| |
| |||||||
Log-Analyse und Auswertung: Wie Claro-Search bei Firefox entfernen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.11.2012, 13:05
| #1 |
 |  Wie Claro-Search bei Firefox entfernen? Hallo, ich habe mir leider durch einen Download Claro-Search bei Firefox eingefangen und werde ihn jetzt nicht los. Da in diesem Unterforum schon einige Anfragen deswegen sind, poste ich einfach mal hier. Ich hoffe das ist richtig. Falls nicht, bitte ich um einen kurzen Hinweis. Jetzt ist meine Frage, wie ich diesen Claro-Search-Mist wieder los werde. Viele Grüße F.H. Hier, die Auswertung:OTL Logfile: OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 13.11.2012 13:47:26 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Friederike\Downloads Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,90% Memory free 6,00 Gb Paging File | 4,64 Gb Available in Paging File | 77,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 273,40 Gb Total Space | 230,81 Gb Free Space | 84,42% Space Free | Partition Type: NTFS Drive D: | 182,26 Gb Total Space | 179,91 Gb Free Space | 98,71% Space Free | Partition Type: NTFS Computer Name: FRIEDERIKE-MSI | User Name: Friederike | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.11.13 13:46:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Friederike\Downloads\OTL.exe PRC - [2012.11.13 11:59:23 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.10.30 20:12:42 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2012.10.30 20:12:39 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2012.10.24 18:49:10 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe PRC - [2012.09.19 18:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.05.22 07:13:12 | 000,980,920 | ---- | M] (The Eraser Project) -- C:\Program Files\Eraser\Eraser.exe PRC - [2011.06.17 18:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010.10.27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010.09.30 13:00:28 | 000,253,264 | ---- | M] () -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe PRC - [2010.09.30 13:00:28 | 000,139,088 | ---- | M] () -- C:\Program Files\1&1 Surf-Stick\UIExec.exe PRC - [2010.08.25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009.09.24 13:00:12 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe PRC - [2009.08.26 20:36:00 | 002,684,256 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe PRC - [2009.08.05 22:28:20 | 002,072,576 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe PRC - [2009.07.31 06:20:00 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2009.07.10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe PRC - [2009.06.08 23:34:00 | 000,660,808 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe PRC - [2009.06.05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009.06.04 00:33:00 | 000,308,552 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe PRC - [2009.03.27 11:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe PRC - [2008.07.24 20:24:00 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe ========== Modules (No Company Name) ========== MOD - [2012.10.24 18:49:23 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe MOD - [2012.10.11 12:17:06 | 002,069,528 | ---- | M] () -- c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll MOD - [2012.09.16 11:51:31 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll MOD - [2012.09.16 11:51:17 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll MOD - [2012.09.16 09:12:10 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012.09.16 09:12:02 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012.09.16 09:11:41 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.09.16 09:11:35 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.09.16 09:11:28 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.08.21 09:12:21 | 000,121,856 | ---- | M] () -- C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\CitaviPickerCommunication.dll MOD - [2010.09.30 13:00:28 | 000,139,088 | ---- | M] () -- C:\Program Files\1&1 Surf-Stick\UIExec.exe MOD - [2009.09.24 13:00:12 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe MOD - [2006.09.14 08:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR 3.61 Multi\RarExt.dll ========== Services (SafeList) ========== SRV - [2012.10.30 20:12:42 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.10.30 20:12:39 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.10.24 18:49:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.11 12:17:59 | 002,312,216 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager) SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.06.17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService) SRV - [2010.09.30 13:00:28 | 000,253,264 | ---- | M] () [Auto | Running] -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service) SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.07.31 06:20:00 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM) SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2009.03.27 11:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR) DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\system32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\FRIEDE~1\AppData\Local\Temp\aswMBR.sys -- (aswMBR) DRV - [2012.11.13 11:59:47 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.11.13 11:59:47 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.11.13 11:59:47 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.10.29 18:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2009.10.29 18:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2009.10.29 18:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2009.10.29 18:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter) DRV - [2009.09.15 05:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) DRV - [2009.09.01 05:49:18 | 009,825,728 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009.08.28 20:49:00 | 000,169,064 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd) DRV - [2009.08.05 23:44:00 | 000,049,400 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2009.08.05 21:55:00 | 000,061,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2009.07.29 05:01:00 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2009.07.24 20:31:00 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2009.07.16 12:31:38 | 001,176,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009.07.13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2009.06.29 03:17:00 | 000,059,904 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2009.06.19 18:58:00 | 000,009,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt) DRV - [2009.06.19 18:57:00 | 000,079,872 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid) DRV - [2009.06.19 18:56:00 | 000,042,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp) DRV - [2009.06.17 20:59:00 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte) DRV - [2009.06.09 05:01:44 | 001,161,664 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2009.06.04 09:45:48 | 000,166,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2009.05.26 23:32:02 | 000,017,408 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV - [2009.05.19 14:59:00 | 000,011,776 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enecirhid.sys -- (enecirhid) DRV - [2008.04.24 11:16:00 | 000,005,632 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\enecirhidma.sys -- (enecirhidma) DRV - [2007.03.05 09:10:50 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=4612_4&babsrc=SP_clro&mntrId=feefe68b0000000000000025d39b5fea IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2012.02.14 FF - prefs.js..browser.search.selectedEngine: "Claro Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.claro-search.com/?affID=114506&tt=4612_4&babsrc=HP_clro&mntrId=feefe68b0000000000000025d39b5fea" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012.08.21 09:12:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.13 12:55:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.30 10:07:49 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.11.13 12:03:59 | 000,000,000 | ---D | M] [2012.08.16 19:56:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friederike\AppData\Roaming\Mozilla\Extensions [2012.11.13 12:19:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\extensions [2012.11.13 12:03:59 | 000,002,516 | ---- | M] () -- C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\searchplugins\browsemngr.xml [2012.11.13 12:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012.08.21 09:12:20 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX [2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.13 12:03:45 | 000,006,522 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe () O4 - HKLM..\Run: [UIExec] C:\Program Files\1&1 Surf-Stick\UIExec.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html () O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 129.217.129.42 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57B4B11B-F091-4740-9272-58371C560EC4}: DhcpNameServer = 10.3.11.