Trojaner-Board - Nach Antimalwarebites-Benutzung hängt sich Rechner auf

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Nach Antimalwarebites-Benutzung hängt sich Rechner auf (https://www.trojaner-board.de/117435-antimalwarebites-benutzung-haengt-rechner.html)

Nach Antimalwarebites-Benutzung hängt sich Rechner auf

HILFE!!

Ich habe AntiMalwareBites durchlaufen lassen und das Programm hat auch was gefunden.
Wenn ich dann auf 'Auswahl entfernen' klicke, sagt das Programm ich solle neustarten.
Allerdings fährt mein Rechner nach dem Neustart nicht mehr richtig hoch.
Er braucht wahnsinnig lange und hängt sich dann meist nach sehr kurzer Zeit auf und dann geht gar nichts mehr.

Ich hab hier auch den Text der nach dem Fund kam:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.06.15.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Luisaleins :: LUISALEINS-PC [Administrator]

Schutz: Deaktiviert

15.06.2012 15:00:56
mbam-log-2012-06-15 (15-00-56).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 412910
Laufzeit: 2 Stunde(n), 4 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Luisaleins\Downloads\SoftonicDownloader_fuer_gnu-backgammon.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Habe jetzt erstmal den Systemwiederherstellungspunkt genutzt, um nochmal von vorne anfangen zu können.

was soll ich nun tun, damit ich den Plagegeist loswerde und mein Rechner danach trotzdem funktioniert?!

Schon mal vielen Dank im Voraus! :)

Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Code:

C:\Users\Luisaleins\Downloads\SoftonicDownloader_fuer_gnu-backgammon.exe

Finger weg von Softonic!! :pfui:

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen

Finger weg von Softonic. Notiert! :)

ich hab Antimalwarebytes ein paar mal laufen lassen, meist ohne Fund.

Habe jetzt noch eine Log-Datei, bei der noch eine andere infizierte Datei gefunden wurde.

Zitat:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.05.28.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Luisaleins :: LUISALEINS-PC [Administrator]

Schutz: Deaktiviert

29.05.2012 00:31:37
mbam-log-2012-05-29 (00-31-37).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 406725
Laufzeit: 2 Stunde(n), 5 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\$Recycle.Bin\S-1-5-21-1260959535-4230420404-3460720799-1001\$REU0XY9.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

reicht dir das?

Lieben Gruß

Luisa

Führ bitte auch ESET aus, danach sehen wir weiter:

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.

ESET Online Scanner

Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.

Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
Dein Anti-Virus-Programm während des Scans deaktivieren.

Button http://img695.imageshack.us/img695/1599/eset1l.jpg (<< klick) drücken.
- Firefox-User:
  Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
- IE-User:
  müssen das Installieren eines ActiveX Elements erlauben.
Setze den einen Haken bei Yes, i accept the Terms of Use.
Drücke den http://img707.imageshack.us/img707/687/starteg.jpg Button.
Warte bis die Komponenten herunter geladen wurden.
Setze einen Haken bei "Scan archives".
Gehe sicher das bei Remove Found Threats kein Hacken gesetzt ist.
http://img707.imageshack.us/img707/687/starteg.jpg drücken.
Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.

Wenn der Scan beendet wurde

Klicke Finish.
Browser schließen.

Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + R Taste und kopiere folgenden Text in das Ausführen Fenster.

Code:

"%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"

Hinweis: Falls du ein 64-Bit-Windows einsetzt, lautet der Pfad so:

Code:

"%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"

Poste nun den Inhalt der log.txt.

So, ich hab eset jetzt wie beschrieben ausgeführt.

Hier ist das Log:

Zitat:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=ddb10b44f2686848aa2d4babb3c32082
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-19 01:58:55
# local_time=2012-06-19 03:58:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 7135881 7135881 0 0
# compatibility_mode=5893 16776573 100 94 420 91733149 0 0
# compatibility_mode=8192 67108863 100 0 142 142 0 0
# scanned=197917
# found=2
# cleaned=0
# scan_time=11036
C:\Program Files (x86)\FoxTabMusicConverter\AudioConverter.exe a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Luisaleins\Downloads\SoftonicDownloader_fuer_gnu-backgammon.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I

Was soll ich als nächstes tun?

Lieben Gruß!!

Noch mehr Softonic...ich dachte diesen Müll hast du gelöscht!

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Ich habe jetzt auch OTL ausgeführt.

Hier der Text:

Code:

OTL logfile created on: 20.06.2012 13:22:22 - Run 1

OTL by OldTimer - Version 3.2.50.0     Folder = C:\Users\Luisaleins\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,74 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 61,34% Memory free

7,48 Gb Paging File | 5,78 Gb Available in Paging File | 77,31% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 421,81 Gb Total Space | 239,84 Gb Free Space | 56,86% Space Free | Partition Type: NTFS

Drive D: | 29,00 Gb Total Space | 27,85 Gb Free Space | 96,04% Space Free | Partition Type: NTFS

Drive F: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

 

Computer Name: LUISALEINS-PC | User Name: Luisaleins | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.06.20 13:19:21 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Luisaleins\Desktop\OTL.exe

PRC - [2012.05.08 16:49:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2012.05.08 16:49:31 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012.05.08 16:49:31 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2012.05.08 00:31:08 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Luisaleins\AppData\Local\Akamai\netsession_win.exe

PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.01.08 05:27:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011.01.07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2010.05.28 05:14:52 | 000,376,176 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe

PRC - [2010.05.28 05:14:02 | 000,709,488 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe

PRC - [2010.05.28 05:13:38 | 000,314,736 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe

PRC - [2010.05.19 19:21:46 | 000,364,400 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe

PRC - [2010.05.19 19:21:26 | 000,322,416 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe

PRC - [2010.03.11 00:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

PRC - [2010.03.11 00:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

PRC - [2009.12.02 23:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2009.12.02 23:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2009.09.30 14:02:38 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2009.09.30 14:02:36 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2009.07.14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe

PRC - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

PRC - [2009.06.04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2009.06.04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

 

 
 ========== Modules (No Company Name) ==========

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (LanmanWorkstation)

SRV - [2012.06.02 16:43:36 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012.05.30 00:28:27 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)

SRV - [2012.05.08 16:49:39 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.05.08 16:49:31 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2011.11.12 07:46:36 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)

SRV - [2011.01.08 05:27:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011.01.07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010.05.28 05:14:02 | 000,709,488 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe -- (EgisTec Service)

SRV - [2010.05.28 05:13:38 | 000,314,736 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe -- (EgisTec Data Security Service)

SRV - [2010.05.19 19:21:26 | 000,322,416 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe -- (EgisTec Service Help)

SRV - [2010.04.20 15:29:08 | 000,903,456 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2010.02.05 16:43:20 | 000,311,296 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Programme\Realtek\RtLED\RtLEDService.exe -- (RtLedService)

SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - [2009.12.02 23:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2009.12.02 23:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2009.09.30 14:02:38 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2009.09.30 14:02:36 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2009.09.22 20:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)

SRV - [2009.08.14 16:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)

SRV - [2009.07.16 05:12:42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)

SRV - [2009.07.14 16:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)

SRV - [2009.07.14 16:27:20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.06.04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.05.08 16:49:41 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2012.05.08 16:49:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012.03.13 18:57:04 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.09.16 16:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2011.01.08 05:27:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.09.01 20:14:18 | 000,055,880 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\EgisTecFF.sys -- (EgisTecFF)

DRV:64bit: - [2010.09.01 20:00:57 | 000,035,888 | ---- | M] (EgisTec) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)

DRV:64bit: - [2010.09.01 20:00:55 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)

DRV:64bit: - [2010.09.01 20:00:55 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)

DRV:64bit: - [2010.09.01 20:00:55 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)

DRV:64bit: - [2010.08.25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010.05.10 12:17:50 | 000,229,488 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm332avs.sys -- (vm332avs)

DRV:64bit: - [2010.04.08 18:11:12 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)

DRV:64bit: - [2010.03.26 11:14:50 | 000,162,304 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)

DRV:64bit: - [2010.03.24 11:57:20 | 000,243,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2010.02.25 19:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010.02.22 12:03:44 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)

DRV:64bit: - [2010.02.02 17:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2010.02.02 09:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)

DRV:64bit: - [2010.01.15 20:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)

DRV:64bit: - [2010.01.15 08:23:20 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2010.01.15 08:23:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2010.01.15 08:23:10 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009.12.02 23:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2009.12.02 23:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2009.12.02 23:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2009.12.02 23:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2009.10.19 02:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)

DRV:64bit: - [2009.07.21 16:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)

DRV:64bit: - [2009.07.16 13:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)

DRV:64bit: - [2009.07.16 05:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)

DRV:64bit: - [2009.06.10 22:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009.04.09 14:38:26 | 000,167,424 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet)

DRV:64bit: - [2009.04.09 14:38:26 | 000,150,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zteusbvoice.sys -- (ZTEusbvoice)

DRV:64bit: - [2009.04.09 14:38:26 | 000,150,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)

DRV:64bit: - [2009.04.09 14:38:26 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)

DRV:64bit: - [2009.04.09 14:38:26 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)

DRV:64bit: - [2009.04.09 14:38:26 | 000,011,776 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)

DRV:64bit: - [2009.04.07 09:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "foxsearch"

FF - prefs.js..browser.search.order.1: "foxsearch"

FF - prefs.js..browser.search.selectedEngine: "foxsearch"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29

FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

 

FF - user.js..browser.search.selectedEngine: "foxsearch"

FF - user.js..browser.search.order.1: "foxsearch"

FF - user.js..browser.search.defaultenginename: "foxsearch"

FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Luisaleins\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Luisaleins\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.14 18:13:17 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.13 16:58:23 | 000,000,000 | ---D | M]

 

[2011.01.18 20:55:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luisaleins\AppData\Roaming\mozilla\Extensions

[2011.06.26 22:06:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luisaleins\AppData\Roaming\mozilla\Firefox\Profiles\qq0n8nds.default\extensions

[2012.04.14 18:13:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.04.14 18:13:16 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.02.15 18:03:09 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2010.03.19 08:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll

[2010.12.07 00:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

[2012.04.14 18:13:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.04.14 18:13:09 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.04.14 18:13:09 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.04.23 23:44:48 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src

[2012.04.14 18:13:09 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.04.14 18:13:09 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.04.14 18:13:09 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Gutscheinmieze-Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

CHR - Extension: YouTube = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Adblock Plus (Beta) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\

CHR - Extension: Google-Suche = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Stealthy = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\2.2.1_0\

CHR - Extension: Google Mail = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (IEPwdBankBHO Class) - {56CBB761-DA41-4E31-B270-B13B4B0A61D0} - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll (Egis Technology Inc. )

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found

O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found

O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PLTSR] C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe (Egis Technology Inc. )

O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )

O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)

O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Luisaleins\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)

O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - Startup: C:\Users\Luisaleins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Luisaleins\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\windows\system32\d3dyjxeqm.dll File not found

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{013BFFCE-A651-406E-9E89-C2182250EF34}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{463EA8EF-3226-47C4-A9A8-D596876EB7D4}: DhcpNameServer = 139.7.30.125 139.7.30.126

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{520D3024-F1A8-456F-B55F-A0E3B33C332C}: DhcpNameServer = 139.7.30.125 139.7.30.126

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F258F5DF-2D05-4A95-9877-9849296A2382}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\Shell - "" = AutoRun

O33 - MountPoints2\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a

O33 - MountPoints2\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\Shell - "" = AutoRun

O33 - MountPoints2\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\Shell - "" = AutoRun

O33 - MountPoints2\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\Shell\AutoRun\command - "" = E:\INSTALL.EXE

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

 

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Programme\Lenovo\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)

MsConfig:64bit - StartUpReg: 332BigDog - hkey= - key= - C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)

MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

MsConfig:64bit - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

MsConfig:64bit - StartUpReg: YouCam Mirror Tray icon - hkey= - key= - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: MCODS - Reg Error: Value error.

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: MCODS - Reg Error: Value error.

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: LanmanWorkstation - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)

SafeBootNet:64bit: McMPFSvc - Service

SafeBootNet:64bit: MCODS - Reg Error: Value error.

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: McMPFSvc - Service

SafeBootNet: MCODS - Reg Error: Value error.

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.clmp3enc - C:\PROGRA~2\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.06.20 13:19:19 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Luisaleins\Desktop\OTL.exe

[2012.06.19 12:52:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.06.15 15:37:11 | 000,000,000 | ---D | C] -- C:\Users\Luisaleins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

[2012.06.07 19:24:11 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2012.06.07 19:22:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator

[2012.06.04 13:40:47 | 000,000,000 | ---D | C] -- C:\windows\pss

[2012.06.02 16:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

[2012.06.02 16:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam

[2012.06.02 15:51:53 | 000,000,000 | ---D | C] -- C:\Users\Luisaleins\AppData\Local\Skyrim

[2012.05.29 17:35:30 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.05.29 00:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.05.29 00:30:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.05.28 23:56:07 | 000,000,000 | ---D | C] -- C:\Users\Luisaleins\AppData\Roaming\Malwarebytes

[2012.05.28 23:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.05.25 14:29:28 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\syncdb

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.06.20 13:19:21 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Luisaleins\Desktop\OTL.exe

[2012.06.20 13:08:01 | 000,001,118 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.06.20 13:01:49 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.06.20 13:01:49 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.06.20 13:00:36 | 001,473,514 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2012.06.20 13:00:36 | 000,644,310 | ---- | M] () -- C:\windows\SysNative\perfh007.dat

[2012.06.20 13:00:36 | 000,607,634 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2012.06.20 13:00:36 | 000,126,580 | ---- | M] () -- C:\windows\SysNative\perfc007.dat

[2012.06.20 13:00:36 | 000,103,754 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2012.06.20 12:56:02 | 000,001,114 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.06.20 12:53:11 | 004,870,792 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

[2012.06.20 12:53:11 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2012.06.20 12:52:04 | 3010,797,568 | -HS- | M] () -- C:\hiberfil.sys

[2012.06.19 22:58:51 | 004,456,688 | ---- | M] () -- C:\Users\Luisaleins\Desktop\Tischleuchte.vwx

[2012.06.19 16:19:21 | 000,000,287 | ---- | M] () -- C:\Users\Luisaleins\AppData\Local\VersionChecker_17.xml

[2012.06.15 17:51:55 | 000,015,174 | ---- | M] () -- C:\Users\Luisaleins\Desktop\Unbenannt 1.odt

[2012.06.15 15:37:11 | 000,000,221 | ---- | M] () -- C:\Users\Luisaleins\Desktop\Machinarium.url

[2012.06.12 11:39:02 | 000,002,431 | ---- | M] () -- C:\Users\Luisaleins\Desktop\Google Chrome.lnk

[2012.06.07 19:24:14 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.04 15:51:23 | 000,001,059 | ---- | M] () -- C:\Users\Luisaleins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012.06.04 13:48:12 | 000,001,140 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1260959535-4230420404-3460720799-1001UA.job

[2012.06.04 13:48:12 | 000,001,088 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1260959535-4230420404-3460720799-1001Core.job

[2012.06.02 16:07:31 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2012.05.29 17:35:30 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.06.19 16:28:49 | 004,456,688 | ---- | C] () -- C:\Users\Luisaleins\Desktop\Tischleuchte.vwx

[2012.06.15 17:51:52 | 000,015,174 | ---- | C] () -- C:\Users\Luisaleins\Desktop\Unbenannt 1.odt

