| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: AdWare Servads löschenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.12.2012, 17:43
| #1 |
 |  AdWare Servads löschen Hallo, ich hab ein Problem mit der AdWare Servads (und vielleicht auch anderen?). Wie kann ich die am besten beseitigen? Symptome, wie ich es bemerke: - Manchmal werden Wörter farbig hinterlegt und unterstrichen und wenn man drüberfährt erscheint Werbung - es öffnet sich ein zusätzlicher Tab, wenn ich eine Webseite öffne, oder z.B. die Kategorien von Foren wechsle, also Links anklicke - an der Seite, oben oder unten von der Webseite öffnet sich ein graues Fenster, wo anscheinend Werbung erscheinen soll, was aber nicht funktioniert, da es einfach grau bleibt Kann mir jemand helfen? lg Poly |
|
11.12.2012, 22:12
| #2 | |
| /// TB-Ausbilder  | AdWare Servads löschen Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich. Schritt 1: Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:Schritt 2: Scan mit aswMBR Schritt 3: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Schritt 4: AdwCleaner: Werbeprogramme suchen und löschen Schritt 5: Scan mit DDS (+ attach) Downloade dir bitte DDS (von sUBs) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop.
__________________ |
|
11.12.2012, 23:04
| #3 | |
| | AdWare Servads löschen Danke, dass du mir helfen möchtest
__________________ Zitat:
lg Poly |
|
11.12.2012, 23:05
| #4 |
| /// TB-Ausbilder | AdWare Servads löschen ja genau. alles machen - und posten
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
12.12.2012, 09:10
| #5 |
| | AdWare Servads löschen Guten Morgen Ich habe ein Problem: Immer wenn das Programm aswMBR bei einem bestimmten Punkt angelangt ist stürzt es ab... (also immer genau dann...)  Hier mal der Log vom defogger (vielleicht sieht man das Problem ja hier): Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:46 on 12/12/2012 (*MeinName*)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
|
|
12.12.2012, 18:32
| #6 |
| /// TB-Ausbilder | AdWare Servads löschen Mache AV Scan --> (none)
__________________ --> AdWare Servads löschen |
|
12.12.2012, 19:43
| #7 |
| | AdWare Servads löschen Alles gemacht...: defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:14 on 12/12/2012 (*MeinName*)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-12 19:14:14
-----------------------------
19:14:14.281 OS Version: Windows x64 6.1.7601 Service Pack 1
19:14:14.281 Number of processors: 4 586 0x2A07
19:14:14.281 ComputerName: *MeinName*-PC UserName: *MeinName*
19:14:14.901 Initialize success
19:14:20.151 AVAST engine defs: 12121102
19:14:24.271 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:14:24.271 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
19:14:24.281 Disk 0 MBR read successfully
19:14:24.281 Disk 0 MBR scan
19:14:24.331 Disk 0 Windows 7 default MBR code
19:14:24.331 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:14:24.341 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 100000 MB offset 206848
19:14:24.361 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 853766 MB offset 205006848
19:14:24.381 Disk 0 scanning C:\Windows\system32\drivers
19:14:30.562 Service scanning
19:14:45.064 Modules scanning
19:14:45.064 Disk 0 trace - called modules:
19:14:45.074 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:14:45.084 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006304060]
19:14:45.084 3 CLASSPNP.SYS[fffff8800186443f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80050ac050]
19:14:45.084 Scan finished successfully
19:15:19.698 Disk 0 MBR has been saved successfully to "C:\Users\*MeinName*\Desktop\MBR.dat"
19:15:19.708 The log file has been saved successfully to "C:\Users\*meinName*\Desktop\aswMBR.txt"
Code:
ATTFilter 19:17:20.0190 5608 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:17:20.0560 5608 ============================================================
19:17:20.0560 5608 Current date / time: 2012/12/12 19:17:20.0560
19:17:20.0560 5608 SystemInfo:
19:17:20.0560 5608
19:17:20.0560 5608 OS Version: 6.1.7601 ServicePack: 1.0
19:17:20.0560 5608 Product type: Workstation
19:17:20.0560 5608 ComputerName: *PcName*-PC
19:17:20.0560 5608 UserName: *MeinName*
19:17:20.0560 5608 Windows directory: C:\Windows
19:17:20.0560 5608 System windows directory: C:\Windows
19:17:20.0560 5608 Running under WOW64
19:17:20.0560 5608 Processor architecture: Intel x64
19:17:20.0560 5608 Number of processors: 4
19:17:20.0560 5608 Page size: 0x1000
19:17:20.0560 5608 Boot type: Normal boot
19:17:20.0560 5608 ============================================================
19:17:20.0910 5608 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:17:20.0920 5608 ============================================================
19:17:20.0920 5608 \Device\Harddisk0\DR0:
19:17:20.0920 5608 MBR partitions:
19:17:20.0920 5608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:17:20.0920 5608 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC350000
19:17:20.0920 5608 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC382800, BlocksNum 0x68383000
19:17:20.0920 5608 ============================================================
19:17:20.0940 5608 C: <-> \Device\Harddisk0\DR0\Partition2
19:17:20.0970 5608 D: <-> \Device\Harddisk0\DR0\Partition3
19:17:20.0970 5608 ============================================================
19:17:20.0970 5608 Initialize success
19:17:20.0970 5608 ============================================================
19:17:54.0744 4044 ============================================================
19:17:54.0744 4044 Scan started
19:17:54.0744 4044 Mode: Manual; TDLFS;
19:17:54.0744 4044 ============================================================
19:17:54.0974 4044 ================ Scan system memory ========================
19:17:54.0974 4044 System memory - ok
19:17:54.0974 4044 ================ Scan services =============================
19:17:55.0104 4044 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:17:55.0104 4044 1394ohci - ok
19:17:55.0124 4044 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:17:55.0134 4044 ACPI - ok
19:17:55.0154 4044 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:17:55.0154 4044 AcpiPmi - ok
19:17:55.0234 4044 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:17:55.0234 4044 AdobeARMservice - ok
19:17:55.0374 4044 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:17:55.0374 4044 AdobeFlashPlayerUpdateSvc - ok
19:17:55.0404 4044 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:17:55.0404 4044 adp94xx - ok
19:17:55.0434 4044 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:17:55.0444 4044 adpahci - ok
19:17:55.0474 4044 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:17:55.0474 4044 adpu320 - ok
19:17:55.0494 4044 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:17:55.0494 4044 AeLookupSvc - ok
19:17:55.0524 4044 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:17:55.0534 4044 AFD - ok
19:17:55.0554 4044 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:17:55.0554 4044 agp440 - ok
19:17:55.0614 4044 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:17:55.0614 4044 ALG - ok
19:17:55.0634 4044 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:17:55.0634 4044 aliide - ok
19:17:55.0644 4044 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:17:55.0644 4044 amdide - ok
19:17:55.0664 4044 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:17:55.0664 4044 AmdK8 - ok
19:17:55.0674 4044 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:17:55.0674 4044 AmdPPM - ok
19:17:55.0704 4044 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:17:55.0704 4044 amdsata - ok
19:17:55.0744 4044 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:17:55.0744 4044 amdsbs - ok
19:17:55.0774 4044 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:17:55.0774 4044 amdxata - ok
19:17:55.0814 4044 [ 4FC6E2C2FC50445450651F42E90CC0BD ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
19:17:55.0814 4044 Apowersoft_AudioDevice - ok
19:17:55.0854 4044 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:17:55.0854 4044 AppID - ok
19:17:55.0874 4044 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:17:55.0874 4044 AppIDSvc - ok
19:17:55.0884 4044 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:17:55.0884 4044 Appinfo - ok
19:17:55.0924 4044 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:17:55.0934 4044 Apple Mobile Device - ok
19:17:55.0954 4044 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:17:55.0954 4044 arc - ok
19:17:55.0964 4044 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:17:55.0964 4044 arcsas - ok
19:17:56.0004 4044 aspnet_state - ok
19:17:56.0044 4044 [ 912A215CE180A6E7C923C662D7EC777D ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
19:17:56.0044 4044 AsrAppCharger - ok
19:17:56.0074 4044 AsrIbDrv - ok
19:17:56.0094 4044 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:17:56.0094 4044 AsyncMac - ok
19:17:56.0134 4044 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:17:56.0134 4044 atapi - ok
19:17:56.0174 4044 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:17:56.0174 4044 AudioEndpointBuilder - ok
19:17:56.0184 4044 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:17:56.0184 4044 AudioSrv - ok
19:17:56.0284 4044 [ C48176DA44D0298A7075D3C5CF8C3D8D ] AVKProxy C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
19:17:56.0284 4044 AVKProxy - ok
19:17:56.0374 4044 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
19:17:56.0374 4044 AVKService - ok
19:17:56.0434 4044 [ 22F1444896844B0462359825EF628507 ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
19:17:56.0444 4044 AVKWCtl - ok
19:17:56.0474 4044 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:17:56.0474 4044 AxInstSV - ok
19:17:56.0484 4044 AxtuDrv - ok
19:17:56.0514 4044 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:17:56.0514 4044 b06bdrv - ok
19:17:56.0544 4044 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:17:56.0544 4044 b57nd60a - ok
19:17:56.0594 4044 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:17:56.0594 4044 BBSvc - ok
19:17:56.0634 4044 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:17:56.0634 4044 BDESVC - ok
19:17:56.0654 4044 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:17:56.0654 4044 Beep - ok
19:17:56.0684 4044 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:17:56.0694 4044 BFE - ok
19:17:56.0724 4044 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:17:56.0724 4044 BITS - ok
19:17:56.0764 4044 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:17:56.0764 4044 blbdrive - ok
19:17:56.0834 4044 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:17:56.0834 4044 Bonjour Service - ok
19:17:56.0874 4044 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:17:56.0874 4044 bowser - ok
19:17:56.0894 4044 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:17:56.0894 4044 BrFiltLo - ok
19:17:56.0904 4044 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:17:56.0904 4044 BrFiltUp - ok
19:17:56.0934 4044 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:17:56.0934 4044 Browser - ok
19:17:56.0944 4044 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:17:56.0944 4044 Brserid - ok
19:17:56.0954 4044 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:17:56.0954 4044 BrSerWdm - ok
19:17:56.0984 4044 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:17:56.0984 4044 BrUsbMdm - ok
19:17:57.0014 4044 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:17:57.0014 4044 BrUsbSer - ok
19:17:57.0034 4044 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:17:57.0034 4044 BTHMODEM - ok
19:17:57.0074 4044 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:17:57.0074 4044 bthserv - ok
19:17:57.0094 4044 [ 2BD001601496AE87F7CB86F1FCD6F1EC ] Cardex C:\Windows\SysWOW64\drivers\TBPANELX64.SYS
19:17:57.0094 4044 Cardex - ok
19:17:57.0114 4044 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:17:57.0114 4044 cdfs - ok
19:17:57.0154 4044 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:17:57.0154 4044 cdrom - ok
19:17:57.0174 4044 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:17:57.0174 4044 CertPropSvc - ok
19:17:57.0184 4044 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:17:57.0184 4044 circlass - ok
19:17:57.0214 4044 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:17:57.0224 4044 CLFS - ok
19:17:57.0254 4044 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:17:57.0254 4044 clr_optimization_v2.0.50727_32 - ok
19:17:57.0314 4044 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:17:57.0314 4044 clr_optimization_v2.0.50727_64 - ok
19:17:57.0374 4044 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:17:57.0404 4044 clr_optimization_v4.0.30319_32 - ok
19:17:57.0424 4044 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:17:57.0424 4044 clr_optimization_v4.0.30319_64 - ok
19:17:57.0454 4044 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:17:57.0454 4044 CmBatt - ok
19:17:57.0454 4044 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:17:57.0454 4044 cmdide - ok
19:17:57.0474 4044 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:17:57.0474 4044 CNG - ok
19:17:57.0504 4044 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:17:57.0504 4044 Compbatt - ok
19:17:57.0524 4044 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:17:57.0524 4044 CompositeBus - ok
