25        notwendig
Malwarebytes Anti-Malware Version 1.70.0.1100        Malwarebytes Corporation        02.01.2013        18,4MB        1.70.0.1100        notwendig
Marvell Miniport Driver        Marvell        09.05.2010                10.70.5.3        notwendig
Microsoft .NET Framework 1.1                23.05.2010                notwendig
Microsoft .NET Framework 1.1 German Language Pack        Microsoft        23.05.2010        3,02MB        1.1.4322        notwendig
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        05.01.2012        38,8MB        4.0.30319        notwendig
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        05.01.2012        2,93MB        4.0.30319        notwendig
Microsoft Image Composite Editor        Microsoft Corporation        20.12.2012        4,16MB        1.4.4        notwendig
Microsoft Office Enterprise 2007        Microsoft Corporation        05.01.2012                12.0.6612.1000        notwendig
Microsoft Office File Validation Add-In        Microsoft Corporation        08.01.2012        7,95MB        14.0.5130.5003        notwendig
Microsoft Office Project Standard 2007        Microsoft Corporation        05.01.2012                12.0.6612.1000        notwendig
Microsoft Silverlight        Microsoft Corporation        09.05.2012        64,7MB        5.1.10411.0        notwendig
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        17.08.2010        1,72MB        3.1.0000        notwendig
Microsoft Sync Framework Runtime Native v1.0 (x86)        Microsoft Corporation        23.05.2010        625KB        1.0.1215.0        notwendig
Microsoft Sync Framework Services Native v1.0 (x86)        Microsoft Corporation        17.08.2010        1,44MB        1.0.1215.0        notwendig
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        04.11.2010        250KB        8.0.50727.4053        notwendig
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        27.12.2011        298KB        8.0.56336        notwendig
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        12.04.2011        598KB        9.0.30729.5570        notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        16.12.2009        2,06MB        9.0.21022        notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        26.05.2010        598KB        9.0.30729        notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        16.12.2009        594KB        9.0.30729        notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        24.07.2010        590KB        9.0.30729.4148        notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        04.01.2012        600KB        9.0.30729.6161        notwendig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        27.12.2011        16,5MB        10.0.40219        notwendig
Microsoft-Maus- und Tastatur-Center        Microsoft Corporation        23.11.2012                2.0.162.0        notwendig
Mozilla Firefox 17.0.1 (x86 de)        Mozilla        03.12.2012        43,1MB        17.0.1        notwendig
Mozilla Maintenance Service        Mozilla        03.12.2012        329KB        17.0.1        notwendig
Mp3tag v2.46a        Florian Heidenreich        21.10.2010                v2.46a        notwendig
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        31.07.2010        37,0KB        4.20.9870.0        unbekannt
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        31.07.2010        1,33MB        4.20.9876.0        unbekannt
MSXML 4.0 SP3 Parser        Microsoft Corporation        22.07.2011        1,47MB        4.30.2100.0        unbekannt
MSXML 4.0 SP3 Parser (KB2721691)        Microsoft Corporation        11.07.2012        1,53MB        4.30.2114.0        unbekannt
MSXML 4.0 SP3 Parser (KB973685)        Microsoft Corporation        27.12.2011        1,53MB        4.30.2107.0        unbekannt
NetObjects Fusion 10.0                06.06.2010                10.0 German        notwendig
Nokia Connectivity Cable Driver        Nokia        31.08.2012        3,35MB        7.1.78.0        notwendig
Nokia Suite        Nokia        31.08.2012                3.5.34.0        notwendig
OCR Software by I.R.I.S. 13.0        HP        26.05.2010                13.0        notwendig
OpenCPN 3.0.2        opencpn.org        18.11.2012                3.0.2        notwendig
PC Connectivity Solution        Nokia        31.08.2012        15,0MB        12.0.32.0        notwendig
PDF-Viewer        Tracker Software Products Ltd        24.12.2012        35,6MB        2.5.207.0        notwendig
PDFCreator        pdfforge        15.12.2012                1.6.1        notwendig
pdfsam                30.10.2010                2.2.0        notwendig
PDFtoEPUB        DNAML Pty Ltd.        29.01.2012                1.5.0        notwendig