[2012.06.15 15:37:11 | 000,000,221 | ---- | C] () -- C:\Users\Luisaleins\Desktop\Machinarium.url

[2012.06.07 19:24:14 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.02 16:07:31 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk

[2012.03.27 00:55:37 | 000,007,601 | ---- | C] () -- C:\Users\Luisaleins\AppData\Local\Resmon.ResmonCfg

[2011.12.13 18:08:58 | 000,000,287 | ---- | C] () -- C:\Users\Luisaleins\AppData\Local\VersionChecker_17.xml

[2011.12.02 12:19:48 | 1934,097,919 | ---- | C] () -- C:\Program Files\Vectorworks 2012 kompl.part2.rar

[2011.12.02 12:15:12 | 3500,000,000 | ---- | C] () -- C:\Program Files\Vectorworks 2012 kompl.part1.exe

[2011.02.04 15:27:43 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml

[2011.01.27 14:45:50 | 001,500,444 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2011.01.22 13:37:25 | 000,000,287 | ---- | C] () -- C:\Users\Luisaleins\AppData\Local\VersionChecker_16.xml

[2011.01.21 21:04:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.01.19 23:39:49 | 000,000,287 | ---- | C] () -- C:\Users\Luisaleins\AppData\Local\VersionChecker_15.xml

[2010.09.01 20:16:35 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll

[2010.08.25 20:34:30 | 000,127,868 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin

[2010.08.25 20:34:30 | 000,104,796 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin

 
 ========== LOP Check ==========

 

[2011.05.18 14:29:32 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012.05.21 12:29:50 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\DAEMON Tools Lite

[2012.06.20 12:55:51 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Dropbox

[2012.03.18 11:00:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Graphisoft

[2012.01.02 23:04:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\gtk-2.0

[2011.06.23 15:42:10 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Gutscheinmieze

[2012.01.12 04:33:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\ICQ

[2012.03.09 18:35:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Install.GS

[2011.12.16 21:07:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\MAXON

[2011.07.26 20:57:12 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Merscom

[2011.01.19 23:39:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Nemetschek

[2012.03.13 18:56:41 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\OpenCandy

[2011.03.27 23:45:04 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\OpenOffice.org

[2011.09.25 07:24:21 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\PhotoScape

[2012.06.16 12:07:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\SoftGrid Client

[2011.01.27 14:46:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\TP

[2011.02.27 16:36:32 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Vodafone

[2012.06.20 12:53:59 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.06.27 19:58:06 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Adobe

[2012.03.28 23:49:20 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Avira

[2011.05.18 14:29:32 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2011.01.21 21:05:22 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\CyberLink

[2012.05.21 12:29:50 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\DAEMON Tools Lite

[2012.06.20 12:55:51 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Dropbox

[2011.02.27 16:42:30 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\FLEXnet

[2012.03.18 11:00:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Graphisoft

[2012.01.02 23:04:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\gtk-2.0

[2011.06.23 15:42:10 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Gutscheinmieze

[2012.01.12 04:33:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\ICQ

[2011.01.18 20:47:19 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Identities

[2012.03.09 18:35:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Install.GS

[2011.01.18 22:04:12 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Macromedia

[2012.05.28 23:56:07 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Malwarebytes

[2011.12.16 21:07:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\MAXON

[2009.07.29 09:23:49 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Media Center Programs

[2011.07.26 20:57:12 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Merscom

[2011.04.23 23:56:09 | 000,000,000 | --SD | M] -- C:\Users\Luisaleins\AppData\Roaming\Microsoft

[2011.01.18 20:55:02 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Mozilla

[2011.01.19 23:39:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Nemetschek

[2012.03.13 18:56:41 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\OpenCandy

[2011.03.27 23:45:04 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\OpenOffice.org

[2011.09.25 07:24:21 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\PhotoScape

[2012.06.20 12:57:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Skype

[2011.07.10 11:13:12 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\skypePM

[2012.06.16 12:07:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\SoftGrid Client

[2011.01.27 14:46:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\TP

[2011.09.21 21:22:25 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\vlc

[2011.02.27 16:36:32 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Vodafone

[2012.06.19 23:45:37 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Winamp

 
 < %APPDATA%\*.exe /s >

[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Luisaleins\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Luisaleins\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe

[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Luisaleins\AppData\Roaming\Dropbox\bin\Uninstall.exe

[2010.06.10 13:19:22 | 000,825,856 | ---- | M] (Synatix GmbH) -- C:\Users\Luisaleins\AppData\Roaming\Gutscheinmieze\uninstall.exe

[2011.01.22 13:30:20 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Luisaleins\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

[2012.02.06 20:18:56 | 002,081,208 | ---- | M] (Speedchecker Limited                                        ) -- C:\Users\Luisaleins\AppData\Roaming\OpenCandy\581B310CC89F4A5BA5BD4D6A9781F40F\pcspeedup_oc.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: IASTOR.SYS  >

[2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

[2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\windows\SysNative\drivers\iaStor.sys

[2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys

[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\drivers\iaStorV.sys

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\drivers\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll

[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\windows\SysNative\wininit.exe

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2010.09.02 03:15:06 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2010.09.02 03:15:06 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
 

< End of report >

ich hoffe, du kannst was damit anfangen!

liebsten Gruß
Luisa

Zitat:

Scan Mode: Current user

Ja toll, du hast den Haken bei "scanne alle Benutzer" vergessen, mach es bitte nochmal aber richtig!

auweia. Entschuldigung!!

Hier nochmal in richtig:

1.

Code:

OTL logfile created on: 20.06.2012 17:17:01 - Run 3

OTL by OldTimer - Version 3.2.50.0     Folder = C:\Users\Luisaleins\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,74 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 53,93% Memory free

7,48 Gb Paging File | 5,63 Gb Available in Paging File | 75,25% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 421,81 Gb Total Space | 238,42 Gb Free Space | 56,52% Space Free | Partition Type: NTFS

Drive D: | 29,00 Gb Total Space | 27,85 Gb Free Space | 96,04% Space Free | Partition Type: NTFS

Drive F: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive G: | 465,76 Gb Total Space | 394,75 Gb Free Space | 84,75% Space Free | Partition Type: NTFS

 

Computer Name: LUISALEINS-PC | User Name: Luisaleins | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Luisaleins\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Users\Luisaleins\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )

PRC - C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe (Egis Technology Inc. )

PRC - C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe (Egis Technology Inc. )

PRC - C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe (Egis Technology Inc. )

PRC - C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe (Egis Technology Inc. )

PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)

PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software)

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

 

 
 ========== Modules (No Company Name) ==========

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (LanmanWorkstation) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll ()

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (Update-Service) -- C:\Windows\SysWOW64\UpdSvc.dll (Joosoft.com GmbH)

SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (EgisTec Service) -- C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe (Egis Technology Inc. )

SRV - (EgisTec Data Security Service) -- C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe (Egis Technology Inc. )

SRV - (EgisTec Service Help) -- C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe (Egis Technology Inc. )

SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)

SRV - (RtLedService) -- C:\Programme\Realtek\RtLED\RtLEDService.exe (Realtek Semiconductor Corp.)

SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (StarWind Software)

SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (Lenovo ReadyComm ConnSvc) -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)

SRV - (Lenovo ReadyComm AppSvc) -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)

SRV - (PS_MDP) -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited)

SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)

SRV - (ReadyComm.DirectRouter) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)

DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)

DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (EgisTecFF) -- C:\Windows\SysNative\drivers\EgisTecFF.sys (Egis Technology Inc.)

DRV:64bit: - (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys) -- C:\Windows\SysNative\drivers\FPSensor.sys (EgisTec)

DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)

DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (vm332avs) -- C:\Windows\SysNative\drivers\vm332avs.sys (Vimicro Corporation)

DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)

DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)

DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)

DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)

DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)

DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)

DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)

DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)

DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)

DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)

DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)

DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo)

DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)

DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (ZTEusbnet) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys (ZTE Corporation)

DRV:64bit: - (ZTEusbvoice) -- C:\Windows\SysNative\drivers\zteusbvoice.sys (ZTE Incorporated)

DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)

DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)

DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)

DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (ZTE Incorporated)

DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 

 

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lenovo.com

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "foxsearch"

FF - prefs.js..browser.search.order.1: "foxsearch"

FF - prefs.js..browser.search.selectedEngine: "foxsearch"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29

FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

 

FF - user.js..browser.search.selectedEngine: "foxsearch"

FF - user.js..browser.search.order.1: "foxsearch"

FF - user.js..browser.search.defaultenginename: "foxsearch"

FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Luisaleins\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Luisaleins\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.14 18:13:17 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.13 16:58:23 | 000,000,000 | ---D | M]

 

[2011.01.18 20:55:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luisaleins\AppData\Roaming\mozilla\Extensions

[2011.06.26 22:06:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Luisaleins\AppData\Roaming\mozilla\Firefox\Profiles\qq0n8nds.default\extensions

[2012.04.14 18:13:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.04.14 18:13:16 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.02.15 18:03:09 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2010.03.19 08:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll

[2010.12.07 00:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

[2012.04.14 18:13:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.04.14 18:13:09 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.04.14 18:13:09 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.04.23 23:44:48 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src

[2012.04.14 18:13:09 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.04.14 18:13:09 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.04.14 18:13:09 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Gutscheinmieze-Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

CHR - Extension: YouTube = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Adblock Plus (Beta) = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\

CHR - Extension: Google-Suche = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Stealthy = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\2.2.1_0\

CHR - Extension: Google Mail = C:\Users\Luisaleins\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (IEPwdBankBHO Class) - {56CBB761-DA41-4E31-B270-B13B4B0A61D0} - C:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll (Egis Technology Inc. )

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found

O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found

O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)

O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PLTSR] C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe (Egis Technology Inc. )

O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )

O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000..\Run: [FactoryTest] C:\Windows\Test.bat File not found

O4 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000..\Run: [Power2GoExpress] C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe (Cyberlink)

O4 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001..\Run: [Akamai NetSession Interface] C:\Users\Luisaleins\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)

O4 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)

O4 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Luisaleins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Luisaleins\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\windows\system32\d3dyjxeqm.dll File not found

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{013BFFCE-A651-406E-9E89-C2182250EF34}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{463EA8EF-3226-47C4-A9A8-D596876EB7D4}: DhcpNameServer = 139.7.30.125 139.7.30.126

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{520D3024-F1A8-456F-B55F-A0E3B33C332C}: DhcpNameServer = 139.7.30.125 139.7.30.126

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F258F5DF-2D05-4A95-9877-9849296A2382}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\Shell - "" = AutoRun

O33 - MountPoints2\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a

O33 - MountPoints2\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\Shell - "" = AutoRun

O33 - MountPoints2\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\Shell - "" = AutoRun

O33 - MountPoints2\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\Shell\AutoRun\command - "" = E:\INSTALL.EXE

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

 

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Programme\Lenovo\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)

MsConfig:64bit - StartUpReg: 332BigDog - hkey= - key= - C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)

MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()

MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

MsConfig:64bit - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

MsConfig:64bit - StartUpReg: YouCam Mirror Tray icon - hkey= - key= - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: MCODS - Reg Error: Value error.

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: MCODS - Reg Error: Value error.

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: LanmanWorkstation - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)

SafeBootNet:64bit: McMPFSvc - Service

SafeBootNet:64bit: MCODS - Reg Error: Value error.

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: McMPFSvc - Service

SafeBootNet: MCODS - Reg Error: Value error.

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.clmp3enc - C:\PROGRA~2\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.06.20 13:19:19 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Luisaleins\Desktop\OTL.exe

[2012.06.20 03:00:52 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll

[2012.06.20 03:00:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll

[2012.06.20 03:00:51 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll

[2012.06.20 03:00:50 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll

[2012.06.20 03:00:48 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll

[2012.06.20 03:00:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll

[2012.06.20 03:00:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe

[2012.06.20 03:00:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe

[2012.06.20 03:00:44 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl

[2012.06.20 03:00:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl

[2012.06.20 03:00:43 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll

[2012.06.20 03:00:43 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll

[2012.06.20 03:00:42 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll

[2012.06.19 23:58:35 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll

[2012.06.19 23:58:35 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe

[2012.06.19 23:58:08 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe

[2012.06.19 23:58:06 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe

[2012.06.19 12:52:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.06.15 15:37:11 | 000,000,000 | ---D | C] -- C:\Users\Luisaleins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

[2012.06.13 11:37:31 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll

[2012.06.13 11:37:18 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe

[2012.06.07 19:24:11 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2012.06.07 19:22:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator

[2012.06.04 13:40:47 | 000,000,000 | ---D | C] -- C:\windows\pss

[2012.06.02 16:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

[2012.06.02 16:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam

[2012.06.02 15:51:53 | 000,000,000 | ---D | C] -- C:\Users\Luisaleins\AppData\Local\Skyrim

[2012.05.29 17:35:30 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.05.29 00:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.05.29 00:30:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.05.28 23:56:07 | 000,000,000 | ---D | C] -- C:\Users\Luisaleins\AppData\Roaming\Malwarebytes

[2012.05.28 23:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.05.25 14:29:28 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\syncdb

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.06.20 17:18:45 | 002,097,152 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat

[2012.06.20 17:08:00 | 000,001,118 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.06.20 15:48:10 | 001,473,514 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2012.06.20 15:48:10 | 000,644,310 | ---- | M] () -- C:\windows\SysNative\perfh007.dat

[2012.06.20 15:48:10 | 000,607,634 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2012.06.20 15:48:10 | 000,126,580 | ---- | M] () -- C:\windows\SysNative\perfc007.dat

[2012.06.20 15:48:10 | 000,103,754 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2012.06.20 13:19:21 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Luisaleins\Desktop\OTL.exe

[2012.06.20 13:01:49 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.06.20 13:01:49 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.06.20 12:56:02 | 000,001,114 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.06.20 12:55:14 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT

[2012.06.20 12:53:11 | 004,870,792 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

[2012.06.20 12:53:11 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2012.06.20 12:52:04 | 3010,797,568 | -HS- | M] () -- C:\hiberfil.sys

[2012.06.20 12:50:52 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{103a433c-ba57-11e1-b16e-860f4a32c9f2}.TMContainer00000000000000000002.regtrans-ms

[2012.06.20 12:50:52 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{103a433c-ba57-11e1-b16e-860f4a32c9f2}.TMContainer00000000000000000001.regtrans-ms

[2012.06.20 12:50:52 | 000,065,536 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{103a433c-ba57-11e1-b16e-860f4a32c9f2}.TM.blf

[2012.06.20 12:50:51 | 002,583,422 | -H-- | M] () -- C:\Users\Luisaleins\AppData\Local\IconCache.db

[2012.06.19 23:42:56 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{103a42ee-ba57-11e1-b16e-860f4a32c9f2}.TMContainer00000000000000000002.regtrans-ms

[2012.06.19 23:42:56 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{103a42ee-ba57-11e1-b16e-860f4a32c9f2}.TMContainer00000000000000000001.regtrans-ms

[2012.06.19 23:42:56 | 000,065,536 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{103a42ee-ba57-11e1-b16e-860f4a32c9f2}.TM.blf

[2012.06.19 22:58:51 | 004,456,688 | ---- | M] () -- C:\Users\Luisaleins\Desktop\Tischleuchte.vwx

[2012.06.19 16:19:21 | 000,000,287 | ---- | M] () -- C:\Users\Luisaleins\AppData\Local\VersionChecker_17.xml

[2012.06.17 15:00:11 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{67f75695-b798-11e1-a8e9-f35c023ee9a7}.TMContainer00000000000000000002.regtrans-ms