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B568DA77-FCDA-4CFB-8943-51FD96F70FE6}: DhcpNameServer = 129.217.129.42 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.11.13 12:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.11.13 12:09:06 | 000,000,000 | ---D | C] -- C:\Users\Friederike\Documents\My Cmaps [2012.11.13 12:09:06 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\CmapTools [2012.11.13 12:09:05 | 000,000,000 | ---D | C] -- C:\Users\Friederike\CmapToolsLogs [2012.11.13 12:04:59 | 000,000,000 | ---D | C] -- C:\Users\Friederike\.freemind [2012.11.13 12:04:16 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\PerformerSoft [2012.11.13 12:04:15 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe [2012.11.13 12:04:00 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager [2012.11.13 12:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager [2012.11.13 12:03:37 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\Babylon [2012.11.13 12:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012.11.13 12:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService [2012.11.13 11:59:59 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry [2012.11.13 11:59:31 | 000,000,000 | -H-D | C] -- C:\Users\Friederike\InstallAnywhere [2012.10.30 10:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.10.22 14:00:19 | 000,000,000 | ---D | C] -- C:\Users\Friederike\Documents\Bluetooth [2012.10.21 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\Avira [2012.10.21 13:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.10.21 13:52:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.10.21 13:52:50 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.10.21 13:52:50 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.10.21 13:52:50 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2012.10.21 13:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.10.21 13:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Avira ========== Files - Modified Within 30 Days ========== [2012.11.13 13:45:18 | 000,000,000 | ---- | M] () -- C:\Users\Friederike\defogger_reenable [2012.11.13 12:55:31 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.11.13 12:43:02 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.13 12:43:02 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.13 12:40:36 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.11.13 12:40:36 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.11.13 12:34:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.13 12:34:45 | 2415,255,552 | -HS- | M] () -- C:\hiberfil.sys [2012.11.13 12:09:02 | 000,002,389 | ---- | M] () -- C:\Users\Friederike\.powerupdate.user.properties [2012.11.13 11:59:47 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.11.13 11:59:47 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.11.13 11:59:47 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2012.11.08 17:14:12 | 000,675,506 | ---- | M] () -- C:\Users\Public\Documents\sunshine-shakes.pdf [2012.10.22 14:00:16 | 000,000,914 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2012.10.21 13:53:12 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk ========== Files Created - No Company Name ========== [2012.11.13 13:45:18 | 000,000,000 | ---- | C] () -- C:\Users\Friederike\defogger_reenable [2012.11.13 12:55:31 | 000,001,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.11.13 12:55:31 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.11.13 12:09:02 | 000,002,389 | ---- | C] () -- C:\Users\Friederike\.powerupdate.user.properties [2012.11.08 17:14:12 | 000,675,506 | ---- | C] () -- C:\Users\Public\Documents\sunshine-shakes.pdf [2012.10.21 13:53:12 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.08.21 14:59:54 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.11.13 12:03:37 | 000,000,000 | ---D | M] -- C:\Users\Friederike\AppData\Roaming\Babylon [2012.11.13 12:10:16 | 000,000,000 | ---D | M] -- C:\Users\Friederike\AppData\Roaming\CmapTools [2012.11.13 12:24:26 | 000,000,000 | ---D | M] -- C:\Users\Friederike\AppData\Roaming\PerformerSoft [2012.11.08 10:18:40 | 000,000,000 | ---D | M] -- C:\Users\Friederike\AppData\Roaming\Swiss Academic Software ========== Purity Check ========== < End of report > --- --- --- Auswertung Extras.TxtOTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 13.11.2012 13:47:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Friederike\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 64,90% Memory free
6,00 Gb Paging File | 4,64 Gb Available in Paging File | 77,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273,40 Gb Total Space | 230,81 Gb Free Space | 84,42% Space Free | Partition Type: NTFS
Drive D: | 182,26 Gb Total Space | 179,91 Gb Free Space | 98,71% Space Free | Partition Type: NTFS
Computer Name: FRIEDERIKE-MSI | User Name: Friederike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05156E1B-836C-49F1-9E51-AB9B0A0CFC50}" = lport=139 | protocol=6 | dir=in | app=system |
"{07AFC22F-65C6-492B-AD6A-98C267030165}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17D43E0C-B546-4510-A7DB-E580DA4B2E45}" = lport=445 | protocol=6 | dir=in | app=system |
"{1B90647F-5190-4267-80D6-C3F7D03A32A4}" = lport=137 | protocol=17 | dir=in | app=system |
"{2C9A404F-852E-42E9-B791-D2D9652CDB22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2F96E07D-90FA-47DE-BB5E-0221CBB68EE7}" = rport=445 | protocol=6 | dir=out | app=system |
"{3154FB4E-FF00-48C6-844B-D84DBF6ECF15}" = lport=10243 | protocol=6 | dir=in | app=system |
"{50BC5EAF-336F-427B-8841-E9DCEDA6009D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{73634CB8-A70F-4802-9537-3666A5E8FFAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{87CBF515-D526-494D-AE2C-D0043E02FAFE}" = rport=137 | protocol=17 | dir=out | app=system |
"{8A09BB94-CB01-4210-9FE7-43A065339403}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9B141CFF-F7BA-467D-B050-3460170D0DDB}" = rport=138 | protocol=17 | dir=out | app=system |
"{9BC68A29-CB87-4BCA-9ED5-CBFBB466D620}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A1CB940D-C984-40EC-A8A6-4A88F030B1C2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B6B6AF46-581F-43FC-9C0D-89B99F2906F0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE265DCE-58E3-4927-AF85-69CD3ACA283A}" = rport=139 | protocol=6 | dir=out | app=system |
"{C2ECB3A9-26AA-435B-B263-D07991BFD03D}" = lport=138 | protocol=17 | dir=in | app=system |
"{D88FB8E6-0600-4782-8885-46BFB960E8E9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF400640-54DB-479E-918A-1D6B5BE1E7D1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF540469-3442-43DB-9CC6-9065171ACDA0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FBCF3A19-BF14-492B-92AB-DD6EAD66F2E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{25C16F6C-8B06-46C0-8D05-0725E6722FCB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{29ECC8C0-BD1F-44D8-91EB-21E33759E3D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{406DB038-38E0-4C56-8A44-FF50A326FCB3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4F2CCF78-1738-4330-A8B2-ECED1B321685}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66B2D108-118E-49A2-A192-F37C83DEA818}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B889761-66EB-4DA6-A062-695DA5B4AAF1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{71C8FF14-66E0-49BF-8210-1481CC5500E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81AAB32C-F465-456A-B199-9F3CD88FBA5A}" = protocol=6 | dir=out | app=system |
"{82BDA7ED-0AD9-4BEF-9473-CA5EBDB19CE5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{85332AA3-70D1-42CC-B18F-AE9CB27BC1EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8E776E00-4C86-4E3D-AF3C-CB2B30FC1A81}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{96A3B29D-FD71-4643-B3AF-84F62FDD5BFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9CAB2E46-7513-4489-832A-EA17295A2B58}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BB10CA21-83D1-4BF4-87E1-254140DCE284}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C7CA64B4-FF07-4A70-9EE7-741886D182CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC3C5B46-507A-41CE-8E8F-749EA2A866E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D39016F1-6A40-4F16-A21D-4A2BF13FB974}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DE6095B8-9210-43FA-9FD0-7354292D6909}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8677980-7AE0-4C9B-9437-3FEE81204559}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{3D3C8AC3-A9E1-4B76-B3C6-8D03E9070FD6}C:\program files\ihmc cmaptools\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ihmc cmaptools\jre\bin\javaw.exe |
"UDP Query User{1981BE4C-9FA9-427B-8922-0A627BA8D5FF}C:\program files\ihmc cmaptools\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ihmc cmaptools\jre\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{A45C5EC7-F13E-4414-99BE-47373935C0FE}" = Eraser 6.0.10.2620
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = 1&1 Surf-Stick
