| |
| |||||||
Log-Analyse und Auswertung: Internet sehr langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.04.2012, 13:33
| #1 |
| |  Internet sehr langsam Hallo zusammen, seit ca 2 Tagen ist mein Internet extrem langsam geworden. Alles angefangen hat es als ich auf Youtube ein Video angeschaut habe und plötzlich das Internet komplett weg war. Nach einiger zeit ging es dann wieder jedoch als ich auf Google ging kam eine Meldung das versucht wurde meinen Standartsuchanbieter zu wechseln. Oft komme ich erst nach gut 2-3 Versuchen auf Seiten und es dauert ewig bis sie laden. Wäre super wenn mir da jemand helfen kann. MFG Enigma91 DDS Log: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by Domse at 14:00:19 on 2012-04-04 Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3326.2313 [GMT 2:00] . AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.de/ uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - c:\program files\devicevm\browser configuration utility\AddressBarSearch.dll BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - c:\program files\amd\steadyvideo\SteadyVideo.dll uRun: [Google Update] "c:\users\domse\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [BCU] "c:\program files\devicevm\browser configuration utility\BCU.exe" mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Malwarebytes' Anti-Malware] "d:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\amldev~1.lnk - c:\program files\amd avt\bin\kdbsync.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) TCP: DhcpNameServer = 192.168.178.1 TCP: Interfaces\{EB0C5AE0-A2FA-49C7-B05E-986AF89CEB30} : DhcpNameServer = 192.168.178.1 Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\program files\amd\steadyvideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\program files\amd\steadyvideo\VideoMIMEFilter.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL . ============= SERVICES / DRIVERS =============== . R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2012-3-15 19496] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-3-15 36000] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-2-15 163328] R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-2-14 291840] R2 AntiVirSchedulerService;Avira Planer;c:\program files\avira\antivir desktop\sched.exe [2012-3-15 86224] R2 AntiVirService;Avira Echtzeit Scanner;c:\program files\avira\antivir desktop\avguard.exe [2012-3-15 110032] R2 AODDriver4.1;AODDriver4.1;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-2-1 46720] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-3-15 74640] R2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\BCUService.exe [2009-10-15 223464] R2 MBAMService;MBAMService;d:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-15 652360] R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2012-3-15 37944] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2012-2-15 9182208] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2012-2-15 264704] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-5 86032] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-15 20464] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856] S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 StorSvc;Speicherdienst;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-3-16 52224] . =============== Created Last 30 ================ . 2012-03-21 16:41:18 -------- d-----w- c:\users\domse\appdata\local\Diagnostics 2012-03-19 13:10:00 159608 ----a-w- c:\windows\system32\mfevtps.exe.b721.deleteme 2012-03-18 17:44:38 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f9eed824-5bbf-4a7c-9a0d-524dd7296269}\offreg.dll 2012-03-17 20:53:16 159608 ----a-w- c:\windows\system32\mfevtps.exe.7dc6.deleteme 2012-03-17 20:02:57 159608 ----a-w- c:\windows\system32\mfevtps.exe.7efa.deleteme 2012-03-17 20:02:29 -------- d-----w- c:\program files\stinger 2012-03-16 18:55:41 -------- d-----w- c:\programdata\Blizzard Entertainment 2012-03-16 16:44:02 -------- d-----w- c:\program files\common files\Blizzard Entertainment 2012-03-16 16:34:57 -------- d-----r- c:\program files\Skype 2012-03-16 15:41:42 -------- d-----w- c:\users\domse\appdata\local\SWTOR 2012-03-16 14:50:14 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-16 14:50:14 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-16 14:29:42 -------- d-----w- c:\windows\system32\SPReview 2012-03-16 14:29:10 -------- d-----w- c:\windows\system32\EventProviders 2012-03-16 14:27:07 1130824 ----a-w- c:\windows\system32\dfshim.dll 2012-03-16 14:27:04 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2012-03-16 14:27:04 3215872 ----a-w- c:\windows\system32\mstscax.dll 2012-03-16 14:27:04 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2012-03-16 14:27:02 954752 ----a-w- c:\windows\system32\mfc40.dll 2012-03-16 14:27:02 954288 ----a-w- c:\windows\system32\mfc40u.dll 2012-03-16 14:27:02 1171456 ----a-w- c:\windows\system32\d3d10warp.dll 2012-03-16 14:27:01 423936 ----a-w- c:\windows\system32\secproc_isv.dll 2012-03-16 14:27:01 1159168 ----a-w- c:\windows\system32\sysmain.dll 2012-03-16 14:27:00 428032 ----a-w- c:\windows\system32\secproc.dll 2012-03-16 14:27:00 327168 ----a-w- c:\windows\system32\RMActivate_isv.exe 2012-03-16 14:25:55 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll 2012-03-16 14:25:55 363008 ----a-w- c:\windows\system32\wbemcomn.dll 2012-03-16 14:03:42 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll 2012-03-16 14:03:39 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f9eed824-5bbf-4a7c-9a0d-524dd7296269}\mpengine.dll 2012-03-15 18:06:37 293376 ----a-w- c:\windows\system32\browserchoice.exe 2012-03-15 18:03:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-03-15 18:02:59 534528 ----a-w- c:\windows\system32\EncDec.dll 2012-03-15 17:56:55 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-03-15 17:56:55 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2012-03-15 17:56:55 107520 ----a-w- c:\windows\system32\cdd.dll 2012-03-15 17:20:06 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-03-15 17:07:51 -------- d-----w- c:\users\domse\appdata\local\AMD 2012-03-15 17:07:48 -------- d-----w- c:\users\domse\appdata\roaming\Avira 2012-03-15 17:07:44 -------- d-----w- c:\users\domse\appdata\local\ATI 2012-03-15 17:07:36 -------- d-----w- c:\users\domse\appdata\roaming\Malwarebytes 2012-03-15 17:07:31 -------- d-----w- c:\programdata\Malwarebytes 2012-03-15 17:07:30 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-15 17:01:46 0 ----a-w- c:\windows\ativpsrm.bin 2012-03-15 17:01:01 -------- d-----w- c:\windows\system32\wbem\en-US 2012-03-15 16:59:34 -------- d-----w- c:\users\domse\appdata\local\Google 2012-03-15 16:58:47 -------- d-----w- c:\users\domse\appdata\local\Deployment 2012-03-15 16:58:47 -------- d-----w- c:\users\domse\appdata\local\Apps 2012-03-15 16:55:01 -------- d-----w- c:\program files\AMD AVT 2012-03-15 16:55:00 -------- d-----w- c:\program files\AMD 2012-03-15 16:54:58 -------- d-----w- c:\program files\AMD APP 2012-03-15 16:54:54 -------- d-----w- c:\program files\common files\ATI Technologies 2012-03-15 16:54:21 -------- d-----w- c:\programdata\AMD 2012-03-15 16:54:17 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys 2012-03-15 16:53:47 -------- d-----w- c:\program files\ATI Technologies 2012-03-15 16:53:45 -------- d-----w- c:\program files\ATI 2012-03-15 16:53:17 -------- d-----w- C:\AMD 2012-03-15 16:51:24 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-03-15 16:51:24 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-03-15 16:51:24 -------- d-----w- c:\programdata\Avira 2012-03-15 16:51:24 -------- d-----w- c:\program files\Avira 2012-03-15 16:49:53 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-15 16:49:49 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-15 16:49:49 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-15 16:49:49 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys 2012-03-15 16:49:49 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-15 15:35:57 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll 2012-03-15 14:52:04 -------- d-----w- c:\program files\common files\BioWare 2012-03-15 14:45:09 372840 ----a-w- c:\windows\system32\nvraiins.dll 2012-03-15 14:34:58 -------- d-----w- c:\windows\system32\RTCOM 2012-03-15 14:33:53 -------- d--h--w- c:\program files\DeviceVM 2012-03-15 14:33:50 -------- d-sh--w- c:\windows\Installer 2012-03-15 14:33:27 -------- d-----w- c:\windows\system32\wbem\Performance 2012-03-15 14:23:57 -------- d-----w- c:\windows\Panther . ==================== Find3M ==================== . 2012-03-16 14:39:35 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-02-15 03:47:12 9182208 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2012-02-15 03:18:56 159744 ----a-w- c:\windows\system32\atiapfxx.exe 2012-02-15 03:18:40 791040 ----a-w- c:\windows\system32\aticfx32.dll 2012-02-15 03:13:56 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-02-15 03:13:20 405504 ----a-w- c:\windows\system32\atieclxx.exe 2012-02-15 03:12:48 163328 ----a-w- c:\windows\system32\atiesrxx.exe 2012-02-15 03:11:34 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2012-02-15 03:10:58 20992 ----a-w- c:\windows\system32\atimuixx.dll 2012-02-15 03:10:48 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2012-02-15 03:07:44 6200320 ----a-w- c:\windows\system32\atidxx32.dll 2012-02-15 02:58:56 19392000 ----a-w- c:\windows\system32\atioglxx.dll 2012-02-15 02:40:54 1828864 ----a-w- c:\windows\system32\atiumdmv.dll 2012-02-15 02:34:54 46080 ----a-w- c:\windows\system32\aticalrt.dll 2012-02-15 02:34:44 44032 ----a-w- c:\windows\system32\aticalcl.dll 2012-02-15 02:34:36 5954048 ----a-w- c:\windows\system32\atiumdag.dll 2012-02-15 02:29:52 5062656 ----a-w- c:\windows\system32\atiumdva.dll 2012-02-15 02:29:50 11561984 ----a-w- c:\windows\system32\aticaldd.dll 2012-02-15 02:16:34 51200 ----a-w- c:\windows\system32\coinst.dll 2012-02-15 02:13:48 356352 ----a-w- c:\windows\system32\atiadlxx.dll 2012-02-15 02:13:32 14336 ----a-w- c:\windows\system32\atiglpxx.dll 2012-02-15 02:13:20 33280 ----a-w- c:\windows\system32\atigktxx.dll 2012-02-15 02:12:48 264704 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2012-02-15 02:12:14 33280 ----a-w- c:\windows\system32\atiuxpag.dll 2012-02-15 02:12:00 30208 ----a-w- c:\windows\system32\atiu9pag.dll 2012-02-15 02:11:22 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2012-02-15 02:11:10 53760 ----a-w- c:\windows\system32\atimpc32.dll 2012-02-15 02:11:10 53760 ----a-w- c:\windows\system32\amdpcom32.dll 2012-02-14 21:05:26 59904 ----a-w- c:\windows\system32\OpenVideo.dll 2012-02-14 21:05:16 54784 ----a-w- c:\windows\system32\OVDecode.dll 2012-02-14 21:04:26 13238272 ----a-w- c:\windows\system32\amdocl.dll 2012-02-14 21:03:38 48128 ----a-w- c:\windows\system32\OpenCL.dll 2012-02-10 05:38:43 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-02-03 03:54:27 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-01-31 05:00:24 16896 ----a-w- c:\windows\system32\kdbsdk32.dll . ============= FINISH: 14:01:01,72 =============== Attach und GMER Logs sind als Anhang |
|
04.04.2012, 15:28
| #2 |
| /// Malware-holic   | Internet sehr langsam hi
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
04.04.2012, 19:42
| #3 |
| | Internet sehr langsam Hi, erstmal danke für die schnelle Antwort
__________________ Hier die Logs OTL LogOTL Logfile: Code:
ATTFilter OTL logfile created on: 04.04.2012 20:33:20 - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Domse\Desktop Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 73,46% Memory free 6,50 Gb Paging File | 5,51 Gb Available in Paging File | 84,77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 244,04 Gb Total Space | 218,69 Gb Free Space | 89,61% Space Free | Partition Type: NTFS Drive D: | 687,37 Gb Total Space | 644,15 Gb Free Space | 93,71% Space Free | Partition Type: NTFS Computer Name: DOMSE-PC | User Name: Domse | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.04.04 20:31:24 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Domse\Desktop\OTL.exe PRC - [2012.02.15 05:13:20 | 000,405,504 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2012.02.15 05:12:48 | 000,163,328 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2012.02.14 23:15:30 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2012.01.31 09:56:34 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.01.31 09:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.01.13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.01.13 15:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.10.15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe PRC - [2009.10.15 15:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe ========== Modules (No Company Name) ========== MOD - [2012.03.16 17:17:53 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll MOD - [2012.03.16 17:17:34 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll MOD - [2012.03.16 17:17:29 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll MOD - [2012.03.16 17:17:12 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll MOD - [2012.03.16 17:17:07 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.06.27 11:11:12 | 000,503,202 | ---- | M] () -- C:\Programme\DeviceVM\Browser Configuration Utility\sqlite3.dll ========== Win32 Services (SafeList) ========== SRV - [2012.02.29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.02.15 05:12:48 | 000,163,328 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.02.14 23:15:30 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.01.13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv) SRV - [2009.10.15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012.02.15 05:47:12 | 009,182,208 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2012.02.15 04:12:48 | 000,264,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2012.02.01 15:18:10 | 000,046,720 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.1) DRV - [2012.01.31 09:56:33 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.01.31 09:56:33 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011.12.10 16:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.12.05 21:47:16 | 000,086,032 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010.08.12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET) DRV - [2010.04.27 12:56:44 | 000,019,496 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger) DRV - [2010.04.08 20:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32) DRV - [2010.02.18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 B2 B5 62 CB 02 CD 01 [binary data] IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Programme\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {B7673C19-D763-40ca-87B4-61990C935DC4} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{703D65E0-ED20-4917-BF62-7DB0F8471BA7}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} IE - HKCU\..\SearchScopes\{B7673C19-D763-40ca-87B4-61990C935DC4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD IE - HKCU\..