[2012.06.17 15:00:11 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{67f75695-b798-11e1-a8e9-f35c023ee9a7}.TMContainer00000000000000000001.regtrans-ms

[2012.06.17 15:00:11 | 000,065,536 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{67f75695-b798-11e1-a8e9-f35c023ee9a7}.TM.blf

[2012.06.15 17:51:55 | 000,015,174 | ---- | M] () -- C:\Users\Luisaleins\Desktop\Unbenannt 1.odt

[2012.06.15 15:37:11 | 000,000,221 | ---- | M] () -- C:\Users\Luisaleins\Desktop\Machinarium.url

[2012.06.12 11:39:02 | 000,002,431 | ---- | M] () -- C:\Users\Luisaleins\Desktop\Google Chrome.lnk

[2012.06.08 11:12:55 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{82eb1a83-b149-11e1-a524-9f8df94366b9}.TMContainer00000000000000000002.regtrans-ms

[2012.06.08 11:12:55 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{82eb1a83-b149-11e1-a524-9f8df94366b9}.TMContainer00000000000000000001.regtrans-ms

[2012.06.08 11:12:55 | 000,065,536 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{82eb1a83-b149-11e1-a524-9f8df94366b9}.TM.blf

[2012.06.07 19:24:14 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.04 15:51:23 | 000,001,059 | ---- | M] () -- C:\Users\Luisaleins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2012.06.04 13:50:55 | 000,067,968 | ---- | M] () -- C:\Users\Luisaleins\AppData\Local\GDIPFONTCACHEV1.DAT

[2012.06.04 13:48:12 | 000,001,140 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1260959535-4230420404-3460720799-1001UA.job

[2012.06.04 13:48:12 | 000,001,088 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1260959535-4230420404-3460720799-1001Core.job

[2012.06.02 16:07:31 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2012.05.29 17:35:30 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\stflt.sys

[2012.05.29 14:06:03 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{aeba1395-a985-11e1-a5a0-89e87c8afcb9}.TMContainer00000000000000000002.regtrans-ms

[2012.05.29 14:06:03 | 000,524,288 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{aeba1395-a985-11e1-a5a0-89e87c8afcb9}.TMContainer00000000000000000001.regtrans-ms

[2012.05.29 14:06:03 | 000,065,536 | -HS- | M] () -- C:\Users\Luisaleins\ntuser.dat{aeba1395-a985-11e1-a5a0-89e87c8afcb9}.TM.blf

[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.06.19 23:49:29 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{103a433c-ba57-11e1-b16e-860f4a32c9f2}.TMContainer00000000000000000002.regtrans-ms

[2012.06.19 23:49:29 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{103a433c-ba57-11e1-b16e-860f4a32c9f2}.TMContainer00000000000000000001.regtrans-ms

[2012.06.19 23:49:29 | 000,065,536 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{103a433c-ba57-11e1-b16e-860f4a32c9f2}.TM.blf

[2012.06.19 23:38:46 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{103a42ee-ba57-11e1-b16e-860f4a32c9f2}.TMContainer00000000000000000002.regtrans-ms

[2012.06.19 23:38:46 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{103a42ee-ba57-11e1-b16e-860f4a32c9f2}.TMContainer00000000000000000001.regtrans-ms

[2012.06.19 23:38:46 | 000,065,536 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{103a42ee-ba57-11e1-b16e-860f4a32c9f2}.TM.blf

[2012.06.19 16:28:49 | 004,456,688 | ---- | C] () -- C:\Users\Luisaleins\Desktop\Tischleuchte.vwx

[2012.06.17 15:00:08 | 002,583,422 | -H-- | C] () -- C:\Users\Luisaleins\AppData\Local\IconCache.db

[2012.06.16 11:56:13 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{67f75695-b798-11e1-a8e9-f35c023ee9a7}.TMContainer00000000000000000002.regtrans-ms

[2012.06.16 11:56:13 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{67f75695-b798-11e1-a8e9-f35c023ee9a7}.TMContainer00000000000000000001.regtrans-ms

[2012.06.16 11:56:13 | 000,065,536 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{67f75695-b798-11e1-a8e9-f35c023ee9a7}.TM.blf

[2012.06.15 17:51:52 | 000,015,174 | ---- | C] () -- C:\Users\Luisaleins\Desktop\Unbenannt 1.odt

[2012.06.15 15:37:11 | 000,000,221 | ---- | C] () -- C:\Users\Luisaleins\Desktop\Machinarium.url

[2012.06.08 11:12:55 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{82eb1a83-b149-11e1-a524-9f8df94366b9}.TMContainer00000000000000000002.regtrans-ms

[2012.06.08 11:12:55 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{82eb1a83-b149-11e1-a524-9f8df94366b9}.TMContainer00000000000000000001.regtrans-ms

[2012.06.08 11:12:55 | 000,065,536 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{82eb1a83-b149-11e1-a524-9f8df94366b9}.TM.blf

[2012.06.07 19:24:14 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.06.02 16:07:31 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk

[2012.05.29 14:06:03 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{aeba1395-a985-11e1-a5a0-89e87c8afcb9}.TMContainer00000000000000000002.regtrans-ms

[2012.05.29 14:06:03 | 000,524,288 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{aeba1395-a985-11e1-a5a0-89e87c8afcb9}.TMContainer00000000000000000001.regtrans-ms

[2012.05.29 14:06:03 | 000,065,536 | -HS- | C] () -- C:\Users\Luisaleins\ntuser.dat{aeba1395-a985-11e1-a5a0-89e87c8afcb9}.TM.blf

[2012.03.27 00:55:37 | 000,007,601 | ---- | C] () -- C:\Users\Luisaleins\AppData\Local\Resmon.ResmonCfg

[2011.12.13 18:08:58 | 000,000,287 | ---- | C] () -- C:\Users\Luisaleins\AppData\Local\VersionChecker_17.xml

[2011.12.02 12:19:48 | 1934,097,919 | ---- | C] () -- C:\Program Files\Vectorworks 2012 kompl.part2.rar

[2011.12.02 12:15:12 | 3500,000,000 | ---- | C] () -- C:\Program Files\Vectorworks 2012 kompl.part1.exe

[2011.02.04 15:27:43 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml

[2011.01.27 14:45:50 | 001,500,444 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2011.01.22 13:37:25 | 000,000,287 | ---- | C] () -- C:\Users\Luisaleins\AppData\Local\VersionChecker_16.xml

[2011.01.21 21:04:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.01.19 23:39:49 | 000,000,287 | ---- | C] () -- C:\Users\Luisaleins\AppData\Local\VersionChecker_15.xml

[2011.01.18 20:47:58 | 000,067,968 | ---- | C] () -- C:\Users\Luisaleins\AppData\Local\GDIPFONTCACHEV1.DAT

[2010.09.01 20:16:35 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll

[2010.08.25 20:34:30 | 000,127,868 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin

[2010.08.25 20:34:30 | 000,104,796 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin

 
 ========== LOP Check ==========

 

[2011.05.18 14:29:32 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012.05.21 12:29:50 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\DAEMON Tools Lite

[2012.06.20 12:55:51 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Dropbox

[2012.03.18 11:00:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Graphisoft

[2012.01.02 23:04:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\gtk-2.0

[2011.06.23 15:42:10 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Gutscheinmieze

[2012.01.12 04:33:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\ICQ

[2012.03.09 18:35:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Install.GS

[2011.12.16 21:07:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\MAXON

[2011.07.26 20:57:12 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Merscom

[2011.01.19 23:39:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Nemetschek

[2012.03.13 18:56:41 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\OpenCandy

[2011.03.27 23:45:04 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\OpenOffice.org

[2011.09.25 07:24:21 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\PhotoScape

[2012.06.16 12:07:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\SoftGrid Client

[2011.01.27 14:46:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\TP

[2011.02.27 16:36:32 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Vodafone

[2012.06.20 12:53:59 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.06.27 19:58:06 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Adobe

[2012.03.28 23:49:20 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Avira

[2011.05.18 14:29:32 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2011.01.21 21:05:22 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\CyberLink

[2012.05.21 12:29:50 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\DAEMON Tools Lite

[2012.06.20 12:55:51 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Dropbox

[2011.02.27 16:42:30 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\FLEXnet

[2012.03.18 11:00:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Graphisoft

[2012.01.02 23:04:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\gtk-2.0

[2011.06.23 15:42:10 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Gutscheinmieze

[2012.01.12 04:33:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\ICQ

[2011.01.18 20:47:19 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Identities

[2012.03.09 18:35:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Install.GS

[2011.01.18 22:04:12 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Macromedia

[2012.05.28 23:56:07 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Malwarebytes

[2011.12.16 21:07:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\MAXON

[2009.07.29 09:23:49 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Media Center Programs

[2011.07.26 20:57:12 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Merscom

[2011.04.23 23:56:09 | 000,000,000 | --SD | M] -- C:\Users\Luisaleins\AppData\Roaming\Microsoft

[2011.01.18 20:55:02 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Mozilla

[2011.01.19 23:39:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Nemetschek

[2012.03.13 18:56:41 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\OpenCandy

[2011.03.27 23:45:04 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\OpenOffice.org

[2011.09.25 07:24:21 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\PhotoScape

[2012.06.20 12:57:03 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Skype

[2011.07.10 11:13:12 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\skypePM

[2012.06.16 12:07:59 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\SoftGrid Client

[2011.01.27 14:46:24 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\TP

[2011.09.21 21:22:25 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\vlc

[2011.02.27 16:36:32 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Vodafone

[2012.06.19 23:45:37 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Winamp

 
 < %APPDATA%\*.exe /s >

[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Luisaleins\AppData\Roaming\Dropbox\bin\Dropbox.exe

[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Luisaleins\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe

[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Luisaleins\AppData\Roaming\Dropbox\bin\Uninstall.exe

[2010.06.10 13:19:22 | 000,825,856 | ---- | M] (Synatix GmbH) -- C:\Users\Luisaleins\AppData\Roaming\Gutscheinmieze\uninstall.exe

[2011.01.22 13:30:20 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Luisaleins\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

[2012.02.06 20:18:56 | 002,081,208 | ---- | M] (Speedchecker Limited                                        ) -- C:\Users\Luisaleins\AppData\Roaming\OpenCandy\581B310CC89F4A5BA5BD4D6A9781F40F\pcspeedup_oc.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: IASTOR.SYS  >

[2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

[2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\windows\SysNative\drivers\iaStor.sys

[2009.06.04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys

[2009.06.04 20:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\drivers\iaStorV.sys

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll

[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\drivers\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll

[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll

[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\windows\SysNative\user32.dll

[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe

[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\windows\SysNative\wininit.exe

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe

[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

[2010.09.02 03:15:06 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe

[2010.09.02 03:15:06 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
 

< End of report >

und hier das zweite:

Code:

OTL Extras logfile created on: 20.06.2012 17:17:01 - Run 3

OTL by OldTimer - Version 3.2.50.0     Folder = C:\Users\Luisaleins\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,74 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 53,93% Memory free

7,48 Gb Paging File | 5,63 Gb Available in Paging File | 75,25% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 421,81 Gb Total Space | 238,42 Gb Free Space | 56,52% Space Free | Partition Type: NTFS

Drive D: | 29,00 Gb Total Space | 27,85 Gb Free Space | 96,04% Space Free | Partition Type: NTFS

Drive F: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive G: | 465,76 Gb Total Space | 394,75 Gb Free Space | 84,75% Space Free | Partition Type: NTFS

 

Computer Name: LUISALEINS-PC | User Name: Luisaleins | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- Reg Error: Key error. File not found

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- Reg Error: Key error.

htmlfile [opennew] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome

https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- Reg Error: Key error.

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- Reg Error: Key error.

htmlfile [opennew] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome

https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- Reg Error: Key error.

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0315C6D1-47F0-4025-A442-C720722204FE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{0AA334FB-5C5D-4655-8700-8CF4041DDC7D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{0BA76583-21CC-4EC5-A1C7-AA0CA49CFC58}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{1ED838C3-B5B2-4679-892C-6EB81455624A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{21432B21-917B-4F95-A517-73C6690FBC3F}" = lport=139 | protocol=6 | dir=in | app=system | 

"{21DC41A7-F5CB-4EBA-BAF1-BCDFFF7E0DF3}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{3107F9F1-5362-4699-B601-287C8F88BF98}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{3BAFA995-7799-4797-8AB5-78A2EEDD627D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{3E418114-20DE-4C50-A92B-417C4B881768}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{478E8784-278D-4CAC-9586-27066A565EBD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{4856CBBE-BAB8-4E3D-95A8-258DC88A8D21}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{4F5ADCBD-0DCF-4E57-890B-2191DCFB85CC}" = rport=445 | protocol=6 | dir=out | app=system | 

"{53A72040-0804-4C5D-84AA-F5A3DAD232AE}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 

"{6DC3667E-B43B-4EBF-ACD0-2BD32CEB8F56}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{7086D982-B33E-4F3A-9471-845F63D2C57D}" = lport=137 | protocol=17 | dir=in | app=system | 

"{7424A9E1-4FBF-4A4D-B7C0-3DC48669DD93}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{77BB6B81-D268-4B9C-B7EE-B4440AE4DB5D}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{7B3FED9C-9AF3-47AE-A04D-C672BB344CD1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{813D29E8-7027-4D01-AAE3-032E513686BF}" = lport=49469 | protocol=6 | dir=in | name=akamai netsession interface | 

"{86AC3B8D-269F-423C-ADEC-F6B38F65E657}" = lport=138 | protocol=17 | dir=in | app=system | 

"{88A858AF-804A-484D-83FD-4FE09EE8786F}" = rport=138 | protocol=17 | dir=out | app=system | 

"{8F0582D6-37AB-4004-B5E4-2A27F8B8B55A}" = lport=50209 | protocol=6 | dir=in | name=akamai netsession interface | 

"{94C410FE-5F36-4E0F-A674-7CB8E5066598}" = rport=137 | protocol=17 | dir=out | app=system | 

"{A352DFAB-A55D-4F9A-B996-58C94CA0C149}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{AE23A4ED-13DC-4D55-BE10-47447E324F11}" = rport=139 | protocol=6 | dir=out | app=system | 

"{D852333D-CBDC-450F-819F-CE09D06A5110}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{E7A91631-3341-4AF9-A8C6-A82CE82A84D3}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{FC70A5DE-2640-4066-A992-C3AF6B4D92CB}" = lport=445 | protocol=6 | dir=in | app=system | 

"{FDED38B4-9950-4574-8199-B5AB092B4670}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{18FC2C63-0D39-4D1E-9817-EE944B653B51}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe | 

"{1CDCD0AB-EB65-41B7-A362-7F723FCA6496}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{22E7315E-C552-4A9D-BCC3-3D0DD3BEBF69}" = protocol=17 | dir=in | app=c:\users\luisaleins\appdata\local\akamai\netsession_win.exe | 

"{26D0E32D-58AE-467F-80A9-3295FF616883}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{27F4B87C-38C9-49F2-A9F6-EC630A03AC9F}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe | 

"{27FC96A3-7DE1-4884-BE10-E3D46020E95B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{2A2E00F0-4343-4B7D-AEDF-24E012E5BF5A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{32DABEE0-CE16-483C-A114-E28DB94315A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{343B3542-4E37-4B1B-8087-9E824280E34B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{3AB9A84B-89A7-48CE-9FF8-0AECE3C7D2DF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{3E006A34-56E6-48CE-90EE-957F6289DF96}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{4802ECAA-598B-4A60-8649-67739E797281}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe | 