Picasa 3        Google, Inc.        15.10.2012                3.8        notwendig
Privacy Manager for HP ProtectTools        Hewlett-Packard Company        12.10.2011        12,4MB        5.11.814        notwendig
Python 2.7 pycrypto-2.3        Dwayne C. Litzenberger        08.03.2011        1,93MB        2.3.0        notwendig
Python 2.7.1        Python Software Foundation        08.03.2011        51,0MB        2.7.1150        notwendig
Quicken 2011        Lexware GmbH & Co. KG        11.06.2010        398MB        18.00.00.0084        notwendig
Quicken 2011 - ServicePack 4        Haufe-Lexware GmbH & Co KG        01.01.2011        29,1MB        18.04.00.0123        notwendig
Quicken Import Export Server 2011        Lexware GmbH & Co. KG        11.06.2010        9,15MB        18.00.00.0081        notwendig
QuickTime        Apple Inc.        10.12.2011        73,2MB        7.71.80.42        notwendig
RICOH Media Driver        RICOH        16.12.2009                2.13.00.05        notwendig
Roxio Creator Business        Roxio        09.05.2010        1,62GB        10.3        notwendig
Sansa Updater        SanDisk Corporation        25.10.2012        680KB        1.313        notwendig
Scan Tailor                09.04.2012                        notwendig
Shop for HP Supplies        HP        26.05.2010                13.0 unnötig
Sigil 0.6.0        John Schember        01.11.2012        46,9MB                notwendig
SilverFast AFL 6.6.2r5        LaserSoft Imaging AG        27.08.2012                        notwendig
Skype™ 5.10        Skype Technologies S.A.        24.08.2012        19,4MB        5.10.116        notwendig
Spyder3Pro                21.10.2012                        notwendig
Synaptics Pointing Device Driver        Synaptics Incorporated        12.04.2011        46,4MB        15.0.24.0        notwendig
SyncBack        2BrightSparks        24.05.2010        4,57MB        notwendig
Theft Recovery        Hewlett-Packard        16.12.2009        0,99MB        5.1.0.18        notwendig
TreeSize Free V2.4        JAM Software        26.09.2010        3,13MB        2.4        notwendig
TrueCrypt        TrueCrypt Foundation        26.09.2010                7.0        notwendig
Turbo Lister 2        eBay Inc.        24.05.2010        77,5MB        2.00.0000        notwendig
TV-Browser 3.0.1        TV-Browser Team        21.07.2011                3.0.1        notwendig
UltraEdit-32 Uninstall                08.10.2010                        notwendig
Validity Fingerprint Driver        Validity Sensors, Inc.        09.05.2010        7,03MB        4.0.6.0        notwendig
Wertpapieranalyse 2011        Haufe-Lexware GmbH & Co. KG        11.06.2010        94,0MB        1.00.0003        notwendig
Windows 7 Default Setting        Hewlett-Packard Company        16.12.2009        262KB        1.0.1.4        notwendig
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000)        Broadcom        09.05.2010                06/15/2009 6.2.0.9000        notwendig
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)        Broadcom        09.05.2010                07/30/2009 6.2.0.9405        notwendig
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)        Broadcom        09.05.2010                07/28/2009 6.2.0.9800        notwendig
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)        Garmin        25.06.2012                06/03/2009 2.3.0.0        notwendig
Windows Live Anmelde-Assistent        Microsoft Corporation        23.05.2010        1,93MB        5.000.818.5        notwendig
Windows Live Essentials        Microsoft Corporation        17.08.2010                14.0.8117.0416        notwendig
Windows Live Sync        Microsoft Corporation        17.08.2010        2,79MB        14.0.8117.416        notwendig
Windows Live-Uploadtool        Microsoft Corporation        23.05.2010        224KB        14.0.8014.1029        notwendig
Windows Media Player Firefox Plugin        Microsoft Corp        10.12.2011        296KB        1.0.0.8        notwendig
Windows Mobile-Gerätecenter        Microsoft Corporation        11.01.2011        27,4MB        6.1.6965.0        notwendig
Windows Mobile-Gerätecenter: Treiberupdate        Microsoft Corporation        11.01.2011        35,3MB        6.0.6783.0        notwendig
Windows XP Mode        Microsoft Corporation        24.05.2010        1,13GB        1.3.7600.16422        notwendig
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0)        Nokia        31.08.2012                05/31/2012 7.1.2.0        notwendig
WinRAR 4.11 (32-Bit)        win.rar GmbH        23.03.2012                4.11.0        notwendig
WinZip                27.12.2011                        notwendig
XMedia Recode Version 3.1.0.5        XMedia Recode        03.06.2012        16,3MB        3.1.0.5        notwendig