19:17:57.0544 4044 COMSysApp - ok
19:17:57.0644 4044 cpuz130 - ok
19:17:57.0674 4044 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:17:57.0684 4044 crcdisk - ok
19:17:57.0714 4044 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:17:57.0714 4044 CryptSvc - ok
19:17:57.0744 4044 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:17:57.0744 4044 DcomLaunch - ok
19:17:57.0774 4044 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:17:57.0774 4044 defragsvc - ok
19:17:57.0794 4044 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:17:57.0794 4044 DfsC - ok
19:17:57.0824 4044 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:17:57.0824 4044 Dhcp - ok
19:17:57.0854 4044 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:17:57.0854 4044 discache - ok
19:17:57.0874 4044 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:17:57.0884 4044 Disk - ok
19:17:57.0894 4044 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:17:57.0904 4044 Dnscache - ok
19:17:57.0924 4044 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:17:57.0924 4044 dot3svc - ok
19:17:57.0934 4044 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:17:57.0934 4044 DPS - ok
19:17:57.0964 4044 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:17:57.0964 4044 drmkaud - ok
19:17:58.0024 4044 [ D52EEB224DF107AAD9059597F0EB95CC ] DslMNLwf C:\Windows\system32\DRIVERS\dslmnlwf.sys
19:17:58.0024 4044 DslMNLwf - ok
19:17:58.0064 4044 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:17:58.0064 4044 DXGKrnl - ok
19:17:58.0084 4044 EagleX64 - ok
19:17:58.0114 4044 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:17:58.0114 4044 EapHost - ok
19:17:58.0604 4044 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:17:58.0644 4044 ebdrv - ok
19:17:58.0664 4044 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:17:58.0664 4044 EFS - ok
19:17:58.0694 4044 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:17:58.0704 4044 ehRecvr - ok
19:17:58.0724 4044 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:17:58.0724 4044 ehSched - ok
19:17:58.0764 4044 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:17:58.0764 4044 elxstor - ok
19:17:58.0774 4044 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:17:58.0774 4044 ErrDev - ok
19:17:58.0814 4044 [ DF2F6C1E55F6E81CFC7F688380D85816 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
19:17:58.0814 4044 EtronHub3 - ok
19:17:58.0824 4044 [ E093ABFB67A4B9D94F80611A7D0A8BB9 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
19:17:58.0824 4044 EtronXHCI - ok
19:17:58.0855 4044 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:17:58.0855 4044 EventSystem - ok
19:17:58.0875 4044 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:17:58.0875 4044 exfat - ok
19:17:58.0935 4044 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:17:58.0935 4044 fastfat - ok
19:17:58.0995 4044 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:17:58.0995 4044 Fax - ok
19:17:59.0005 4044 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:17:59.0005 4044 fdc - ok
19:17:59.0015 4044 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:17:59.0015 4044 fdPHost - ok
19:17:59.0045 4044 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:17:59.0045 4044 FDResPub - ok
19:17:59.0095 4044 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:17:59.0095 4044 FileInfo - ok
19:17:59.0115 4044 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:17:59.0115 4044 Filetrace - ok
19:17:59.0135 4044 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:17:59.0135 4044 flpydisk - ok
19:17:59.0155 4044 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:17:59.0155 4044 FltMgr - ok
19:17:59.0175 4044 [ FE95AE537B41A7E2F4CFE353064DC4AF ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
19:17:59.0175 4044 FNETTBOH_305 - ok
19:17:59.0215 4044 [ 7C3C4B4C951EC1BDFD4F769D05E2CC68 ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
19:17:59.0215 4044 FNETURPX - ok
19:17:59.0285 4044 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:17:59.0295 4044 FontCache - ok
19:17:59.0375 4044 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:17:59.0375 4044 FontCache3.0.0.0 - ok
19:17:59.0395 4044 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:17:59.0395 4044 FsDepends - ok
19:17:59.0415 4044 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:17:59.0415 4044 fssfltr - ok
19:17:59.0485 4044 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:17:59.0515 4044 fsssvc - ok
19:17:59.0575 4044 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:17:59.0575 4044 Fs_Rec - ok
19:17:59.0605 4044 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:17:59.0605 4044 fvevol - ok
19:17:59.0645 4044 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:17:59.0645 4044 gagp30kx - ok
19:17:59.0675 4044 [ D201C1F6B0F5E4F202CBCB75D6352E63 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
19:17:59.0675 4044 GDBehave - ok
19:17:59.0745 4044 [ 2922B4D0AA4095797E66D87F08CA4D72 ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
19:17:59.0755 4044 GDFwSvc - ok
19:17:59.0785 4044 [ E1558301938B6CF92F7677224D3FB6F7 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
19:17:59.0785 4044 GDMnIcpt - ok
19:17:59.0815 4044 [ 5F1E5EAE8F08B6E2FABE8345E0BDFE48 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
19:17:59.0815 4044 GDPkIcpt - ok
19:17:59.0985 4044 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
19:17:59.0985 4044 GDScan - ok
19:18:00.0065 4044 [ 4ECBCAD43B7FED6F135BF108BB71434D ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
19:18:00.0065 4044 gdwfpcd - ok
19:18:00.0125 4044 [ 8E98D21EE06192492A5671A6144D092F ] GearAspiWDM C:\Windows\system32\drivers\GEARAspiWDM.sys
19:18:00.0125 4044 GearAspiWDM - ok
19:18:00.0155 4044 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:18:00.0155 4044 gpsvc - ok
19:18:00.0195 4044 [ 9580CBF03D2EE08BD1C0D701AAE4092A ] GRD C:\Windows\system32\drivers\GRD.sys
19:18:00.0195 4044 GRD - ok
19:18:00.0225 4044 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:18:00.0225 4044 gupdate - ok
19:18:00.0245 4044 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:18:00.0255 4044 gupdatem - ok
19:18:00.0285 4044 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:18:00.0285 4044 hamachi - ok
19:18:00.0315 4044 Hamachi2Svc - ok
19:18:00.0345 4044 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:18:00.0345 4044 hcw85cir - ok
19:18:00.0375 4044 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:18:00.0375 4044 HdAudAddService - ok
19:18:00.0405 4044 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:18:00.0405 4044 HDAudBus - ok
19:18:00.0425 4044 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:18:00.0425 4044 HidBatt - ok
19:18:00.0435 4044 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:18:00.0435 4044 HidBth - ok
19:18:00.0445 4044 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:18:00.0445 4044 HidIr - ok
19:18:00.0465 4044 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:18:00.0475 4044 hidserv - ok
19:18:00.0485 4044 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:18:00.0485 4044 HidUsb - ok
19:18:00.0495 4044 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:18:00.0495 4044 hkmsvc - ok
19:18:00.0525 4044 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:18:00.0525 4044 HomeGroupListener - ok
19:18:00.0535 4044 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:18:00.0545 4044 HomeGroupProvider - ok
19:18:00.0585 4044 [ 3CD18F0B3681FB267E67763CC3152D4E ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
19:18:00.0585 4044 HookCentre - ok
19:18:00.0625 4044 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:18:00.0625 4044 HpSAMD - ok
19:18:00.0655 4044 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:18:00.0665 4044 HTTP - ok
19:18:00.0675 4044 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:18:00.0675 4044 hwpolicy - ok
19:18:00.0685 4044 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:18:00.0685 4044 i8042prt - ok
19:18:00.0705 4044 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:18:00.0705 4044 iaStor - ok
19:18:00.0745 4044 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:18:00.0745 4044 IAStorDataMgrSvc - ok
19:18:00.0795 4044 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:18:00.0795 4044 iaStorV - ok
19:18:00.0835 4044 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:18:00.0845 4044 idsvc - ok
19:18:00.0875 4044 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:18:00.0875 4044 iirsp - ok
19:18:00.0905 4044 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:18:00.0915 4044 IKEEXT - ok
19:18:00.0965 4044 [ E8017F1662D9142F45CEAB694D013C00 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:18:00.0975 4044 IntcAzAudAddService - ok
19:18:00.0985 4044 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:18:00.0985 4044 intelide - ok
19:18:00.0995 4044 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:18:01.0005 4044 intelppm - ok
19:18:01.0015 4044 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:18:01.0015 4044 IPBusEnum - ok
19:18:01.0025 4044 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:18:01.0025 4044 IpFilterDriver - ok
19:18:01.0065 4044 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:18:01.0065 4044 iphlpsvc - ok
19:18:01.0085 4044 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:18:01.0085 4044 IPMIDRV - ok
19:18:01.0095 4044 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:18:01.0105 4044 IPNAT - ok
19:18:01.0165 4044 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:18:01.0165 4044 iPod Service - ok
19:18:01.0215 4044 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:18:01.0215 4044 IRENUM - ok
19:18:01.0225 4044 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:18:01.0225 4044 isapnp - ok
19:18:01.0245 4044 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:18:01.0245 4044 iScsiPrt - ok
19:18:01.0275 4044 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:18:01.0275 4044 kbdclass - ok
19:18:01.0285 4044 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:18:01.0285 4044 kbdhid - ok
19:18:01.0295 4044 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:18:01.0295 4044 KeyIso - ok
19:18:01.0325 4044 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:18:01.0325 4044 KSecDD - ok
19:18:01.0355 4044 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:18:01.0355 4044 KSecPkg - ok
19:18:01.0365 4044 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:18:01.0365 4044 ksthunk - ok
19:18:01.0395 4044 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:18:01.0405 4044 KtmRm - ok
19:18:01.0425 4044 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:18:01.0425 4044 LanmanServer - ok
19:18:01.0435 4044 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:18:01.0435 4044 LanmanWorkstation - ok
19:18:01.0465 4044 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:18:01.0465 4044 lltdio - ok
19:18:01.0485 4044 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:18:01.0495 4044 lltdsvc - ok
19:18:01.0515 4044 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:18:01.0515 4044 lmhosts - ok
19:18:01.0545 4044 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:18:01.0545 4044 LMS - ok
19:18:01.0575 4044 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:18:01.0575 4044 LSI_FC - ok
19:18:01.0585 4044 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:18:01.0595 4044 LSI_SAS - ok
19:18:01.0595 4044 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:18:01.0605 4044 LSI_SAS2 - ok
19:18:01.0605 4044 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:18:01.0615 4044 LSI_SCSI - ok
19:18:01.0625 4044 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:18:01.0625 4044 luafv - ok
19:18:01.0785 4044 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:18:01.0785 4044 Mcx2Svc - ok
19:18:01.0795 4044 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:18:01.0795 4044 megasas - ok
19:18:01.0805 4044 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:18:01.0805 4044 MegaSR - ok
19:18:01.0815 4044 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:18:01.0815 4044 MEIx64 - ok
19:18:01.0845 4044 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:18:01.0845 4044 MMCSS - ok
19:18:01.0865 4044 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:18:01.0865 4044 Modem - ok
19:18:01.0875 4044 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:18:01.0875 4044 monitor - ok
19:18:01.0905 4044 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:18:01.0905 4044 mouclass - ok
19:18:01.0925 4044 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:18:01.0925 4044 mouhid - ok
19:18:01.0935 4044 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:18:01.0935 4044 mountmgr - ok
19:18:01.0965 4044 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:18:01.0965 4044 MozillaMaintenance - ok
19:18:01.0985 4044 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:18:01.0985 4044 mpio - ok
19:18:01.0995 4044 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:18:01.0995 4044 mpsdrv - ok
19:18:02.0015 4044 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:18:02.0025 4044 MpsSvc - ok
19:18:02.0035 4044 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:18:02.0035 4044 MRxDAV - ok
19:18:02.0055 4044 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:18:02.0055 4044 mrxsmb - ok
19:18:02.0085 4044 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:18:02.0085 4044 mrxsmb10 - ok