"{4B2CA083-7960-45ED-90DC-B2333DC28784}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe | 

"{4B8EE8F9-62CF-4CF3-B6B7-C6E8474C1ED5}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{4BDD30C5-20E6-4637-B63E-AA8FD7B89B2E}" = dir=in | app=c:\windows\system32\igrssvcs.exe | 

"{501FDAC3-A6C1-4AEC-8410-794171C8C5E0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{532F272D-6B1B-41FA-B31E-C39CCE8D77BA}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe | 

"{578485F6-4AB7-4896-BB36-C683CFDEB6B7}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 

"{587B1906-5842-4A09-AF04-FCC5A84A4E9A}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{5D80AD69-CCD9-4A44-AABC-B0DBAAA9EFA4}" = protocol=6 | dir=in | app=c:\users\luisaleins\appdata\local\akamai\netsession_win.exe | 

"{5F84281B-5D36-4EEC-9E80-2B904F1DA7B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{6B247CF2-03B6-43F3-A99C-14126873BE85}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 

"{6C3379F6-3CDF-4769-A2D1-3DDFCEA016A8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{6C40C011-4C6C-4272-A204-F18821B5A3F1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{6DBB9368-6500-4802-9B1F-4D0311839197}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe | 

"{6FE9B757-BDC2-4D19-9FB7-0E20F9FD1C95}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe | 

"{7235C9B6-D0F6-4FCC-A08A-7DD7018CCD8B}" = protocol=6 | dir=in | app=c:\users\luisaleins\appdata\roaming\dropbox\bin\dropbox.exe | 

"{767C18F2-0BA2-4E8C-AD85-55825C3613DD}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe | 

"{91385086-41B3-491B-A3F4-0C955E3755A1}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe | 

"{9309080A-13EC-4E30-B969-5BB226C41EAF}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{BD2C3737-F1A6-41EC-A332-E40D1F14B6C6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{BFF28F13-6EF1-4BA8-A1EB-126385427E95}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{C2F91385-C9D9-407E-89A4-DF68271B35CC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{C36BB469-2791-4995-914D-9DC38A99E8A1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{C6613E73-F83B-4E87-BA55-F0342A65012F}" = dir=out | app=c:\windows\system32\igrssvcs.exe | 

"{CA9CDBFC-4795-4CB1-BAD0-201A5B2BEE18}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{D1FC4223-3E85-4DFA-9695-8A416A3D7D4C}" = protocol=6 | dir=out | app=system | 

"{D3ED9733-B3AF-4F8B-BDBD-28594D930E6E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{D8458076-BE14-488D-B407-BD91528EBFC7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{E378D1D1-3666-47BA-99C0-0948F829E6E4}" = protocol=17 | dir=in | app=c:\users\luisaleins\appdata\roaming\dropbox\bin\dropbox.exe | 

"{E865638E-7853-40CE-BA79-36FBA5BE12A0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{EB999BF3-D81F-44DD-8AE7-FF75B9D86A93}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{F89F6631-5909-491A-82C5-11012F4D3A9F}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe | 

"{F9FF67CC-11A1-43E7-B7B7-E9ADCF4B5E47}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{FEB1B1EE-81DD-47E6-B0E2-F1D96BB5AFA3}" = protocol=6 | dir=in | name=bla | 

"TCP Query User{174DD14A-792E-49CE-A397-99FA26000307}C:\program files (x86)\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 

"TCP Query User{29151C5C-2EAC-442D-9D6C-A39474591C42}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 

"TCP Query User{36100DDB-610A-423D-9F36-6D8AF139477E}C:\program files (x86)\vectorworks2011\renderworks\cinerender 64bit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vectorworks2011\renderworks\cinerender 64bit.exe | 

"TCP Query User{44A55F5B-A733-405C-8AB5-78A3CA8C9293}C:\program files (x86)\vectorworks2012\renderworks\cinerender 64bit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vectorworks2012\renderworks\cinerender 64bit.exe | 

"TCP Query User{59A6ABEF-BAFE-4722-8CCA-532FDC59CBA6}C:\program files (x86)\vectorworks2012\vectorworks2012e.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vectorworks2012\vectorworks2012e.exe | 

"TCP Query User{7EBA0706-C929-4703-B544-5F41B6E7785E}C:\program files (x86)\vectorworks2011\vectorworks2011e.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vectorworks2011\vectorworks2011e.exe | 

"TCP Query User{8C35D5A8-3F60-477F-8496-E2DD4F12E1B0}C:\program files (x86)\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 

"TCP Query User{913C4DAD-D5A5-42BC-B41B-A0F4C72016D0}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 

"TCP Query User{928890E8-94BF-4B8F-9109-6F54DF8DD811}C:\program files (x86)\vectorworks2011\renderworks\cinerender 64bit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vectorworks2011\renderworks\cinerender 64bit.exe | 

"TCP Query User{A1286DFF-B82E-4E21-B3F2-E06770F4F548}C:\program files (x86)\vectorworks2011\vectorworks2011e.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vectorworks2011\vectorworks2011e.exe | 

"TCP Query User{BAF9618C-EB4B-40EC-861A-BBE04EB8BB35}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 

"TCP Query User{C6F8999A-7CC1-4AF7-9E20-B4F2B8710709}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"TCP Query User{FA3472A0-07D8-4114-A792-B735DFB32092}F:\d-link.exe" = protocol=6 | dir=in | app=f:\d-link.exe | 

"UDP Query User{0DC836FE-EC46-4B39-9818-01126E5CAB5F}C:\program files (x86)\vectorworks2012\renderworks\cinerender 64bit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vectorworks2012\renderworks\cinerender 64bit.exe | 

"UDP Query User{3FD7B749-5D9A-443F-95C0-87BF3A0048C6}C:\program files (x86)\vectorworks2012\vectorworks2012e.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vectorworks2012\vectorworks2012e.exe | 

"UDP Query User{401E89FD-9858-42B6-A544-A5449F4AEE4D}C:\program files (x86)\vectorworks2011\renderworks\cinerender 64bit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vectorworks2011\renderworks\cinerender 64bit.exe | 

"UDP Query User{6236ABCC-4AA4-46F9-9C1F-A12FAA2B0B56}C:\program files (x86)\vectorworks2011\renderworks\cinerender 64bit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vectorworks2011\renderworks\cinerender 64bit.exe | 

"UDP Query User{77511417-EB50-46FD-A951-190FEFFF89AA}C:\program files (x86)\vectorworks2011\vectorworks2011e.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vectorworks2011\vectorworks2011e.exe | 

"UDP Query User{805D7B19-169D-4820-AE25-62336B6A1F1E}C:\program files (x86)\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 

"UDP Query User{B2E0B349-49B0-41ED-B436-02068A98216D}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 

"UDP Query User{B659DA32-297F-4E2D-BEE2-FB428E35B738}F:\d-link.exe" = protocol=17 | dir=in | app=f:\d-link.exe | 

"UDP Query User{D1B10D93-73F8-445E-A0B7-33D9DF56CB71}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe | 

"UDP Query User{DD670AE4-018C-40D7-A770-502626D6F744}C:\program files (x86)\vectorworks2011\vectorworks2011e.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vectorworks2011\vectorworks2011e.exe | 

"UDP Query User{E12A6862-5DDB-4325-B422-770B8A0CD759}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 

"UDP Query User{E8F035D0-A3CC-48FB-B34E-FE476E23F6BE}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | 

"UDP Query User{F1C2C150-496C-4747-ADD7-72A0ED708C23}C:\program files (x86)\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{1F494B8A-D6E6-4540-9A74-F773B63164A6}" = Port Locker

"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5ACF5427-B4E4-4F85-A512-151E0BECF7E3}" = RtLED

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.11

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"001FFF2FFF15FF00FF0201F01F02F000-R1" = ArchiCAD 15 R1 GER

"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1)

"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)

"CCleaner" = CCleaner

"DE7217D2A8B057F15EC6E52329FDAB84231521E8" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430)

"Elantech" = ETDWare PS/2-x64 7.0.4.17_WHQL

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0034859F-8E01-4C1D-BE77-F891C4786FBC}" = Lenovo Security Suite

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31

"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver

"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help

"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform

"{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}" = Adobe Download Assistant

"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{87C2FAFA-E830-E3B1-A50E-876D00939884}" = Vectorworks 2012 Hilfe

"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)

"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack

"{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}" = Port Locker

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1031-7B44-A90100000001}" = Adobe Reader 9.0.1 - Deutsch

"{ACF31D9F-70C2-40A1-9C7A-28BA16E64B56}" = BioExcess

"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}" = Lenovo EasyCamera

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)

"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail

"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer

"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR

"7-Zip" = 7-Zip 9.20

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Akamai" = Akamai NetSession Interface Service

"Avira AntiVir Desktop" = Avira Free Antivirus

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.dmp.contentviewer" = Adobe Content Viewer

"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant

"DAEMON Tools Lite" = DAEMON Tools Lite

"DivX Setup.divx.com" = DivX-Setup

"eu.computerworks.vectorworks.2012.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1" = Vectorworks 2012 Hilfe

"GNU Backgammon_is1" = GNU Backgammon (MAIN branch, 20081113 code)

"InstallShield_{0034859F-8E01-4C1D-BE77-F891C4786FBC}" = Lenovo Security Suite

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"InstallShield_{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}" = Port Locker

"InstallShield_{ACF31D9F-70C2-40A1-9C7A-28BA16E64B56}" = BioExcess

"LastFM_is1" = Last.fm 1.5.4.27091

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400

"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)

"NVIDIA.Updatus" = NVIDIA Updatus

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010

"VLC media player" = VLC media player 1.1.5

"Winamp" = Winamp

"WinLiveSuite_Wave3" = Windows Live Essentials

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1260959535-4230420404-3460720799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Akamai" = Akamai NetSession Interface

"Dropbox" = Dropbox

"FoxTab Music Converter" = FoxTab Music Converter

"Google Chrome" = Google Chrome

"Winamp Detect" = Winamp Erkennungs-Plug-in

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 18.03.2012 06:11:09 | Computer Name = Luisaleins-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: svchost.exe_WinDefend, Version: 6.1.7600.16385,

 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.8101.0,

 Zeitstempel: 0x4f321ead  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000000050b35

ID

 des fehlerhaften Prozesses: 0x1950  Startzeit der fehlerhaften Anwendung: 0x01cd02eb805c0f47

Pfad

 der fehlerhaften Anwendung: C:\windows\System32\svchost.exe  Pfad des fehlerhaften

 Moduls: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D8999649-F5CD-48DA-804F-2FBE59928798}\mpengine.dll

Berichtskennung:

 ae094d92-70e2-11e1-81d8-f07bcbeb1dd7

 

Error - 18.03.2012 16:34:51 | Computer Name = Luisaleins-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 19.03.2012 16:34:49 | Computer Name = Luisaleins-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 19.03.2012 16:34:55 | Computer Name = Luisaleins-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 20.03.2012 16:34:57 | Computer Name = Luisaleins-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 21.03.2012 16:35:05 | Computer Name = Luisaleins-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 22.03.2012 03:46:24 | Computer Name = Luisaleins-PC | Source = SideBySide | ID = 16842787

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei

 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 

im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente

 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

Definition:

 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie

 das Programm "sxstrace.exe" für eine detaillierte Diagnose.

 

Error - 22.03.2012 03:49:26 | Computer Name = Luisaleins-PC | Source = SideBySide | ID = 16842811

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files

 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler

 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement

 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.

 

Error - 23.03.2012 00:50:55 | Computer Name = Luisaleins-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

Error - 23.03.2012 00:52:32 | Computer Name = Luisaleins-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen

 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.

 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum

 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

.

 

[ System Events ]

Error - 20.06.2012 11:47:35 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:

   %%2

 

Error - 20.06.2012 11:47:35 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"

 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2

 

Error - 20.06.2012 11:47:35 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:

   %%2

 

Error - 20.06.2012 11:47:35 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"

 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2

 

Error - 20.06.2012 11:49:19 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:

   %%2

 

Error - 20.06.2012 11:49:19 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"

 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2

 

Error - 20.06.2012 11:49:19 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:

   %%2

 

Error - 20.06.2012 11:49:19 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"

 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2

 

Error - 20.06.2012 11:49:19 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"

 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2

 

Error - 20.06.2012 11:49:19 | Computer Name = Luisaleins-PC | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:

   %%2

 

 

< End of report >

ich hoffe, dass jetzt alles stimmt!

lieben gruß!

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

:OTL

FF - prefs.js..browser.search.defaultenginename: "foxsearch"

FF - prefs.js..browser.search.order.1: "foxsearch"

FF - prefs.js..browser.search.selectedEngine: "foxsearch"

FF - prefs.js..keyword.URL: "http://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

FF - user.js..browser.search.selectedEngine: "foxsearch"

FF - user.js..browser.search.order.1: "foxsearch"

FF - user.js..browser.search.defaultenginename: "foxsearch"

FF - user.js..keyword.URL: "http://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="

[2011.04.23 23:44:48 | 000,000,143 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src

CHR - plugin: Gutscheinmieze-Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1001\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.

O4 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000..\Run: [FactoryTest] C:\Windows\Test.bat File not found

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-1260959535-4230420404-3460720799-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\Shell - "" = AutoRun

O33 - MountPoints2\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a

O33 - MountPoints2\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\Shell - "" = AutoRun

O33 - MountPoints2\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\Shell - "" = AutoRun

O33 - MountPoints2\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\Shell\AutoRun\command - "" = E:\INSTALL.EXE

[2011.06.23 15:42:10 | 000,000,000 | ---D | M] -- C:\Users\Luisaleins\AppData\Roaming\Gutscheinmieze

:Files

C:\Program Files (x86)\FoxTabMusicConverter\AudioConverter.exe

C:\Users\Luisaleins\Downloads\SoftonicDownloader_fuer_gnu-backgammon.exe

:Commands

[purity]

[emptytemp]

[emptyflash]

[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Schon erledigt. Hat einwandfrei geklappt. Auch das Neustarten. Log-File kam auch gleich
Vielen Dank.

Code:

All processes killed

========== OTL ==========

Prefs.js: "foxsearch" removed from browser.search.defaultenginename

Prefs.js: "foxsearch" removed from browser.search.order.1

Prefs.js: "foxsearch" removed from browser.search.selectedEngine

Prefs.js: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" removed from keyword.URL

C:\Users\Luisaleins\AppData\Roaming\Mozilla\FireFox\Profiles\qq0n8nds.default\user.js moved successfully.

C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src moved successfully.

C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1260959535-4230420404-3460720799-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-48514E463B27}\ not found.

Registry value HKEY_USERS\S-1-5-21-1260959535-4230420404-3460720799-1000\Software\Microsoft\Windows\CurrentVersion\Run\\FactoryTest deleted successfully.

Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1260959535-4230420404-3460720799-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1260959535-4230420404-3460720799-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{447fcf0b-3bb6-11e0-a495-f07bcbeb1dd7}\ not found.

File E:\LaunchU3.exe -a not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ab27cf6a-41f0-11e0-ab54-f07bcbeb1dd7}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bd6938fa-6d5d-11e1-be81-f07bcbeb1dd7}\ not found.

File E:\INSTALL.EXE not found.

C:\Users\Luisaleins\AppData\Roaming\Gutscheinmieze folder moved successfully.

========== FILES ==========

C:\Program Files (x86)\FoxTabMusicConverter\AudioConverter.exe moved successfully.