\SearchScopes\{EC51E516-2BC7-4246-87AD-3FC92FFF91AF}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Domse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Domse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Domse\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Domse\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Domse\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll CHR - plugin: Google Update (Enabled) = C:\Users\Domse\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: WOT = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.12_0\ CHR - Extension: YouTube = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Adblock Plus (Beta) = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\ CHR - Extension: Google-Suche = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB0C5AE0-A2FA-49C7-B05E-986AF89CEB30}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.04.04 20:31:22 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Domse\Desktop\OTL.exe [2012.04.04 01:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.04.04 01:42:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.04.04 01:41:02 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Domse\Desktop\dds.com [2012.03.21 18:41:18 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Diagnostics [2012.03.19 15:10:00 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.b721.deleteme [2012.03.17 22:53:16 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.7dc6.deleteme [2012.03.17 22:02:57 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.7efa.deleteme [2012.03.17 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\stinger [2012.03.16 20:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2012.03.16 18:44:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment [2012.03.16 18:35:07 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Skype [2012.03.16 18:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.03.16 18:34:57 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012.03.16 18:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012.03.16 18:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.03.16 17:41:42 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\SWTOR [2012.03.16 17:41:42 | 000,000,000 | ---D | C] -- C:\Users\Domse\Documents\HeroBlade Logs [2012.03.16 16:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012.03.16 16:29:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2012.03.16 16:29:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2012.03.16 16:26:24 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll [2012.03.15 19:07:51 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\AMD [2012.03.15 19:07:48 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Avira [2012.03.15 19:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012.03.15 19:07:44 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\ATI [2012.03.15 19:07:44 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\ATI [2012.03.15 19:07:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.03.15 19:07:36 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Malwarebytes [2012.03.15 19:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.03.15 19:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.03.15 19:07:30 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.03.15 19:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.03.15 19:04:01 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Macromedia [2012.03.15 19:04:01 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Adobe [2012.03.15 19:00:06 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.03.15 18:59:34 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Google [2012.03.15 18:58:47 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Deployment [2012.03.15 18:58:47 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Apps [2012.03.15 18:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT [2012.03.15 18:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2012.03.15 18:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2012.03.15 18:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012.03.15 18:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012.03.15 18:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012.03.15 18:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012.03.15 18:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.03.15 18:53:17 | 000,000,000 | ---D | C] -- C:\AMD [2012.03.15 18:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.03.15 18:51:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.03.15 18:51:24 | 000,137,416 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2012.03.15 18:51:24 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2012.03.15 18:51:24 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys [2012.03.15 18:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.03.15 18:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.03.15 17:35:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA [2012.03.15 16:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare [2012.03.15 16:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2012.03.15 16:46:45 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE [2012.03.15 16:34:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012.03.15 16:34:50 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012.03.15 16:34:49 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012.03.15 16:34:49 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012.03.15 16:34:49 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012.03.15 16:34:49 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012.03.15 16:34:41 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012.03.15 16:34:41 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012.03.15 16:34:41 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012.03.15 16:34:41 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012.03.15 16:34:41 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012.03.15 16:34:41 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012.03.15 16:34:40 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012.03.15 16:34:39 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012.03.15 16:34:39 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012.03.15 16:34:36 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012.03.15 16:34:33 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012.03.15 16:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012.03.15 16:34:32 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012.03.15 16:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012.03.15 16:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.03.15 16:33:53 | 000,000,000 | -H-D | C] -- C:\Program Files\DeviceVM [2012.03.15 16:33:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.03.15 16:30:26 | 000,000,000 | R--D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.03.15 16:30:26 | 000,000,000 | R--D | C] -- C:\Users\Domse\Searches [2012.03.15 16:30:26 | 000,000,000 | R--D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.03.15 16:30:19 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Identities [2012.03.15 16:30:18 | 000,000,000 | R--D | C] -- C:\Users\Domse\Contacts [2012.03.15 16:30:12 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\VirtualStore [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Vorlagen [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\AppData\Local\Verlauf [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\AppData\Local\Temporary Internet Files [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Startmenü [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\SendTo [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Recent [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Netzwerkumgebung [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Lokale Einstellungen [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Documents\Eigene Videos [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Documents\Eigene Musik [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Eigene Dateien [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Documents\Eigene Bilder [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Druckumgebung [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Cookies [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\AppData\Local\Anwendungsdaten [2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Anwendungsdaten [2012.03.15 16:30:09 | 000,000,000 | --SD | C] -- C:\Users\Domse\AppData\Roaming\Microsoft [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Videos [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Saved Games [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Pictures [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Music [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Links [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Favorites [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Downloads [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Documents [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Desktop [2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.03.15 16:30:09 | 000,000,000 | -H-D | C] -- C:\Users\Domse\AppData [2012.03.15 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Temp [2012.03.15 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Microsoft [2012.03.15 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Media Center Programs [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Programme [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.03.15 16:30:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.03.15 16:24:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.03.15 16:24:25 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.03.15 16:23:57 | 000,000,000 | ---D | C] -- C:\Windows\Panther ========== Files - Modified Within 30 Days ========== [2012.04.04 20:35:20 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.04.04 20:35:20 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.04.04 20:32:26 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.04.04 20:32:26 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.04.04 20:32:26 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.04.04 20:32:26 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.04.04 20:31:24 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Domse\Desktop\OTL.exe [2012.04.04 20:28:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.04.04 20:27:59 | 2616,037,376 | -HS- | M] () -- C:\hiberfil.sys [2012.04.04 14:28:01 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000UA.job [2012.04.04 14:24:19 | 000,002,442 | ---- | M] () -- C:\Users\Domse\Desktop\Desktop.zip [2012.04.04 13:59:41 | 000,000,000 | ---- | M] () -- C:\Users\Domse\defogger_reenable [2012.04.04 01:44:54 | 000,302,592 | ---- | M] () -- C:\Users\Domse\Desktop\1psdcsm3.exe [2012.04.04 01:42:55 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2012.04.04 01:41:08 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Domse\Desktop\dds.com [2012.04.04 01:39:15 | 000,050,477 | ---- | M] () -- C:\Users\Domse\Desktop\Defogger.exe [2012.04.04 00:39:33 | 000,002,574 | ---- | M] () -- C:\Users\Domse\Documents\cc_20120404_003930.reg [2012.04.03 23:10:24 | 000,000,657 | ---- | M] () -- C:\Users\Domse\Desktop\World of Warcraft.lnk [2012.04.03 22:29:35 | 000,002,397 | ---- | M] () -- C:\Users\Domse\Desktop\Google Chrome.lnk [2012.04.03 13:28:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000Core.job [2012.04.02 16:20:37 | 000,008,490 | ---- | M] () -- C:\Users\Domse\Documents\cc_20120402_162034.reg [2012.03.22 17:49:15 | 000,003,110 | ---- | M] () -- C:\Users\Domse\Documents\cc_20120322_164912.reg [2012.03.19 15:09:58 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.b721.deleteme [2012.03.18 19:50:04 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.03.17 22:53:14 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.7dc6.deleteme [2012.03.17 22:02:54 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.7efa.deleteme [2012.03.16 18:34:58 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.03.16 17:40:34 | 000,006,486 | ---- | M] () -- C:\Users\Domse\Documents\cc_20120316_164032.reg [2012.03.16 16:55:26 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.03.15 19:07:31 | 000,000,756 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.03.15 19:04:36 | 000,000,682 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.03.15 19:01:46 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012.03.15 18:55:02 | 000,002,005 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AML Device Install.lnk [2012.03.15 18:51:34 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.03.15 18:50:14 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2012.03.15 17:35:43 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk [2012.03.15 16:46:19 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini [2012.03.15 16:27:19 | 000,057,035 | ---- | M] () -- C:\Windows\System32\license.rtf ========== Files Created - No Company Name ========== [2012.04.04 14:24:19 | 000,002,442 | ---- | C] () -- C:\Users\Domse\Desktop\Desktop.zip [2012.04.04 13:59:41 | 000,000,000 | ---- | C] () -- C:\Users\Domse\defogger_reenable [2012.04.04 01:44:51 | 000,302,592 | ---- | C] () -- C:\Users\Domse\Desktop\1psdcsm3.exe [2012.04.04 01:39:14 | 000,050,477 | ---- | C] () -- C:\Users\Domse\Desktop\Defogger.exe [2012.04.04 00:39:32 | 000,002,574 | ---- | C] () -- C:\Users\Domse\Documents\cc_20120404_003930.reg [2012.04.02 16:20:36 | 000,008,490 | ---- | C] () -- C:\Users\Domse\Documents\cc_20120402_162034.reg [2012.03.22 17:49:14 | 000,003,110 | ---- | C] () -- C:\Users\Domse\Documents\cc_20120322_164912.reg [2012.03.19 22:29:50 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2012.03.18 19:50:04 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.03.16 18:38:35 | 000,000,657 | ---- | C] () -- C:\Users\Domse\Desktop\World of Warcraft.lnk [2012.03.16 18:34:58 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.03.16 17:40:33 | 000,006,486 | ---- | C] () -- C:\Users\Domse\Documents\cc_20120316_164032.reg [2012.03.16 16:26:54 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd [2012.03.16 16:26:16 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2012.03.16 16:26:12 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml [2012.03.16 16:26:08 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml [2012.03.15 19:07:31 | 000,000,756 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.03.15 19:04:36 | 000,000,682 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.03.15 19:01:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.03.15 19:00:06 | 000,002,397 | ---- | C] () -- C:\Users\Domse\Desktop\Google Chrome.lnk [2012.03.15 18:59:35 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000UA.job [2012.03.15 18:59:34 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000Core.job [2012.03.15 18:55:02 | 000,002,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AML Device Install.lnk [2012.03.15 18:51:34 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.03.15 18:50:14 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2012.03.15 17:35:43 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk [2012.03.15 16:46:45 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe [2012.03.15 16:46:45 | 000,019,496 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys [2012.03.15 16:34:09 | 000,010,084 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2012.03.15 16:33:57 | 000,001,204 | ---- | C] () -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk [2012.03.15 16:33:28 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2012.03.15 16:30:28 | 000,001,409 | ---- | C] () -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.03.15 16:27:12 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.03.15 16:27:04 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.03.15 16:24:26 | 2616,037,376 | -HS- | C] () -- C:\hiberfil.sys [2012.02.15 04:28:34 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2012.02.15 04:28:32 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2012.02.14 23:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll [2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll [2012.01.10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat ========== LOP Check ========== [2009.07.14 06:53:46 | 000,013,984 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.03.15 16:30:18 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2012.03.15 18:53:17 | 000,000,000 | ---D | M] -- C:\AMD [2012.04.04 13:54:14 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2012.03.15 16:30:03 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.04.04 13:54:26 | 000,000,000 | R--D | M] -- C:\Program Files [2012.03.16 20:55:41 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.03.15 16:30:03 | 000,000,000 | -HSD | M] -- C:\Programme [2012.03.15 16:30:03 | 000,000,000 | -HSD | M] -- C:\Recovery [2012.04.04 20:34:24 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.03.15 16:30:09 | 000,000,000 | R--D | M] -- C:\Users [2012.04.04 13:54:23 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: IASTORV.SYS > [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: NVSTOR32.SYS > [2010.04.08 20:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\drivers\nvstor32.sys [2010.04.08 20:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_42c5f57853db3f80\nvstor32.