19:18:02.0125 4044 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:18:02.0125 4044 mrxsmb20 - ok
19:18:02.0155 4044 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:18:02.0155 4044 msahci - ok
19:18:02.0185 4044 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:18:02.0185 4044 msdsm - ok
19:18:02.0205 4044 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:18:02.0205 4044 MSDTC - ok
19:18:02.0215 4044 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:18:02.0215 4044 Msfs - ok
19:18:02.0225 4044 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:18:02.0225 4044 mshidkmdf - ok
19:18:02.0235 4044 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:18:02.0235 4044 msisadrv - ok
19:18:02.0265 4044 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:18:02.0265 4044 MSiSCSI - ok
19:18:02.0265 4044 msiserver - ok
19:18:02.0295 4044 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:18:02.0295 4044 MSKSSRV - ok
19:18:02.0305 4044 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:18:02.0305 4044 MSPCLOCK - ok
19:18:02.0315 4044 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:18:02.0315 4044 MSPQM - ok
19:18:02.0325 4044 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:18:02.0335 4044 MsRPC - ok
19:18:02.0345 4044 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:18:02.0345 4044 mssmbios - ok
19:18:02.0365 4044 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:18:02.0365 4044 MSTEE - ok
19:18:02.0375 4044 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:18:02.0375 4044 MTConfig - ok
19:18:02.0395 4044 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:18:02.0395 4044 Mup - ok
19:18:02.0415 4044 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:18:02.0415 4044 napagent - ok
19:18:02.0445 4044 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:18:02.0445 4044 NativeWifiP - ok
19:18:02.0485 4044 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:18:02.0485 4044 NDIS - ok
19:18:02.0495 4044 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:18:02.0495 4044 NdisCap - ok
19:18:02.0525 4044 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:18:02.0525 4044 NdisTapi - ok
19:18:02.0535 4044 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:18:02.0535 4044 Ndisuio - ok
19:18:02.0545 4044 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:18:02.0545 4044 NdisWan - ok
19:18:02.0555 4044 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:18:02.0555 4044 NDProxy - ok
19:18:02.0565 4044 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:18:02.0565 4044 NetBIOS - ok
19:18:02.0575 4044 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:18:02.0575 4044 NetBT - ok
19:18:02.0585 4044 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:18:02.0585 4044 Netlogon - ok
19:18:02.0615 4044 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:18:02.0615 4044 Netman - ok
19:18:02.0625 4044 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:18:02.0625 4044 netprofm - ok
19:18:02.0645 4044 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:18:02.0645 4044 NetTcpPortSharing - ok
19:18:02.0665 4044 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:18:02.0665 4044 nfrd960 - ok
19:18:02.0695 4044 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:18:02.0695 4044 NlaSvc - ok
19:18:02.0715 4044 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:18:02.0715 4044 Npfs - ok
19:18:02.0715 4044 npggsvc - ok
19:18:02.0725 4044 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:18:02.0725 4044 nsi - ok
19:18:02.0735 4044 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:18:02.0735 4044 nsiproxy - ok
19:18:02.0775 4044 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:18:02.0775 4044 Ntfs - ok
19:18:02.0795 4044 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:18:02.0795 4044 Null - ok
19:18:02.0845 4044 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:18:02.0845 4044 NVHDA - ok
19:18:03.0065 4044 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:18:03.0205 4044 nvlddmkm - ok
19:18:03.0225 4044 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:18:03.0235 4044 nvraid - ok
19:18:03.0235 4044 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:18:03.0235 4044 nvstor - ok
19:18:03.0285 4044 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
19:18:03.0295 4044 nvsvc - ok
19:18:03.0355 4044 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:18:03.0365 4044 nvUpdatusService - ok
19:18:03.0375 4044 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:18:03.0375 4044 nv_agp - ok
19:18:03.0405 4044 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:18:03.0405 4044 ohci1394 - ok
19:18:03.0455 4044 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:18:03.0465 4044 ose64 - ok
19:18:03.0565 4044 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:18:03.0625 4044 osppsvc - ok
19:18:03.0655 4044 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:18:03.0665 4044 p2pimsvc - ok
19:18:03.0665 4044 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:18:03.0675 4044 p2psvc - ok
19:18:03.0695 4044 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:18:03.0695 4044 Parport - ok
19:18:03.0725 4044 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:18:03.0725 4044 partmgr - ok
19:18:03.0745 4044 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:18:03.0745 4044 PcaSvc - ok
19:18:03.0755 4044 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:18:03.0755 4044 pci - ok
19:18:03.0775 4044 [ B0B1F1F117B9AA14ECE9DF979176520F ] PciDumpr C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys
19:18:03.0775 4044 PciDumpr - ok
19:18:03.0785 4044 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:18:03.0785 4044 pciide - ok
19:18:03.0805 4044 [ 28C9AF2398DA99BCCD647A44F838949B ] PciPPorts C:\Windows\system32\DRIVERS\PciPPorts.sys
19:18:03.0805 4044 PciPPorts - ok
19:18:03.0815 4044 [ 443BCB6D87ACE6F3FCDC65B299DD3EB7 ] PciSPorts C:\Windows\system32\DRIVERS\PciSPorts.sys
19:18:03.0815 4044 PciSPorts - ok
19:18:03.0825 4044 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:18:03.0825 4044 pcmcia - ok
19:18:03.0845 4044 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:18:03.0845 4044 pcw - ok
19:18:03.0865 4044 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:18:03.0865 4044 PEAUTH - ok
19:18:03.0985 4044 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:18:03.0985 4044 PerfHost - ok
19:18:04.0005 4044 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:18:04.0025 4044 pla - ok
19:18:04.0045 4044 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:18:04.0055 4044 PlugPlay - ok
19:18:04.0085 4044 PnkBstrA - ok
19:18:04.0095 4044 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:18:04.0095 4044 PNRPAutoReg - ok
19:18:04.0105 4044 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:18:04.0105 4044 PNRPsvc - ok
19:18:04.0135 4044 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:18:04.0135 4044 PolicyAgent - ok
19:18:04.0195 4044 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:18:04.0215 4044 Power - ok
19:18:04.0255 4044 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:18:04.0255 4044 PptpMiniport - ok
19:18:04.0265 4044 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:18:04.0265 4044 Processor - ok
19:18:04.0305 4044 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:18:04.0315 4044 ProfSvc - ok
19:18:04.0325 4044 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:18:04.0325 4044 ProtectedStorage - ok
19:18:04.0335 4044 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:18:04.0335 4044 Psched - ok
19:18:04.0375 4044 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:18:04.0375 4044 ql2300 - ok
19:18:04.0395 4044 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:18:04.0395 4044 ql40xx - ok
19:18:04.0405 4044 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:18:04.0405 4044 QWAVE - ok
19:18:04.0415 4044 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:18:04.0415 4044 QWAVEdrv - ok
19:18:04.0425 4044 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:18:04.0425 4044 RasAcd - ok
19:18:04.0455 4044 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:18:04.0455 4044 RasAgileVpn - ok
19:18:04.0465 4044 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:18:04.0465 4044 RasAuto - ok
19:18:04.0475 4044 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:18:04.0475 4044 Rasl2tp - ok
19:18:04.0495 4044 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:18:04.0495 4044 RasMan - ok
19:18:04.0495 4044 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:18:04.0495 4044 RasPppoe - ok
19:18:04.0505 4044 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:18:04.0505 4044 RasSstp - ok
19:18:04.0525 4044 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:18:04.0525 4044 rdbss - ok
19:18:04.0535 4044 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:18:04.0535 4044 rdpbus - ok
19:18:04.0545 4044 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:18:04.0545 4044 RDPCDD - ok
19:18:04.0555 4044 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:18:04.0555 4044 RDPENCDD - ok
19:18:04.0565 4044 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:18:04.0565 4044 RDPREFMP - ok
19:18:04.0595 4044 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:18:04.0595 4044 RDPWD - ok
19:18:04.0595 4044 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:18:04.0595 4044 rdyboost - ok
19:18:04.0625 4044 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:18:04.0625 4044 RemoteAccess - ok
19:18:04.0635 4044 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:18:04.0635 4044 RemoteRegistry - ok
19:18:04.0645 4044 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:18:04.0645 4044 RpcEptMapper - ok
19:18:04.0655 4044 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:18:04.0655 4044 RpcLocator - ok
19:18:04.0665 4044 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:18:04.0665 4044 RpcSs - ok
19:18:04.0685 4044 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:18:04.0685 4044 rspndr - ok
19:18:04.0725 4044 [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:18:04.0725 4044 RTL8167 - ok
19:18:04.0735 4044 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:18:04.0735 4044 SamSs - ok
19:18:04.0755 4044 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:18:04.0755 4044 sbp2port - ok
19:18:04.0855 4044 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService D:\Programme\Spybot - Search & Destroy\SDWinSec.exe
19:18:04.0855 4044 SBSDWSCService - ok
19:18:04.0865 4044 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:18:04.0865 4044 SCardSvr - ok
19:18:04.0885 4044 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:18:04.0885 4044 scfilter - ok
19:18:04.0965 4044 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:18:04.0975 4044 Schedule - ok
19:18:04.0995 4044 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:18:04.0995 4044 SCPolicySvc - ok
19:18:05.0005 4044 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:18:05.0005 4044 SDRSVC - ok
19:18:05.0045 4044 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:18:05.0045 4044 SeaPort - ok
19:18:05.0055 4044 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:18:05.0055 4044 secdrv - ok
19:18:05.0075 4044 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:18:05.0075 4044 seclogon - ok
19:18:05.0095 4044 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:18:05.0095 4044 SENS - ok
19:18:05.0105 4044 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:18:05.0105 4044 SensrSvc - ok
19:18:05.0135 4044 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:18:05.0135 4044 Serenum - ok
19:18:05.0145 4044 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:18:05.0145 4044 Serial - ok
19:18:05.0175 4044 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:18:05.0175 4044 sermouse - ok
19:18:05.0195 4044 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:18:05.0195 4044 SessionEnv - ok
19:18:05.0205 4044 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:18:05.0205 4044 sffdisk - ok
19:18:05.0215 4044 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:18:05.0215 4044 sffp_mmc - ok
19:18:05.0245 4044 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:18:05.0245 4044 sffp_sd - ok
19:18:05.0295 4044 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:18:05.0295 4044 sfloppy - ok
19:18:05.0325 4044 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:18:05.0325 4044 SharedAccess - ok
19:18:05.0375 4044 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:18:05.0375 4044 ShellHWDetection - ok
19:18:05.0405 4044 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:18:05.0405 4044 SiSRaid2 - ok
19:18:05.0415 4044 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:18:05.0415 4044 SiSRaid4 - ok
19:18:05.0605 4044 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:18:05.0655 4044 Skype C2C Service - ok
19:18:05.0715 4044 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:18:05.0745 4044 SkypeUpdate - ok
19:18:05.0765 4044 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:18:05.0765 4044 Smb - ok
19:18:05.0795 4044 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:18:05.0795 4044 SNMPTRAP - ok
19:18:05.0855 4044 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
19:18:05.0855 4044 speedfan - ok
19:18:05.0855 4044 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:18:05.0865 4044 spldr - ok