File\Folder C:\Users\Luisaleins\Downloads\SoftonicDownloader_fuer_gnu-backgammon.exe not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 56468 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Luisaleins

->Temp folder emptied: 2847850 bytes

->Temporary Internet Files folder emptied: 2328531 bytes

->Java cache emptied: 1613271 bytes

->FireFox cache emptied: 48815183 bytes

->Google Chrome cache emptied: 111141170 bytes

->Flash cache emptied: 58907 bytes

 

User: Public

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 24718 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46495152 bytes

RecycleBin emptied: 448571 bytes

 

Total Files Cleaned = 204,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

->Flash cache emptied: 0 bytes

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: Luisaleins

->Flash cache emptied: 0 bytes

 

User: Public

 

User: UpdatusUser

 

Total Flash Files Cleaned = 0,00 mb

 

C:\windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.50.0 log created on 06212012_015215
 

Files\Folders moved on Reboot...

C:\Users\Luisaleins\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
 

Registry entries deleted on Reboot...

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

Hier das Log von Kaspersky:

Code:

16:09:27.0340 1384        TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32

16:09:27.0572 1384        ============================================================

16:09:27.0572 1384        Current date / time: 2012/06/21 16:09:27.0572

16:09:27.0572 1384        SystemInfo:

16:09:27.0573 1384        

16:09:27.0573 1384        OS Version: 6.1.7601 ServicePack: 1.0

16:09:27.0573 1384        Product type: Workstation

16:09:27.0573 1384        ComputerName: LUISALEINS-PC

16:09:27.0573 1384        UserName: Luisaleins

16:09:27.0573 1384        Windows directory: C:\windows

16:09:27.0573 1384        System windows directory: C:\windows

16:09:27.0573 1384        Running under WOW64

16:09:27.0573 1384        Processor architecture: Intel x64

16:09:27.0573 1384        Number of processors: 4

16:09:27.0573 1384        Page size: 0x1000

16:09:27.0573 1384        Boot type: Normal boot

16:09:27.0573 1384        ============================================================

16:09:28.0314 1384        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:09:28.0321 1384        Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

16:09:28.0679 1384        ============================================================

16:09:28.0679 1384        \Device\Harddisk0\DR0:

16:09:28.0693 1384        MBR partitions:

16:09:28.0693 1384        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000

16:09:28.0693 1384        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000

16:09:28.0713 1384        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800

16:09:28.0714 1384        \Device\Harddisk1\DR1:

16:09:28.0714 1384        MBR partitions:

16:09:28.0714 1384        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02

16:09:28.0714 1384        ============================================================

16:09:28.0731 1384        C: <-> \Device\Harddisk0\DR0\Partition1

16:09:28.0778 1384        D: <-> \Device\Harddisk0\DR0\Partition2

16:09:28.0794 1384        G: <-> \Device\Harddisk1\DR1\Partition0

16:09:28.0794 1384        ============================================================

16:09:28.0794 1384        Initialize success

16:09:28.0794 1384        ============================================================

16:10:38.0027 5816        ============================================================

16:10:38.0027 5816        Scan started

16:10:38.0027 5816        Mode: Manual; SigCheck; TDLFS; 

16:10:38.0027 5816        ============================================================

16:10:38.0448 5816        1394ohci        (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys

16:10:38.0680 5816        1394ohci - ok

16:10:38.0763 5816        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys

16:10:38.0810 5816        ACPI - ok

16:10:38.0881 5816        AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys

16:10:38.0972 5816        AcpiPmi - ok

16:10:39.0025 5816        ACPIVPC         (dc201246a14cb3b274df59faf539ab07) C:\windows\system32\DRIVERS\AcpiVpc.sys

16:10:39.0077 5816        ACPIVPC - ok

16:10:39.0190 5816        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys

16:10:39.0249 5816        adp94xx - ok

16:10:39.0326 5816        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys

16:10:39.0358 5816        adpahci - ok

16:10:39.0397 5816        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys

16:10:39.0423 5816        adpu320 - ok

16:10:39.0455 5816        AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll

16:10:39.0629 5816        AeLookupSvc - ok

16:10:39.0723 5816        AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys

16:10:39.0816 5816        AFD - ok

16:10:39.0879 5816        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys

16:10:39.0894 5816        agp440 - ok

16:10:40.0289 5816        Akamai          (c775d704feb2b600a5bf7b0b088546af) c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll

16:10:40.0289 5816        Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af

16:10:40.0296 5816        Akamai ( HiddenFile.Multi.Generic ) - warning

16:10:40.0296 5816        Akamai - detected HiddenFile.Multi.Generic (1)

16:10:40.0414 5816        ALG             (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe

16:10:40.0502 5816        ALG - ok

16:10:40.0582 5816        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys

16:10:40.0603 5816        aliide - ok

16:10:40.0638 5816        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys

16:10:40.0660 5816        amdide - ok

16:10:40.0722 5816        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys

16:10:40.0787 5816        AmdK8 - ok

16:10:40.0816 5816        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys

16:10:40.0861 5816        AmdPPM - ok

16:10:40.0934 5816        amdsata         (6ec6d772eae38dc17c14aed9b178d24b) C:\windows\system32\drivers\amdsata.sys

16:10:40.0959 5816        amdsata - ok

16:10:41.0071 5816        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys

16:10:41.0147 5816        amdsbs - ok

16:10:41.0169 5816        amdxata         (1142a21db581a84ea5597b03a26ebaa0) C:\windows\system32\drivers\amdxata.sys

16:10:41.0185 5816        amdxata - ok

16:10:41.0294 5816        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

16:10:41.0325 5816        AntiVirSchedulerService - ok

16:10:41.0372 5816        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

16:10:41.0387 5816        AntiVirService - ok

16:10:41.0450 5816        AppID           (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys

16:10:41.0734 5816        AppID - ok

16:10:41.0779 5816        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll

16:10:41.0887 5816        AppIDSvc - ok

16:10:41.0955 5816        Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll

16:10:42.0049 5816        Appinfo - ok

16:10:42.0087 5816        arc             (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys

16:10:42.0111 5816        arc - ok

16:10:42.0134 5816        arcsas          (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys

16:10:42.0158 5816        arcsas - ok

16:10:42.0185 5816        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys

16:10:42.0290 5816        AsyncMac - ok

16:10:42.0372 5816        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys

16:10:42.0393 5816        atapi - ok

16:10:42.0501 5816        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

16:10:42.0630 5816        AudioEndpointBuilder - ok

16:10:42.0640 5816        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll

16:10:42.0725 5816        AudioSrv - ok

16:10:42.0772 5816        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\windows\system32\DRIVERS\avgntflt.sys

16:10:42.0787 5816        avgntflt - ok

16:10:42.0850 5816        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\windows\system32\DRIVERS\avipbb.sys

16:10:42.0881 5816        avipbb - ok

16:10:42.0928 5816        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\windows\system32\DRIVERS\avkmgr.sys

16:10:42.0943 5816        avkmgr - ok

16:10:43.0006 5816        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll

16:10:43.0099 5816        AxInstSV - ok

16:10:43.0224 5816        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys

16:10:43.0303 5816        b06bdrv - ok

16:10:43.0350 5816        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys

16:10:43.0487 5816        b57nd60a - ok

16:10:43.0797 5816        BCM43XX         (5b5c36b2ec500462a715db6bcbaf5da7) C:\windows\system32\DRIVERS\bcmwl664.sys

16:10:43.0963 5816        BCM43XX - ok

16:10:44.0100 5816        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll

16:10:44.0167 5816        BDESVC - ok

16:10:44.0209 5816        Beep            (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys

16:10:44.0296 5816        Beep - ok

16:10:44.0405 5816        BFE             (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll

16:10:44.0514 5816        BFE - ok

16:10:44.0624 5816        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll

16:10:44.0780 5816        BITS - ok

16:10:44.0845 5816        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys

16:10:44.0892 5816        blbdrive - ok

16:10:44.0951 5816        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys

16:10:45.0015 5816        bowser - ok

16:10:45.0053 5816        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys

16:10:45.0145 5816        BrFiltLo - ok

16:10:45.0196 5816        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys

16:10:45.0226 5816        BrFiltUp - ok

16:10:45.0277 5816        Bridge0         (34f786535f9245e4028c57b28248c9d8) C:\windows\system32\drivers\WDBridge.sys

16:10:45.0296 5816        Bridge0 - ok

16:10:45.0396 5816        Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll

16:10:45.0497 5816        Browser - ok

16:10:45.0553 5816        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys

16:10:45.0603 5816        Brserid - ok

16:10:45.0618 5816        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys

16:10:45.0667 5816        BrSerWdm - ok

16:10:45.0725 5816        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys

16:10:45.0766 5816        BrUsbMdm - ok

16:10:45.0790 5816        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys

16:10:45.0835 5816        BrUsbSer - ok

16:10:45.0898 5816        BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys

16:10:45.0961 5816        BthEnum - ok

16:10:46.0008 5816        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys

16:10:46.0054 5816        BTHMODEM - ok

16:10:46.0086 5816        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys

16:10:46.0164 5816        BthPan - ok

16:10:46.0288 5816        BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys

16:10:46.0382 5816        BTHPORT - ok

16:10:46.0438 5816        bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll

16:10:46.0546 5816        bthserv - ok

16:10:46.0585 5816        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys

16:10:46.0636 5816        BTHUSB - ok

16:10:46.0713 5816        btusbflt        (2641a3fe3d7b0646308f33b67f3b5300) C:\windows\system32\drivers\btusbflt.sys

16:10:46.0733 5816        btusbflt - ok

16:10:46.0758 5816        btwaudio        (a72a9101f9730db7332714e566614e4d) C:\windows\system32\drivers\btwaudio.sys

16:10:46.0778 5816        btwaudio - ok

16:10:46.0821 5816        btwavdt         (5ceec634b617525f2b6ad29f871033f7) C:\windows\system32\drivers\btwavdt.sys

16:10:46.0852 5816        btwavdt - ok

16:10:47.0026 5816        btwdins         (fa77b00b7b825df75960691871cca3ff) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe

16:10:47.0083 5816        btwdins - ok

16:10:47.0131 5816        btwl2cap        (6149301dc3f81d6f9667a3fbac410975) C:\windows\system32\DRIVERS\btwl2cap.sys

16:10:47.0146 5816        btwl2cap - ok

16:10:47.0162 5816        btwrchid        (2af5604d28bef77b7cf4b9d232fe7cd3) C:\windows\system32\DRIVERS\btwrchid.sys

16:10:47.0179 5816        btwrchid - ok

16:10:47.0229 5816        cdfs            (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys

16:10:47.0322 5816        cdfs - ok

16:10:47.0382 5816        cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys

16:10:47.0423 5816        cdrom - ok

16:10:47.0485 5816        CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

16:10:47.0579 5816        CertPropSvc - ok

16:10:47.0641 5816        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys

16:10:47.0688 5816        circlass - ok

16:10:47.0782 5816        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys

16:10:47.0828 5816        CLFS - ok

16:10:47.0922 5816        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:10:47.0956 5816        clr_optimization_v2.0.50727_32 - ok

16:10:48.0004 5816        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:10:48.0024 5816        clr_optimization_v2.0.50727_64 - ok

16:10:48.0042 5816        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys

16:10:48.0083 5816        CmBatt - ok

16:10:48.0112 5816        cmdide          (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys

16:10:48.0134 5816        cmdide - ok

16:10:48.0219 5816        CNG             (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys

16:10:48.0298 5816        CNG - ok

16:10:48.0331 5816        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys

16:10:48.0354 5816        Compbatt - ok

16:10:48.0405 5816        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys

16:10:48.0459 5816        CompositeBus - ok

16:10:48.0479 5816        COMSysApp - ok

16:10:48.0501 5816        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys

16:10:48.0523 5816        crcdisk - ok

16:10:48.0588 5816        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll

16:10:48.0694 5816        CryptSvc - ok

16:10:48.0850 5816        cvhsvc          (61a86809b62769643892bc0812b204aa) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

16:10:48.0903 5816        cvhsvc - ok

16:10:48.0979 5816        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

16:10:49.0088 5816        DcomLaunch - ok

16:10:49.0150 5816        defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll

16:10:49.0244 5816        defragsvc - ok

16:10:49.0322 5816        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys

16:10:49.0415 5816        DfsC - ok

16:10:49.0514 5816        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll

16:10:49.0626 5816        Dhcp - ok

16:10:49.0656 5816        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys

16:10:49.0765 5816        discache - ok

16:10:49.0801 5816        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys

16:10:49.0825 5816        Disk - ok

16:10:49.0863 5816        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll

16:10:49.0933 5816        Dnscache - ok

16:10:49.0981 5816        dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll

16:10:50.0088 5816        dot3svc - ok

16:10:50.0131 5816        DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll

16:10:50.0220 5816        DPS - ok

16:10:50.0265 5816        drmkaud         (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys

16:10:50.0309 5816        drmkaud - ok

16:10:50.0413 5816        DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys

16:10:50.0469 5816        DXGKrnl - ok

16:10:50.0499 5816        EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll

16:10:50.0589 5816        EapHost - ok

16:10:50.0807 5816        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys

16:10:50.0948 5816        ebdrv - ok

16:10:51.0096 5816        EFS             (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe

16:10:51.0145 5816        EFS - ok

16:10:51.0258 5816        EgisTec Data Security Service (c49212d3d964b77d15755412cc55144c) C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe

16:10:51.0287 5816        EgisTec Data Security Service - ok

16:10:51.0359 5816        EgisTec Service (fb74fd6a2cbb69926078645010b65943) C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe

16:10:51.0402 5816        EgisTec Service - ok

16:10:51.0467 5816        EgisTec Service Help (7c27fa958d752cbf4b28087f44d6f604) C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe

16:10:51.0497 5816        EgisTec Service Help - ok

16:10:51.0629 5816        EgisTecFF       (33708c6d915f8de734cf3abb0731515b) C:\windows\system32\DRIVERS\EgisTecFF.sys

16:10:51.0647 5816        EgisTecFF - ok

16:10:51.0773 5816        ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe

16:10:51.0857 5816        ehRecvr - ok

16:10:51.0884 5816        ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe

16:10:51.0960 5816        ehSched - ok

16:10:52.0045 5816        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys

16:10:52.0082 5816        elxstor - ok

16:10:52.0113 5816        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys

16:10:52.0145 5816        ErrDev - ok

16:10:52.0191 5816        ETD             (f6ad6e0674ef94390f0554bf946977af) C:\windows\system32\DRIVERS\ETD.sys

16:10:52.0254 5816        ETD - ok

16:10:52.0316 5816        EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll

16:10:52.0425 5816        EventSystem - ok

16:10:52.0488 5816        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys

16:10:52.0597 5816        exfat - ok

16:10:52.0648 5816        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys

16:10:52.0749 5816        fastfat - ok

16:10:52.0861 5816        Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe

16:10:52.0930 5816        Fax - ok

16:10:52.0957 5816        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys

16:10:53.0008 5816        fdc - ok

16:10:53.0049 5816        fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll

16:10:53.0158 5816        fdPHost - ok

16:10:53.0177 5816        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll

16:10:53.0268 5816        FDResPub - ok

16:10:53.0296 5816        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys

16:10:53.0318 5816        FileInfo - ok

16:10:53.0353 5816        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys

16:10:53.0451 5816        Filetrace - ok

16:10:53.0471 5816        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys