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WINLOGON.EXE > [2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > [2012.02.15 05:13:56 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll < %USERPROFILE%\*.* > [2012.04.04 13:59:41 | 000,000,000 | ---- | M] () -- C:\Users\Domse\defogger_reenable [2012.04.04 20:34:24 | 000,786,432 | -HS- | M] () -- C:\Users\Domse\NTUSER.DAT [2012.04.04 20:34:25 | 000,262,144 | -HS- | M] () -- C:\Users\Domse\ntuser.dat.LOG1 [2012.03.15 16:30:09 | 000,000,000 | -HS- | M] () -- C:\Users\Domse\ntuser.dat.LOG2 [2012.03.15 16:35:07 | 000,065,536 | -HS- | M] () -- C:\Users\Domse\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2012.03.15 16:35:07 | 000,524,288 | -HS- | M] () -- C:\Users\Domse\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2012.03.15 16:35:07 | 000,524,288 | -HS- | M] () -- C:\Users\Domse\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2012.03.15 16:30:10 | 000,000,020 | -HS- | M] () -- C:\Users\Domse\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < > < End of report > Extras LogOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.04.2012 20:33:20 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Domse\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 73,46% Memory free
6,50 Gb Paging File | 5,51 Gb Available in Paging File | 84,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 244,04 Gb Total Space | 218,69 Gb Free Space | 89,61% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 644,15 Gb Free Space | 93,71% Space Free | Partition Type: NTFS
Computer Name: DOMSE-PC | User Name: Domse | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{030C0401-52A9-BE86-D8A7-52C0DA203275}" = CCC Help Swedish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{283153BB-CEE6-EE9C-81E8-4350D73354BA}" = CCC Help Turkish
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{39445575-7D3A-52AA-152B-7F9423D1AE69}" = CCC Help German
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C9A3282-9DAE-F492-13F4-6D4D664AC15F}" = CCC Help Spanish
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{4F198874-3C7D-5983-02EB-9E234C43F174}" = AMD Steady Video Plug-In
"{5236FA8C-4B70-E30E-93EF-F7D3A5E468C7}" = CCC Help Greek
"{586F0E27-0BC5-34DE-AA0B-96D14397910E}" = CCC Help Russian
"{5AF7EA0B-F009-CC00-E446-C2286AF80471}" = CCC Help Czech
"{5FC116F2-4508-A6FC-15FB-C64F05AB0F26}" = CCC Help Chinese Traditional
"{685ACA56-004C-4F80-2BC0-951BF278C03F}" = CCC Help Chinese Standard
"{6D1AFFC2-AC60-BC3B-2DC9-0D80A1E9CB16}" = CCC Help Thai
"{79CFDE3C-4602-85B2-ACF6-83D897B8B33A}" = CCC Help Korean
"{8972B1C8-B899-0AA0-8596-BFC9AE3311F1}" = CCC Help Finnish
"{92BE4E1B-AEFD-DA72-B805-948290A4BB13}" = CCC Help Hungarian
"{943B2619-0E00-E9F1-73E3-03090965484E}" = AMD Media Foundation Decoders
"{9526B61A-1C35-96D1-531B-C8DB1D36C336}" = CCC Help Danish
"{9A295F81-04C8-FB18-2D1C-A33AA8A442CA}" = CCC Help French
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DB7A055-0C66-C319-9613-CACDC50DDB38}" = ccc-utility
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A994E9F7-A748-FFB1-01C2-9D64ADE870B4}" = AMD Accelerated Video Transcoding
"{B3C8C8EF-77E0-1C0D-1CFA-A39E2E898311}" = CCC Help Italian
"{B5AD9952-F716-9862-7ED7-734E0328CF7C}" = AMD VISION Engine Control Center
"{C0E69600-E8D1-784D-829C-788D91D65051}" = CCC Help Polish
"{C37B1C57-DD9B-D1E0-B933-8EA8D56E2222}" = CCC Help Norwegian
"{C4100721-2D71-CC80-8877-0A7855B6EEFB}" = AMD Catalyst Install Manager
"{CA3A3F20-566B-ABB1-A541-3D93C0D09EE5}" = CCC Help Japanese
"{CBAE26C1-B3B1-66FC-81A0-FA1774CF2B20}" = AMD Fuel
"{D4C4485B-16EB-31A8-C2DE-D778E8E4628B}" = Catalyst Control Center Localization All
"{DAF650C8-AFE5-3460-E1C4-B9716D2DA5D2}" = Catalyst Control Center InstallProxy
"{E0C6F271-FE15-B2D5-FF42-BCA40700DC51}" = CCC Help English
"{E1D0A4DC-97BD-CE37-3E89-87D3337E55CA}" = CCC Help Dutch
"{E6FA341F-8840-6B18-5BCE-C7CCEBDFE516}" = Catalyst Control Center Graphics Previews Common
"{ED15763E-A6ED-56D2-B0B5-C7D22D4CE248}" = CCC Help Portuguese
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46AB543-90D1-86D7-99EE-4F94C1D206C8}" = AMD Drag and Drop Transcoding
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"7-Zip" = 7-Zip 9.20
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 15.03.2012 10:46:38 | Computer Name = Domse-PC | Source = VSS | ID = 8194
Description =
Error - 15.03.2012 11:35:46 | Computer Name = Domse-PC | Source = VSS | ID = 8194
Description =
Error - 16.03.2012 10:50:50 | Computer Name = Domse-PC | Source = ESENT | ID = 215
Description = WinMail (3760) WindowsMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.
Error - 16.03.2012 11:00:56 | Computer Name = Domse-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 21.03.2012 15:20:07 | Computer Name = Domse-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\microsoft security client\MSESysprep.dll" in Zeile 10. Das imaging-Element
wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error - 26.03.2012 10:01:00 | Computer Name = Domse-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\microsoft security client\MSESysprep.dll" in Zeile 10. Das imaging-Element
wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error - 03.04.2012 06:36:22 | Computer Name = Domse-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\microsoft security client\MSESysprep.dll" in Zeile 10. Das imaging-Element
wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
angezeigt, das von dieser Windows-Version nicht unterstützt wird.
[ System Events ]
Error - 15.03.2012 14:17:55 | Computer Name = Domse-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler
beendet: %%16405
Error - 28.03.2012 08:27:49 | Computer Name = Domse-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von
der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte
Firmware verfügbar ist.
Error - 28.03.2012 08:56:12 | Computer Name = Domse-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Netman erreicht.
Error - 28.03.2012 08:56:12 | Computer Name = Domse-PC | Source = DCOM | ID = 10010
Description =
Error - 03.04.2012 06:10:49 | Computer Name = Domse-PC | Source = Microsoft Antimalware | ID = 2001
Description =
Error - 04.04.2012 08:09:19 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy1" den Befehl "chkdsk" aus.
Error - 04.04.2012 08:09:19 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy2" den Befehl "chkdsk" aus.
Error - 04.04.2012 08:09:20 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy5" den Befehl "chkdsk" aus.
Error - 04.04.2012 08:09:21 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy9" den Befehl "chkdsk" aus.
Error - 04.04.2012 08:09:23 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy10" den Befehl "chkdsk" aus.
< End of report >
|
|
04.04.2012, 19:49
| #4 | |
| /// Malware-holic | Internet sehr langsam öffne malwarebytes, logdateien, poste alle berichte. Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.04.2012, 20:11
| #5 |
| | Internet sehr langsam Combofix Logfile: Code:
ATTFilter ComboFix 12-04-04.02 - Domse 04.04.2012 20:56:40.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3326.2307 [GMT 2:00]
ausgeführt von:: c:\users\Domse\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-03-04 bis 2012-04-04 ))))))))))))))))))))))))))))))
.
.
2012-04-04 18:59 . 2012-04-04 18:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-04 14:49 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{65BDE6F3-B127-4416-A41D-6D0E8757DE03}\mpengine.dll
2012-03-19 13:10 . 2012-03-19 13:09 159608 ----a-w- c:\windows\system32\mfevtps.exe.b721.deleteme
2012-03-17 20:53 . 2012-03-17 20:53 159608 ----a-w- c:\windows\system32\mfevtps.exe.7dc6.deleteme
2012-03-17 20:02 . 2012-03-17 20:02 159608 ----a-w- c:\windows\system32\mfevtps.exe.7efa.deleteme
2012-03-17 20:02 . 2012-04-03 23:47 -------- d-----w- c:\program files\stinger
2012-03-16 18:55 . 2012-03-16 18:55 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-03-16 16:44 . 2012-03-16 16:44 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2012-03-16 16:34 . 2012-03-16 16:34 -------- d-----r- c:\program files\Skype
2012-03-16 16:34 . 2012-03-16 16:34 -------- d-----w- c:\program files\Common Files\Skype
2012-03-16 16:34 . 2012-03-16 16:34 -------- d-----w- c:\programdata\Skype
2012-03-16 14:58 . 2012-03-16 14:58 -------- d-----w- c:\program files\Microsoft.NET
2012-03-16 14:50 . 2012-01-25 05:32 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-16 14:50 . 2012-01-25 05:32 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-16 14:29 . 2012-03-16 14:29 -------- d-----w- c:\windows\system32\SPReview
2012-03-16 14:29 . 2012-03-16 14:29 -------- d-----w- c:\windows\system32\EventProviders
2012-03-16 14:27 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-03-16 14:27 . 2010-11-20 12:21 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-03-16 14:27 . 2010-11-20 12:19 3215872 ----a-w- c:\windows\system32\mstscax.dll
2012-03-16 14:27 . 2010-11-20 10:24 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-03-16 14:27 . 2010-11-20 12:19 954752 ----a-w- c:\windows\system32\mfc40.dll
2012-03-16 14:27 . 2010-11-20 12:19 954288 ----a-w- c:\windows\system32\mfc40u.dll
2012-03-16 14:27 . 2010-11-20 12:18 1171456 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-16 14:27 . 2010-11-20 12:21 1159168 ----a-w- c:\windows\system32\sysmain.dll
2012-03-16 14:27 . 2010-11-20 12:21 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2012-03-16 14:27 . 2010-11-20 12:20 428032 ----a-w- c:\windows\system32\secproc.dll
2012-03-16 14:27 . 2010-11-20 12:17 327168 ----a-w- c:\windows\system32\RMActivate_isv.exe
2012-03-16 14:25 . 2010-11-20 12:21 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2012-03-16 14:25 . 2010-11-20 12:19 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2012-03-15 18:06 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-15 18:03 . 2011-07-16 04:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-03-15 18:02 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2012-03-15 17:56 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-03-15 17:56 . 2010-11-20 12:29 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-03-15 17:56 . 2010-11-20 11:56 107520 ----a-w- c:\windows\system32\cdd.dll
2012-03-15 17:20 . 2012-02-23 07:18 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-03-15 17:07 . 2012-04-04 11:54 -------- d-----w- c:\programdata\McAfee
2012-03-15 17:07 . 2012-03-15 17:07 -------- d-----w- c:\programdata\ATI
2012-03-15 17:07 . 2012-03-15 17:07 -------- d-----w- c:\programdata\Malwarebytes
2012-03-15 17:07 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-15 17:01 . 2012-03-15 17:01 0 ----a-w- c:\windows\ativpsrm.bin
2012-03-15 17:01 . 2012-03-15 17:01 -------- d-----w- c:\windows\system32\wbem\en-US
2012-03-15 16:55 . 2012-03-15 16:55 -------- d-----w- c:\program files\AMD AVT
2012-03-15 16:55 . 2012-03-15 16:55 -------- d-----w- c:\program files\AMD
2012-03-15 16:54 . 2012-03-15 16:54 -------- d-----w- c:\program files\AMD APP
2012-03-15 16:54 . 2012-03-15 16:54 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-03-15 16:54 . 2012-03-15 16:55 -------- d-----w- c:\programdata\AMD
2012-03-15 16:54 . 2010-02-18 08:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2012-03-15 16:53 . 2012-03-15 16:54 -------- d-----w- c:\program files\ATI Technologies
2012-03-15 16:53 . 2012-03-15 16:53 -------- d-----w- c:\program files\ATI
2012-03-15 16:53 . 2012-03-15 16:53 -------- d-----w- C:\AMD
2012-03-15 16:51 . 2012-03-15 16:51 -------- d-----w- c:\programdata\Avira
2012-03-15 16:51 . 2012-03-15 16:51 -------- d-----w- c:\program files\Avira
2012-03-15 16:51 . 2012-01-31 07:56 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-03-15 16:51 . 2012-01-31 07:56 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-03-15 16:51 . 2011-09-16 15:08 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-03-15 16:49 . 2012-01-25 05:27 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-15 16:49 . 2012-02-17 05:34 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-15 16:49 . 2012-02-17 04:14 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-15 16:49 . 2012-02-17 04:13 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-15 16:49 . 2010-11-20 10:21 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys
2012-03-15 15:35 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2012-03-15 14:52 . 2012-03-15 15:35 -------- d-----w- c:\program files\Common Files\BioWare
2012-03-15 14:46 . 2012-03-15 14:46 -------- d-----w- c:\programdata\InstallShield
2012-03-15 14:46 . 2012-03-15 14:46 -------- d-----w- c:\program files\GIGABYTE
2012-03-15 14:46 . 2010-04-27 10:56 19496 ----a-w- c:\windows\system32\drivers\AppleCharger.sys
2012-03-15 14:46 . 2010-04-06 15:30 31272 ----a-w- c:\windows\system32\AppleChargerSrv.exe
2012-03-15 14:46 . 2005-02-17 06:15 73728 ----a-w- c:\windows\system32\ISUSPM.cpl
2012-03-15 14:34 . 2012-03-15 14:34 -------- d-----w- c:\windows\system32\RTCOM
2012-03-15 14:33 . 2012-03-15 14:33 -------- d--h--w- c:\program files\DeviceVM
2012-03-15 14:33 . 2012-04-03 23:42 -------- d-sh--w- c:\windows\Installer
2012-03-15 14:33 . 2012-04-04 18:32 -------- d-----w- c:\windows\system32\wbem\Performance
2012-03-15 14:23 . 2012-03-16 14:54 -------- d-----w- c:\windows\Panther
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-16 14:39 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-02-15 03:47 . 2012-02-15 03:47 9182208 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-02-15 03:18 . 2012-02-15 03:18 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-02-15 03:18 . 2012-02-15 03:18 791040 ----a-w- c:\windows\system32\aticfx32.dll