19:18:05.0885 4044 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:18:05.0895 4044 Spooler - ok
19:18:06.0125 4044 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:18:06.0145 4044 sppsvc - ok
19:18:06.0165 4044 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:18:06.0175 4044 sppuinotify - ok
19:18:06.0195 4044 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:18:06.0195 4044 srv - ok
19:18:06.0215 4044 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:18:06.0215 4044 srv2 - ok
19:18:06.0245 4044 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:18:06.0245 4044 srvnet - ok
19:18:06.0295 4044 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:18:06.0295 4044 SSDPSRV - ok
19:18:06.0315 4044 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:18:06.0315 4044 SstpSvc - ok
19:18:06.0325 4044 Steam Client Service - ok
19:18:06.0355 4044 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:18:06.0365 4044 Stereo Service - ok
19:18:06.0385 4044 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:18:06.0385 4044 stexstor - ok
19:18:06.0415 4044 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:18:06.0425 4044 stisvc - ok
19:18:06.0435 4044 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:18:06.0435 4044 swenum - ok
19:18:06.0455 4044 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:18:06.0465 4044 swprv - ok
19:18:06.0485 4044 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:18:06.0495 4044 SysMain - ok
19:18:06.0515 4044 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:18:06.0515 4044 TabletInputService - ok
19:18:06.0525 4044 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:18:06.0525 4044 TapiSrv - ok
19:18:06.0545 4044 TBPanel - ok
19:18:06.0555 4044 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:18:06.0555 4044 TBS - ok
19:18:06.0605 4044 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:18:06.0615 4044 Tcpip - ok
19:18:06.0645 4044 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:18:06.0655 4044 TCPIP6 - ok
19:18:06.0675 4044 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:18:06.0675 4044 tcpipreg - ok
19:18:06.0685 4044 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:18:06.0685 4044 TDPIPE - ok
19:18:06.0775 4044 [ 1226A953D4FDBDFD570DA5CEE66EAA55 ] TDslMgrService D:\Programme\DSL-Manager_6.9\DslMgrSvc.exe
19:18:06.0785 4044 TDslMgrService - ok
19:18:06.0805 4044 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:18:06.0805 4044 TDTCP - ok
19:18:06.0835 4044 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:18:06.0835 4044 tdx - ok
19:18:06.0845 4044 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:18:06.0845 4044 TermDD - ok
19:18:06.0865 4044 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:18:06.0865 4044 TermService - ok
19:18:06.0875 4044 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:18:06.0885 4044 Themes - ok
19:18:06.0915 4044 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:18:06.0915 4044 THREADORDER - ok
19:18:06.0925 4044 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:18:06.0925 4044 TrkWks - ok
19:18:06.0975 4044 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:18:06.0975 4044 TrustedInstaller - ok
19:18:06.0985 4044 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:18:06.0985 4044 tssecsrv - ok
19:18:06.0995 4044 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:18:06.0995 4044 TsUsbFlt - ok
19:18:06.0995 4044 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:18:06.0995 4044 TsUsbGD - ok
19:18:07.0005 4044 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:18:07.0005 4044 tunnel - ok
19:18:07.0015 4044 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:18:07.0015 4044 uagp35 - ok
19:18:07.0035 4044 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:18:07.0035 4044 udfs - ok
19:18:07.0055 4044 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:18:07.0055 4044 UI0Detect - ok
19:18:07.0075 4044 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:18:07.0075 4044 uliagpkx - ok
19:18:07.0085 4044 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:18:07.0085 4044 umbus - ok
19:18:07.0105 4044 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:18:07.0105 4044 UmPass - ok
19:18:07.0285 4044 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:18:07.0295 4044 UNS - ok
19:18:07.0315 4044 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:18:07.0315 4044 upnphost - ok
19:18:07.0345 4044 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:18:07.0345 4044 usbccgp - ok
19:18:07.0345 4044 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:18:07.0345 4044 usbcir - ok
19:18:07.0365 4044 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:18:07.0365 4044 usbehci - ok
19:18:07.0375 4044 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:18:07.0385 4044 usbhub - ok
19:18:07.0395 4044 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:18:07.0395 4044 usbohci - ok
19:18:07.0415 4044 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:18:07.0415 4044 usbprint - ok
19:18:07.0455 4044 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:18:07.0455 4044 usbscan - ok
19:18:07.0465 4044 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:18:07.0465 4044 USBSTOR - ok
19:18:07.0485 4044 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:18:07.0485 4044 usbuhci - ok
19:18:07.0535 4044 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:18:07.0565 4044 UxSms - ok
19:18:07.0595 4044 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:18:07.0595 4044 VaultSvc - ok
19:18:07.0635 4044 [ 72EC34F9999A5A48CFD43F5E6BD779E4 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
19:18:07.0635 4044 VBoxDrv - ok
19:18:07.0675 4044 [ A2FE818D7F930C51ADA37C04DBCB015D ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
19:18:07.0675 4044 VBoxNetAdp - ok
19:18:07.0715 4044 [ CD37A9264C404E48BCE162D37B117B45 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
19:18:07.0715 4044 VBoxNetFlt - ok
19:18:07.0765 4044 [ F649B3D30C6F40B04BDCCD0D11A43481 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
19:18:07.0775 4044 VBoxUSBMon - ok
19:18:07.0775 4044 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:18:07.0775 4044 vdrvroot - ok
19:18:07.0785 4044 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:18:07.0795 4044 vds - ok
19:18:07.0805 4044 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:18:07.0805 4044 vga - ok
19:18:07.0805 4044 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:18:07.0805 4044 VgaSave - ok
19:18:07.0815 4044 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:18:07.0815 4044 vhdmp - ok
19:18:07.0835 4044 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:18:07.0835 4044 viaide - ok
19:18:07.0845 4044 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:18:07.0855 4044 volmgr - ok
19:18:07.0855 4044 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:18:07.0865 4044 volmgrx - ok
19:18:07.0865 4044 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:18:07.0865 4044 volsnap - ok
19:18:07.0885 4044 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:18:07.0885 4044 vsmraid - ok
19:18:07.0915 4044 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:18:07.0925 4044 VSS - ok
19:18:07.0935 4044 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:18:07.0935 4044 vwifibus - ok
19:18:07.0945 4044 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:18:07.0945 4044 W32Time - ok
19:18:07.0955 4044 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:18:07.0955 4044 WacomPen - ok
19:18:07.0975 4044 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:18:07.0975 4044 WANARP - ok
19:18:07.0975 4044 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:18:07.0975 4044 Wanarpv6 - ok
19:18:07.0995 4044 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:18:08.0005 4044 wbengine - ok
19:18:08.0025 4044 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:18:08.0035 4044 WbioSrvc - ok
19:18:08.0035 4044 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:18:08.0035 4044 wcncsvc - ok
19:18:08.0045 4044 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:18:08.0045 4044 WcsPlugInService - ok
19:18:08.0065 4044 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:18:08.0065 4044 Wd - ok
19:18:08.0115 4044 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:18:08.0115 4044 Wdf01000 - ok
19:18:08.0135 4044 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:18:08.0135 4044 WdiServiceHost - ok
19:18:08.0145 4044 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:18:08.0145 4044 WdiSystemHost - ok
19:18:08.0155 4044 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:18:08.0155 4044 WebClient - ok
19:18:08.0215 4044 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:18:08.0215 4044 Wecsvc - ok
19:18:08.0275 4044 [ A8E0E75F8411EE0FCE92F2CE65BDEEEC ] WeGameClientService D:\Programme\WeGame\WGClientService.exe
19:18:08.0285 4044 WeGameClientService - ok
19:18:08.0305 4044 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:18:08.0305 4044 wercplsupport - ok
19:18:08.0345 4044 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:18:08.0345 4044 WerSvc - ok
19:18:08.0355 4044 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:18:08.0355 4044 WfpLwf - ok
19:18:08.0355 4044 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:18:08.0355 4044 WIMMount - ok
19:18:08.0375 4044 WinDefend - ok
19:18:08.0375 4044 WinHttpAutoProxySvc - ok
19:18:08.0405 4044 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:18:08.0405 4044 Winmgmt - ok
19:18:08.0445 4044 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:18:08.0465 4044 WinRM - ok
19:18:08.0485 4044 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:18:08.0485 4044 WinUsb - ok
19:18:08.0505 4044 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:18:08.0515 4044 Wlansvc - ok
19:18:08.0565 4044 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:18:08.0575 4044 wlcrasvc - ok
19:18:08.0645 4044 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:18:08.0675 4044 wlidsvc - ok
19:18:08.0685 4044 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:18:08.0685 4044 WmiAcpi - ok
19:18:08.0715 4044 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:18:08.0715 4044 wmiApSrv - ok
19:18:08.0735 4044 WMPNetworkSvc - ok
19:18:08.0745 4044 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:18:08.0745 4044 WPCSvc - ok
19:18:08.0755 4044 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:18:08.0765 4044 WPDBusEnum - ok
19:18:08.0775 4044 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:18:08.0775 4044 ws2ifsl - ok
19:18:08.0795 4044 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:18:08.0795 4044 wscsvc - ok
19:18:08.0795 4044 WSearch - ok
19:18:08.0995 4044 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:18:09.0005 4044 wuauserv - ok
19:18:09.0035 4044 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:18:09.0035 4044 WudfPf - ok
19:18:09.0065 4044 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:18:09.0065 4044 WUDFRd - ok
19:18:09.0105 4044 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:18:09.0105 4044 wudfsvc - ok
19:18:09.0245 4044 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:18:09.0245 4044 WwanSvc - ok
19:18:09.0335 4044 X6va007 - ok
19:18:09.0375 4044 ================ Scan global ===============================
19:18:09.0395 4044 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:18:09.0435 4044 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:18:09.0445 4044 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
19:18:09.0455 4044 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:18:09.0475 4044 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:18:09.0475 4044 [Global] - ok
19:18:09.0475 4044 ================ Scan MBR ==================================
19:18:09.0495 4044 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:18:14.0917 4044 \Device\Harddisk0\DR0 - ok
19:18:14.0917 4044 ================ Scan VBR ==================================
19:18:14.0967 4044 [ 3BE3EFDF07C89CB1D99115142A2B2CA2 ] \Device\Harddisk0\DR0\Partition1
19:18:14.0967 4044 \Device\Harddisk0\DR0\Partition1 - ok
19:18:14.0977 4044 [ C2C3A49768B4A4B84ECEA9B734EAF5C3 ] \Device\Harddisk0\DR0\Partition2
19:18:14.0987 4044 \Device\Harddisk0\DR0\Partition2 - ok
19:18:14.0997 4044 [ 24FAEDF5EF53F4FB453AF3BBFD24BC4C ] \Device\Harddisk0\DR0\Partition3
19:18:14.0997 4044 \Device\Harddisk0\DR0\Partition3 - ok
19:18:14.0997 4044 ============================================================
19:18:14.0997 4044 Scan finished
19:18:14.0997 4044 ============================================================
19:18:15.0007 3964 Detected object count: 0
19:18:15.0007 3964 Actual detected object count: 0
Code:
ATTFilter # AdwCleaner v2.100 - Datei am 12/12/2012 um 19:21:41 erstellt
# Aktualisiert am 09/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : *MeinName* - *PcName*-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\*MeinName*\Desktop\adwcleaner(1).exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\*MeinName*\AppData\Roaming\Mozilla\Firefox\Profiles\1bvvms2h.default\extensions\plugin@yontoo.com
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v17.0.1 (de)
Profilname : default
Datei : C:\Users\*MeinName*\AppData\Roaming\Mozilla\Firefox\Profiles\1bvvms2h.default\prefs.js
C:\Users\*MeinName*\AppData\Roaming\Mozilla\Firefox\Profiles\1bvvms2h.default\user.js ... Gelöscht !