16:10:53.0509 5816        flpydisk - ok

16:10:53.0566 5816        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys

16:10:53.0607 5816        FltMgr - ok

16:10:53.0732 5816        FontCache       (b4447f606bb19fd8ad0bafb59b90f5d9) C:\windows\system32\FntCache.dll

16:10:53.0841 5816        FontCache - ok

16:10:53.0950 5816        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:10:53.0966 5816        FontCache3.0.0.0 - ok

16:10:54.0028 5816        FPSensor        (54a9c5a6aa0bb0041a4af7172ffc3d9f) C:\windows\system32\Drivers\FPSensor.sys

16:10:54.0044 5816        FPSensor - ok

16:10:54.0106 5816        FsDepends       (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys

16:10:54.0137 5816        FsDepends - ok

16:10:54.0195 5816        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys

16:10:54.0216 5816        Fs_Rec - ok

16:10:54.0279 5816        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys

16:10:54.0324 5816        fvevol - ok

16:10:54.0367 5816        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys

16:10:54.0390 5816        gagp30kx - ok

16:10:54.0488 5816        gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll

16:10:54.0615 5816        gpsvc - ok

16:10:54.0715 5816        gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:10:54.0734 5816        gupdate - ok

16:10:54.0763 5816        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:10:54.0781 5816        gupdatem - ok

16:10:54.0811 5816        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys

16:10:54.0876 5816        hcw85cir - ok

16:10:54.0964 5816        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys

16:10:55.0037 5816        HdAudAddService - ok

16:10:55.0090 5816        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys

16:10:55.0137 5816        HDAudBus - ok

16:10:55.0178 5816        HECIx64         (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys

16:10:55.0194 5816        HECIx64 - ok

16:10:55.0209 5816        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys

16:10:55.0240 5816        HidBatt - ok

16:10:55.0272 5816        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys

16:10:55.0334 5816        HidBth - ok

16:10:55.0365 5816        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys

16:10:55.0412 5816        HidIr - ok

16:10:55.0443 5816        hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll

16:10:55.0537 5816        hidserv - ok

16:10:55.0599 5816        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys

16:10:55.0630 5816        HidUsb - ok

16:10:55.0677 5816        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll

16:10:55.0773 5816        hkmsvc - ok

16:10:55.0848 5816        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll

16:10:55.0925 5816        HomeGroupListener - ok

16:10:55.0972 5816        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll

16:10:56.0018 5816        HomeGroupProvider - ok

16:10:56.0061 5816        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys

16:10:56.0084 5816        HpSAMD - ok

16:10:56.0195 5816        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys

16:10:56.0303 5816        HTTP - ok

16:10:56.0356 5816        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys

16:10:56.0378 5816        hwpolicy - ok

16:10:56.0447 5816        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys

16:10:56.0474 5816        i8042prt - ok

16:10:56.0607 5816        IAANTMON        (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

16:10:56.0647 5816        IAANTMON - ok

16:10:56.0708 5816        iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\windows\system32\DRIVERS\iaStor.sys

16:10:56.0736 5816        iaStor - ok

16:10:56.0799 5816        iaStorV         (3df4395a7cf8b7a72a5f4606366b8c2d) C:\windows\system32\drivers\iaStorV.sys

16:10:56.0846 5816        iaStorV - ok

16:10:56.0986 5816        idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:10:57.0033 5816        idsvc - ok

16:10:57.0795 5816        igfx            (677aa5991026a65ada128c4b59cf2bad) C:\windows\system32\DRIVERS\igdkmd64.sys

16:10:58.0231 5816        igfx - ok

16:10:58.0323 5816        IGRS            (d951d20153e51928f9db2227d6ff5c7a) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe

16:10:58.0339 5816        IGRS - ok

16:10:58.0479 5816        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys

16:10:58.0495 5816        iirsp - ok

16:10:58.0604 5816        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll

16:10:58.0713 5816        IKEEXT - ok

16:10:58.0776 5816        Impcd           (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys

16:10:58.0838 5816        Impcd - ok

16:10:59.0085 5816        IntcAzAudAddService (daecb75c7c2a4bdeafead19a6fd327c5) C:\windows\system32\drivers\RTKVHD64.sys

16:10:59.0224 5816        IntcAzAudAddService - ok

16:10:59.0398 5816        IntcDAud        (58cf58dee26c909bd6f977b61d246295) C:\windows\system32\DRIVERS\IntcDAud.sys

16:10:59.0473 5816        IntcDAud - ok

16:10:59.0507 5816        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys

16:10:59.0528 5816        intelide - ok

16:10:59.0552 5816        intelppm        (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys

16:10:59.0599 5816        intelppm - ok

16:10:59.0644 5816        IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll

16:10:59.0735 5816        IPBusEnum - ok

16:10:59.0791 5816        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys

16:10:59.0864 5816        IpFilterDriver - ok

16:10:59.0957 5816        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll

16:11:00.0051 5816        iphlpsvc - ok

16:11:00.0098 5816        IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys

16:11:00.0144 5816        IPMIDRV - ok

16:11:00.0191 5816        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys

16:11:00.0285 5816        IPNAT - ok

16:11:00.0316 5816        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys

16:11:00.0427 5816        IRENUM - ok

16:11:00.0456 5816        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys

16:11:00.0478 5816        isapnp - ok

16:11:00.0533 5816        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys

16:11:00.0572 5816        iScsiPrt - ok

16:11:00.0620 5816        k57nd60a        (7dbafe10c1b777305c80bea42fbda710) C:\windows\system32\DRIVERS\k57nd60a.sys

16:11:00.0676 5816        k57nd60a - ok

16:11:00.0727 5816        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys

16:11:00.0750 5816        kbdclass - ok

16:11:00.0790 5816        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys

16:11:00.0835 5816        kbdhid - ok

16:11:00.0896 5816        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:11:00.0921 5816        KeyIso - ok

16:11:00.0942 5816        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys

16:11:00.0966 5816        KSecDD - ok

16:11:00.0991 5816        KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys

16:11:01.0024 5816        KSecPkg - ok

16:11:01.0068 5816        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys

16:11:01.0157 5816        ksthunk - ok

16:11:01.0218 5816        KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll

16:11:01.0332 5816        KtmRm - ok

16:11:01.0395 5816        L1C             (55480b9c63f3f91a8ebbadcbf28fe581) C:\windows\system32\DRIVERS\L1C62x64.sys

16:11:01.0409 5816        L1C - ok

16:11:01.0471 5816        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll

16:11:01.0580 5816        LanmanServer - ok

16:11:01.0736 5816        Lenovo ReadyComm AppSvc (7fcb3ec66361f157bcd5b5c33ce2ac16) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe

16:11:01.0767 5816        Lenovo ReadyComm AppSvc - ok

16:11:01.0830 5816        Lenovo ReadyComm ConnSvc (5287074e79e4ba82510886f684dc5f72) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe

16:11:01.0877 5816        Lenovo ReadyComm ConnSvc - ok

16:11:01.0955 5816        LHDmgr          (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys

16:11:01.0984 5816        LHDmgr - ok

16:11:02.0032 5816        lltdio          (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys

16:11:02.0110 5816        lltdio - ok

16:11:02.0167 5816        lltdsvc         (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll

16:11:02.0268 5816        lltdsvc - ok

16:11:02.0310 5816        lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll

16:11:02.0388 5816        lmhosts - ok

16:11:02.0485 5816        LMS             (0b4f38aa22d5634c48edb18fe257f005) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

16:11:02.0519 5816        LMS - ok

16:11:02.0576 5816        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys

16:11:02.0601 5816        LSI_FC - ok

16:11:02.0629 5816        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys

16:11:02.0653 5816        LSI_SAS - ok

16:11:02.0669 5816        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys

16:11:02.0692 5816        LSI_SAS2 - ok

16:11:02.0713 5816        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys

16:11:02.0739 5816        LSI_SCSI - ok

16:11:02.0778 5816        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys

16:11:02.0871 5816        luafv - ok

16:11:02.0907 5816        massfilter      (b5e86524918ef32b32d1032e0c8e92a3) C:\windows\system32\DRIVERS\massfilter.sys

16:11:02.0959 5816        massfilter - ok

16:11:03.0064 5816        MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys

16:11:03.0072 5816        MBAMProtector - ok

16:11:03.0275 5816        MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

16:11:03.0337 5816        MBAMService - ok

16:11:03.0400 5816        Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll

16:11:03.0462 5816        Mcx2Svc - ok

16:11:03.0493 5816        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys

16:11:03.0522 5816        megasas - ok

16:11:03.0559 5816        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys

16:11:03.0589 5816        MegaSR - ok

16:11:03.0620 5816        MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

16:11:03.0713 5816        MMCSS - ok

16:11:03.0736 5816        Modem           (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys

16:11:03.0825 5816        Modem - ok

16:11:03.0856 5816        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys

16:11:03.0906 5816        monitor - ok

16:11:03.0957 5816        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys

16:11:03.0978 5816        mouclass - ok

16:11:04.0037 5816        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys

16:11:04.0083 5816        mouhid - ok

16:11:04.0151 5816        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys

16:11:04.0174 5816        mountmgr - ok

16:11:04.0220 5816        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys

16:11:04.0252 5816        mpio - ok

16:11:04.0287 5816        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys

16:11:04.0365 5816        mpsdrv - ok

16:11:04.0470 5816        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll

16:11:04.0581 5816        MpsSvc - ok

16:11:04.0612 5816        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys

16:11:04.0675 5816        MRxDAV - ok

16:11:04.0722 5816        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys

16:11:04.0784 5816        mrxsmb - ok

16:11:04.0831 5816        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys

16:11:04.0893 5816        mrxsmb10 - ok

16:11:04.0924 5816        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys

16:11:04.0956 5816        mrxsmb20 - ok

16:11:04.0987 5816        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys

16:11:05.0018 5816        msahci - ok

16:11:05.0049 5816        msdsm           (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys

16:11:05.0096 5816        msdsm - ok

16:11:05.0131 5816        MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe

16:11:05.0188 5816        MSDTC - ok

16:11:05.0224 5816        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys

16:11:05.0299 5816        Msfs - ok

16:11:05.0325 5816        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys

16:11:05.0420 5816        mshidkmdf - ok

16:11:05.0458 5816        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys

16:11:05.0480 5816        msisadrv - ok

16:11:05.0515 5816        MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll

16:11:05.0618 5816        MSiSCSI - ok

16:11:05.0622 5816        msiserver - ok

16:11:05.0668 5816        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys

16:11:05.0760 5816        MSKSSRV - ok

16:11:05.0789 5816        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys

16:11:05.0874 5816        MSPCLOCK - ok

16:11:05.0879 5816        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys

16:11:05.0965 5816        MSPQM - ok

16:11:06.0030 5816        MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys

16:11:06.0077 5816        MsRPC - ok

16:11:06.0118 5816        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys

16:11:06.0140 5816        mssmbios - ok

16:11:06.0178 5816        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys

16:11:06.0272 5816        MSTEE - ok

16:11:06.0299 5816        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys

16:11:06.0341 5816        MTConfig - ok

16:11:06.0363 5816        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys

16:11:06.0386 5816        Mup - ok

16:11:06.0420 5816        mwlPSDFilter    (6ffecc25b39dc7652a0cec0ada9db589) C:\windows\system32\DRIVERS\mwlPSDFilter.sys

16:11:06.0439 5816        mwlPSDFilter - ok

16:11:06.0445 5816        mwlPSDNServ     (0befe32ca56d6ee89d58175725596a85) C:\windows\system32\DRIVERS\mwlPSDNServ.sys

16:11:06.0461 5816        mwlPSDNServ - ok

16:11:06.0485 5816        mwlPSDVDisk     (d43bc633b8660463e446e28e14a51262) C:\windows\system32\DRIVERS\mwlPSDVDisk.sys

16:11:06.0503 5816        mwlPSDVDisk - ok

16:11:06.0583 5816        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll

16:11:06.0698 5816        napagent - ok

16:11:06.0785 5816        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys

16:11:06.0851 5816        NativeWifiP - ok

16:11:06.0979 5816        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys

16:11:07.0040 5816        NDIS - ok

16:11:07.0092 5816        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys

16:11:07.0184 5816        NdisCap - ok

16:11:07.0219 5816        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys

16:11:07.0295 5816        NdisTapi - ok

16:11:07.0353 5816        Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys

16:11:07.0427 5816        Ndisuio - ok

16:11:07.0469 5816        NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys

16:11:07.0573 5816        NdisWan - ok

16:11:07.0610 5816        NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys

16:11:07.0704 5816        NDProxy - ok

16:11:07.0766 5816        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys

16:11:07.0860 5816        NetBIOS - ok

16:11:07.0906 5816        NetBT           (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys

16:11:08.0000 5816        NetBT - ok

16:11:08.0047 5816        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:11:08.0062 5816        Netlogon - ok

16:11:08.0220 5816        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll

16:11:08.0367 5816        Netman - ok

16:11:08.0414 5816        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll

16:11:08.0540 5816        netprofm - ok

16:11:08.0645 5816        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:11:08.0667 5816        NetTcpPortSharing - ok

16:11:09.0094 5816        netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\windows\system32\DRIVERS\netw5v64.sys

16:11:09.0312 5816        netw5v64 - ok

16:11:09.0452 5816        nfrd960         (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys

16:11:09.0468 5816        nfrd960 - ok

16:11:09.0546 5816        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll

16:11:09.0639 5816        NlaSvc - ok

16:11:09.0670 5816        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys

16:11:09.0750 5816        Npfs - ok

16:11:09.0778 5816        nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll

16:11:09.0874 5816        nsi - ok

16:11:09.0912 5816        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys

16:11:10.0006 5816        nsiproxy - ok

16:11:10.0179 5816        Ntfs            (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\windows\system32\drivers\Ntfs.sys

16:11:10.0280 5816        Ntfs - ok

16:11:10.0412 5816        Null            (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys

16:11:10.0488 5816        Null - ok

16:11:11.0396 5816        nvlddmkm        (f12c5f17d48d9f5c70e4408b3ccb5443) C:\windows\system32\DRIVERS\nvlddmkm.sys

16:11:11.0990 5816        nvlddmkm - ok

16:11:12.0171 5816        nvpciflt        (91aa115e6bd2104d79cadd8b1cbaeb4a) C:\windows\system32\DRIVERS\nvpciflt.sys

16:11:12.0189 5816        nvpciflt - ok

16:11:12.0230 5816        nvraid          (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\windows\system32\drivers\nvraid.sys

16:11:12.0277 5816        nvraid - ok

16:11:12.0308 5816        nvstor          (f7cd50fe7139f07e77da8ac8033d1832) C:\windows\system32\drivers\nvstor.sys

16:11:12.0340 5816        nvstor - ok

16:11:12.0464 5816        nvsvc           (8a55543c379b0582f0c33db447d1c892) C:\windows\system32\nvvsvc.exe

16:11:12.0511 5816        nvsvc - ok

16:11:12.0730 5816        nvUpdatusService (ba469d11dbd9db00b5f8daa4811faf1d) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

16:11:12.0853 5816        nvUpdatusService - ok

16:11:13.0004 5816        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys

16:11:13.0029 5816        nv_agp - ok

16:11:13.0072 5816        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys