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{C5D7039E-0803-4FE8-976D-156DE1147E4F}" = ArcSoft Print Creations
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"284D9B4A58796481EC5A61D01DCC5E654761629C" = ENE CIR Receiver Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Digital Editions" = Adobe Digital Editions
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"LSI Soft Modem" = LSI HDA Modem
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Samsung ML-1630 Series" = Samsung ML-1630 Series
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"WinRAR archiver" = WinRAR archiver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.10.2012 04:27:49 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 09.10.2012 15:56:17 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 09.10.2012 16:42:14 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 21.10.2012 15:02:57 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 22.10.2012 07:17:00 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 23.10.2012 04:36:55 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 27.10.2012 15:40:34 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 28.10.2012 06:05:17 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 29.10.2012 11:37:21 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 02.11.2012 14:48:33 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 09.11.2012 04:25:46 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 09.11.2012 04:25:48 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 09.11.2012 04:25:48 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 09.11.2012 04:25:50 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 09.11.2012 04:25:51 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 09.11.2012 04:25:58 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 09.11.2012 04:26:20 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 09.11.2012 04:26:21 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 09.11.2012 04:26:21 | Computer Name = Friederike-msi | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
Error - 09.11.2012 12:12:33 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
< End of report >
Geändert von F.H. (13.11.2012 um 13:57 Uhr) Grund: Auswertung angehängt |
|
14.11.2012, 23:04
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Wie Claro-Search bei Firefox entfernen? Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Hast du schon irgendwelche Virenscanner-Logs mit Funden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten
__________________ |
|
15.11.2012, 09:47
| #3 |
| | Wie Claro-Search bei Firefox entfernen? Hallo,
__________________erst einmal vielen Dank für die schnelle Reaktion. Mit meinem normalen Avira-Scan gab es keine Ergebnisse. Der GMER-Scan sieht folgendermaßen aus. Leider kann ich damit überhaupt nichts anfangen und nicht sagen, ob das Funde sind oder nicht. Leider weiß ich auch nicht mehr, wie ich beim letzten mal die Logfiles richtig eingefügt habe. Deswegen konnte ich sie jetzt nur hier hinein kopieren. SSDT 906E86C2 ZwSystemDebugControl SSDT 906E864F ZwTerminateProcess ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82E88A49 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82EC24D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 82EC962C 4 Bytes [AE, 86, 6E, 90] {SCASB ; XCHG [ESI-0x70], CH} .text ntkrnlpa.exe!KeRemoveQueueEx + 1553 82EC9988 4 Bytes [B8, 86, 6E, 90] .text ntkrnlpa.exe!KeRemoveQueueEx + 1597 82EC99CC 4 Bytes [B3, 86, 6E, 90] {MOV BL, 0x86; OUTSB ; NOP } .text ntkrnlpa.exe!KeRemoveQueueEx + 1613 82EC9A48 4 Bytes [BD, 86, 6E, 90] .text ntkrnlpa.exe!KeRemoveQueueEx + 1667 82EC9A9C 4 Bytes [C2, 86, 6E, 90] {RET 0x6e86; NOP } .text ... ---- Devices - GMER 1.0.15 ---- Device \Driver\ACPI_HAL \Device\00000049 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) ---- Threads - GMER 1.0.15 ---- Thread System [4:1076] AAC36F2E ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001d92c91cff Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001d92c91cff (not active ControlSet) ---- EOF - GMER 1.0.15 ---- Viele Grüße F.H. |
|
15.11.2012, 17:21
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie Claro-Search bei Firefox entfernen? Die Logs bitte in CODE-Tags!  1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.11.2012, 18:13
| #5 |
| | Wie Claro-Search bei Firefox entfernen? Hallo, die beiden Sachen habe ich gemacht. Leider habe ich mich vertan und die Funde nicht mit "skip" behandelt, sondern in Quarantäne verschoben. Ich hoffe, das ist nicht so schlimm Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-15 17:57:01
-----------------------------
17:57:01.079 OS Version: Windows 6.1.7601 Service Pack 1
17:57:01.079 Number of processors: 2 586 0x170A
17:57:01.079 ComputerName: FRIEDERIKE-MSI UserName: Friederike
17:57:01.969 Initialize success
17:57:36.771 AVAST engine defs: 12111500
17:57:39.761 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:57:39.761 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
17:57:39.791 Disk 0 MBR read successfully
17:57:39.791 Disk 0 MBR scan
17:57:39.821 Disk 0 Windows 7 default MBR code
17:57:39.841 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
17:57:39.861 Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS 100 MB offset 20973568
17:57:39.881 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 279959 MB offset 21178368
17:57:39.901 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 186639 MB offset 594534400
17:57:39.911 Disk 0 scanning sectors +976771072
17:57:39.961 Disk 0 scanning C:\Windows\system32\drivers
17:58:00.771 Service scanning
17:58:25.901 Modules scanning
17:58:34.341 Disk 0 trace - called modules:
17:58:34.391 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
17:58:34.391 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86ae9a78]
17:58:34.401 3 CLASSPNP.SYS[8b79659e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85cbf028]
17:58:35.621 AVAST engine scan C:\Windows
17:58:37.861 AVAST engine scan C:\Windows\system32
18:02:19.061 AVAST engine scan C:\Windows\system32\drivers
18:02:32.031 AVAST engine scan C:\Users\Friederike
18:04:10.091 Disk 0 MBR has been saved successfully to "C:\Users\Friederike\Desktop\MBR.dat"
18:04:10.111 The log file has been saved successfully to "C:\Users\Friederike\Desktop\aswMBR.txt"
Code:
ATTFilter 18:07:12.0524 5408 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:07:12.0618 5408 ============================================================
18:07:12.0618 5408 Current date / time: 2012/11/15 18:07:12.0618
18:07:12.0618 5408 SystemInfo:
18:07:12.0618 5408
18:07:12.0618 5408 OS Version: 6.1.7601 ServicePack: 1.0
18:07:12.0618 5408 Product type: Workstation
18:07:12.0618 5408 ComputerName: FRIEDERIKE-MSI
18:07:12.0618 5408 UserName: Friederike
18:07:12.0618 5408 Windows directory: C:\Windows
18:07:12.0618 5408 System windows directory: C:\Windows
18:07:12.0618 5408 Processor architecture: Intel x86
18:07:12.0618 5408 Number of processors: 2
18:07:12.0618 5408 Page size: 0x1000
18:07:12.0618 5408 Boot type: Normal boot
18:07:12.0618 5408 ============================================================
18:07:13.0070 5408 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:07:13.0070 5408 ============================================================
18:07:13.0070 5408 \Device\Harddisk0\DR0:
18:07:13.0070 5408 MBR partitions:
18:07:13.0070 5408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x222CB800
18:07:13.0070 5408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x236FE000, BlocksNum 0x16C87800
18:07:13.0070 5408 ============================================================
18:07:13.0086 5408 C: <-> \Device\Harddisk0\DR0\Partition1
18:07:13.0117 5408 D: <-> \Device\Harddisk0\DR0\Partition2
18:07:13.0117 5408 ============================================================
18:07:13.0117 5408 Initialize success
18:07:13.0117 5408 ============================================================
18:07:27.0017 5328 ============================================================
18:07:27.0017 5328 Scan started
18:07:27.0017 5328 Mode: Manual; SigCheck; TDLFS;
18:07:27.0017 5328 ============================================================
18:07:27.0454 5328 ================ Scan system memory ========================
18:07:27.0454 5328 System memory - ok
18:07:27.0454 5328 ================ Scan services =============================
18:07:27.0641 5328 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:07:27.0750 5328 1394ohci - ok
18:07:27.0859 5328 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:07:27.0875 5328 ACDaemon - ok
18:07:27.0922 5328 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:07:27.0937 5328 ACPI - ok
18:07:27.0984 5328 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:07:28.0047 5328 AcpiPmi - ok
18:07:28.0125 5328 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:07:28.0140 5328 AdobeARMservice - ok
18:07:28.0203 5328 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:07:28.0234 5328 adp94xx - ok