markusg 05.01.2013 18:38
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
AudibleManager
funScreenScraping : beide
Japanese
Java
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:

Öffne CCleaner, analysieren, starten, PC neustarten
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste
    mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

XXp 06.01.2013 00:47
Hi,

alles gemacht.

Hier das log von adwcleaner.exe:
Code:
# AdwCleaner v2.104 - Datei am 06/01/2013 um 00:45:03 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : XXp - XANTHIPPE
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\XXp\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Users\XXp\AppData\Roaming\pdfforge
Ordner Gefunden : C:\Users\XXp\AppData\Roaming\yourfiledownloader

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gefunden : HKLM\SOFTWARE\Software

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\Doof\AppData\Roaming\Mozilla\Firefox\Profiles\smh8ut7p.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1245 octets] - [06/01/2013 00:45:03]

########## EOF - C:\AdwCleaner[R1].txt - [1305 octets] ##########

markusg 07.01.2013 16:22
Hi,


Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe
    alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein
    Rechner wird neu gestartet, je nach Schwere der Infektion auch mehrmals - das ist normal. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den
    Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x = fortlaufende Nummer)

Neustarten bitte, testen, wie der PC + Programme laufen.

XXp 07.01.2013 19:30
Hi,

adwcleaner.exe löschen lassen.
Hier das Log:
Code:
# AdwCleaner v2.104 - Datei am 07/01/2013 um 18:00:10 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzer : XXp- XANTHIPPE
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\XXp\Eigene Dokumente\zz_Malware_Beseitigung\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\XXp\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\XXp\AppData\Roaming\yourfiledownloader

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\prefs.js

C:\Users\XXp\AppData\Roaming\Mozilla\Firefox\Profiles\dbe4lzqw.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

Datei : C:\Users\Doof\AppData\Roaming\Mozilla\Firefox\Profiles\smh8ut7p.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1448 octets] - [07/01/2013 18:00:10]

########## EOF - C:\AdwCleaner[S1].txt - [1508 octets] ##########
Ich sehe im Moment kein abnormes Verhalten. Sowohl Malwarebytes als auch Antivir im ausführlichen Modus über die Platte und externe Datenbestände laufen lassen und keine weiteren Fehler gefunden.

Gruß,
XXp

markusg 07.01.2013 20:00
Es ging mir nicht um einen weiteren Scan, du solltest eher deine Programme testen, Browser wie firefox, internet explorer zb.
Wenn alles läuft:
Öffne otl, bereinigen, PC startet neu, löscht remover, Übriggebliebene Logs, Seups, bzw von uns verwendete Programme, kannst du löschen, und den Papierkorb leeren.
Danach PC absichern:
als antimalware programm würde ich emsisoft empfehlen.
diese haben für mich den besten schutz kostet aber etwas.
http://www.trojaner-board.de/103809-...i-malware.html
testversion:
Meine Antivirus-Empfehlung: Emsisoft Anti-Malware
insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren.
vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen.