16:11:13.0110 5816        ohci1394 - ok

16:11:13.0191 5816        ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:11:13.0221 5816        ose - ok

16:11:13.0700 5816        osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:11:13.0942 5816        osppsvc - ok

16:11:14.0083 5816        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

16:11:14.0167 5816        p2pimsvc - ok

16:11:14.0219 5816        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll

16:11:14.0255 5816        p2psvc - ok

16:11:14.0324 5816        Parport         (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys

16:11:14.0349 5816        Parport - ok

16:11:14.0384 5816        partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys

16:11:14.0407 5816        partmgr - ok

16:11:14.0448 5816        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll

16:11:14.0512 5816        PcaSvc - ok

16:11:14.0565 5816        pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys

16:11:14.0596 5816        pci - ok

16:11:14.0624 5816        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys

16:11:14.0645 5816        pciide - ok

16:11:14.0687 5816        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys

16:11:14.0727 5816        pcmcia - ok

16:11:14.0750 5816        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys

16:11:14.0772 5816        pcw - ok

16:11:14.0842 5816        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys

16:11:14.0961 5816        PEAUTH - ok

16:11:15.0082 5816        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe

16:11:15.0129 5816        PerfHost - ok

16:11:15.0296 5816        pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll

16:11:15.0426 5816        pla - ok

16:11:15.0488 5816        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll

16:11:15.0566 5816        PlugPlay - ok

16:11:15.0598 5816        PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll

16:11:15.0644 5816        PNRPAutoReg - ok

16:11:15.0691 5816        PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll

16:11:15.0722 5816        PNRPsvc - ok

16:11:15.0800 5816        PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll

16:11:15.0929 5816        PolicyAgent - ok

16:11:15.0980 5816        Power           (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll

16:11:16.0091 5816        Power - ok

16:11:16.0151 5816        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys

16:11:16.0248 5816        PptpMiniport - ok

16:11:16.0283 5816        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys

16:11:16.0324 5816        Processor - ok

16:11:16.0379 5816        ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll

16:11:16.0484 5816        ProfSvc - ok

16:11:16.0528 5816        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:11:16.0552 5816        ProtectedStorage - ok

16:11:16.0597 5816        Psched          (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys

16:11:16.0695 5816        Psched - ok

16:11:16.0699 5816        PS_MDP - ok

16:11:16.0872 5816        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys

16:11:16.0966 5816        ql2300 - ok

16:11:17.0122 5816        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys

16:11:17.0157 5816        ql40xx - ok

16:11:17.0209 5816        QWAVE           (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll

16:11:17.0258 5816        QWAVE - ok

16:11:17.0274 5816        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys

16:11:17.0329 5816        QWAVEdrv - ok

16:11:17.0352 5816        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys

16:11:17.0446 5816        RasAcd - ok

16:11:17.0479 5816        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys

16:11:17.0567 5816        RasAgileVpn - ok

16:11:17.0611 5816        RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll

16:11:17.0683 5816        RasAuto - ok

16:11:17.0731 5816        Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys

16:11:17.0827 5816        Rasl2tp - ok

16:11:17.0896 5816        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll

16:11:18.0005 5816        RasMan - ok

16:11:18.0045 5816        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys

16:11:18.0139 5816        RasPppoe - ok

16:11:18.0168 5816        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys

16:11:18.0256 5816        RasSstp - ok

16:11:18.0307 5816        rdbss           (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys

16:11:18.0404 5816        rdbss - ok

16:11:18.0436 5816        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys

16:11:18.0482 5816        rdpbus - ok

16:11:18.0498 5816        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys

16:11:18.0592 5816        RDPCDD - ok

16:11:18.0607 5816        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys

16:11:18.0701 5816        RDPENCDD - ok

16:11:18.0732 5816        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys

16:11:18.0810 5816        RDPREFMP - ok

16:11:18.0857 5816        RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys

16:11:18.0919 5816        RDPWD - ok

16:11:18.0999 5816        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys

16:11:19.0030 5816        rdyboost - ok

16:11:19.0039 5816        ReadyComm.DirectRouter - ok

16:11:19.0074 5816        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll

16:11:19.0167 5816        RemoteAccess - ok

16:11:19.0218 5816        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll

16:11:19.0324 5816        RemoteRegistry - ok

16:11:19.0381 5816        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys

16:11:19.0435 5816        RFCOMM - ok

16:11:19.0477 5816        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll

16:11:19.0568 5816        RpcEptMapper - ok

16:11:19.0600 5816        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe

16:11:19.0642 5816        RpcLocator - ok

16:11:19.0718 5816        RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll

16:11:19.0805 5816        RpcSs - ok

16:11:19.0861 5816        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys

16:11:19.0956 5816        rspndr - ok

16:11:20.0003 5816        RSUSBSTOR       (79bad3e977966af21df982def5a99c76) C:\windows\system32\Drivers\RtsUStor.sys

16:11:20.0050 5816        RSUSBSTOR - ok

16:11:20.0128 5816        RtLedService    (0d2bb5612cc0af08edd08ff8e196a9a5) C:\Program Files\Realtek\RtLED\RtLEDService.exe

16:11:20.0157 5816        RtLedService ( UnsignedFile.Multi.Generic ) - warning

16:11:20.0157 5816        RtLedService - detected UnsignedFile.Multi.Generic (1)

16:11:20.0195 5816        SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:11:20.0218 5816        SamSs - ok

16:11:20.0269 5816        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys

16:11:20.0293 5816        sbp2port - ok

16:11:20.0339 5816        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll

16:11:20.0446 5816        SCardSvr - ok

16:11:20.0492 5816        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys

16:11:20.0582 5816        scfilter - ok

16:11:20.0706 5816        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll

16:11:20.0829 5816        Schedule - ok

16:11:20.0873 5816        SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll

16:11:20.0947 5816        SCPolicySvc - ok

16:11:21.0008 5816        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll

16:11:21.0082 5816        SDRSVC - ok

16:11:21.0170 5816        SeaPort         (d358e077a0a05d9b12da22d137ee8464) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

16:11:21.0206 5816        SeaPort - ok

16:11:21.0271 5816        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys

16:11:21.0366 5816        secdrv - ok

16:11:21.0406 5816        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll

16:11:21.0493 5816        seclogon - ok

16:11:21.0540 5816        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll

16:11:21.0649 5816        SENS - ok

16:11:21.0665 5816        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll

16:11:21.0743 5816        SensrSvc - ok

16:11:21.0758 5816        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys

16:11:21.0790 5816        Serenum - ok

16:11:21.0821 5816        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys

16:11:21.0868 5816        Serial - ok

16:11:21.0946 5816        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys

16:11:21.0977 5816        sermouse - ok

16:11:22.0045 5816        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll

16:11:22.0151 5816        SessionEnv - ok

16:11:22.0187 5816        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys

16:11:22.0232 5816        sffdisk - ok

16:11:22.0257 5816        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys

16:11:22.0304 5816        sffp_mmc - ok

16:11:22.0330 5816        sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys

16:11:22.0372 5816        sffp_sd - ok

16:11:22.0403 5816        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys

16:11:22.0439 5816        sfloppy - ok

16:11:22.0545 5816        Sftfs           (d5183ed285d2795491dc15bddcbee5ad) C:\windows\system32\DRIVERS\Sftfslh.sys

16:11:22.0588 5816        Sftfs - ok

16:11:22.0689 5816        sftlist         (bfdb58616ff5ea540a5f58301d50641e) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

16:11:22.0725 5816        sftlist - ok

16:11:22.0787 5816        Sftplay         (00f118b68c50d2206dd51634f9142b83) C:\windows\system32\DRIVERS\Sftplaylh.sys

16:11:22.0821 5816        Sftplay - ok

16:11:22.0861 5816        Sftredir        (76a827df5640bfe16a0cdbb4108adeca) C:\windows\system32\DRIVERS\Sftredirlh.sys

16:11:22.0878 5816        Sftredir - ok

16:11:22.0890 5816        Sftvol          (1b4c9701645086bab8cafffce30ed284) C:\windows\system32\DRIVERS\Sftvollh.sys

16:11:22.0907 5816        Sftvol - ok

16:11:22.0966 5816        sftvsa          (b94c3c4dca2093243c76ca218ede2a97) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

16:11:22.0989 5816        sftvsa - ok

16:11:23.0049 5816        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll

16:11:23.0143 5816        SharedAccess - ok

16:11:23.0214 5816        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll

16:11:23.0324 5816        ShellHWDetection - ok

16:11:23.0353 5816        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys

16:11:23.0375 5816        SiSRaid2 - ok

16:11:23.0393 5816        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys

16:11:23.0416 5816        SiSRaid4 - ok

16:11:23.0504 5816        SkypeUpdate     (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe

16:11:23.0525 5816        SkypeUpdate - ok

16:11:23.0549 5816        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys

16:11:23.0642 5816        Smb - ok

16:11:23.0693 5816        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe

16:11:23.0738 5816        SNMPTRAP - ok

16:11:23.0791 5816        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys

16:11:23.0812 5816        spldr - ok

16:11:23.0889 5816        Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe

16:11:23.0984 5816        Spooler - ok

16:11:24.0267 5816        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe

16:11:24.0477 5816        sppsvc - ok

16:11:24.0612 5816        sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll

16:11:24.0705 5816        sppuinotify - ok

16:11:24.0830 5816        sptd            (dfc4e2081324e505ca479e473a78d893) C:\windows\System32\Drivers\sptd.sys

16:11:24.0877 5816        sptd - ok

16:11:24.0939 5816        srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys

16:11:25.0002 5816        srv - ok

16:11:25.0064 5816        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys

16:11:25.0125 5816        srv2 - ok

16:11:25.0161 5816        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys

16:11:25.0208 5816        srvnet - ok

16:11:25.0274 5816        SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll

16:11:25.0369 5816        SSDPSRV - ok

16:11:25.0413 5816        SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll

16:11:25.0491 5816        SstpSvc - ok

16:11:25.0622 5816        StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

16:11:25.0669 5816        StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning

16:11:25.0669 5816        StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)

16:11:25.0773 5816        Steam Client Service - ok

16:11:25.0866 5816        Stereo Service  (8c37c35fb2d9692dda0eddbca58bfe18) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

16:11:25.0896 5816        Stereo Service - ok

16:11:25.0925 5816        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys

16:11:25.0948 5816        stexstor - ok

16:11:26.0043 5816        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll

16:11:26.0105 5816        stisvc - ok

16:11:26.0136 5816        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys

16:11:26.0152 5816        swenum - ok

16:11:26.0231 5816        swprv           (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll

16:11:26.0349 5816        swprv - ok

16:11:26.0522 5816        SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll

16:11:26.0631 5816        SysMain - ok

16:11:26.0763 5816        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll

16:11:26.0803 5816        TabletInputService - ok

16:11:26.0863 5816        TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll

16:11:26.0969 5816        TapiSrv - ok

16:11:27.0012 5816        TBS             (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll

16:11:27.0096 5816        TBS - ok

16:11:27.0308 5816        Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys

16:11:27.0418 5816        Tcpip - ok

16:11:27.0724 5816        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys

16:11:27.0803 5816        TCPIP6 - ok

16:11:27.0914 5816        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys

16:11:28.0002 5816        tcpipreg - ok

16:11:28.0040 5816        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys

16:11:28.0097 5816        TDPIPE - ok

16:11:28.0130 5816        TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys

16:11:28.0172 5816        TDTCP - ok

16:11:28.0212 5816        tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys

16:11:28.0299 5816        tdx - ok

16:11:28.0359 5816        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys

16:11:28.0381 5816        TermDD - ok

16:11:28.0453 5816        TermService     (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll

16:11:28.0574 5816        TermService - ok

16:11:28.0609 5816        Themes          (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll

16:11:28.0662 5816        Themes - ok

16:11:28.0697 5816        THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll

16:11:28.0770 5816        THREADORDER - ok

16:11:28.0813 5816        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll

16:11:28.0893 5816        TrkWks - ok

16:11:28.0971 5816        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe

16:11:29.0074 5816        TrustedInstaller - ok

16:11:29.0115 5816        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys

16:11:29.0189 5816        tssecsrv - ok

16:11:29.0250 5816        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys

16:11:29.0283 5816        TsUsbFlt - ok

16:11:29.0338 5816        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys

16:11:29.0413 5816        tunnel - ok

16:11:29.0440 5816        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys

16:11:29.0462 5816        uagp35 - ok

16:11:29.0518 5816        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys

16:11:29.0616 5816        udfs - ok

16:11:29.0656 5816        UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe

16:11:29.0694 5816        UI0Detect - ok

16:11:29.0728 5816        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys

16:11:29.0749 5816        uliagpkx - ok

16:11:29.0801 5816        umbus           (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys

16:11:29.0840 5816        umbus - ok

16:11:29.0875 5816        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys

16:11:29.0921 5816        UmPass - ok

16:11:30.0199 5816        UNS             (6fdb1ca1add261f893c90738eba37197) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

16:11:30.0326 5816        UNS - ok

16:11:30.0475 5816        Update-Service - ok

16:11:30.0537 5816        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll

16:11:30.0631 5816        upnphost - ok

16:11:30.0732 5816        usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys

16:11:30.0778 5816        usbaudio - ok

16:11:30.0825 5816        usbccgp         (481dff26b4dca8f4cbac1f7dce1d6829) C:\windows\system32\DRIVERS\usbccgp.sys

16:11:30.0872 5816        usbccgp - ok

16:11:30.0934 5816        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys

16:11:30.0981 5816        usbcir - ok

16:11:31.0012 5816        usbehci         (74ee782b1d9c241efe425565854c661c) C:\windows\system32\drivers\usbehci.sys

16:11:31.0044 5816        usbehci - ok

16:11:31.0090 5816        usbhub          (dc96bd9ccb8403251bcf25047573558e) C:\windows\system32\drivers\usbhub.sys

16:11:31.0153 5816        usbhub - ok

16:11:31.0184 5816        usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\drivers\usbohci.sys

16:11:31.0215 5816        usbohci - ok

16:11:31.0246 5816        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys

16:11:31.0295 5816        usbprint - ok

16:11:31.0325 5816        USBSTOR         (d76510cfa0fc09023077f22c2f979d86) C:\windows\system32\DRIVERS\USBSTOR.SYS

16:11:31.0372 5816        USBSTOR - ok

16:11:31.0404 5816        usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\drivers\usbuhci.sys

16:11:31.0428 5816        usbuhci - ok

16:11:31.0491 5816        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys

16:11:31.0545 5816        usbvideo - ok

16:11:31.0574 5816        UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll

16:11:31.0665 5816        UxSms - ok

16:11:31.0705 5816        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe

16:11:31.0729 5816        VaultSvc - ok

16:11:31.0774 5816        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys

16:11:31.0796 5816        vdrvroot - ok

16:11:31.0871 5816        vds             (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe

16:11:31.0966 5816        vds - ok

16:11:32.0003 5816        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys

16:11:32.0032 5816        vga - ok

16:11:32.0054 5816        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys

16:11:32.0150 5816        VgaSave - ok

16:11:32.0208 5816        vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys

16:11:32.0249 5816        vhdmp - ok

16:11:32.0272 5816        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys

16:11:32.0303 5816        viaide - ok

16:11:32.0365 5816        vm332avs        (640563f62cbb9b0a306232fa37945149) C:\windows\system32\Drivers\vm332avs.sys