18:07:28.0249 5328 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:07:28.0265 5328 adpahci - ok
18:07:28.0281 5328 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:07:28.0296 5328 adpu320 - ok
18:07:28.0359 5328 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:07:28.0405 5328 AeLookupSvc - ok
18:07:28.0452 5328 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:07:28.0515 5328 AFD - ok
18:07:28.0577 5328 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
18:07:28.0639 5328 AgereModemAudio - ok
18:07:28.0717 5328 [ 7C4297D354445AD0A3435889A2E4CAC2 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
18:07:28.0811 5328 AgereSoftModem - ok
18:07:28.0842 5328 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:07:28.0842 5328 agp440 - ok
18:07:28.0905 5328 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:07:28.0920 5328 aic78xx - ok
18:07:28.0998 5328 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:07:29.0061 5328 ALG - ok
18:07:29.0123 5328 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:07:29.0123 5328 aliide - ok
18:07:29.0154 5328 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:07:29.0170 5328 amdagp - ok
18:07:29.0217 5328 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:07:29.0232 5328 amdide - ok
18:07:29.0279 5328 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:07:29.0326 5328 AmdK8 - ok
18:07:29.0326 5328 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:07:29.0373 5328 AmdPPM - ok
18:07:29.0419 5328 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:07:29.0435 5328 amdsata - ok
18:07:29.0482 5328 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:07:29.0497 5328 amdsbs - ok
18:07:29.0497 5328 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:07:29.0513 5328 amdxata - ok
18:07:29.0591 5328 [ A5569C4429D1C5494049FBFE2B2D20FF ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:07:29.0622 5328 AntiVirSchedulerService - ok
18:07:29.0669 5328 [ CB7EA00A4E70DF6828EBB68633D000D2 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:07:29.0669 5328 AntiVirService - ok
18:07:29.0700 5328 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:07:29.0747 5328 AppID - ok
18:07:29.0794 5328 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:07:29.0856 5328 AppIDSvc - ok
18:07:29.0887 5328 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
18:07:29.0919 5328 Appinfo - ok
18:07:29.0965 5328 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:07:29.0981 5328 arc - ok
18:07:29.0997 5328 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:07:30.0012 5328 arcsas - ok
18:07:30.0059 5328 [ DFD07F0A36BD4F7E7AD2BC5548213694 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:07:30.0075 5328 ArcSoftKsUFilter - ok
18:07:30.0106 5328 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:07:30.0199 5328 AsyncMac - ok
18:07:30.0246 5328 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:07:30.0262 5328 atapi - ok
18:07:30.0340 5328 [ 2EB96571FE865F07ED1FD6017575026F ] athr C:\Windows\system32\DRIVERS\athr.sys
18:07:30.0465 5328 athr - ok
18:07:30.0511 5328 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:07:30.0574 5328 AudioEndpointBuilder - ok
18:07:30.0605 5328 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:07:30.0636 5328 Audiosrv - ok
18:07:30.0667 5328 [ 680B3A1BE559B5D5AAC04C7949469DD6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:07:30.0683 5328 avgntflt - ok
18:07:30.0745 5328 [ 6B289080B9752DAD39C1C2B98B479DCE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:07:30.0761 5328 avipbb - ok
18:07:30.0777 5328 [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:07:30.0792 5328 avkmgr - ok
18:07:30.0823 5328 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:07:30.0901 5328 AxInstSV - ok
18:07:30.0933 5328 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:07:30.0979 5328 b06bdrv - ok
18:07:31.0011 5328 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:07:31.0042 5328 b57nd60x - ok
18:07:31.0120 5328 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:07:31.0182 5328 BDESVC - ok
18:07:31.0198 5328 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:07:31.0276 5328 Beep - ok
18:07:31.0307 5328 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:07:31.0369 5328 BFE - ok
18:07:31.0401 5328 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:07:31.0479 5328 BITS - ok
18:07:31.0494 5328 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:07:31.0525 5328 blbdrive - ok
18:07:31.0557 5328 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:07:31.0572 5328 bowser - ok
18:07:31.0588 5328 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:07:31.0635 5328 BrFiltLo - ok
18:07:31.0635 5328 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:07:31.0681 5328 BrFiltUp - ok
18:07:31.0713 5328 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:07:31.0744 5328 Browser - ok
18:07:31.0775 5328 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:07:31.0837 5328 Brserid - ok
18:07:31.0869 5328 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:07:31.0915 5328 BrSerWdm - ok
18:07:31.0915 5328 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:07:31.0962 5328 BrUsbMdm - ok
18:07:31.0962 5328 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:07:32.0009 5328 BrUsbSer - ok
18:07:32.0040 5328 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:07:32.0118 5328 BthEnum - ok
18:07:32.0134 5328 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:07:32.0165 5328 BTHMODEM - ok
18:07:32.0181 5328 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:07:32.0196 5328 BthPan - ok
18:07:32.0227 5328 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:07:32.0259 5328 BTHPORT - ok
18:07:32.0305 5328 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:07:32.0368 5328 bthserv - ok
18:07:32.0383 5328 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:07:32.0415 5328 BTHUSB - ok
18:07:32.0446 5328 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:07:32.0493 5328 cdfs - ok
18:07:32.0524 5328 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:07:32.0539 5328 cdrom - ok
18:07:32.0586 5328 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:07:32.0633 5328 CertPropSvc - ok
18:07:32.0664 5328 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:07:32.0727 5328 circlass - ok
18:07:32.0758 5328 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:07:32.0789 5328 CLFS - ok
18:07:32.0867 5328 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:32.0898 5328 clr_optimization_v2.0.50727_32 - ok
18:07:32.0961 5328 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:07:32.0976 5328 clr_optimization_v4.0.30319_32 - ok
18:07:33.0007 5328 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:07:33.0039 5328 CmBatt - ok
18:07:33.0085 5328 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:07:33.0101 5328 cmdide - ok
18:07:33.0132 5328 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
18:07:33.0163 5328 CNG - ok
18:07:33.0195 5328 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:07:33.0210 5328 Compbatt - ok
18:07:33.0241 5328 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:07:33.0273 5328 CompositeBus - ok
18:07:33.0288 5328 COMSysApp - ok
18:07:33.0304 5328 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:07:33.0319 5328 crcdisk - ok
18:07:33.0351 5328 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:07:33.0397 5328 CryptSvc - ok
18:07:33.0429 5328 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:07:33.0475 5328 DcomLaunch - ok
18:07:33.0507 5328 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:07:33.0538 5328 defragsvc - ok
18:07:33.0569 5328 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:07:33.0616 5328 DfsC - ok
18:07:33.0631 5328 DgiVecp - ok
18:07:33.0678 5328 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:07:33.0709 5328 Dhcp - ok
18:07:33.0756 5328 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:07:33.0803 5328 discache - ok
18:07:33.0834 5328 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:07:33.0850 5328 Disk - ok
18:07:33.0881 5328 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:07:33.0943 5328 Dnscache - ok
18:07:33.0975 5328 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:07:34.0021 5328 dot3svc - ok
18:07:34.0068 5328 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:07:34.0115 5328 DPS - ok
18:07:34.0162 5328 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:07:34.0193 5328 drmkaud - ok
18:07:34.0224 5328 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:07:34.0271 5328 DXGKrnl - ok
18:07:34.0287 5328 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:07:34.0349 5328 EapHost - ok
18:07:34.0427 5328 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:07:34.0552 5328 ebdrv - ok
18:07:34.0583 5328 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:07:34.0630 5328 EFS - ok
18:07:34.0677 5328 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:07:34.0755 5328 ehRecvr - ok