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1614 octets] - [12/12/2012 19:21:41]
########## EOF - C:\AdwCleaner[S1].txt - [1674 octets] ##########
DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Stephan at 19:27:18 on 2012-12-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4076.2613 [GMT 1:00]
.
AV: G Data InternetSecurity 2013 *Enabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
SP: G Data InternetSecurity 2013 *Enabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall *Enabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
D:\Programme\WeGame\WGClientService.exe
D:\Programme\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AvkBap64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Vtune\TBPANEL.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\XFastUsb\XFastUsb.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
D:\Programme\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.startfenster.com
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: G Data BankGuard: {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [ASRockXTU] <no file>
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [XFastUsb] C:\Program Files (x86)\XFastUsb\XFastUsb.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
mRun: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "D:\Programme\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Stephan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DSL-MA~1.LNK -
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - C:\Users\Stephan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{90E52540-8CF7-4CBB-AE5D-31445C91DD47} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{DEF7450E-030D-415E-B49F-D2013BBA7582} : NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\1bvvms2h.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.http - www-proxy.t-online.de
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Stephan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\1bvvms2h.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll
.
============= SERVICES / DRIVERS ===============
.
R0 GDBehave;GDBehave;C:\Windows\System32\drivers\GDBehave.sys [2012-3-23 54176]
R1 AsrAppCharger;AsrAppCharger;C:\Windows\System32\drivers\AsrAppCharger.sys [2012-3-22 15368]
R1 DslMNLwf;DSL-Manager NDIS LightWeight Filter;C:\Windows\System32\drivers\dslmnlwf.sys [2012-7-31 19008]
R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2012-3-22 15936]
R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\drivers\MiniIcpt.sys [2012-3-23 126880]
R1 gdwfpcd;G Data WFP CD;C:\Windows\System32\drivers\gdwfpcd64.sys [2012-3-23 64416]
R1 GRD;G Data Rootkit Detector Driver;C:\Windows\System32\drivers\GRD.sys [2012-10-5 106648]
R1 HookCentre;HookCentre;C:\Windows\System32\drivers\HookCentre.sys [2012-10-5 64376]
R2 AVKProxy;G Data AntiVirus Proxy;C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [2012-10-5 1542680]
R2 AVKService;G Data Scheduler;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2012-1-27 468472]
R2 AVKWCtl;G Data Dateisystem Wächter;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2012-10-5 2011568]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-22 13336]
R2 SBSDWSCService;SBSD Security Center Service;D:\Programme\Spybot - Search & Destroy\SDWinSec.exe [2012-12-9 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-3-22 2656280]
R2 WeGameClientService;WeGame Client Service;D:\Programme\WeGame\wgclientservice.exe [2012-3-27 18472]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [2012-12-5 31968]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-2-8 39936]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-2-8 64512]
R3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2012-3-23 31808]
R3 GDFwSvc;G Data Personal Firewall;C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2012-10-5 1766464]
R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\drivers\PktIcpt.sys [2012-10-5 60320]
R3 GDScan;G Data Scanner;C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe [2012-10-5 470008]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-22 344680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-3-23 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 PciDumpr;PciDumpr;C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys [2012-7-31 2144]
S3 PciPPorts;PCI ECP Parallel Port;C:\Windows\System32\drivers\PciPPorts.sys [2009-7-23 96768]
S3 PciSPorts;High-Speed PCI Serial Port;C:\Windows\System32\drivers\PciSPorts.sys [2008-12-19 122880]
S3 TDslMgrService;DSL-Manager;D:\Programme\DSL-Manager_6.9\DslMgrSvc.exe [2012-7-31 307200]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;D:\Programme\LogMeInHamachi\hamachi-2.exe -s --> D:\Programme\LogMeInHamachi\hamachi-2.exe -s [?]
S4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-12-12 15:10:23 -------- d-sh--w- C:\Windows\System32\%APPDATA%
2012-12-12 07:54:11 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-12 07:54:11 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-11 11:56:59 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B393096-6394-468E-861E-86C62FF3E101}\mpengine.dll
2012-12-11 08:22:33 -------- d-----w- C:\Users\Stephan\AppData\Local\Apps
2012-12-10 21:51:31 -------- d-----w- C:\Users\Stephan\AppData\Roaming\Malwarebytes
2012-12-10 21:51:22 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-10 21:51:21 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-10 21:24:30 -------- d-----w- C:\Users\Stephan\AppData\Roaming\SpeedyPC Software
2012-12-10 21:24:30 -------- d-----w- C:\Users\Stephan\AppData\Roaming\DriverCure
2012-12-10 21:24:06 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-12-09 11:21:03 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-12-09 11:07:24 -------- d-----w- C:\Program Files\Enigma Software Group
2012-12-09 10:53:50 -------- d-----w- C:\Windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-12-06 15:45:44 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-06 15:45:44 -------- d-----w- C:\Program Files\iTunes
2012-12-06 15:45:44 -------- d-----w- C:\Program Files\iPod
2012-12-05 16:03:34 29784 ----atw- C:\Users\Stephan\AppData\Roaming\Microsoft\qwadjb.dll
2012-12-05 16:03:34 17472 ----atw- C:\Users\Stephan\AppData\Roaming\Microsoft\rsaadjd.dll
2012-12-05 16:03:34 17472 ----atw- C:\Users\Stephan\AppData\Roaming\Microsoft\1eaadjc.dll
2012-12-05 16:03:34 16448 ----atw- C:\Users\Stephan\AppData\Roaming\Microsoft\kfgresk.dll
2012-12-05 16:03:34 14456 ----atw- C:\Users\Stephan\AppData\Roaming\Microsoft\mjcriu.dll
2012-12-05 16:03:34 12352 ----atw- C:\Users\Stephan\AppData\Roaming\Microsoft\peaadje.dll
2012-12-05 15:47:03 1758720 ----atw- C:\Users\Stephan\AppData\Roaming\Microsoft\engine_vx.dll
2012-12-05 15:47:02 18724 ----atw- C:\Users\Stephan\AppData\Roaming\Microsoft\bass.dll
2012-12-05 15:47:02 105016 ----atw- C:\Users\Stephan\AppData\Roaming\Microsoft\~DFK376384.tmp
2012-12-05 15:42:07 257784 ----a-w- C:\Windows\SysWow64\BytescoutScreenCapturingFilter.dll
2012-12-05 15:42:07 175864 ----a-w- C:\Windows\SysWow64\BytescoutVideoMixerFilter.dll
2012-12-05 15:42:05 65536 ---ha-w- C:\Windows\SysWow64\WebCamLib.dll
2012-12-05 15:42:05 574200 ---ha-w- C:\Windows\System32\BytescoutScreenCapturing.dll
2012-12-05 15:42:05 421624 ----a-w- C:\Windows\SysWow64\BytescoutScreenCapturing.dll
2012-12-05 15:42:05 362232 ---ha-w- C:\Windows\System32\BytescoutScreenCapturingFilter.dll
2012-12-05 15:42:05 31968 ---ha-w- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys
2012-12-05 15:42:05 231672 ---ha-w- C:\Windows\System32\BytescoutVideoMixerFilter.dll
2012-12-05 15:42:05 -------- d-----w- C:\Users\Stephan\AppData\Roaming\Apowersoft
2012-12-05 15:41:47 -------- d-----w- C:\Users\Stephan\AppData\Local\Programs
2012-12-01 11:55:12 -------- d-----w- C:\Users\Stephan\AppData\Local\CombiTech
2012-12-01 08:14:33 -------- d-----w- C:\Users\Stephan\AppData\Local\SCE
2012-12-01 08:13:56 -------- d-----w- C:\Crash
2012-12-01 08:13:55 -------- d-----w- C:\Users\Stephan\AppData\Local\Sony Online Entertainment
2012-11-21 09:10:50 221504 ----a-w- C:\Windows\SysWow64\TABCTL32.OCX
2012-11-17 08:39:36 -------- d-----w- C:\ProgramData\SeaTTY
2012-11-16 18:42:26 -------- d-----w- C:\Users\Stephan\NBEMS.files
2012-11-16 18:42:26 -------- d-----w- C:\Users\Stephan\fldigi.files
2012-11-16 18:42:26 -------- d-----w- C:\Users\Stephan\AppData\Roaming\fltk.org
2012-11-16 18:42:26 -------- d-----w- C:\ProgramData\fltk.org
2012-11-15 17:20:18 -------- d-----w- C:\ProgramData\JVComm32
2012-11-15 17:20:18 -------- d-----w- C:\Program Files (x86)\JVComm32
2012-11-15 15:25:12 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-15 15:25:12 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-15 15:25:12 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-15 15:25:12 2560 ----a-w- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
2012-11-15 15:20:42 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-15 15:20:42 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-15 15:20:42 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-15 15:20:42 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-15 15:20:41 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-15 15:20:41 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-15 15:20:41 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-15 12:45:58 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-11-15 12:45:58 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-11-14 16:53:39 10752 ----a-w- C:\Windows\System32\E_GCINST.DLL
2012-11-14 16:53:36 120320 ----a-w- C:\Windows\System32\E_YLMHTU.DLL
2012-11-14 16:53:35 83968 ----a-w- C:\Windows\System32\E_YD4BHTU.DLL
2012-11-13 20:30:01 -------- d-----w- C:\Users\Stephan\VirtualBox VMs
2012-11-13 20:29:23 -------- d-----w- C:\Users\Stephan\.VirtualBox
2012-11-13 15:43:45 237400 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2012-11-13 15:33:38 119640 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
.
==================== Find3M ====================
.
2012-12-12 13:48:54 910139 ----a-w- C:\Windows\SysWow64\sig.bin
2012-12-11 21:54:28 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 21:54:28 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-05 21:35:16 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-11-05 20:41:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-11-05 20:32:16 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-11-05 20:32:09 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-27 13:53:33 106496 ----a-w- C:\Windows\SysWow64\ATL71.DLL
2012-10-26 18:00:50 131416 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2012-10-26 17:59:44 203608 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll
2012-10-26 17:59:44 146264 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys
2012-10-25 02:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-10-22 18:15:57 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-10-22 18:15:57 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-10-22 18:12:13 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-10 19:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll
2012-10-10 19:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll
2012-10-10 19:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll
2012-10-10 19:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2012-10-10 19:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll
2012-10-10 19:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2012-10-10 19:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2012-10-10 19:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-05 18:11:09 16504 ----a-w- C:\Windows\System32\drivers\GdPhyMem.sys
2012-10-05 18:11:07 106648 ----a-w- C:\Windows\System32\drivers\GRD.sys
2012-10-05 18:08:48 60320 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys
2012-10-05 18:07:36 64416 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys
2012-10-05 18:07:36 54176 ----a-w- C:\Windows\System32\drivers\GDBehave.sys
2012-10-05 18:07:36 126880 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys
2012-10-05 17:24:49 64376 ----a-w- C:\Windows\System32\drivers\HookCentre.sys
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-10-02 19:51:15 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-10-02 19:51:11 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-10-02 19:51:04 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2012-10-02 19:50:57 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-10-02 19:50:57 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-10-02 19:50:57 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-10-02 19:50:57 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-10-02 11:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-10-01 15:23:43 104904 ----a-w- C:\Windows\SysWow64\drivers\GRD.sys
2012-09-24 21:16:33 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-23 07:37:12 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-23 07:37:11 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-15 19:33:46 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
.