2012-02-15 03:13 . 2012-02-15 03:13 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-02-15 03:13 . 2012-02-15 03:13 405504 ----a-w- c:\windows\system32\atieclxx.exe
2012-02-15 03:12 . 2012-02-15 03:12 163328 ----a-w- c:\windows\system32\atiesrxx.exe
2012-02-15 03:11 . 2012-02-15 03:11 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2012-02-15 03:10 . 2012-02-15 03:10 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-02-15 03:10 . 2012-02-15 03:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-02-15 03:07 . 2012-02-15 03:07 6200320 ----a-w- c:\windows\system32\atidxx32.dll
2012-02-15 02:58 . 2012-02-15 02:58 19392000 ----a-w- c:\windows\system32\atioglxx.dll
2012-02-15 02:40 . 2012-02-15 02:40 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2012-02-15 02:34 . 2012-02-15 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-02-15 02:34 . 2012-02-15 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-02-15 02:34 . 2012-02-15 02:34 5954048 ----a-w- c:\windows\system32\atiumdag.dll
2012-02-15 02:29 . 2012-02-15 02:29 5062656 ----a-w- c:\windows\system32\atiumdva.dll
2012-02-15 02:29 . 2012-02-15 02:29 11561984 ----a-w- c:\windows\system32\aticaldd.dll
2012-02-15 02:16 . 2012-02-15 02:16 51200 ----a-w- c:\windows\system32\coinst.dll
2012-02-15 02:13 . 2012-02-15 02:13 356352 ----a-w- c:\windows\system32\atiadlxx.dll
2012-02-15 02:13 . 2012-02-15 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2012-02-15 02:13 . 2012-02-15 02:13 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-02-15 02:12 . 2012-02-15 02:12 264704 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-02-15 02:12 . 2012-02-15 02:12 33280 ----a-w- c:\windows\system32\atiuxpag.dll
2012-02-15 02:12 . 2012-02-15 02:12 30208 ----a-w- c:\windows\system32\atiu9pag.dll
2012-02-15 02:11 . 2012-02-15 02:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\atimpc32.dll
2012-02-15 02:11 . 2012-02-15 02:11 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2012-02-14 21:05 . 2012-02-14 21:05 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2012-02-14 21:05 . 2012-02-14 21:05 54784 ----a-w- c:\windows\system32\OVDecode.dll
2012-02-14 21:04 . 2012-02-14 21:04 13238272 ----a-w- c:\windows\system32\amdocl.dll
2012-02-14 21:03 . 2012-02-14 21:03 48128 ----a-w- c:\windows\system32\OpenCL.dll
2012-01-31 05:00 . 2012-01-31 05:00 16896 ----a-w- c:\windows\system32\kdbsdk32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
2012-02-13 15:44 69760 ----a-w- c:\program files\AMD\SteadyVideo\SteadyVideo.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-01-31 258512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-14 636032]
"Malwarebytes' Anti-Malware"="d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AML Device Install.lnk - c:\program files\AMD AVT\bin\kdbsync.exe [2012-1-31 10752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-02-29 07:55 17148552 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 19496]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-15 163328]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-02-14 291840]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-01-31 86224]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-02-01 46720]
S2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-02-15 9182208]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-02-15 264704]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000Core.job
- c:\users\Domse\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-15 16:59]
.
2012-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000UA.job
- c:\users\Domse\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-15 16:59]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
TCP: DhcpNameServer = 192.168.178.1
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-04 20:59:45
ComboFix-quarantined-files.txt 2012-04-04 18:59
.
Vor Suchlauf: 6 Verzeichnis(se), 234.532.880.384 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 234.438.668.288 Bytes frei
.
- - End Of File - - D66B7ED8DB677437731C9B9B8F02B483
Malwarebytes Logs Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.15.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 16.03.2012 18:47:41 mbam-log-2012-03-16 (18-47-41).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 258278 Laufzeit: 24 Minute(n), 52 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.17.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [limitiert] Schutz: Aktiviert 17.03.2012 20:59:35 mbam-log-2012-03-17 (20-59-35).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 83629 Laufzeit: 14 Minute(n), 32 Sekunde(n) [Abgebrochen] Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.17.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 17.03.2012 21:56:29 mbam-log-2012-03-17 (21-56-29).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 258309 Laufzeit: 21 Minute(n), 50 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.19.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 19.03.2012 15:05:01 mbam-log-2012-03-19 (15-05-01).txt Art des Suchlaufs: Flash-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: Registrierung | Dateisystem | P2P Durchsuchte Objekte: 135173 Laufzeit: 51 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.19.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 19.03.2012 15:06:13 mbam-log-2012-03-19 (15-06-13).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 259040 Laufzeit: 21 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.21.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 21.03.2012 16:47:34 mbam-log-2012-03-21 (16-47-34).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 260487 Laufzeit: 25 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.22.03 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 22.03.2012 16:49:57 mbam-log-2012-03-22 (16-49-57).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 260598 Laufzeit: 27 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.26.03 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 26.03.2012 15:12:45 mbam-log-2012-03-26 (15-12-45).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 255155 Laufzeit: 24 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.26.03 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [limitiert] Schutz: Aktiviert 26.03.2012 16:43:16 mbam-log-2012-03-26 (16-43-16).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 255133 Laufzeit: 26 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.28.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [limitiert] Schutz: Aktiviert 28.03.2012 13:55:55 mbam-log-2012-03-28 (13-55-55).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 230872 Laufzeit: 27 Minute(n), 38 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.29.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 29.03.2012 15:58:14 mbam-log-2012-03-29 (15-58-14).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 231209 Laufzeit: 27 Minute(n), 26 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware (Test) 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.03.29.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 31.03.2012 14:14:35 mbam-log-2012-03-31 (14-14-35).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 231151 Laufzeit: 26 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Malwarebytes Anti-Malware 1.60.1.1000 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: v2012.04.03.05 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Domse :: DOMSE-PC [Administrator] Schutz: Aktiviert 03.04.2012 23:58:25 mbam-log-2012-04-03 (23-58-25).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 232471 Laufzeit: 28 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) 2012/03/15 18:08:29 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/15 18:08:30 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/15 18:08:33 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/15 18:08:36 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/15 18:10:33 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/15 18:10:34 +0100 DOMSE-PC Domse MESSAGE Database already up-to-date 2012/03/15 19:19:36 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/15 19:19:38 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/15 19:19:41 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/15 19:19:43 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/16 14:47:19 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/16 14:47:20 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/16 14:47:23 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/16 14:47:26 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/16 14:54:11 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/16 14:54:11 +0100 DOMSE-PC Domse ERROR Scheduled update failed: No address found failed with error code 11004 2012/03/16 15:50:52 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/16 15:50:54 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/16 15:50:57 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/16 15:51:00 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/16 15:57:34 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/16 15:57:36 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/16 15:57:39 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/16 15:57:41 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/16 16:18:30 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/16 16:18:32 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/16 16:18:35 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/16 16:18:37 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/16 19:51:56 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/16 19:51:57 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/16 19:52:00 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/16 19:52:03 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/18 13:04:47 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/18 13:04:49 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/18 13:04:52 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/18 13:04:54 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/18 13:09:33 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/18 13:09:38 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.17.04 to version v2012.03.18.02 2012/03/18 13:09:38 +0100 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/18 13:09:38 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/18 13:12:00 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/18 13:12:02 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/18 13:12:02 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/18 13:12:05 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/18 16:44:58 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/18 16:44:59 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/18 16:45:02 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/18 16:45:05 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/19 13:36:40 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/19 13:36:41 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/19 13:36:44 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/19 13:36:47 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/19 13:48:58 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/19 13:49:03 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.18.02 to version v2012.03.19.02 2012/03/19 13:49:03 +0100 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/19 13:49:03 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/19 13:51:17 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/19 13:51:18 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/19 13:51:18 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/19 13:51:21 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/19 21:25:30 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/19 21:25:32 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/19 21:25:35 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/19 21:25:37 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/20 13:25:46 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/20 13:25:48 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/20 13:25:51 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/20 13:25:54 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/20 13:37:56 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/20 13:38:01 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.19.02 to version v2012.03.20.03 2012/03/20 13:38:01 +0100 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/20 13:38:01 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/20 13:40:28 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/20 13:40:30 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/20 13:40:30 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/20 13:40:33 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/20 19:31:43 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/20 19:31:44 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/20 19:31:47 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/20 19:31:50 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/21 07:50:02 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/21 07:50:04 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/21 07:50:07 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/21 07:50:09 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/21 12:16:20 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/21 12:16:21 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/21 12:16:22 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/21 12:16:25 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/21 12:16:27 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/21 12:16:27 +0100 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/21 12:16:27 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.20.03 to version v2012.03.21.02 2012/03/21 12:16:27 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/21 12:18:42 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/21 12:18:44 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/21 12:18:44 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/21 12:18:46 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/21 15:53:15 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/21 15:53:16 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/21 15:53:19 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/21 15:53:22 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/22 15:24:39 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/22 15:24:41 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/22 15:24:41 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/22 15:24:44 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/22 15:24:46 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/22 15:24:47 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.21.02 to version v2012.03.22.03 2012/03/22 15:24:47 +0100 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/22 15:24:47 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/22 15:27:02 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/22 15:27:03 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/22 15:27:03 