16:11:32.0396 5816        vm332avs - ok

16:11:32.0428 5816        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys

16:11:32.0459 5816        volmgr - ok

16:11:32.0521 5816        volmgrx         (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys

16:11:32.0552 5816        volmgrx - ok

16:11:32.0615 5816        volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys

16:11:32.0646 5816        volsnap - ok

16:11:32.0693 5816        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys

16:11:32.0724 5816        vsmraid - ok

16:11:32.0903 5816        VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe

16:11:33.0055 5816        VSS - ok

16:11:33.0187 5816        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys

16:11:33.0235 5816        vwifibus - ok

16:11:33.0274 5816        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys

16:11:33.0309 5816        vwififlt - ok

16:11:33.0345 5816        vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys

16:11:33.0378 5816        vwifimp - ok

16:11:33.0439 5816        W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll

16:11:33.0533 5816        W32Time - ok

16:11:33.0575 5816        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys

16:11:33.0621 5816        WacomPen - ok

16:11:33.0685 5816        WANARP          (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

16:11:33.0769 5816        WANARP - ok

16:11:33.0790 5816        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys

16:11:33.0859 5816        Wanarpv6 - ok

16:11:34.0031 5816        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe

16:11:34.0140 5816        wbengine - ok

16:11:34.0281 5816        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll

16:11:34.0312 5816        WbioSrvc - ok

16:11:34.0393 5816        wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll

16:11:34.0464 5816        wcncsvc - ok

16:11:34.0492 5816        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll

16:11:34.0556 5816        WcsPlugInService - ok

16:11:34.0618 5816        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys

16:11:34.0639 5816        Wd - ok

16:11:34.0703 5816        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys

16:11:34.0757 5816        Wdf01000 - ok

16:11:34.0797 5816        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

16:11:34.0917 5816        WdiServiceHost - ok

16:11:34.0922 5816        WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll

16:11:34.0962 5816        WdiSystemHost - ok

16:11:34.0988 5816        wdmirror        (2a444acf7dd446505bcc801f8f6ae5fd) C:\windows\system32\DRIVERS\WDMirror.sys

16:11:35.0005 5816        wdmirror - ok

16:11:35.0061 5816        WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll

16:11:35.0123 5816        WebClient - ok

16:11:35.0178 5816        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll

16:11:35.0284 5816        Wecsvc - ok

16:11:35.0319 5816        wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll

16:11:35.0384 5816        wercplsupport - ok

16:11:35.0415 5816        WerSvc          (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll

16:11:35.0509 5816        WerSvc - ok

16:11:35.0555 5816        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys

16:11:35.0633 5816        WfpLwf - ok

16:11:35.0633 5816        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys

16:11:35.0665 5816        WIMMount - ok

16:11:35.0696 5816        WinDefend - ok

16:11:35.0696 5816        WinHttpAutoProxySvc - ok

16:11:35.0774 5816        Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll

16:11:35.0899 5816        Winmgmt - ok

16:11:36.0100 5816        WinRM           (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll

16:11:36.0248 5816        WinRM - ok

16:11:36.0428 5816        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys

16:11:36.0475 5816        WinUsb - ok

16:11:36.0584 5816        Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll

16:11:36.0653 5816        Wlansvc - ok

16:11:36.0712 5816        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys

16:11:36.0754 5816        WmiAcpi - ok

16:11:36.0840 5816        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe

16:11:36.0894 5816        wmiApSrv - ok

16:11:36.0924 5816        WMPNetworkSvc - ok

16:11:36.0955 5816        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll

16:11:37.0002 5816        WPCSvc - ok

16:11:37.0033 5816        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll

16:11:37.0096 5816        WPDBusEnum - ok

16:11:37.0127 5816        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys

16:11:37.0220 5816        ws2ifsl - ok

16:11:37.0267 5816        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll

16:11:37.0330 5816        wscsvc - ok

16:11:37.0330 5816        WSearch - ok

16:11:37.0392 5816        wsvd            (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys

16:11:37.0423 5816        wsvd - ok

16:11:37.0651 5816        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll

16:11:37.0791 5816        wuauserv - ok

16:11:37.0936 5816        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys

16:11:38.0025 5816        WudfPf - ok

16:11:38.0076 5816        WUDFRd          (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys

16:11:38.0174 5816        WUDFRd - ok

16:11:38.0216 5816        wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll

16:11:38.0293 5816        wudfsvc - ok

16:11:38.0342 5816        WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll

16:11:38.0435 5816        WwanSvc - ok

16:11:38.0502 5816        ZTEusbmdm6k     (31db70a61814e4f33181d48190d46845) C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys

16:11:38.0548 5816        ZTEusbmdm6k - ok

16:11:38.0605 5816        ZTEusbnet       (01cbeea25aa78c0f0272654048d61f34) C:\windows\system32\DRIVERS\ZTEusbnet.sys

16:11:38.0664 5816        ZTEusbnet - ok

16:11:38.0704 5816        ZTEusbnmea      (c9ada887bf326d8413e81fe80b1be7eb) C:\windows\system32\DRIVERS\ZTEusbnmea.sys

16:11:38.0748 5816        ZTEusbnmea - ok

16:11:38.0791 5816        ZTEusbser6k     (31db70a61814e4f33181d48190d46845) C:\windows\system32\DRIVERS\ZTEusbser6k.sys

16:11:38.0821 5816        ZTEusbser6k - ok

16:11:38.0854 5816        ZTEusbvoice     (c9ada887bf326d8413e81fe80b1be7eb) C:\windows\system32\DRIVERS\ZTEusbvoice.sys

16:11:38.0877 5816        ZTEusbvoice - ok

16:11:38.0932 5816        MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

16:11:39.0327 5816        \Device\Harddisk0\DR0 - ok

16:11:39.0333 5816        MBR (0x1B8)     (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1

16:11:39.0829 5816        \Device\Harddisk1\DR1 - ok

16:11:39.0834 5816        Boot (0x1200)   (e2df70e385e5bbff76f41158690035ed) \Device\Harddisk0\DR0\Partition0

16:11:39.0837 5816        \Device\Harddisk0\DR0\Partition0 - ok

16:11:39.0876 5816        Boot (0x1200)   (71a8b920ede49443a03ac8e4dcbb61ae) \Device\Harddisk0\DR0\Partition1

16:11:39.0879 5816        \Device\Harddisk0\DR0\Partition1 - ok

16:11:39.0908 5816        Boot (0x1200)   (3d3646bbd27b83385397069b156ad897) \Device\Harddisk0\DR0\Partition2

16:11:39.0912 5816        \Device\Harddisk0\DR0\Partition2 - ok

16:11:39.0917 5816        Boot (0x1200)   (dd4d6a0649d5366ba8edeebe2eb08992) \Device\Harddisk1\DR1\Partition0

16:11:39.0920 5816        \Device\Harddisk1\DR1\Partition0 - ok

16:11:39.0921 5816        ============================================================

16:11:39.0921 5816        Scan finished

16:11:39.0921 5816        ============================================================

16:11:39.0933 1532        Detected object count: 3

16:11:39.0933 1532        Actual detected object count: 3

16:11:58.0158 1532        Akamai ( HiddenFile.Multi.Generic ) - skipped by user

16:11:58.0159 1532        Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 

16:11:58.0162 1532        RtLedService ( UnsignedFile.Multi.Generic ) - skipped by user

16:11:58.0162 1532        RtLedService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

16:11:58.0163 1532        StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user

16:11:58.0163 1532        StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

So, CombiFix ist auch durch. Hier das Log dazu:

Code:

ComboFix 12-06-21.01 - Luisaleins 21.06.2012  17:31:53.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3828.2159 [GMT 2:00]

ausgeführt von:: c:\users\Luisaleins\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\s.bat

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-05-21 bis 2012-06-21  ))))))))))))))))))))))))))))))

.

.

2012-06-21 13:25 . 2012-06-02 22:19        57880        ----a-w-        c:\windows\system32\wuauclt.exe

2012-06-21 13:25 . 2012-06-02 22:19        44056        ----a-w-        c:\windows\system32\wups2.dll

2012-06-21 13:25 . 2012-06-02 22:15        2622464        ----a-w-        c:\windows\system32\wucltux.dll

2012-06-21 13:25 . 2012-06-02 22:19        2428952        ----a-w-        c:\windows\system32\wuaueng.dll

2012-06-21 13:24 . 2012-06-02 22:19        38424        ----a-w-        c:\windows\system32\wups.dll

2012-06-21 13:24 . 2012-06-02 22:19        701976        ----a-w-        c:\windows\system32\wuapi.dll

2012-06-21 13:24 . 2012-06-02 22:15        99840        ----a-w-        c:\windows\system32\wudriver.dll

2012-06-21 13:24 . 2012-06-02 13:19        186752        ----a-w-        c:\windows\system32\wuwebv.dll

2012-06-21 13:24 . 2012-06-02 13:15        36864        ----a-w-        c:\windows\system32\wuapp.exe

2012-06-20 23:52 . 2012-06-20 23:52        --------        d-----w-        C:\_OTL

2012-06-20 23:44 . 2012-06-20 23:44        476936        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll

2012-06-19 21:59 . 2012-05-31 04:04        9013136        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{884868DC-442C-450B-9C2E-F8C5092E0DF2}\mpengine.dll

2012-06-19 21:58 . 2012-04-26 05:41        77312        ----a-w-        c:\windows\system32\rdpwsx.dll

2012-06-19 21:58 . 2012-04-26 05:34        9216        ----a-w-        c:\windows\system32\rdrmemptylst.exe

2012-06-19 21:58 . 2012-05-04 11:06        5559664        ----a-w-        c:\windows\system32\ntoskrnl.exe

2012-06-19 21:58 . 2012-05-04 10:03        3913072        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe

2012-06-19 21:57 . 2012-05-15 01:32        3146752        ----a-w-        c:\windows\system32\win32k.sys

2012-06-19 21:57 . 2012-04-28 03:55        210944        ----a-w-        c:\windows\system32\drivers\rdpwd.sys

2012-06-19 10:52 . 2012-06-19 10:52        --------        d-----w-        c:\program files (x86)\ESET

2012-06-13 09:37 . 2012-04-26 05:41        149504        ----a-w-        c:\windows\system32\rdpcorekmts.dll

2012-06-13 09:37 . 2012-05-04 10:03        3968368        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe

2012-06-07 17:24 . 2012-04-04 13:56        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-06-07 17:22 . 2012-06-07 17:22        --------        d-----w-        c:\programdata\Spyware Terminator

2012-06-02 14:07 . 2012-06-20 18:12        --------        d-----w-        c:\program files (x86)\Steam

2012-06-02 13:51 . 2012-06-02 13:51        --------        d-----w-        c:\users\Luisaleins\AppData\Local\Skyrim

2012-05-29 15:35 . 2012-05-29 15:35        51496        ----a-w-        c:\windows\system32\drivers\stflt.sys

2012-05-28 22:30 . 2012-06-07 17:24        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2012-05-28 21:56 . 2012-05-28 21:56        --------        d-----w-        c:\users\Luisaleins\AppData\Roaming\Malwarebytes

2012-05-28 21:55 . 2012-05-28 21:55        --------        d-----w-        c:\programdata\Malwarebytes

2012-05-25 12:29 . 2012-06-01 12:57        --------        d-----w-        c:\windows\SysWow64\syncdb

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-20 23:44 . 2011-03-27 16:43        472840        ----a-w-        c:\windows\SysWow64\deployJava1.dll

2012-05-08 14:49 . 2012-03-28 20:43        98848        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2012-05-08 14:49 . 2012-03-28 20:43        132832        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2012-03-30 23:05 . 2009-07-14 02:36        152576        ----a-w-        c:\windows\SysWow64\msclmd.dll

2012-03-30 23:05 . 2009-07-14 02:36        175616        ----a-w-        c:\windows\system32\msclmd.dll

2012-03-30 11:35 . 2012-05-10 15:22        1918320        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2011-12-13 14:39 . 2011-12-02 10:15        3500000000        ----a-w-        c:\program files\Vectorworks 2012 kompl.part1.exe

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Luisaleins\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Luisaleins\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Luisaleins\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" [2010-08-20 33120]

"Akamai NetSession Interface"="c:\users\Luisaleins\AppData\Local\Akamai\netsession_win.exe" [2012-05-07 3331872]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2009-09-30 111640]

"VitaKeyTSR"="c:\program files (x86)\EgisTec BioExcess\EgisTSR.exe" [2010-05-28 376176]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]

"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-10 407920]

"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-10 201584]

"PLTSR"="c:\program files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [2010-05-19 364400]

"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]

"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]

"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-12-06 74752]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]

.

c:\users\Luisaleins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Luisaleins\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 136176]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]

R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 136176]

R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]

R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]

R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [x]

R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]

R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [x]

R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [x]

S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [x]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]

S1 EgisTecFF;EgisTecFF;c:\windows\system32\DRIVERS\EgisTecFF.sys [x]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]

S2 EgisTec Data Security Service;EgisTec Data Security Service;c:\program files (x86)\EgisTec BioExcess\EgisDSService.exe [2010-05-28 314736]

S2 EgisTec Service Help;EgisTec Service Help;c:\program files (x86)\EgisTec Port Locker\Egishlpsvc.exe [2010-05-19 322416]

S2 EgisTec Service;EgisTec Service;c:\program files (x86)\EgisTec BioExcess\EgisService.exe [2010-05-28 709488]

S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [x]

S2 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-01-08 1997416]

S2 RtLedService;RtLedService Installer;c:\program files\Realtek\RtLED\RtLEDService.exe [2010-02-05 311296]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]

S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]

S2 Update-Service;Update-Service;c:\windows\System32\svchost.exe [2009-07-14 27136]

S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]

S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]

S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]

S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

IgrsSvcs        REG_MULTI_SZ           ReadyComm.DirectRouter PS_MDP

Akamai        REG_MULTI_SZ           Akamai

Update-Service-Installer-Service        REG_MULTI_SZ           Update-Service-Installer-Service

Update-Service        REG_MULTI_SZ           Update-Service

.

Inhalt des "geplante Tasks" Ordners

.

2012-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 19:05]

.

2012-06-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 19:05]

.

2012-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1260959535-4230420404-3460720799-1001Core.job

- c:\users\Luisaleins\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 19:05]

.

2012-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1260959535-4230420404-3460720799-1001UA.job

- c:\users\Luisaleins\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 19:05]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Luisaleins\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Luisaleins\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Luisaleins\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Luisaleins\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-02 10821224]

"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]

"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-04-12 4462496]

"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-18 7056800]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://lenovo.msn.com

uLocal Page = c:\windows\system32\blank.htm

uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>

IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Luisaleins\AppData\Roaming\Mozilla\Firefox\Profiles\qq0n8nds.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe

HKLM-Run-SpywareTerminatorShield - c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe

HKLM-Run-SpywareTerminatorUpdater - c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

AddRemove-FoxTab Music Converter - c:\program files (x86)\FoxTabMusicConverter\Uninstall\Uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]

"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2012-06-21  17:52:38 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2012-06-21 15:52

.

Vor Suchlauf: 10 Verzeichnis(se), 244.475.760.640 Bytes frei

Nach Suchlauf: 12 Verzeichnis(se), 243.904.524.288 Bytes frei

.

- - End Of File - - DA4C3AE2EE7E4E200B0D0115D3BBDAA6