============= FINISH: 19:27:58,53 ===============
attach.txt: Code:
ATTFilter . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 22.03.2012 20:52:29 System Uptime: 12.12.2012 19:22:38 (0 hours ago) . Motherboard: ASRock | | H67M Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz | CPUSocket | 3301/100mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 98 GiB total, 35,739 GiB free. D: is FIXED (NTFS) - 834 GiB total, 635,707 GiB free. E: is CDROM () H: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . 3DMark06 A.V.A Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) - Deutsch Adobe Shockwave Player 11.6 ANNO 1503 Apple Application Support Apple Mobile Device Support Apple Software Update applicationupdater Ashampoo Photo Commander 9 v.9.4.2 ASRock App Charger v1.0.4 ASRock eXtreme Tuner v0.1.27 ASRock InstantBoot v1.26 Battlefield 3™ Battlefield Play4Free Battlelog Web Plugins Bing Bar Bonjour CCleaner CDBurnerXP Crossfire Europe Crysis Crysis 2 Maximum Edition Crysis Warhead Crysis Wars CwGet V2.26 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition DHTML Editing Component Digital Image Recovery 1.47 Druckerdeinstallation für EPSON BX535WD Series DSL-Manager Emicsoft MOV Converter EPSON Scan ESN Sonar Etron USB3.0 Host Controller EVEREST Home Edition v2.20 Fldigi 3.21.61 FormatFactory 2.96 Futuremark SystemInfo G Data InternetSecurity 2013 gamelauncher-ps2-psg Geeks3D.com FurMark 1.9.2 Google Earth Google Earth Plug-in Google Update Helper Half-Life 2 Half-Life 2: Deathmatch Half-Life 2: Episode One Half-Life 2: Episode Two Half-Life 2: Lost Coast HyperCam 3 Intel(R) Management Engine Components Intel(R) Rapid Storage Technology iTunes Jack James Cameron's AVATAR(tm): DAS SPIEL James Cameron's AVATAR(tm): DAS SPIEL (Demo) Java 7 Update 9 Java Auto Updater JavaFX 2.1.1 Junk Mail filter update JVComm32 LogMeIn Hamachi Malwarebytes Anti-Malware Version 1.65.1.1000 Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (German) 2010 Microsoft Office Excel MUI (German) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (German) 2010 Microsoft Office Outlook MUI (German) 2010 Microsoft Office PowerPoint MUI (German) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Italian) 2010 Microsoft Office Proofing (German) 2010 Microsoft Office Publisher MUI (German) 2010 Microsoft Office Shared 32-bit MUI (German) 2010 Microsoft Office Shared MUI (German) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (German) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mouse Editor Mozilla Firefox 17.0.1 (x86 de) Mozilla Maintenance Service Mscan Meteo MSVCRT MSVCRT Redists MSVCRT_amd64 Nikon Message Center 2 Nikon Movie Editor NVIDIA 3D Vision Controller-Treiber 296.10 NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision Treiber 306.97 NVIDIA Grafiktreiber 306.97 NVIDIA HD-Audiotreiber 1.3.12.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX-Systemsoftware 9.12.0213 NVIDIA Stereoscopic 3D Driver NVIDIA Systemsteuerung 306.97 NVIDIA Update 1.10.8 NVIDIA Update Components OpenAL Oracle VM VirtualBox 4.2.4 Origin Pando Media Booster PhotoImpact X3 Picture Control Utility x64 PlanetSide 2 PunkBuster Services QuickTime REACTOR Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver RollerCoaster Tycoon 3 RX-SSTV Version 1.2.3 Sanctum Screen Recording Suite V2.5.0 SeaTTY V2.36 Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870) Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition Skype Click to Call Skype™ 6.0 Source SDK Base 2007 SpeedFan (remove only) Spybot - Search & Destroy Steam swMSM TechPowerUp GPU-Z Ulead PhotoImpact X3 Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition Vegas Movie Studio HD 11.0 ViewNX 2 Visual Studio C++ 10.0 Runtime VLC media player 2.0.4 Vtune 7.21 WeGame Client 2.4.3.0 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 (64-Bit) XFastUsb . ==== End Of File =========================== |
|
12.12.2012, 19:52
| #8 | ||
| /// TB-Ausbilder | AdWare Servads löschen Okay Schritt 1: Deinstalliere Spybot, Cclenaer, Spyware Hunter, Bing Bar Schritt 2: Scan mit Combofix
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
12.12.2012, 20:01
| #9 |
| | AdWare Servads löschen Spyware Hunter gibts in meiner Software-Liste in der Systemsteuerung garnicht... ist das vllt. ein Teil eines andersnamigen Programms? Oder ist es dort garnicht gelistet? Ccleaner konnte außerdem nur Teile automatisch entfernen. Den letzten Rest "solle ich manuell entfernen"nur... wo finde ich die letzten Reste? Danke schonmal für Deine bisherige Hilfe |
|
12.12.2012, 20:03
| #10 |
| /// TB-Ausbilder | AdWare Servads löschen Dann weiter ....
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
12.12.2012, 20:28
| #11 |
| | AdWare Servads löschen Fertig Code:
ATTFilter ComboFix 12-12-10.01 - Stephan 12.12.2012 20:18:57.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4076.2578 [GMT 1:00]
ausgeführt von:: c:\users\Stephan\Desktop\ComboFix.exe
AV: G Data InternetSecurity 2013 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2013 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\EPLog.txt
c:\users\Stephan\AppData\Roaming\Microsoft\~DFK376384.tmp
c:\users\Stephan\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Stephan\AppData\Roaming\Microsoft\bass.dll
c:\users\Stephan\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Stephan\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Stephan\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Stephan\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Stephan\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Stephan\AppData\Roaming\Microsoft\rsaadjd.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
c:\windows\UA000096.DLL
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-12 bis 2012-12-12 ))))))))))))))))))))))))))))))
.
.
2012-12-12 19:22 . 2012-12-12 19:22 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-12 19:22 . 2012-12-12 19:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-12 19:16 . 2012-12-12 19:16 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B393096-6394-468E-861E-86C62FF3E101}\offreg.dll
2012-12-12 15:10 . 2012-12-12 15:10 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-12-12 14:58 . 2012-12-12 14:58 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-12 07:54 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 07:54 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-11 11:56 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B393096-6394-468E-861E-86C62FF3E101}\mpengine.dll
2012-12-11 08:22 . 2012-12-11 08:22 -------- d-----w- c:\users\Stephan\AppData\Local\Apps
2012-12-10 21:51 . 2012-12-10 21:51 -------- d-----w- c:\users\Stephan\AppData\Roaming\Malwarebytes
2012-12-10 21:51 . 2012-12-10 21:51 -------- d-----w- c:\programdata\Malwarebytes
2012-12-10 21:51 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-10 21:24 . 2012-12-10 21:24 -------- d-----w- c:\users\Stephan\AppData\Roaming\SpeedyPC Software
2012-12-10 21:24 . 2012-12-10 21:24 -------- d-----w- c:\users\Stephan\AppData\Roaming\DriverCure
2012-12-10 21:24 . 2012-12-10 21:34 -------- d-----w- c:\programdata\SpeedyPC Software
2012-12-09 11:21 . 2012-12-12 18:56 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-09 11:07 . 2012-12-09 11:07 -------- d-----w- c:\program files\Enigma Software Group
2012-12-09 10:53 . 2012-12-09 12:50 -------- d-----w- c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-12-06 15:45 . 2012-12-06 15:45 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-06 15:45 . 2012-12-06 15:45 -------- d-----w- c:\program files\iTunes
2012-12-06 15:45 . 2012-12-06 15:45 -------- d-----w- c:\program files\iPod
2012-12-05 15:42 . 2012-02-29 19:39 257784 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2012-12-05 15:42 . 2012-02-29 19:39 175864 ----a-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2012-12-05 15:42 . 2012-12-05 15:42 -------- d-----w- c:\users\Stephan\AppData\Roaming\Apowersoft
2012-12-05 15:42 . 2012-10-08 18:52 31968 ---ha-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2012-12-05 15:42 . 2012-02-29 19:39 421624 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
2012-12-05 15:42 . 2012-02-29 19:39 362232 ---ha-w- c:\windows\system32\BytescoutScreenCapturingFilter.dll
2012-12-05 15:42 . 2012-02-29 19:39 231672 ---ha-w- c:\windows\system32\BytescoutVideoMixerFilter.dll
2012-12-05 15:42 . 2012-02-29 19:39 574200 ---ha-w- c:\windows\system32\BytescoutScreenCapturing.dll
2012-12-05 15:42 . 2008-09-23 18:23 65536 ---ha-w- c:\windows\SysWow64\WebCamLib.dll
2012-12-05 15:41 . 2012-12-05 15:41 -------- d-----w- c:\users\Stephan\AppData\Local\Programs
2012-12-01 11:55 . 2012-12-01 11:55 -------- d-----w- c:\users\Stephan\AppData\Local\CombiTech
2012-12-01 08:14 . 2012-12-01 08:14 -------- d-----w- c:\users\Stephan\AppData\Local\SCE
2012-12-01 08:13 . 2012-12-01 08:13 -------- d-----w- C:\Crash
2012-12-01 08:13 . 2012-12-01 08:14 -------- d-----w- c:\users\Stephan\AppData\Local\Sony Online Entertainment
2012-11-21 09:10 . 2009-03-24 11:52 221504 ----a-w- c:\windows\SysWow64\TABCTL32.OCX
2012-11-17 08:39 . 2012-11-17 08:39 -------- d-----w- c:\programdata\SeaTTY
2012-11-16 18:42 . 2012-12-05 18:13 -------- d-----w- c:\users\Stephan\fldigi.files
2012-11-16 18:42 . 2012-11-16 18:42 -------- d-----w- c:\users\Stephan\NBEMS.files
2012-11-16 18:42 . 2012-11-16 18:42 -------- d-----w- c:\users\Stephan\AppData\Roaming\fltk.org
2012-11-16 18:42 . 2012-11-16 18:42 -------- d-----w- c:\programdata\fltk.org
2012-11-15 17:20 . 2012-11-15 17:20 -------- d-----w- c:\programdata\JVComm32
2012-11-15 17:20 . 2012-11-15 17:20 -------- d-----w- c:\program files (x86)\JVComm32
2012-11-15 15:25 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-15 15:25 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 15:25 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 15:25 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 15:20 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 15:20 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 15:20 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 15:20 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 15:20 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 15:20 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 15:20 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 12:45 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 12:45 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 16:53 . 2012-11-14 16:52 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2012-11-14 16:53 . 2012-11-14 16:52 120320 ----a-w- c:\windows\system32\E_YLMHTU.DLL
2012-11-14 16:53 . 2012-11-14 16:52 83968 ----a-w- c:\windows\system32\E_YD4BHTU.DLL
2012-11-13 20:30 . 2012-11-13 20:30 -------- d-----w- c:\users\Stephan\VirtualBox VMs
2012-11-13 20:29 . 2012-11-13 20:39 -------- d-----w- c:\users\Stephan\.VirtualBox