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/22 15:27:06 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/23 15:51:08 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/23 15:51:10 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/23 15:51:13 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/23 15:51:15 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/23 15:59:11 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/23 15:59:17 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.22.03 to version v2012.03.23.01 2012/03/23 15:59:17 +0100 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/23 15:59:17 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/23 16:01:42 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/23 16:01:44 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/23 16:01:44 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/23 16:01:46 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/23 20:44:54 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/23 20:44:56 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/23 20:44:59 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/23 20:45:01 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/24 12:15:53 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/24 12:15:54 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/24 12:15:55 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/24 12:15:58 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/24 12:16:00 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/24 12:16:00 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.23.01 to version v2012.03.23.05 2012/03/24 12:16:00 +0100 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/24 12:16:00 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/24 12:18:17 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/24 12:18:18 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/24 12:18:18 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/24 12:18:21 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/24 18:24:34 +0100 DOMSE-PC Domse MESSAGE Starting protection 2012/03/24 18:24:36 +0100 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/24 18:24:39 +0100 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/24 18:24:41 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/26 14:15:19 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/26 14:15:21 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/26 14:15:21 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/26 14:15:24 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/26 14:15:27 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/26 14:15:30 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.23.05 to version v2012.03.26.03 2012/03/26 14:15:30 +0200 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/26 14:15:30 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/26 14:17:43 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/26 14:17:44 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/26 14:17:44 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/26 14:17:47 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/26 14:21:25 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/26 14:21:27 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/26 14:21:30 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/26 14:21:32 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/27 16:06:20 +0200 DOMSE-PC (null) MESSAGE Executing scheduled update: Daily 2012/03/27 16:06:27 +0200 DOMSE-PC (null) MESSAGE Scheduled update executed successfully: database updated from version v2012.03.26.03 to version v2012.03.27.03 2012/03/27 16:17:38 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/27 16:17:39 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/27 16:17:42 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/27 16:17:45 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/27 16:17:45 +0200 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/27 16:17:45 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/27 16:19:59 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/27 16:20:01 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/27 16:20:01 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/27 16:20:03 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/28 13:24:32 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/28 13:24:33 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/28 13:24:36 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/28 13:24:39 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/28 13:40:12 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/28 13:40:18 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.27.03 to version v2012.03.28.02 2012/03/28 13:40:18 +0200 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/28 13:40:18 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/28 13:42:38 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/28 13:42:39 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/28 13:42:39 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/28 13:42:42 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/28 18:47:02 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/28 18:47:04 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/28 18:47:07 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/28 18:47:09 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/29 15:29:23 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/29 15:29:24 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/03/29 15:29:25 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/29 15:29:28 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/29 15:29:30 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/29 15:29:31 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.28.02 to version v2012.03.29.04 2012/03/29 15:29:31 +0200 DOMSE-PC Domse MESSAGE Starting database refresh 2012/03/29 15:29:31 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/03/29 15:32:02 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/03/29 15:32:03 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/03/29 15:32:03 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/29 15:32:06 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/29 19:23:57 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/29 19:23:59 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/29 19:24:02 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/29 19:24:04 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/30 13:21:03 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/30 13:21:04 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/30 13:21:07 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/30 13:21:10 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/30 21:23:33 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/30 21:23:34 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/30 21:23:37 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/30 21:23:40 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/31 14:15:36 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/31 14:15:38 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/31 14:15:41 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/31 14:15:43 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/03/31 17:41:57 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/03/31 17:41:59 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/03/31 17:42:02 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/03/31 17:42:04 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/01 20:42:48 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/04/01 20:42:49 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/04/01 20:42:52 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/01 20:42:55 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/01 20:57:51 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/04/01 20:57:57 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.29.04 to version v2012.04.01.03 2012/04/01 20:57:57 +0200 DOMSE-PC Domse MESSAGE Starting database refresh 2012/04/01 20:57:57 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/04/01 21:00:23 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/04/01 21:00:24 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/04/01 21:00:24 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/01 21:00:27 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/02 15:57:46 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/04/02 15:57:48 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/04/02 15:57:51 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/02 15:57:53 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/02 16:06:15 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/04/02 16:06:21 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.04.01.03 to version v2012.04.02.04 2012/04/02 16:06:21 +0200 DOMSE-PC Domse MESSAGE Starting database refresh 2012/04/02 16:06:21 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/04/02 16:08:46 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/04/02 16:08:48 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/04/02 16:08:48 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/02 16:08:50 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/02 17:36:56 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/04/02 17:36:58 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/04/02 17:37:01 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/02 17:37:03 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/03 12:01:42 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/04/03 12:01:42 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/04/03 12:01:44 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/04/03 12:01:47 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/03 12:01:50 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/03 12:01:50 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.04.02.04 to version v2012.04.03.05 2012/04/03 12:01:50 +0200 DOMSE-PC Domse MESSAGE Starting database refresh 2012/04/03 12:01:50 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/04/03 12:04:16 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/04/03 12:04:18 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully 2012/04/03 12:04:18 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/03 12:04:20 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/03 21:59:53 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/04/03 21:59:54 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/04/03 21:59:57 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/03 22:00:00 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/04 13:56:35 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/04/04 13:56:37 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/04/04 13:56:40 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/04 13:56:42 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/04 14:03:11 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/04/04 14:05:26 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/04/04 14:06:41 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily 2012/04/04 14:06:42 +0200 DOMSE-PC Domse ERROR Scheduled update failed: No address found failed with error code 11004 2012/04/04 14:19:10 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/04 14:19:13 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/04 16:46:46 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/04/04 16:46:48 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/04/04 16:46:51 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/04 16:46:53 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/04 20:30:19 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/04/04 20:30:20 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/04/04 20:30:23 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/04 20:30:26 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully 2012/04/04 20:55:03 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection 2012/04/04 20:57:26 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped 2012/04/04 21:04:06 +0200 DOMSE-PC Domse MESSAGE Starting protection 2012/04/04 21:04:08 +0200 DOMSE-PC Domse MESSAGE Protection started successfully 2012/04/04 21:04:11 +0200 DOMSE-PC Domse MESSAGE Starting IP protection 2012/04/04 21:04:13 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully hoffe das das richtig ist ( ja ist ne ganzschöne menge) |
|
05.04.2012, 10:20
| #6 |
| /// Malware-holic | Internet sehr langsam 1. gibt es bereits ne besserung? 2. schon ma versucht router und modem neu zu starten? 3. tdss killer ausführen, bei aktion bitte skip wählen log posten http://www.trojaner-board.de/82358-t...entfernen.html
__________________ --> Internet sehr langsam |
|
05.04.2012, 14:26
| #7 |
| | Internet sehr langsam hey, also ist bereits wieder etwas besser geworden. (er lädt die seiten wieder beim ersten mal dauert nur eine zeit) router und modem bereits mehrmals neugestartet. vielleicht gibt oder gab es eine kleine störung mit der Leitung zu unserem haus oder generell zu unserem bereich vom Anbieter hier mal der TDSS Log 15:21:59.0281 2480 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02 15:21:59.0343 2480 ============================================================ 15:21:59.0343 2480 Current date / time: 2012/04/05 15:21:59.0343 15:21:59.0343 2480 SystemInfo: 15:21:59.0343 2480 15:21:59.0343 2480 OS Version: 6.1.7601 ServicePack: 1.0 15:21:59.0343 2480 Product type: Workstation 15:21:59.0343 2480 ComputerName: DOMSE-PC 15:21:59.0343 2480 UserName: Domse 15:21:59.0343 2480 Windows directory: C:\Windows 15:21:59.0343 2480 System windows directory: C:\Windows 15:21:59.0343 2480 Processor architecture: Intel x86 15:21:59.0343 2480 Number of processors: 4 15:21:59.0343 2480 Page size: 0x1000 15:21:59.0343 2480 Boot type: Normal boot 15:21:59.0343 2480 ============================================================ 15:22:00.0123 2480 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050 15:22:00.0123 2480 \Device\Harddisk0\DR0: 15:22:00.0123 2480 MBR used 15:22:00.0123 2480 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 15:22:00.0123 2480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E816000 15:22:00.0123 2480 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x55EBD800 15:22:00.0170 2480 Initialize success 15:22:00.0170 2480 ============================================================ 15:22:03.0025 1824 ============================================================ 15:22:03.0025 1824 Scan started 15:22:03.0025 1824 Mode: Manual; 15:22:03.0025 1824 ============================================================ 15:22:03.0602 1824 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 15:22:03.0602 1824 1394ohci - ok 15:22:03.0633 1824 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 15:22:03.0633 1824 ACPI - ok 15:22:03.0664 1824 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 15:22:03.0664 1824 AcpiPmi - ok 15:22:03.0696 1824 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 15:22:03.0696 1824 adp94xx - ok 15:22:03.0711 1824 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 15:22:03.0711 1824 adpahci - ok 15:22:03.0727 1824 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 