kostenlos, aber eben nicht ganz so gut währe avast zu empfehlen.
http://www.trojaner-board.de/110895-...antivirus.html

sag mir welches du nutzt, dann gebe ich konfigurationshinweise.
bitte dein bisheriges av deinstalieren
die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch!

http://www.trojaner-board.de/96344-a...-rechners.html
Starte bitte mit der Passage, Windows Vista und Windows 7
Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist.
aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen.
als browser rate ich dir zu chrome:
Installation von Google Chrome für mehrere Nutzerkonten - Google Chrome-Hilfe
anleitung lesen bitte
falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung anpassen.


Sandboxie
Die devinition einer Sandbox ist hier nachzulesen:
Sandbox
Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen.

Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen.
Download Link:
Sandboxie - Download - Filepony

anleitung:
http://www.trojaner-board.de/71542-a...sandboxie.html
ausführliche anleitung als pdf, auch abarbeiten:
Sandbox Einstellungen |

bitte folgende zusatz konfiguration machen:
sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen.
dort klicke auf sandbox einstellungen.
beschrenkungen, bei programm start und internet zugriff schreibe:
chrome.exe
dann gehe auf anwendungen, webbrowser, chrome.
dort aktiviere alles außer gesammten profil ordner freigeben.
Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen.
Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate.
Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten.
Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten.
Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar.

Weiter mit:
Maßnahmen für ALLE Windows-Versionen
alles komplett durcharbeiten
anmerkung zu file hippo.
in den settings zusätzlich auswählen:
hide beta updates.
Run updateChecker when Windows starts

Backup Programm:
in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an:
http://www.trojaner-board.de/82962-w...en-backup.html
Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar.
Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist.

Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern
bitte auch lesen, wie mache ich programme für alle sichtbar:
Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe
surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox.
wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird sandboxie immer gestartet wenn du nen browser aufrufst.
wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser

passwort sicherheit:
jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort
bei der passwort verwaltung und erstellung hilft roboform
Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager
anleitung:
RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten

XXp 08.01.2013 21:33
Hallo,

vielen Dank für die vielen Anleitungen.
Ich habe meinen Rechner aufgeräumt und vieles umgesetzt. Ich bleibe bei meinem AntiVir und auch bei Firefox (call be paranoid, aber Google Chrome kommt mir nicht auf meinen Rechner).
Baclup und Images hatte ich eh schon immer und Windows auch aktuell. Das Loch bei meinem Rechner war Java im Browser.
Den Standard-User habe ich auch schon eine Weile (separat vom Admin), aber leider zu träge ihn dann auch immer zu benutzen.
Die Sandbox werd ich mir noch überlegen.

Bis jetzt beobachte ich keine Unregelmäßigkeiten beim Gebrauch (Browser oder Programme, bei denen etwas gecleant wurde). Einzig, beim Download mosert der Rechner manchmal an, daß er nicht in meinen Download-Ordner schreiben darf, obwohl der Account das darf. Manchmal geht's aber...

So: gibt's sonst noch was für mich zu tun?

markusg 09.01.2013 00:33
Lustig, was gegen google haben, und welche startseite sehe ich? google.
Der chrome sammelt keine Daten, und er bietet mehr sicherheitsfeatures als der FF, würde ihn instalieren, lücken hattest du noch mehr, Adobe zb, also update checker auf jeden fall drauf.
du solltest alle Tipps umsetzen, damit währst du dann auf der sicheren Seite.

XXp 09.01.2013 11:02
Hi,

mit der Suchmaschine hast du natürlich recht....
Chrome überleg ich mir nochmal, update checker ist drauf und bei aller Software, die auto-update anbietet eingeschaltet.

Nochmal vielen Dank für die Hilfe.
Grüße,XXp


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:28 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58