2012-11-13 15:43 . 2012-10-26 18:01 237400 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-11-13 15:33 . 2012-10-26 17:59 119640 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 15:21 . 2012-03-23 18:51 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-11 21:54 . 2012-03-30 17:43 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 21:54 . 2012-03-23 15:53 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-27 14:14 . 2012-10-27 14:14 61440 ----a-r- c:\users\Stephan\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2012-10-27 13:53 . 2012-10-27 14:00 106496 ----a-w- c:\windows\SysWow64\ATL71.DLL
2012-10-26 18:00 . 2012-10-26 18:00 131416 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-10-26 17:59 . 2012-10-26 17:59 203608 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2012-10-26 17:59 . 2012-10-26 17:59 146264 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-22 18:15 . 2012-08-09 21:13 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-22 18:15 . 2012-03-23 16:20 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-10-22 18:12 . 2012-08-09 21:13 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-10-16 08:38 . 2012-11-28 14:58 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 14:58 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 14:58 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 19:23 . 2012-10-10 19:23 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-10 19:23 . 2012-10-10 19:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-10 19:23 . 2012-10-10 19:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-10 19:23 . 2012-10-10 19:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-10 19:23 . 2012-10-10 19:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-10 19:23 . 2012-10-10 19:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-10 19:23 . 2012-10-10 19:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-10 19:23 . 2012-10-10 19:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-10 19:23 . 2012-10-10 19:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-10 19:23 . 2012-10-10 19:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-10 19:23 . 2012-03-22 20:13 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-10 19:23 . 2012-03-23 15:29 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-10 19:23 . 2012-03-23 15:29 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-10 19:23 . 2012-10-10 19:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-10 19:23 . 2012-03-22 20:13 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-10 19:22 . 2012-03-22 20:13 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-10 19:22 . 2012-10-10 19:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-10 19:22 . 2012-03-22 20:13 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-10 19:22 . 2012-03-23 15:29 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-10 19:22 . 2012-10-10 19:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-10 19:22 . 2012-10-10 19:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-10 19:22 . 2012-10-10 19:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 19:22 . 2012-10-10 19:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-05 18:11 . 2012-10-05 18:11 16504 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys
2012-10-05 18:11 . 2012-10-05 18:11 106648 ----a-w- c:\windows\system32\drivers\GRD.sys
2012-10-05 18:08 . 2012-10-05 17:24 60320 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2012-10-05 18:07 . 2012-03-23 16:08 54176 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2012-10-05 18:07 . 2012-03-23 16:07 126880 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2012-10-05 18:07 . 2012-03-23 16:06 64416 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
2012-10-05 17:24 . 2012-10-05 17:24 64376 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2012-10-04 16:40 . 2012-12-12 07:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-02 19:51 . 2012-03-23 15:31 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-03-22 20:14 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-03-22 20:14 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-03-22 20:14 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-03-22 20:14 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-03-22 20:14 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2012-03-22 20:14 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 11:15 . 2012-10-02 11:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-10-01 15:23 . 2012-03-23 18:18 104904 ----a-w- c:\windows\SysWow64\drivers\GRD.sys
2012-09-24 21:16 . 2012-09-23 07:37 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-23 07:37 . 2012-06-19 15:40 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-23 07:37 . 2012-06-19 15:40 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-15 19:33 . 2012-03-23 16:17 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TBPanel"="c:\program files (x86)\Vtune\TBPanel.exe" [2011-08-02 2248704]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2012-02-22 3325952]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE" [2012-11-14 241280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"XFastUsb"="c:\program files (x86)\XFastUsb\XFastUsb.exe" [2012-03-22 4942336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2012-09-17 995352]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2012-01-27 1470968]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
"Ulead AutoDetector v2"="c:\program files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2007-08-02 95504]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="d:\programme\iTunes\iTunesHelper.exe" [2012-11-28 151952]
.
c:\users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - [N/A]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - d:\programme\DSL-Manager_6.9\DslMgr.exe [2012-7-31 1085440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AsrIbDrv;AsrIbDrv;c:\windows\SysWOW64\Drivers\AsrIbDrv.sys [x]
R3 AxtuDrv;AxtuDrv;c:\windows\SysWOW64\Drivers\AxtuDrv.sys [x]
R3 cpuz130;cpuz130;c:\users\Stephan\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 PciDumpr;PciDumpr;c:\program files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys [2001-01-26 2144]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\DRIVERS\PciPPorts.sys [2009-07-23 96768]
R3 PciSPorts;High-Speed PCI Serial Port;c:\windows\system32\DRIVERS\PciSPorts.sys [2008-12-19 122880]
R3 TDslMgrService;DSL-Manager;d:\programme\DSL-Manager_6.9\DslMgrSvc.exe [2008-10-23 307200]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 X6va007;X6va007;c:\users\Stephan\AppData\Local\Temp\007ABE8.tmp [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\programme\LogMeInHamachi\hamachi-2.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2012-10-05 54176]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [2010-06-11 15368]
S1 DslMNLwf;DSL-Manager NDIS LightWeight Filter;c:\windows\system32\DRIVERS\dslmnlwf.sys [2007-08-01 19008]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2012-03-22 15936]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2012-10-05 126880]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [2012-10-05 64416]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2012-10-05 106648]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2012-10-05 64376]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-10-26 237400]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-10-26 119640]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [2012-08-23 1542680]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2012-01-27 468472]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2012-08-30 2011568]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 WeGameClientService;WeGame Client Service;d:\programme\WeGame\WGClientService.exe [2011-07-28 18472]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2012-10-08 31968]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-02-08 39936]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-02-08 64512]
S3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [2012-03-23 31808]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2012-06-04 1766464]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2012-10-05 60320]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G DATA\GDScan\GDScan.exe [2012-03-29 470008]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-26 131416]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-10-26 146264]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 21:54]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-02 15:49]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-02 15:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.startfenster.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Stephan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{DEF7450E-030D-415E-B49F-D2013BBA7582}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\1bvvms2h.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.http - www-proxy.t-online.de
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ASRockXTU - (no file)
Wow6432Node-HKCU-Run-zASRockInstantBoot - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Steam App 220 - c:\program files (x86)\Steam\steam.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va007]
"ImagePath"="\??\c:\users\Stephan\AppData\Local\Temp\007ABE8.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-947829332-907023176-1988660606-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-947829332-907023176-1988660606-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-947829332-907023176-1988660606-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-947829332-907023176-1988660606-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.14"
.
[HKEY_USERS\S-1-5-21-947829332-907023176-1988660606-1000\Software\SecuROM\License information*]
"datasecu"=hex:e2,73,bd,42,53,22,7b,82,ee,34,e7,18,e0,67,7d,4c,27,60,30,52,58,
5e,82,90,35,6b,f8,ef,c0,99,fb,a3,12,75,74,76,b0,03,87,21,ec,79,d7,29,83,17,\
"rkeysecu"=hex:7d,40,10,cb,c7,39,e0,67,0a,69,a8,47,07,da,5b,5c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-12 20:26:05
ComboFix-quarantined-files.txt 2012-12-12 19:26
.
Vor Suchlauf: 11 Verzeichnis(se), 45.438.410.752 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 46.367.596.544 Bytes frei
.
- - End Of File - - 38B44283BE69512F0C34C37D9200494B
|
|
12.12.2012, 20:33
| #12 | ||
| /// TB-Ausbilder | AdWare Servads löschen Okay dann weiter: Schritt 1: Windows-Defender abschalten Da du einen anderen Virenscanner benutzt solltest du dringend den windowseigenen Scanner abschalten:
Schritt 2: Combofix-Skript
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
12.12.2012, 21:07
| #13 |
| | AdWare Servads löschen Fertig: Code:
ATTFilter ComboFix 12-12-10.01 - Stephan 12.12.2012 20:54:55.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4076.2360 [GMT 1:00]
ausgeführt von:: c:\users\Stephan\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Stephan\Desktop\CFScript.txt
AV: G Data InternetSecurity 2013 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2013 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Stephan\AppData\Local\Temp\007ABE8.tmp"
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA007
-------\Service_X6va007
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-12 bis 2012-12-12 ))))))))))))))))))))))))))))))
.
.