15:22:03.0727 1824 adpu320 - ok 15:22:03.0758 1824 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 15:22:03.0758 1824 AeLookupSvc - ok 15:22:03.0805 1824 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 15:22:03.0805 1824 AFD - ok 15:22:03.0836 1824 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 15:22:03.0852 1824 agp440 - ok 15:22:03.0867 1824 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 15:22:03.0867 1824 aic78xx - ok 15:22:03.0883 1824 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 15:22:03.0883 1824 ALG - ok 15:22:03.0898 1824 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 15:22:03.0898 1824 aliide - ok 15:22:03.0930 1824 AMD External Events Utility (cde41d99db840ff9454fc981ebd0ec50) C:\Windows\system32\atiesrxx.exe 15:22:03.0930 1824 AMD External Events Utility - ok 15:22:03.0976 1824 AMD FUEL Service - ok 15:22:03.0992 1824 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 15:22:03.0992 1824 amdagp - ok 15:22:04.0008 1824 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 15:22:04.0008 1824 amdide - ok 15:22:04.0023 1824 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys 15:22:04.0023 1824 amdiox86 - ok 15:22:04.0039 1824 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 15:22:04.0054 1824 AmdK8 - ok 15:22:04.0195 1824 amdkmdag (ffd082f1f1d4ff5c87f66df62486bcfa) C:\Windows\system32\DRIVERS\atikmdag.sys 15:22:04.0288 1824 amdkmdag - ok 15:22:04.0320 1824 amdkmdap (c541da5b72fa638469e8dc1e66079330) C:\Windows\system32\DRIVERS\atikmpag.sys 15:22:04.0320 1824 amdkmdap - ok 15:22:04.0351 1824 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 15:22:04.0351 1824 AmdPPM - ok 15:22:04.0366 1824 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 15:22:04.0366 1824 amdsata - ok 15:22:04.0382 1824 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 15:22:04.0382 1824 amdsbs - ok 15:22:04.0398 1824 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 15:22:04.0398 1824 amdxata - ok 15:22:04.0429 1824 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe 15:22:04.0429 1824 AntiVirSchedulerService - ok 15:22:04.0444 1824 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe 15:22:04.0460 1824 AntiVirService - ok 15:22:04.0491 1824 AODDriver4.1 (df6de9e8e4b6994853ccf038bfae964b) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys 15:22:04.0491 1824 AODDriver4.1 - ok 15:22:04.0522 1824 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 15:22:04.0522 1824 AppID - ok 15:22:04.0538 1824 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 15:22:04.0554 1824 AppIDSvc - ok 15:22:04.0585 1824 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 15:22:04.0585 1824 Appinfo - ok 15:22:04.0616 1824 AppleCharger (75a8b998eb259dd512f01ea25bec7f3b) C:\Windows\system32\DRIVERS\AppleCharger.sys 15:22:04.0632 1824 AppleCharger - ok 15:22:04.0632 1824 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe 15:22:04.0632 1824 AppleChargerSrv - ok 15:22:04.0678 1824 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 15:22:04.0678 1824 AppMgmt - ok 15:22:04.0710 1824 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 15:22:04.0710 1824 arc - ok 15:22:04.0725 1824 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 15:22:04.0741 1824 arcsas - ok 15:22:04.0756 1824 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 15:22:04.0756 1824 AsyncMac - ok 15:22:04.0788 1824 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 15:22:04.0788 1824 atapi - ok 15:22:04.0803 1824 AtiHDAudioService (4d201d8b576be4473405b2a86a2d28b3) C:\Windows\system32\drivers\AtihdW73.sys 15:22:04.0803 1824 AtiHDAudioService - ok 15:22:04.0866 1824 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 15:22:04.0866 1824 AudioEndpointBuilder - ok 15:22:04.0897 1824 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 15:22:04.0897 1824 Audiosrv - ok 15:22:04.0928 1824 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys 15:22:04.0944 1824 avgntflt - ok 15:22:04.0959 1824 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys 15:22:04.0959 1824 avipbb - ok 15:22:04.0975 1824 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys 15:22:04.0975 1824 avkmgr - ok 15:22:05.0022 1824 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 15:22:05.0022 1824 AxInstSV - ok 15:22:05.0053 1824 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 15:22:05.0053 1824 b06bdrv - ok 15:22:05.0084 1824 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 15:22:05.0100 1824 b57nd60x - ok 15:22:05.0146 1824 BCUService (382b151daffe4a9ce9da9f564b66761e) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe 15:22:05.0146 1824 BCUService - ok 15:22:05.0178 1824 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 15:22:05.0178 1824 BDESVC - ok 15:22:05.0193 1824 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 15:22:05.0193 1824 Beep - ok 15:22:05.0224 1824 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 15:22:05.0224 1824 BFE - ok 15:22:05.0256 1824 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll 15:22:05.0271 1824 BITS - ok 15:22:05.0287 1824 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 15:22:05.0287 1824 blbdrive - ok 15:22:05.0318 1824 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 15:22:05.0318 1824 bowser - ok 15:22:05.0334 1824 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:22:05.0334 1824 BrFiltLo - ok 15:22:05.0349 1824 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:22:05.0349 1824 BrFiltUp - ok 15:22:05.0380 1824 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 15:22:05.0396 1824 BridgeMP - ok 15:22:05.0412 1824 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 15:22:05.0412 1824 Browser - ok 15:22:05.0443 1824 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 15:22:05.0443 1824 Brserid - ok 15:22:05.0458 1824 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 15:22:05.0458 1824 BrSerWdm - ok 15:22:05.0474 1824 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:22:05.0474 1824 BrUsbMdm - ok 15:22:05.0490 1824 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 15:22:05.0490 1824 BrUsbSer - ok 15:22:05.0505 1824 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 15:22:05.0505 1824 BTHMODEM - ok 15:22:05.0521 1824 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 15:22:05.0521 1824 bthserv - ok 15:22:05.0568 1824 catchme - ok 15:22:05.0599 1824 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 15:22:05.0599 1824 cdfs - ok 15:22:05.0630 1824 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 15:22:05.0630 1824 cdrom - ok 15:22:05.0661 1824 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 15:22:05.0661 1824 CertPropSvc - ok 15:22:05.0677 1824 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 15:22:05.0692 1824 circlass - ok 15:22:05.0708 1824 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 15:22:05.0708 1824 CLFS - ok 15:22:05.0755 1824 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:22:05.0755 1824 clr_optimization_v2.0.50727_32 - ok 15:22:05.0802 1824 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:22:05.0802 1824 clr_optimization_v4.0.30319_32 - ok 15:22:05.0817 1824 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 15:22:05.0817 1824 CmBatt - ok 15:22:05.0848 1824 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 15:22:05.0848 1824 cmdide - ok 15:22:05.0864 1824 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 15:22:05.0864 1824 CNG - ok 15:22:05.0880 1824 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 15:22:05.0880 1824 Compbatt - ok 15:22:05.0926 1824 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 15:22:05.0926 1824 CompositeBus - ok 15:22:05.0926 1824 COMSysApp - ok 15:22:05.0942 1824 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 15:22:05.0942 1824 crcdisk - ok 15:22:05.0989 1824 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 15:22:05.0989 1824 CryptSvc - ok 15:22:06.0020 1824 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 15:22:06.0036 1824 CSC - ok 15:22:06.0051 1824 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll 15:22:06.0051 1824 CscService - ok 15:22:06.0067 1824 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 15:22:06.0082 1824 DcomLaunch - ok 15:22:06.0098 1824 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 15:22:06.0098 1824 defragsvc - ok 15:22:06.0129 1824 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 15:22:06.0129 1824 DfsC - ok 15:22:06.0145 1824 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 15:22:06.0160 1824 Dhcp - ok 15:22:06.0160 1824 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 15:22:06.0160 1824 discache - ok 15:22:06.0176 1824 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 15:22:06.0176 1824 Disk - ok 15:22:06.0207 1824 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 15:22:06.0207 1824 Dnscache - ok 15:22:06.0238 1824 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 15:22:06.0238 1824 dot3svc - ok 15:22:06.0270 1824 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 15:22:06.0270 1824 DPS - ok 15:22:06.0301 1824 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 15:22:06.0301 1824 drmkaud - ok 15:22:06.0332 1824 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 15:22:06.0348 1824 DXGKrnl - ok 15:22:06.0363 1824 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 15:22:06.0363 1824 EapHost - ok 15:22:06.0441 1824 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 15:22:06.0457 1824 ebdrv - ok 15:22:06.0488 1824 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe 15:22:06.0488 1824 EFS - ok 15:22:06.0535 1824 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 15:22:06.0535 1824 ehRecvr - ok 15:22:06.0566 1824 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 15:22:06.0566 1824 ehSched - ok 15:22:06.0597 1824 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 15:22:06.0613 1824 elxstor - ok 15:22:06.0628 1824 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 15:22:06.0628 1824 ErrDev - ok 15:22:06.0675 1824 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 15:22:06.0675 1824 EventSystem - ok 15:22:06.0691 1824 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 15:22:06.0706 1824 exfat - ok 15:22:06.0738 1824 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 15:22:06.0738 1824 fastfat - ok 15:22:06.0769 1824 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 15:22:06.0769 1824 Fax - ok 15:22:06.0800 1824 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 15:22:06.0800 1824 fdc - ok 15:22:06.0800 1824 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 15:22:06.0816 1824 fdPHost - ok 15:22:06.0816 1824 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 15:22:06.0831 1824 FDResPub - ok 15:22:06.0831 1824 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 15:22:06.0847 1824 FileInfo - ok 15:22:06.0847 1824 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 15:22:06.0847 1824 Filetrace - ok 15:22:06.0862 1824 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 15:22:06.0862 1824 flpydisk - ok 15:22:06.0894 1824 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 15:22:06.0894 1824 FltMgr - ok 15:22:06.0925 1824 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 15:22:06.0925 1824 FontCache - ok 15:22:06.0956 1824 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 15:22:06.0972 1824 FontCache3.0.0.0 - ok 15:22:06.0972 1824 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 15:22:06.0972 1824 FsDepends - ok 15:22:06.0987 1824 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 15:22:06.0987 1824 Fs_Rec - ok 15:22:07.0018 1824 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 15:22:07.0018 1824 fvevol - ok 15:22:07.0034 1824 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 15:22:07.0034 1824 gagp30kx - ok 15:22:07.0050 1824 gdrv - ok 15:22:07.0081 1824 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 15:22:07.0081 1824 gpsvc - ok 15:22:07.0112 1824 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 15:22:07.0112 1824 hcw85cir - ok 15:22:07.0143 1824 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 15:22:07.0143 1824 HdAudAddService - ok 15:22:07.0159 1824 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 15:22:07.0159 1824 HDAudBus - ok 15:22:07.0190 1824 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 15:22:07.0190 1824 HidBatt - ok 15:22:07.0206 1824 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 15:22:07.0206 1824 HidBth - ok 15:22:07.0237 1824 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 15:22:07.0237 1824 HidIr - ok 15:22:07.0268 1824 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll 15:22:07.0268 1824 hidserv - ok 15:22:07.0284 1824 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 15:22:07.0284 1824 HidUsb - ok 15:22:07.0315 1824 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 15:22:07.0315 1824 hkmsvc - ok 15:22:07.0346 1824 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 15:22:07.0346 1824 HomeGroupListener - ok 15:22:07.0377 1824 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 15:22:07.0377 1824 HomeGroupProvider - ok 15:22:07.0393 1824 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 15:22:07.0393 1824 HpSAMD - ok 15:22:07.0424 1824 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 15:22:07.0424 1824 HTTP - ok 15:22:07.0455 1824 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 15:22:07.0455 1824 hwpolicy - ok 15:22:07.0486 1824 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 15:22:07.0486 1824 i8042prt - ok 15:22:07.0502 1824 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 15:22:07.0518 1824 iaStorV - ok 15:22:07.0580 1824 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:22:07.0596 1824 idsvc - ok 15:22:07.0627 1824 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 15:22:07.0627 1824 iirsp - ok 15:22:07.0658 1824 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 15:22:07.0658 1824 IKEEXT - ok 15:22:07.0752 1824 IntcAzAudAddService (f42f2f88017a2e2b6f783acef6c2c149) C:\Windows\system32\drivers\RTKVHDA.sys 15:22:07.0783 1824 IntcAzAudAddService - ok 15:22:07.0814 1824 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 15:22:07.0814 1824 intelide - ok 15:22:07.0830 1824 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 15:22:07.0830 1824 intelppm - ok 15:22:07.0861 1824 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 15:22:07.0861 1824 IPBusEnum - ok 15:22:07.0876 1824 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:22:07.0892 1824 IpFilterDriver - ok 15:22:07.0908 1824 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 15:22:07.0923 1824 iphlpsvc - ok 15:22:07.0954 1824 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 15:22:07.0954 1824 IPMIDRV - ok 15:22:07.0970 1824 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 15:22:07.0970 1824 IPNAT - ok 15:22:07.0986 1824 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 15:22:08.0001 1824 IRENUM - ok 15:22:08.0001 1824 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 15:22:08.0017 1824 isapnp - ok 15:22:08.0032 1824 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 15:22:08.0032 1824 iScsiPrt - ok 15:22:08.0048 1824 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 15:22:08.0064 1824 kbdclass - ok 15:22:08.0079 1824 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 15:22:08.0095 1824 kbdhid - ok 15:22:08.0110 1824 