18:07:34.0786 5328 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:07:34.0833 5328 ehSched - ok
18:07:34.0879 5328 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:07:34.0926 5328 elxstor - ok
18:07:34.0973 5328 [ F13C945115B8A8C7C4427D5925F88F23 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
18:07:35.0004 5328 enecir - ok
18:07:35.0020 5328 [ 65BF24816C2814596253F312DD35F171 ] enecirhid C:\Windows\system32\DRIVERS\enecirhid.sys
18:07:35.0051 5328 enecirhid - ok
18:07:35.0051 5328 [ 97D41E2831AC117AF9BF8D0D9E9D027F ] enecirhidma C:\Windows\system32\DRIVERS\enecirhidma.sys
18:07:35.0082 5328 enecirhidma - ok
18:07:35.0098 5328 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:07:35.0145 5328 ErrDev - ok
18:07:35.0207 5328 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:07:35.0269 5328 EventSystem - ok
18:07:35.0285 5328 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:07:35.0316 5328 exfat - ok
18:07:35.0332 5328 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:07:35.0379 5328 fastfat - ok
18:07:35.0425 5328 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:07:35.0503 5328 Fax - ok
18:07:35.0519 5328 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:07:35.0535 5328 fdc - ok
18:07:35.0566 5328 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:07:35.0628 5328 fdPHost - ok
18:07:35.0644 5328 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:07:35.0722 5328 FDResPub - ok
18:07:35.0737 5328 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:07:35.0753 5328 FileInfo - ok
18:07:35.0753 5328 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:07:35.0800 5328 Filetrace - ok
18:07:35.0815 5328 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:07:35.0847 5328 flpydisk - ok
18:07:35.0862 5328 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:07:35.0878 5328 FltMgr - ok
18:07:35.0925 5328 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
18:07:36.0003 5328 FontCache - ok
18:07:36.0065 5328 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:07:36.0096 5328 FontCache3.0.0.0 - ok
18:07:36.0112 5328 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:07:36.0127 5328 FsDepends - ok
18:07:36.0143 5328 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:07:36.0159 5328 Fs_Rec - ok
18:07:36.0190 5328 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:07:36.0221 5328 fvevol - ok
18:07:36.0268 5328 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:07:36.0283 5328 gagp30kx - ok
18:07:36.0346 5328 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:07:36.0424 5328 gpsvc - ok
18:07:36.0455 5328 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:07:36.0486 5328 hcw85cir - ok
18:07:36.0549 5328 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:07:36.0580 5328 HdAudAddService - ok
18:07:36.0611 5328 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:07:36.0642 5328 HDAudBus - ok
18:07:36.0658 5328 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:07:36.0705 5328 HidBatt - ok
18:07:36.0705 5328 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:07:36.0720 5328 HidBth - ok
18:07:36.0767 5328 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:07:36.0783 5328 HidIr - ok
18:07:36.0829 5328 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:07:36.0861 5328 hidserv - ok
18:07:36.0923 5328 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:07:36.0954 5328 HidUsb - ok
18:07:37.0017 5328 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:07:37.0063 5328 hkmsvc - ok
18:07:37.0110 5328 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:07:37.0157 5328 HomeGroupListener - ok
18:07:37.0219 5328 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:07:37.0266 5328 HomeGroupProvider - ok
18:07:37.0329 5328 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:07:37.0329 5328 HpSAMD - ok
18:07:37.0375 5328 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:07:37.0438 5328 HTTP - ok
18:07:37.0469 5328 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:07:37.0485 5328 hwpolicy - ok
18:07:37.0531 5328 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:07:37.0563 5328 i8042prt - ok
18:07:37.0625 5328 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:07:37.0641 5328 IAANTMON - ok
18:07:37.0672 5328 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:07:37.0687 5328 iaStor - ok
18:07:37.0719 5328 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:07:37.0734 5328 iaStorV - ok
18:07:37.0797 5328 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:07:37.0859 5328 idsvc - ok
18:07:37.0890 5328 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:07:37.0906 5328 iirsp - ok
18:07:37.0953 5328 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:07:38.0031 5328 IKEEXT - ok
18:07:38.0124 5328 [ F2BAA4FF548F7F0317F7638951C1CD9C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:07:38.0233 5328 IntcAzAudAddService - ok
18:07:38.0265 5328 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:07:38.0265 5328 intelide - ok
18:07:38.0311 5328 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:07:38.0358 5328 intelppm - ok
18:07:38.0389 5328 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:07:38.0452 5328 IPBusEnum - ok
18:07:38.0467 5328 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:07:38.0499 5328 IpFilterDriver - ok
18:07:38.0545 5328 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:07:38.0592 5328 iphlpsvc - ok
18:07:38.0623 5328 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:07:38.0655 5328 IPMIDRV - ok
18:07:38.0655 5328 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:07:38.0701 5328 IPNAT - ok
18:07:38.0717 5328 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:07:38.0748 5328 IRENUM - ok
18:07:38.0779 5328 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:07:38.0795 5328 isapnp - ok
18:07:38.0826 5328 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:07:38.0842 5328 iScsiPrt - ok
18:07:38.0857 5328 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:07:38.0857 5328 kbdclass - ok
18:07:38.0904 5328 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:07:38.0935 5328 kbdhid - ok
18:07:38.0951 5328 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:07:38.0967 5328 KeyIso - ok
18:07:38.0998 5328 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:07:39.0013 5328 KSecDD - ok
18:07:39.0029 5328 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:07:39.0045 5328 KSecPkg - ok
18:07:39.0076 5328 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:07:39.0138 5328 KtmRm - ok
18:07:39.0169 5328 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:07:39.0201 5328 LanmanServer - ok
18:07:39.0232 5328 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:07:39.0279 5328 LanmanWorkstation - ok
18:07:39.0325 5328 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:07:39.0388 5328 lltdio - ok
18:07:39.0419 5328 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:07:39.0466 5328 lltdsvc - ok
18:07:39.0481 5328 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:07:39.0528 5328 lmhosts - ok
18:07:39.0559 5328 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:07:39.0575 5328 LSI_FC - ok
18:07:39.0591 5328 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:07:39.0606 5328 LSI_SAS - ok
18:07:39.0606 5328 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:07:39.0622 5328 LSI_SAS2 - ok
18:07:39.0637 5328 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:07:39.0653 5328 LSI_SCSI - ok
18:07:39.0684 5328 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:07:39.0715 5328 luafv - ok
18:07:39.0762 5328 [ 59A2783ABA6019BED0C843C706E10A6A ] massfilter C:\Windows\system32\drivers\massfilter.sys
18:07:39.0793 5328 massfilter - ok
18:07:39.0856 5328 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
18:07:39.0887 5328 McComponentHostService - ok
18:07:39.0903 5328 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:07:39.0918 5328 Mcx2Svc - ok
18:07:39.0949 5328 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:07:39.0965 5328 megasas - ok
18:07:39.0981 5328 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:07:39.0996 5328 MegaSR - ok
18:07:40.0059 5328 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\Program Files\System Control Manager\MSIService.exe
18:07:40.0090 5328 Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
18:07:40.0090 5328 Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
18:07:40.0105 5328 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:07:40.0168 5328 MMCSS - ok
18:07:40.0183 5328 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:07:40.0230 5328 Modem - ok
18:07:40.0246 5328 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:07:40.0277 5328 monitor - ok
18:07:40.0324 5328 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:07:40.0324 5328 mouclass - ok
18:07:40.0339 5328 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:07:40.0371 5328 mouhid - ok
18:07:40.0417 5328 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:07:40.0433 5328 mountmgr - ok