2012-12-12 19:57 . 2012-12-12 19:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-12 15:20 . 2012-11-14 05:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-12 15:10 . 2012-12-12 15:10 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-12-12 14:58 . 2012-12-12 14:58 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-12 07:54 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 07:54 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-11 11:56 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0B393096-6394-468E-861E-86C62FF3E101}\mpengine.dll
2012-12-11 08:22 . 2012-12-11 08:22 -------- d-----w- c:\users\Stephan\AppData\Local\Apps
2012-12-10 21:51 . 2012-12-10 21:51 -------- d-----w- c:\users\Stephan\AppData\Roaming\Malwarebytes
2012-12-10 21:51 . 2012-12-10 21:51 -------- d-----w- c:\programdata\Malwarebytes
2012-12-10 21:51 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-10 21:24 . 2012-12-10 21:24 -------- d-----w- c:\users\Stephan\AppData\Roaming\SpeedyPC Software
2012-12-10 21:24 . 2012-12-10 21:24 -------- d-----w- c:\users\Stephan\AppData\Roaming\DriverCure
2012-12-10 21:24 . 2012-12-10 21:34 -------- d-----w- c:\programdata\SpeedyPC Software
2012-12-09 11:21 . 2012-12-12 18:56 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-09 11:07 . 2012-12-09 11:07 -------- d-----w- c:\program files\Enigma Software Group
2012-12-09 10:53 . 2012-12-09 12:50 -------- d-----w- c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-12-06 15:45 . 2012-12-06 15:45 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-06 15:45 . 2012-12-06 15:45 -------- d-----w- c:\program files\iTunes
2012-12-06 15:45 . 2012-12-06 15:45 -------- d-----w- c:\program files\iPod
2012-12-05 15:42 . 2012-02-29 19:39 257784 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturingFilter.dll
2012-12-05 15:42 . 2012-02-29 19:39 175864 ----a-w- c:\windows\SysWow64\BytescoutVideoMixerFilter.dll
2012-12-05 15:42 . 2012-12-05 15:42 -------- d-----w- c:\users\Stephan\AppData\Roaming\Apowersoft
2012-12-05 15:42 . 2012-10-08 18:52 31968 ---ha-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2012-12-05 15:42 . 2012-02-29 19:39 421624 ----a-w- c:\windows\SysWow64\BytescoutScreenCapturing.dll
2012-12-05 15:42 . 2012-02-29 19:39 362232 ---ha-w- c:\windows\system32\BytescoutScreenCapturingFilter.dll
2012-12-05 15:42 . 2012-02-29 19:39 231672 ---ha-w- c:\windows\system32\BytescoutVideoMixerFilter.dll
2012-12-05 15:42 . 2012-02-29 19:39 574200 ---ha-w- c:\windows\system32\BytescoutScreenCapturing.dll
2012-12-05 15:42 . 2008-09-23 18:23 65536 ---ha-w- c:\windows\SysWow64\WebCamLib.dll
2012-12-05 15:41 . 2012-12-05 15:41 -------- d-----w- c:\users\Stephan\AppData\Local\Programs
2012-12-01 11:55 . 2012-12-01 11:55 -------- d-----w- c:\users\Stephan\AppData\Local\CombiTech
2012-12-01 08:14 . 2012-12-01 08:14 -------- d-----w- c:\users\Stephan\AppData\Local\SCE
2012-12-01 08:13 . 2012-12-01 08:13 -------- d-----w- C:\Crash
2012-12-01 08:13 . 2012-12-01 08:14 -------- d-----w- c:\users\Stephan\AppData\Local\Sony Online Entertainment
2012-11-21 09:10 . 2009-03-24 11:52 221504 ----a-w- c:\windows\SysWow64\TABCTL32.OCX
2012-11-17 08:39 . 2012-11-17 08:39 -------- d-----w- c:\programdata\SeaTTY
2012-11-16 18:42 . 2012-12-05 18:13 -------- d-----w- c:\users\Stephan\fldigi.files
2012-11-16 18:42 . 2012-11-16 18:42 -------- d-----w- c:\users\Stephan\NBEMS.files
2012-11-16 18:42 . 2012-11-16 18:42 -------- d-----w- c:\users\Stephan\AppData\Roaming\fltk.org
2012-11-16 18:42 . 2012-11-16 18:42 -------- d-----w- c:\programdata\fltk.org
2012-11-15 17:20 . 2012-11-15 17:20 -------- d-----w- c:\programdata\JVComm32
2012-11-15 17:20 . 2012-11-15 17:20 -------- d-----w- c:\program files (x86)\JVComm32
2012-11-15 15:25 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-15 15:25 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 15:25 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 15:25 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 15:20 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 15:20 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 15:20 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 15:20 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 15:20 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 15:20 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 15:20 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 12:45 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-15 12:45 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 16:53 . 2012-11-14 16:52 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2012-11-14 16:53 . 2012-11-14 16:52 120320 ----a-w- c:\windows\system32\E_YLMHTU.DLL
2012-11-14 16:53 . 2012-11-14 16:52 83968 ----a-w- c:\windows\system32\E_YD4BHTU.DLL
2012-11-13 20:30 . 2012-11-13 20:30 -------- d-----w- c:\users\Stephan\VirtualBox VMs
2012-11-13 20:29 . 2012-11-13 20:39 -------- d-----w- c:\users\Stephan\.VirtualBox
2012-11-13 15:43 . 2012-10-26 18:01 237400 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-11-13 15:33 . 2012-10-26 17:59 119640 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 15:21 . 2012-03-23 18:51 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-11 21:54 . 2012-03-30 17:43 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 21:54 . 2012-03-23 15:53 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-27 14:14 . 2012-10-27 14:14 61440 ----a-r- c:\users\Stephan\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2012-10-27 13:53 . 2012-10-27 14:00 106496 ----a-w- c:\windows\SysWow64\ATL71.DLL
2012-10-26 18:00 . 2012-10-26 18:00 131416 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-10-26 17:59 . 2012-10-26 17:59 203608 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2012-10-26 17:59 . 2012-10-26 17:59 146264 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-22 18:15 . 2012-08-09 21:13 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-22 18:15 . 2012-03-23 16:20 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-10-22 18:12 . 2012-08-09 21:13 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-10-16 08:38 . 2012-11-28 14:58 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 14:58 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 14:58 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 19:23 . 2012-10-10 19:23 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-10 19:23 . 2012-10-10 19:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-10 19:23 . 2012-10-10 19:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-10 19:23 . 2012-10-10 19:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-10 19:23 . 2012-10-10 19:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-10 19:23 . 2012-10-10 19:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-10 19:23 . 2012-10-10 19:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-10 19:23 . 2012-10-10 19:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-10 19:23 . 2012-10-10 19:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-10 19:23 . 2012-10-10 19:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-10 19:23 . 2012-03-22 20:13 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-10 19:23 . 2012-03-23 15:29 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-10 19:23 . 2012-03-23 15:29 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-10 19:23 . 2012-10-10 19:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-10 19:23 . 2012-10-10 19:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-10 19:23 . 2012-03-22 20:13 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-10 19:22 . 2012-03-22 20:13 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-10 19:22 . 2012-10-10 19:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-10 19:22 . 2012-03-22 20:13 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-10 19:22 . 2012-03-23 15:29 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-10 19:22 . 2012-10-10 19:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-10 19:22 . 2012-10-10 19:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-10 19:22 . 2012-10-10 19:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 19:22 . 2012-10-10 19:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-05 18:11 . 2012-10-05 18:11 16504 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys
2012-10-05 18:11 . 2012-10-05 18:11 106648 ----a-w- c:\windows\system32\drivers\GRD.sys
2012-10-05 18:08 . 2012-10-05 17:24 60320 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2012-10-05 18:07 . 2012-03-23 16:08 54176 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2012-10-05 18:07 . 2012-03-23 16:07 126880 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2012-10-05 18:07 . 2012-03-23 16:06 64416 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
2012-10-05 17:24 . 2012-10-05 17:24 64376 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2012-10-04 16:40 . 2012-12-12 07:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-02 19:51 . 2012-03-23 15:31 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-03-22 20:14 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-03-22 20:14 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-03-22 20:14 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-03-22 20:14 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-03-22 20:14 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2012-03-22 20:14 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 11:15 . 2012-10-02 11:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-10-01 15:23 . 2012-03-23 18:18 104904 ----a-w- c:\windows\SysWow64\drivers\GRD.sys
2012-09-24 21:16 . 2012-09-23 07:37 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-23 07:37 . 2012-06-19 15:40 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-23 07:37 . 2012-06-19 15:40 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-15 19:33 . 2012-03-23 16:17 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TBPanel"="c:\program files (x86)\Vtune\TBPanel.exe" [2011-08-02 2248704]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2012-02-22 3325952]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE" [2012-11-14 241280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"XFastUsb"="c:\program files (x86)\XFastUsb\XFastUsb.exe" [2012-03-22 4942336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2012-09-17 995352]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2012-01-27 1470968]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
"Ulead AutoDetector v2"="c:\program files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2007-08-02 95504]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="d:\programme\iTunes\iTunesHelper.exe" [2012-11-28 151952]
.
c:\users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - [N/A]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - d:\programme\DSL-Manager_6.9\DslMgr.exe [2012-7-31 1085440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AsrIbDrv;AsrIbDrv;c:\windows\SysWOW64\Drivers\AsrIbDrv.sys [x]
R3 AxtuDrv;AxtuDrv;c:\windows\SysWOW64\Drivers\AxtuDrv.sys [x]
R3 cpuz130;cpuz130;c:\users\Stephan\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 PciDumpr;PciDumpr;c:\program files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys [2001-01-26 2144]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\DRIVERS\PciPPorts.sys [2009-07-23 96768]
R3 PciSPorts;High-Speed PCI Serial Port;c:\windows\system32\DRIVERS\PciSPorts.sys [2008-12-19 122880]
R3 TDslMgrService;DSL-Manager;d:\programme\DSL-Manager_6.9\DslMgrSvc.exe [2008-10-23 307200]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\programme\LogMeInHamachi\hamachi-2.exe [x]
R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2012-10-05 54176]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [2010-06-11 15368]
S1 DslMNLwf;DSL-Manager NDIS LightWeight Filter;c:\windows\system32\DRIVERS\dslmnlwf.sys [2007-08-01 19008]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2012-03-22 15936]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2012-10-05 126880]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [2012-10-05 64416]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2012-10-05 106648]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2012-10-05 64376]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-10-26 237400]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-10-26 119640]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [2012-08-23 1542680]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2012-01-27 468472]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2012-08-30 2011568]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 WeGameClientService;WeGame Client Service;d:\programme\WeGame\WGClientService.exe [2011-07-28 18472]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2012-10-08 31968]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-02-08 39936]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-02-08 64512]
S3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS [2012-03-23 31808]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2012-06-04 1766464]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2012-10-05 60320]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G DATA\GDScan\GDScan.exe [2012-03-29 470008]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-10-26 131416]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-10-26 146264]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 21:54]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-02 15:49]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-02 15:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Stephan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{DEF7450E-030D-415E-B49F-D2013BBA7582}: NameServer = 8.8.8.8,8.8.8.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\1bvvms2h.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.http - www-proxy.t-online.de
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Steam App 220 - c:\program files (x86)\Steam\steam.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-947829332-907023176-1988660606-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-947829332-907023176-1988660606-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-947829332-907023176-1988660606-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-947829332-907023176-1988660606-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.14"
.
[HKEY_USERS\S-1-5-21-947829332-907023176-1988660606-1000\Software\SecuROM\License information*]
"datasecu"=hex:e2,73,bd,42,53,22,7b,82,ee,34,e7,18,e0,67,7d,4c,27,60,30,52,58,
5e,82,90,35,6b,f8,ef,c0,99,fb,a3,12,75,74,76,b0,03,87,21,ec,79,d7,29,83,17,\
"rkeysecu"=hex:7d,40,10,cb,c7,39,e0,67,0a,69,a8,47,07,da,5b,5c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-12-12 21:05:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-12-12 20:05
ComboFix2.txt 2012-12-12 19:26
.
Vor Suchlauf: 13 Verzeichnis(se), 46.424.961.024 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 46.108.233.728 Bytes frei
.
- - End Of File - - D43ADD806761B8C8DA6FC08175AF62FB
|
|
12.12.2012, 21:10
| #14 | |
| /// TB-Ausbilder | AdWare Servads löschen Gut!  Soweit ich das sehe haben wir damit alles Schädliche entfernt. Um sicher sein zu können müssen jetzt noch ein paar Kontrollen machen. Da diese sehr lange dauern können bitte ich dich mir erst wieder zu schreiben, wenn du auch wirklich alles erledigt hast oder Probleme auftreten sollten. Schritt 1: Quick-Scan mit Malwarebytes Schritt 2: ESET Online Scanner Zitat:
Schritt 3: Scan mit SecurityCheck Downloade Dir bitte SecurityCheck: LINK1 LINK2
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
12.12.2012, 23:14
| #15 |
| | AdWare Servads löschen mbam: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.12.12 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 *MeinName* :: *MeinName*-PC [Administrator] 12.12.2012 21:14:50 mbam-log-2012-12-12 (21-14-50).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 229755 Laufzeit: 1 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende)  SecurityCheck: Code:
ATTFilter Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` G Data InternetSecurity 2013 Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.65.1.1000 JavaFX 2.1.1 Java 7 Update 9 Adobe Flash Player 11.5.502.135 Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox (17.0.1) ````````Process Check: objlist.exe by Laurent```````` ESET ESET Online Scanner OnlineScannerApp.exe G Data InternetSecurity Firewall GDFwSvcx64.exe G Data InternetSecurity Firewall GDFirewallTray.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log``````````````````````  Aber so, wie es für mich aussieht, ist alles sauber  lg Poly |
|
| Themen zu AdWare Servads löschen |
| adware, andere, anderen, beseitigen, beste, besten, drüberfährt, einfach, erschein, erscheine, erscheinen, erscheint, fenster, foren, funktionier, funktioniert, links, löschen, problem, tab, unterstrichen, webseite, wörter, zusätzlicher, öffnet |
Button.
und dann 
Linear-Darstellung