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 15:22:08.0110 1824 KeyIso - ok 15:22:08.0126 1824 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 15:22:08.0126 1824 KSecDD - ok 15:22:08.0142 1824 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 15:22:08.0142 1824 KSecPkg - ok 15:22:08.0173 1824 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 15:22:08.0173 1824 KtmRm - ok 15:22:08.0220 1824 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll 15:22:08.0220 1824 LanmanServer - ok 15:22:08.0251 1824 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 15:22:08.0251 1824 LanmanWorkstation - ok 15:22:08.0266 1824 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 15:22:08.0282 1824 lltdio - ok 15:22:08.0298 1824 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 15:22:08.0298 1824 lltdsvc - ok 15:22:08.0313 1824 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 15:22:08.0313 1824 lmhosts - ok 15:22:08.0329 1824 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 15:22:08.0329 1824 LSI_FC - ok 15:22:08.0344 1824 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 15:22:08.0344 1824 LSI_SAS - ok 15:22:08.0360 1824 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:22:08.0360 1824 LSI_SAS2 - ok 15:22:08.0376 1824 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:22:08.0376 1824 LSI_SCSI - ok 15:22:08.0391 1824 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 15:22:08.0391 1824 luafv - ok 15:22:08.0422 1824 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys 15:22:08.0422 1824 MBAMProtector - ok 15:22:08.0547 1824 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 15:22:08.0563 1824 MBAMService - ok 15:22:08.0578 1824 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 15:22:08.0578 1824 Mcx2Svc - ok 15:22:08.0594 1824 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 15:22:08.0594 1824 megasas - ok 15:22:08.0610 1824 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 15:22:08.0610 1824 MegaSR - ok 15:22:08.0625 1824 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 15:22:08.0625 1824 MMCSS - ok 15:22:08.0641 1824 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 15:22:08.0656 1824 Modem - ok 15:22:08.0672 1824 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 15:22:08.0672 1824 monitor - ok 15:22:08.0703 1824 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 15:22:08.0719 1824 mouclass - ok 15:22:08.0734 1824 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 15:22:08.0734 1824 mouhid - ok 15:22:08.0766 1824 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 15:22:08.0766 1824 mountmgr - ok 15:22:08.0781 1824 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 15:22:08.0781 1824 mpio - ok 15:22:08.0797 1824 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 15:22:08.0812 1824 mpsdrv - ok 15:22:08.0844 1824 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 15:22:08.0859 1824 MpsSvc - ok 15:22:08.0890 1824 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 15:22:08.0890 1824 MRxDAV - ok 15:22:08.0922 1824 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:22:08.0922 1824 mrxsmb - ok 15:22:08.0937 1824 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:22:08.0953 1824 mrxsmb10 - ok 15:22:08.0968 1824 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:22:08.0968 1824 mrxsmb20 - ok 15:22:09.0000 1824 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 15:22:09.0000 1824 msahci - ok 15:22:09.0031 1824 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 15:22:09.0031 1824 msdsm - ok 15:22:09.0062 1824 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 15:22:09.0062 1824 MSDTC - ok 15:22:09.0093 1824 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 15:22:09.0109 1824 Msfs - ok 15:22:09.0124 1824 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 15:22:09.0124 1824 mshidkmdf - ok 15:22:09.0140 1824 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 15:22:09.0140 1824 msisadrv - ok 15:22:09.0171 1824 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 15:22:09.0171 1824 MSiSCSI - ok 15:22:09.0171 1824 msiserver - ok 15:22:09.0202 1824 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 15:22:09.0202 1824 MSKSSRV - ok 15:22:09.0218 1824 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 15:22:09.0218 1824 MSPCLOCK - ok 15:22:09.0234 1824 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 15:22:09.0234 1824 MSPQM - ok 15:22:09.0249 1824 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 15:22:09.0265 1824 MsRPC - ok 15:22:09.0280 1824 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 15:22:09.0280 1824 mssmbios - ok 15:22:09.0296 1824 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 15:22:09.0296 1824 MSTEE - ok 15:22:09.0312 1824 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 15:22:09.0312 1824 MTConfig - ok 15:22:09.0327 1824 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 15:22:09.0327 1824 Mup - ok 15:22:09.0358 1824 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 15:22:09.0358 1824 napagent - ok 15:22:09.0390 1824 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 15:22:09.0390 1824 NativeWifiP - ok 15:22:09.0436 1824 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 15:22:09.0452 1824 NDIS - ok 15:22:09.0468 1824 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 15:22:09.0468 1824 NdisCap - ok 15:22:09.0483 1824 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 15:22:09.0499 1824 NdisTapi - ok 15:22:09.0514 1824 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 15:22:09.0514 1824 Ndisuio - ok 15:22:09.0530 1824 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 15:22:09.0530 1824 NdisWan - ok 15:22:09.0577 1824 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 15:22:09.0577 1824 NDProxy - ok 15:22:09.0592 1824 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 15:22:09.0592 1824 NetBIOS - ok 15:22:09.0624 1824 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 15:22:09.0624 1824 NetBT - ok 15:22:09.0655 1824 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 15:22:09.0655 1824 Netlogon - ok 15:22:09.0702 1824 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 15:22:09.0702 1824 Netman - ok 15:22:09.0717 1824 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 15:22:09.0733 1824 netprofm - ok 15:22:09.0780 1824 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 15:22:09.0795 1824 NetTcpPortSharing - ok 15:22:09.0811 1824 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 15:22:09.0811 1824 nfrd960 - ok 15:22:09.0842 1824 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 15:22:09.0842 1824 NlaSvc - ok 15:22:09.0873 1824 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 15:22:09.0873 1824 Npfs - ok 15:22:09.0920 1824 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 15:22:09.0920 1824 nsi - ok 15:22:09.0951 1824 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 15:22:09.0951 1824 nsiproxy - ok 15:22:10.0014 1824 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 15:22:10.0076 1824 Ntfs - ok 15:22:10.0092 1824 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 15:22:10.0107 1824 Null - ok 15:22:10.0138 1824 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys 15:22:10.0138 1824 NVENETFD - ok 15:22:10.0170 1824 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys 15:22:10.0170 1824 NVNET - ok 15:22:10.0201 1824 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 15:22:10.0201 1824 nvraid - ok 15:22:10.0232 1824 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 15:22:10.0232 1824 nvstor - ok 15:22:10.0248 1824 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys 15:22:10.0248 1824 nvstor32 - ok 15:22:10.0279 1824 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 15:22:10.0279 1824 nv_agp - ok 15:22:10.0294 1824 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 15:22:10.0294 1824 ohci1394 - ok 15:22:10.0326 1824 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 15:22:10.0341 1824 p2pimsvc - ok 15:22:10.0357 1824 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 15:22:10.0357 1824 p2psvc - ok 15:22:10.0388 1824 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 15:22:10.0388 1824 Parport - ok 15:22:10.0404 1824 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 15:22:10.0419 1824 partmgr - ok 15:22:10.0435 1824 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 15:22:10.0435 1824 Parvdm - ok 15:22:10.0450 1824 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 15:22:10.0450 1824 PcaSvc - ok 15:22:10.0466 1824 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 15:22:10.0466 1824 pci - ok 15:22:10.0482 1824 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 15:22:10.0482 1824 pciide - ok 15:22:10.0497 1824 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 15:22:10.0497 1824 pcmcia - ok 15:22:10.0513 1824 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 15:22:10.0513 1824 pcw - ok 15:22:10.0544 1824 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 15:22:10.0544 1824 PEAUTH - ok 15:22:10.0575 1824 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 15:22:10.0591 1824 PeerDistSvc - ok 15:22:10.0653 1824 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 15:22:10.0669 1824 pla - ok 15:22:10.0700 1824 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 15:22:10.0700 1824 PlugPlay - ok 15:22:10.0716 1824 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 15:22:10.0716 1824 PNRPAutoReg - ok 15:22:10.0731 1824 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 15:22:10.0731 1824 PNRPsvc - ok 15:22:10.0762 1824 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 15:22:10.0762 1824 PolicyAgent - ok 15:22:10.0794 1824 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 15:22:10.0794 1824 Power - ok 15:22:10.0809 1824 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 15:22:10.0809 1824 PptpMiniport - ok 15:22:10.0825 1824 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 15:22:10.0825 1824 Processor - ok 15:22:10.0856 1824 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 15:22:10.0856 1824 ProfSvc - ok 15:22:10.0887 1824 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 15:22:10.0887 1824 ProtectedStorage - ok 15:22:10.0903 1824 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 15:22:10.0918 1824 Psched - ok 15:22:10.0950 1824 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 15:22:10.0950 1824 ql2300 - ok 15:22:10.0965 1824 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 15:22:10.0965 1824 ql40xx - ok 15:22:10.0996 1824 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 15:22:10.0996 1824 QWAVE - ok 15:22:11.0028 1824 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 15:22:11.0028 1824 QWAVEdrv - ok 15:22:11.0043 1824 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 15:22:11.0059 1824 RasAcd - ok 15:22:11.0074 1824 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:22:11.0074 1824 RasAgileVpn - ok 15:22:11.0106 1824 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 15:22:11.0106 1824 RasAuto - ok 15:22:11.0121 1824 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:22:11.0137 1824 Rasl2tp - ok 15:22:11.0168 1824 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 15:22:11.0184 1824 RasMan - ok 15:22:11.0199 1824 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 15:22:11.0199 1824 RasPppoe - ok 15:22:11.0215 1824 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 15:22:11.0215 1824 RasSstp - ok 15:22:11.0246 1824 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 15:22:11.0246 1824 rdbss - ok 15:22:11.0262 1824 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 15:22:11.0262 1824 rdpbus - ok 15:22:11.0293 1824 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:22:11.0293 1824 RDPCDD - ok 15:22:11.0324 1824 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 15:22:11.0324 1824 RDPDR - ok 15:22:11.0355 1824 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 15:22:11.0355 1824 RDPENCDD - ok 15:22:11.0355 1824 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 15:22:11.0371 1824 RDPREFMP - ok 15:22:11.0386 1824 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys 15:22:11.0402 1824 RDPWD - ok 15:22:11.0433 1824 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 15:22:11.0433 1824 rdyboost - ok 15:22:11.0464 1824 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 15:22:11.0464 1824 RemoteAccess - ok 15:22:11.0480 1824 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 15:22:11.0480 1824 RemoteRegistry - ok 15:22:11.0511 1824 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 15:22:11.0511 1824 RpcEptMapper - ok 15:22:11.0527 1824 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 15:22:11.0527 1824 RpcLocator - ok 15:22:11.0558 1824 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 15:22:11.0574 1824 RpcSs - ok 15:22:11.0589 1824 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 15:22:11.0605 1824 rspndr - ok 15:22:11.0620 1824 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 15:22:11.0636 1824 s3cap - ok 15:22:11.0652 1824 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 15:22:11.0652 1824 SamSs - ok 15:22:11.0683 1824 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 15:22:11.0698 1824 sbp2port - ok 15:22:11.0730 1824 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 15:22:11.0730 1824 SCardSvr - ok 15:22:11.0761 1824 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 15:22:11.0761 1824 scfilter - ok 15:22:11.0808 1824 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 15:22:11.0823 1824 Schedule - ok 15:22:11.0854 1824 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 15:22:11.0854 1824 SCPolicySvc - ok 15:22:11.0901 1824 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 15:22:11.0901 1824 SDRSVC - ok 15:22:11.0917 1824 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 15:22:11.0932 1824 secdrv - ok 15:22:11.0964 1824 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 15:22:11.0964 1824 seclogon - ok 15:22:11.0995 1824 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll 15:22:11.0995 1824 SENS - ok 15:22:12.0026 1824 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 15:22:12.0026 1824 SensrSvc - ok 15:22:12.0042 1824 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 15:22:12.0042 1824 Serenum - ok 15:22:12.0073 1824 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 15:22:12.0073 1824 Serial - ok 15:22:12.0104 1824 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 15:22:12.0104 1824 sermouse - ok 15:22:12.0135 1824 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 15:22:12.0151 1824 SessionEnv - ok 15:22:12.0166 1824 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 15:22:12.0166 1824 sffdisk - ok 15:22:12.0182 1824 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 15:22:12.0182 1824 sffp_mmc - ok 15:22:12.0198 1824 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 15:22:12.0198 1824 sffp_sd - ok 15:22:12.0229 1824 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 15:22:12.0229 1824 sfloppy - ok 15:22:12.0260 1824 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 15:22:12.0260 1824 SharedAccess - ok 15:22:12.0291 1824 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 15:22:12.0307 1824 ShellHWDetection - ok 15:22:12.0322 1824 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 15:22:12.0322 1824 sisagp - ok 15:22:12.0322 1824 