18:07:40.0495 5328 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:07:40.0511 5328 MozillaMaintenance - ok
18:07:40.0542 5328 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:07:40.0558 5328 mpio - ok
18:07:40.0573 5328 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:07:40.0605 5328 mpsdrv - ok
18:07:40.0651 5328 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:07:40.0729 5328 MpsSvc - ok
18:07:40.0745 5328 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:07:40.0792 5328 MRxDAV - ok
18:07:40.0839 5328 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:07:40.0854 5328 mrxsmb - ok
18:07:40.0870 5328 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:07:40.0901 5328 mrxsmb10 - ok
18:07:40.0917 5328 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:07:40.0948 5328 mrxsmb20 - ok
18:07:40.0963 5328 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:07:40.0979 5328 msahci - ok
18:07:40.0995 5328 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:07:41.0010 5328 msdsm - ok
18:07:41.0026 5328 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:07:41.0057 5328 MSDTC - ok
18:07:41.0104 5328 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:07:41.0151 5328 Msfs - ok
18:07:41.0166 5328 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:07:41.0197 5328 mshidkmdf - ok
18:07:41.0229 5328 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:07:41.0244 5328 msisadrv - ok
18:07:41.0275 5328 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:07:41.0338 5328 MSiSCSI - ok
18:07:41.0353 5328 msiserver - ok
18:07:41.0385 5328 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:07:41.0416 5328 MSKSSRV - ok
18:07:41.0431 5328 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:07:41.0463 5328 MSPCLOCK - ok
18:07:41.0478 5328 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:07:41.0509 5328 MSPQM - ok
18:07:41.0525 5328 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:07:41.0541 5328 MsRPC - ok
18:07:41.0556 5328 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:07:41.0572 5328 mssmbios - ok
18:07:41.0587 5328 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:07:41.0619 5328 MSTEE - ok
18:07:41.0619 5328 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:07:41.0650 5328 MTConfig - ok
18:07:41.0665 5328 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:07:41.0681 5328 Mup - ok
18:07:41.0712 5328 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:07:41.0743 5328 napagent - ok
18:07:41.0775 5328 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:07:41.0790 5328 NativeWifiP - ok
18:07:41.0837 5328 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:07:41.0899 5328 NDIS - ok
18:07:41.0931 5328 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:07:41.0962 5328 NdisCap - ok
18:07:41.0993 5328 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:07:42.0024 5328 NdisTapi - ok
18:07:42.0055 5328 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:07:42.0087 5328 Ndisuio - ok
18:07:42.0118 5328 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:07:42.0165 5328 NdisWan - ok
18:07:42.0180 5328 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:07:42.0211 5328 NDProxy - ok
18:07:42.0243 5328 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:07:42.0274 5328 NetBIOS - ok
18:07:42.0305 5328 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:07:42.0383 5328 NetBT - ok
18:07:42.0399 5328 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:07:42.0414 5328 Netlogon - ok
18:07:42.0477 5328 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:07:42.0539 5328 Netman - ok
18:07:42.0570 5328 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:07:42.0617 5328 netprofm - ok
18:07:42.0633 5328 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:07:42.0648 5328 NetTcpPortSharing - ok
18:07:42.0820 5328 [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
18:07:43.0038 5328 NETw5s32 - ok
18:07:43.0069 5328 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:07:43.0085 5328 nfrd960 - ok
18:07:43.0116 5328 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:07:43.0179 5328 NlaSvc - ok
18:07:43.0210 5328 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:07:43.0257 5328 Npfs - ok
18:07:43.0288 5328 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:07:43.0319 5328 nsi - ok
18:07:43.0335 5328 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:07:43.0381 5328 nsiproxy - ok
18:07:43.0428 5328 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:07:43.0506 5328 Ntfs - ok
18:07:43.0522 5328 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:07:43.0584 5328 Null - ok
18:07:43.0787 5328 [ 2713392707E515EFB671751FA767EBD2 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:07:44.0099 5328 nvlddmkm - ok
18:07:44.0146 5328 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:07:44.0161 5328 nvraid - ok
18:07:44.0193 5328 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:07:44.0208 5328 nvstor - ok
18:07:44.0239 5328 [ D445466C0A10536486FBEBBC271D6E34 ] nvsvc C:\windows\system32\nvvsvc.exe
18:07:44.0255 5328 nvsvc - ok
18:07:44.0302 5328 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:07:44.0317 5328 nv_agp - ok
18:07:44.0395 5328 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:07:44.0427 5328 odserv - ok
18:07:44.0458 5328 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:07:44.0473 5328 ohci1394 - ok
18:07:44.0520 5328 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:44.0536 5328 ose - ok
18:07:44.0567 5328 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:07:44.0598 5328 p2pimsvc - ok
18:07:44.0645 5328 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:07:44.0676 5328 p2psvc - ok
18:07:44.0707 5328 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:07:44.0739 5328 Parport - ok
18:07:44.0754 5328 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:07:44.0770 5328 partmgr - ok
18:07:44.0785 5328 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:07:44.0817 5328 Parvdm - ok
18:07:44.0817 5328 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:07:44.0848 5328 PcaSvc - ok
18:07:44.0863 5328 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:07:44.0879 5328 pci - ok
18:07:44.0910 5328 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:07:44.0926 5328 pciide - ok
18:07:44.0957 5328 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:07:44.0973 5328 pcmcia - ok
18:07:44.0988 5328 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:07:45.0004 5328 pcw - ok
18:07:45.0051 5328 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:07:45.0082 5328 PEAUTH - ok
18:07:45.0160 5328 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:07:45.0253 5328 pla - ok
18:07:45.0300 5328 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:07:45.0363 5328 PlugPlay - ok
18:07:45.0394 5328 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:07:45.0425 5328 PNRPAutoReg - ok
18:07:45.0441 5328 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:07:45.0456 5328 PNRPsvc - ok
18:07:45.0503 5328 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:07:45.0565 5328 PolicyAgent - ok
18:07:45.0597 5328 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:07:45.0643 5328 Power - ok
18:07:45.0675 5328 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:07:45.0706 5328 PptpMiniport - ok
18:07:45.0721 5328 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:07:45.0737 5328 Processor - ok
18:07:45.0768 5328 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:07:45.0815 5328 ProfSvc - ok
18:07:45.0815 5328 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:07:45.0831 5328 ProtectedStorage - ok
18:07:45.0877 5328 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:07:45.0909 5328 Psched - ok
18:07:45.0955 5328 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:07:46.0033 5328 ql2300 - ok
18:07:46.0049 5328 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:07:46.0049 5328 ql40xx - ok
18:07:46.0080 5328 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:07:46.0111 5328 QWAVE - ok
18:07:46.0143 5328 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:07:46.0174 5328 QWAVEdrv - ok
18:07:46.0174 5328 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:07:46.0221 5328 RasAcd - ok
18:07:46.0267 5328 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:07:46.0314 5328 RasAgileVpn - ok
18:07:46.0330 5328 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:07:46.0361 5328 RasAuto - ok
18:07:46.0377 5328 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:07:46.0439 5328 Rasl2tp - ok
18:07:46.0486 5328 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:07:46.0548 5328 RasMan - ok
18:07:46.0564 5328 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:07:46.0611 5328 RasPppoe - ok
18:07:46.0642 5328 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:07:46.0673 5328 RasSstp - ok
18:07:46.0704 5328 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:07:46.0735 5328 rdbss - ok
18:07:46.0767 5328 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:07:46.0782 5328 rdpbus - ok
18:07:46.0813 5328 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:07:46.0860 5328 RDPCDD - ok
18:07:46.0891 5328 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:07:46.0938 5328 RDPENCDD - ok
18:07:46.0954 5328 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:07:46.0985 5328 RDPREFMP - ok
18:07:47.0016 5328 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:07:47.0063 5328 RDPWD - ok
18:07:47.0125 5328 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:07:47.0157 5328 rdyboost - ok
18:07:47.0188 5328 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:07:47.0235 5328 RemoteAccess - ok
18:07:47.0266 5328 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:07:47.0313 5328 RemoteRegistry - ok
18:07:47.0359 5328 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:07:47.0375 5328 RFCOMM - ok
18:07:47.0406 5328 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:07:47.0437 5328 RpcEptMapper - ok
18:07:47.0469 5328 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:07:47.0515 5328 RpcLocator - ok
18:07:47.0547 5328 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:07:47.0578 5328 RpcSs - ok
18:07:47.0625 5328 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:07:47.0656 5328 rspndr - ok
18:07:47.0703 5328 [ 434DCF7AE4300C876AA40873E3113983 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
18:07:47.0749 5328 RSUSBSTOR - ok
18:07:47.0781 5328 [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
18:07:47.0812 5328 RTL8167 - ok
18:07:47.0827 5328 RtsUIR - ok
18:07:47.0843 5328 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:07:47.0859 5328 SamSs - ok
18:07:47.0874 5328 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:07:47.0890 5328 sbp2port - ok
18:07:47.0937 5328 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:07:47.0999 5328 SCardSvr - ok
18:07:48.0015 5328 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:07:48.0061 5328 scfilter - ok
18:07:48.0093 5328 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:07:48.0171 5328 Schedule - ok
18:07:48.0186 5328 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:07:48.0217 5328 SCPolicySvc - ok
18:07:48.0264 5328 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
18:07:48.0311 5328 sdbus - ok
18:07:48.0327 5328 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:07:48.0373 5328 SDRSVC - ok
18:07:48.0420 5328 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:07:48.0467 5328 secdrv - ok
18:07:48.0498 5328 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:07:48.0561 5328 seclogon - ok
18:07:48.0592 5328 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:07:48.0639 5328 SENS - ok
18:07:48.0639 5328 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:07:48.0670 5328 SensrSvc - ok
18:07:48.0701 5328 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:07:48.0701 5328 Serenum - ok
18:07:48.0717 5328 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:07:48.0732 5328 Serial - ok
18:07:48.0763 5328 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:07:48.0779 5328 sermouse - ok
18:07:48.0826 5328 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:07:48.0888 5328 SessionEnv - ok
18:07:48.0919 5328 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:07:48.0966 5328 sffdisk - ok
18:07:48.0982 5328 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:07:48.0997 5328 sffp_mmc - ok
18:07:49.0013 5328 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:07:49.0029 5328 sffp_sd - ok
18:07:49.0029 5328 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:07:49.0075 5328 sfloppy - ok
18:07:49.0107 5328 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:07:49.0153 5328 SharedAccess - ok
18:07:49.0169 5328 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:07:49.0216 5328 ShellHWDetection - ok
18:07:49.0247 5328 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:07:49.0278 5328 sisagp - ok
18:07:49.0309 5328 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:07:49.0325 5328 SiSRaid2 - ok
18:07:49.0356 5328 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:07:49.0372 5328 SiSRaid4 - ok
18:07:49.0450 5328 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:07:49.0465 5328 SkypeUpdate - ok
18:07:49.0497 5328 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:07:49.0528 5328 Smb - ok
18:07:49.0575 5328 [ 19301C27F3425DC39F6C599F527E507D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
18:07:49.0653 5328 smserial - ok
18:07:49.0684 5328 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:07:49.0715 5328 SNMPTRAP - ok
18:07:49.0731 5328 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:07:49.0746 5328 spldr - ok
18:07:49.0777 5328 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:07:49.0840 5328 Spooler - ok
18:07:49.0949 5328 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:07:50.0058 5328 sppsvc - ok
18:07:50.0089 5328 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:07:50.0121 5328 sppuinotify - ok
18:07:50.0152 5328 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:07:50.0199 5328 srv - ok
18:07:50.0230 5328 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:07:50.0261 5328 srv2 - ok
18:07:50.0292 5328 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:07:50.0323 5328 srvnet - ok
18:07:50.0370 5328 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:07:50.0417 5328 SSDPSRV - ok
18:07:50.0495 5328 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
18:07:50.0526 5328 ssmdrv - ok
18:07:50.0557 5328 [ EF3458337D7341A05169CEFC73709264 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
18:07:50.0557 5328 SSPORT ( UnsignedFile.Multi.Generic ) - warning
18:07:50.0557 5328 SSPORT - detected UnsignedFile.Multi.Generic (1)
18:07:50.0573 5328 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:07:50.0635 5328 SstpSvc - ok
18:07:50.0651 5328 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:07:50.0667 5328 stexstor - ok
18:07:50.0713 5328 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:07:50.0729 5328 StiSvc - ok
18:07:50.0760 5328 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
18:07:50.0776 5328 swenum - ok
18:07:50.0791 5328 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:07:50.0838 5328 swprv - ok
18:07:50.0885 5328 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:07:50.0947 5328 SysMain - ok
18:07:50.0963 5328 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:07:50.0994 5328 TabletInputService - ok
18:07:51.0025 5328 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:07:51.0057 5328 TapiSrv - ok
18:07:51.0072 5328 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:07:51.0119 5328 TBS - ok
18:07:51.0166 5328 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:07:51.0228 5328 Tcpip - ok
18:07:51.0259 5328 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:07:51.0291 5328 TCPIP6 - ok
18:07:51.0322 5328 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:07:51.0353 5328 tcpipreg - ok
18:07:51.0384 5328 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:07:51.0415 5328 TDPIPE - ok
18:07:51.0431 5328 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:07:51.0447 5328 TDTCP - ok
18:07:51.0478 5328 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:07:51.0509 5328 tdx - ok
18:07:51.0540 5328 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:07:51.0556 5328 TermDD - ok
18:07:51.0603 5328 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:07:51.0696 5328 TermService - ok
18:07:51.0727 5328 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:07:51.0774 5328 Themes - ok
18:07:51.0790 5328 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:07:51.0821 5328 THREADORDER - ok
18:07:51.0868 5328 [ AC88D258F20909EEB91796F490CFBB73 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:07:51.0883 5328 TOSHIBA Bluetooth Service - ok
18:07:51.0915 5328 [ 85B6FF02491B6DB3572B4F93E56CAB7C ] toshidpt C:\Windows\system32\drivers\Toshidpt.sys
18:07:51.0930 5328 toshidpt - ok
18:07:51.0977 5328 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
18:07:51.0977 5328 tosporte - ok
18:07:52.0024 5328 [ 00371CE4DA09B68BA0FF953E61820981 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
18:07:52.0039 5328 tosrfbd - ok
18:07:52.0071 5328 [ 74392BAB3F0D4810DA8436EC79D6955D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
18:07:52.0086 5328 tosrfbnp - ok
18:07:52.0102 5328 [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
18:07:52.0102 5328 Tosrfcom - ok
18:07:52.0117 5328 [ A72A3473180F378CC07D342803FFD580 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
18:07:52.0133 5328 Tosrfhid - ok
18:07:52.0164 5328 [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
18:07:52.0164 5328 tosrfnds - ok
18:07:52.0180 5328 [ F1CA74CCA8241D8B8A024AECC643C547 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
18:07:52.0195 5328 TosRfSnd - ok
18:07:52.0195 5328 [ F400FB9616261A1B66E6D2E04B6C3538 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
18:07:52.0211 5328 Tosrfusb - ok
18:07:52.0242 5328 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:07:52.0289 5328 TrkWks - ok