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:22:12.0338 1824 SiSRaid2 - ok 15:22:12.0338 1824 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 15:22:12.0338 1824 SiSRaid4 - ok 15:22:12.0385 1824 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe 15:22:12.0385 1824 SkypeUpdate - ok 15:22:12.0400 1824 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 15:22:12.0400 1824 Smb - ok 15:22:12.0432 1824 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 15:22:12.0447 1824 SNMPTRAP - ok 15:22:12.0447 1824 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 15:22:12.0447 1824 spldr - ok 15:22:12.0478 1824 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 15:22:12.0478 1824 Spooler - ok 15:22:12.0556 1824 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 15:22:12.0572 1824 sppsvc - ok 15:22:12.0603 1824 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 15:22:12.0603 1824 sppuinotify - ok 15:22:12.0634 1824 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 15:22:12.0666 1824 srv - ok 15:22:12.0681 1824 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 15:22:12.0712 1824 srv2 - ok 15:22:12.0744 1824 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 15:22:12.0759 1824 srvnet - ok 15:22:12.0806 1824 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 15:22:12.0822 1824 SSDPSRV - ok 15:22:12.0853 1824 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 15:22:12.0853 1824 ssmdrv - ok 15:22:12.0915 1824 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 15:22:12.0915 1824 SstpSvc - ok 15:22:12.0931 1824 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 15:22:12.0946 1824 stexstor - ok 15:22:12.0978 1824 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 15:22:12.0993 1824 StiSvc - ok 15:22:13.0024 1824 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 15:22:13.0024 1824 storflt - ok 15:22:13.0040 1824 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll 15:22:13.0056 1824 StorSvc - ok 15:22:13.0071 1824 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 15:22:13.0071 1824 storvsc - ok 15:22:13.0087 1824 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 15:22:13.0102 1824 swenum - ok 15:22:13.0118 1824 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 15:22:13.0118 1824 swprv - ok 15:22:13.0165 1824 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 15:22:13.0196 1824 SysMain - ok 15:22:13.0196 1824 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 15:22:13.0212 1824 TabletInputService - ok 15:22:13.0227 1824 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 15:22:13.0227 1824 TapiSrv - ok 15:22:13.0243 1824 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 15:22:13.0243 1824 TBS - ok 15:22:13.0290 1824 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 15:22:13.0305 1824 Tcpip - ok 15:22:13.0336 1824 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 15:22:13.0352 1824 TCPIP6 - ok 15:22:13.0383 1824 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 15:22:13.0383 1824 tcpipreg - ok 15:22:13.0414 1824 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 15:22:13.0414 1824 TDPIPE - ok 15:22:13.0414 1824 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys 15:22:13.0414 1824 TDTCP - ok 15:22:13.0446 1824 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 15:22:13.0446 1824 tdx - ok 15:22:13.0477 1824 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 15:22:13.0492 1824 TermDD - ok 15:22:13.0524 1824 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 15:22:13.0539 1824 TermService - ok 15:22:13.0617 1824 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 15:22:13.0617 1824 Themes - ok 15:22:13.0695 1824 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 15:22:13.0695 1824 THREADORDER - ok 15:22:13.0726 1824 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 15:22:13.0742 1824 TrkWks - ok 15:22:13.0773 1824 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 15:22:13.0773 1824 TrustedInstaller - ok 15:22:13.0804 1824 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:22:13.0804 1824 tssecsrv - ok 15:22:13.0836 1824 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 15:22:13.0836 1824 TsUsbFlt - ok 15:22:13.0867 1824 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 15:22:13.0867 1824 tunnel - ok 15:22:13.0898 1824 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 15:22:13.0898 1824 uagp35 - ok 15:22:13.0929 1824 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 15:22:13.0929 1824 udfs - ok 15:22:13.0960 1824 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 15:22:13.0976 1824 UI0Detect - ok 15:22:14.0007 1824 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 15:22:14.0007 1824 uliagpkx - ok 15:22:14.0038 1824 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 15:22:14.0054 1824 umbus - ok 15:22:14.0070 1824 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 15:22:14.0070 1824 UmPass - ok 15:22:14.0101 1824 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll 15:22:14.0101 1824 UmRdpService - ok 15:22:14.0148 1824 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 15:22:14.0163 1824 upnphost - ok 15:22:14.0179 1824 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 15:22:14.0179 1824 usbccgp - ok 15:22:14.0210 1824 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 15:22:14.0226 1824 usbcir - ok 15:22:14.0241 1824 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 15:22:14.0241 1824 usbehci - ok 15:22:14.0257 1824 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 15:22:14.0257 1824 usbhub - ok 15:22:14.0288 1824 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 15:22:14.0288 1824 usbohci - ok 15:22:14.0304 1824 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 15:22:14.0304 1824 usbprint - ok 15:22:14.0319 1824 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS 15:22:14.0319 1824 USBSTOR - ok 15:22:14.0335 1824 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 15:22:14.0335 1824 usbuhci - ok 15:22:14.0366 1824 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 15:22:14.0366 1824 UxSms - ok 15:22:14.0382 1824 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 15:22:14.0382 1824 VaultSvc - ok 15:22:14.0413 1824 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 15:22:14.0413 1824 vdrvroot - ok 15:22:14.0444 1824 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 15:22:14.0460 1824 vds - ok 15:22:14.0491 1824 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 15:22:14.0491 1824 vga - ok 15:22:14.0491 1824 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 15:22:14.0506 1824 VgaSave - ok 15:22:14.0522 1824 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 15:22:14.0522 1824 vhdmp - ok 15:22:14.0538 1824 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 15:22:14.0538 1824 viaagp - ok 15:22:14.0553 1824 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 15:22:14.0553 1824 ViaC7 - ok 15:22:14.0569 1824 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 15:22:14.0569 1824 viaide - ok 15:22:14.0600 1824 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 15:22:14.0600 1824 vmbus - ok 15:22:14.0616 1824 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 15:22:14.0616 1824 VMBusHID - ok 15:22:14.0647 1824 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 15:22:14.0647 1824 volmgr - ok 15:22:14.0662 1824 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 15:22:14.0662 1824 volmgrx - ok 15:22:14.0678 1824 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 15:22:14.0678 1824 volsnap - ok 15:22:14.0694 1824 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 15:22:14.0694 1824 vsmraid - ok 15:22:14.0740 1824 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 15:22:14.0756 1824 VSS - ok 15:22:14.0772 1824 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 15:22:14.0772 1824 vwifibus - ok 15:22:14.0787 1824 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 15:22:14.0787 1824 W32Time - ok 15:22:14.0818 1824 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 15:22:14.0818 1824 WacomPen - ok 15:22:14.0834 1824 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 15:22:14.0850 1824 WANARP - ok 15:22:14.0850 1824 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 15:22:14.0850 1824 Wanarpv6 - ok 15:22:14.0912 1824 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 15:22:14.0928 1824 wbengine - ok 15:22:14.0974 1824 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 15:22:14.0990 1824 WbioSrvc - ok 15:22:15.0006 1824 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 15:22:15.0006 1824 wcncsvc - ok 15:22:15.0037 1824 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 15:22:15.0037 1824 WcsPlugInService - ok 15:22:15.0052 1824 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 15:22:15.0052 1824 Wd - ok 15:22:15.0068 1824 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 15:22:15.0068 1824 Wdf01000 - ok 15:22:15.0084 1824 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 15:22:15.0084 1824 WdiServiceHost - ok 15:22:15.0099 1824 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 15:22:15.0099 1824 WdiSystemHost - ok 15:22:15.0130 1824 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 15:22:15.0130 1824 WebClient - ok 15:22:15.0162 1824 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 15:22:15.0177 1824 Wecsvc - ok 15:22:15.0193 1824 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 15:22:15.0208 1824 wercplsupport - ok 15:22:15.0240 1824 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 15:22:15.0255 1824 WerSvc - ok 15:22:15.0286 1824 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 15:22:15.0286 1824 WfpLwf - ok 15:22:15.0302 1824 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 15:22:15.0318 1824 WIMMount - ok 15:22:15.0364 1824 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 15:22:15.0380 1824 WinDefend - ok 15:22:15.0396 1824 WinHttpAutoProxySvc - ok 15:22:15.0427 1824 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 15:22:15.0427 1824 Winmgmt - ok 15:22:15.0458 1824 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 15:22:15.0474 1824 WinRM - ok 15:22:15.0520 1824 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 15:22:15.0520 1824 WinUsb - ok 15:22:15.0536 1824 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 15:22:15.0552 1824 Wlansvc - ok 15:22:15.0567 1824 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 15:22:15.0567 1824 WmiAcpi - ok 15:22:15.0598 1824 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 15:22:15.0598 1824 wmiApSrv - ok 15:22:15.0645 1824 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 15:22:15.0661 1824 WMPNetworkSvc - ok 15:22:15.0676 1824 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 15:22:15.0676 1824 WPCSvc - ok 15:22:15.0692 1824 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 15:22:15.0708 1824 WPDBusEnum - ok 15:22:15.0723 1824 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 15:22:15.0723 1824 ws2ifsl - ok 15:22:15.0754 1824 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll 15:22:15.0754 1824 wscsvc - ok 15:22:15.0770 1824 WSearch - ok 15:22:15.0817 1824 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 15:22:15.0832 1824 wuauserv - ok 15:22:15.0864 1824 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 15:22:15.0864 1824 WudfPf - ok 15:22:15.0910 1824 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:22:15.0910 1824 WUDFRd - ok 15:22:15.0942 1824 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 15:22:15.0942 1824 wudfsvc - ok 15:22:15.0973 1824 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 15:22:15.0973 1824 WwanSvc - ok 15:22:16.0004 1824 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 15:22:16.0051 1824 \Device\Harddisk0\DR0 - ok 15:22:16.0066 1824 Boot (0x1200) (462264a5fcc4dadc45ea5d2284bc89ed) \Device\Harddisk0\DR0\Partition0 15:22:16.0066 1824 \Device\Harddisk0\DR0\Partition0 - ok 15:22:16.0082 1824 Boot (0x1200) (a464c592e29bddcfd0d6f77ef1cd47f4) \Device\Harddisk0\DR0\Partition1 15:22:16.0082 1824 \Device\Harddisk0\DR0\Partition1 - ok 15:22:16.0098 1824 Boot (0x1200) (2dc2aa62ddddcba23e969ceb98a64400) \Device\Harddisk0\DR0\Partition2 15:22:16.0113 1824 \Device\Harddisk0\DR0\Partition2 - ok 15:22:16.0113 1824 ============================================================ 15:22:16.0113 1824 Scan finished 15:22:16.0113 1824 ============================================================ 15:22:16.0129 2292 Detected object count: 0 15:22:16.0129 2292 Actual detected object count: 0 |
|
05.04.2012, 14:27
| #8 |
| /// Malware-holic | Internet sehr langsam ruf doch da mal die service hotline deines anbieters an, die müssten so was wissen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.04.2012, 14:52
| #9 |
| | Internet sehr langsam so grade mal da angerufen und die meinten das kurz bevor das problem auftrat in der nähe an den Leitungen gearbeitet wurde. Und da auch die Logs wohl keine Anzeichen geben das ich einen Virus auf dem PC habe entschuldige ich mich dir unnötige Arbeit gemacht zu haben und wünsche dir ein Frohes Oster Fest |
|
05.04.2012, 15:29
| #10 |
| /// Malware-holic | Internet sehr langsam kein grund für ne entschuldigung. aber das gerät sollten wir noch absichern: lade den CCleaner standard: CCleaner Download - CCleaner 3.17.1689 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.04.2012, 15:44
| #11 |
| | Internet sehr langsam 7-Zip 9.20 03.04.2012 (unnötig) AMD Catalyst Install Manager Advanced Micro Devices, Inc. 14.03.2012 20,2MB 3.0.868.0 (notwendig) Avira Free Antivirus Avira 14.03.2012 109,1MB 12.0.0.898 (notwendig) Browser Configuration Utility DeviceVM Inc. 14.03.2012 2,83MB 1.1.18.0 (unbekannt) CCleaner Piriform 04.04.2012 3.17 (notwendig) Google Chrome Google Inc. 14.03.2012 18.0.1025.142 (notwendig) Malwarebytes Anti-Malware Version 1.60.1.1000 Malwarebytes Corporation 14.03.2012 17,3MB 1.60.1.1000 (notwendig) Microsoft .NET Framework 4 Client Profile Microsoft Corporation 15.03.2012 38,8MB 4.0.30319 (notwendig) Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 15.03.2012 2,94MB 4.0.30319 (notwendig) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 14.03.2012 0,58MB 9.0.30729.4148 (notwendig) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 18.03.2012 0,59MB 9.0.30729.6161 (notwendig) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 18.03.2012 12,3MB 10.0.40219 (notwendig) NVIDIA Drivers NVIDIA Corporation 14.03.2012 3,25MB 1.10.62.40 (notwenig) ON_OFF Charge B10.0427.1 GIGABYTE 14.03.2012 1.00.0001 (unbekannt) Realtek High Definition Audio Driver Realtek Semiconductor Corp. 14.03.2012 6.0.1.6101 (notwendig) Skype™ 5.8 Skype Technologies S.A. 15.03.2012 19,0MB 5.8.158 (notwendig) Star Wars: The Old Republic Electronic Arts, Inc. 14.03.2012 19.849MB 1.00 (notwendig) |
|
11.04.2012, 10:16
| #12 |
| /// Malware-holic | Internet sehr langsam deinstaliere: Browser Configuration öffne otl, bereinigen neustart. öffne CCleaner analysieren, ccleaner starten, pc neustarten, testen wie das system läuft
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Internet sehr langsam |
| amd, antivir, audio, avira, browser, defender, desktop, explorer, gmer, google, internet, internet sehr langsam, langsam, log, malwarebytes, realtek, scan, sehr langsam, seite, seiten, super, svchost.exe, system, system32, updates, windows, windows media player, wmp |
Linear-Darstellung