18:07:52.0351 5328 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:07:52.0398 5328 TrustedInstaller - ok
18:07:52.0414 5328 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:07:52.0429 5328 tssecsrv - ok
18:07:52.0476 5328 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:07:52.0523 5328 TsUsbFlt - ok
18:07:52.0570 5328 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:07:52.0632 5328 tunnel - ok
18:07:52.0663 5328 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:07:52.0679 5328 uagp35 - ok
18:07:52.0695 5328 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:07:52.0741 5328 udfs - ok
18:07:52.0835 5328 [ 13BFF97E926BF8D9C1230CECC371A0C0 ] UI Assistant Service C:\Program Files\1&1 Surf-Stick\AssistantServices.exe
18:07:52.0851 5328 UI Assistant Service - ok
18:07:52.0866 5328 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:07:52.0913 5328 UI0Detect - ok
18:07:52.0944 5328 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:07:52.0960 5328 uliagpkx - ok
18:07:53.0007 5328 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
18:07:53.0038 5328 umbus - ok
18:07:53.0069 5328 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:07:53.0085 5328 UmPass - ok
18:07:53.0116 5328 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:07:53.0147 5328 upnphost - ok
18:07:53.0163 5328 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:07:53.0178 5328 usbccgp - ok
18:07:53.0178 5328 USBCCID - ok
18:07:53.0225 5328 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:07:53.0256 5328 usbcir - ok
18:07:53.0287 5328 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:07:53.0303 5328 usbehci - ok
18:07:53.0334 5328 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:07:53.0365 5328 usbhub - ok
18:07:53.0365 5328 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:07:53.0397 5328 usbohci - ok
18:07:53.0428 5328 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:07:53.0475 5328 usbprint - ok
18:07:53.0490 5328 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:07:53.0537 5328 USBSTOR - ok
18:07:53.0553 5328 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:07:53.0568 5328 usbuhci - ok
18:07:53.0615 5328 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:07:53.0631 5328 usbvideo - ok
18:07:53.0646 5328 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:07:53.0677 5328 UxSms - ok
18:07:53.0693 5328 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:07:53.0693 5328 VaultSvc - ok
18:07:53.0724 5328 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:07:53.0740 5328 vdrvroot - ok
18:07:53.0771 5328 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:07:53.0849 5328 vds - ok
18:07:53.0880 5328 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:07:53.0896 5328 vga - ok
18:07:53.0911 5328 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:07:53.0943 5328 VgaSave - ok
18:07:53.0974 5328 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:07:53.0989 5328 vhdmp - ok
18:07:54.0005 5328 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:07:54.0021 5328 viaagp - ok
18:07:54.0036 5328 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:07:54.0067 5328 ViaC7 - ok
18:07:54.0083 5328 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:07:54.0099 5328 viaide - ok
18:07:54.0114 5328 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:07:54.0130 5328 volmgr - ok
18:07:54.0145 5328 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:07:54.0161 5328 volmgrx - ok
18:07:54.0177 5328 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:07:54.0192 5328 volsnap - ok
18:07:54.0223 5328 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:07:54.0239 5328 vsmraid - ok
18:07:54.0286 5328 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:07:54.0364 5328 VSS - ok
18:07:54.0379 5328 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:07:54.0411 5328 vwifibus - ok
18:07:54.0442 5328 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:07:54.0457 5328 vwififlt - ok
18:07:54.0504 5328 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:07:54.0567 5328 W32Time - ok
18:07:54.0582 5328 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:07:54.0613 5328 WacomPen - ok
18:07:54.0660 5328 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:07:54.0707 5328 WANARP - ok
18:07:54.0707 5328 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:07:54.0738 5328 Wanarpv6 - ok
18:07:54.0785 5328 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:07:54.0863 5328 wbengine - ok
18:07:54.0894 5328 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:07:54.0925 5328 WbioSrvc - ok
18:07:54.0957 5328 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:07:54.0988 5328 wcncsvc - ok
18:07:55.0003 5328 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:07:55.0035 5328 WcsPlugInService - ok
18:07:55.0066 5328 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:07:55.0066 5328 Wd - ok
18:07:55.0097 5328 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:07:55.0113 5328 Wdf01000 - ok
18:07:55.0128 5328 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:07:55.0175 5328 WdiServiceHost - ok
18:07:55.0191 5328 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:07:55.0206 5328 WdiSystemHost - ok
18:07:55.0222 5328 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:07:55.0253 5328 WebClient - ok
18:07:55.0269 5328 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:07:55.0300 5328 Wecsvc - ok
18:07:55.0315 5328 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:07:55.0347 5328 wercplsupport - ok
18:07:55.0362 5328 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:07:55.0409 5328 WerSvc - ok
18:07:55.0471 5328 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:07:55.0503 5328 WfpLwf - ok
18:07:55.0518 5328 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:07:55.0534 5328 WIMMount - ok
18:07:55.0596 5328 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:07:55.0659 5328 WinDefend - ok
18:07:55.0659 5328 WinHttpAutoProxySvc - ok
18:07:55.0737 5328 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:07:55.0799 5328 Winmgmt - ok
18:07:55.0846 5328 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:07:55.0939 5328 WinRM - ok
18:07:55.0986 5328 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
18:07:56.0017 5328 WinUsb - ok
18:07:56.0064 5328 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:07:56.0127 5328 Wlansvc - ok
18:07:56.0173 5328 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:07:56.0205 5328 WmiAcpi - ok
18:07:56.0251 5328 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:07:56.0283 5328 wmiApSrv - ok
18:07:56.0361 5328 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:07:56.0454 5328 WMPNetworkSvc - ok
18:07:56.0470 5328 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:07:56.0532 5328 WPCSvc - ok
18:07:56.0563 5328 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:07:56.0579 5328 WPDBusEnum - ok
18:07:56.0610 5328 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:07:56.0641 5328 ws2ifsl - ok
18:07:56.0657 5328 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:07:56.0704 5328 wscsvc - ok
18:07:56.0704 5328 WSearch - ok
18:07:56.0797 5328 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:07:56.0891 5328 wuauserv - ok
18:07:56.0922 5328 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:07:56.0969 5328 WudfPf - ok
18:07:57.0016 5328 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:07:57.0063 5328 WUDFRd - ok
18:07:57.0109 5328 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:07:57.0172 5328 wudfsvc - ok
18:07:57.0203 5328 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:07:57.0219 5328 WwanSvc - ok
18:07:57.0250 5328 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
18:07:57.0312 5328 ZTEusbmdm6k - ok
18:07:57.0343 5328 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
18:07:57.0359 5328 ZTEusbnmea - ok
18:07:57.0406 5328 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
18:07:57.0406 5328 ZTEusbser6k - ok
18:07:57.0437 5328 ================ Scan global ===============================
18:07:57.0468 5328 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:07:57.0499 5328 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
18:07:57.0515 5328 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
18:07:57.0562 5328 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:07:57.0593 5328 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:07:57.0609 5328 [Global] - ok
18:07:57.0609 5328 ================ Scan MBR ==================================
18:07:57.0624 5328 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:07:57.0921 5328 \Device\Harddisk0\DR0 - ok
18:07:57.0921 5328 ================ Scan VBR ==================================
18:07:57.0936 5328 [ FD1A05EB21DD92D9D3644AE8F4376E1B ] \Device\Harddisk0\DR0\Partition1
18:07:57.0936 5328 \Device\Harddisk0\DR0\Partition1 - ok
18:07:57.0952 5328 [ 0BAECE3662EFD8A20E6E9F3703269473 ] \Device\Harddisk0\DR0\Partition2
18:07:57.0952 5328 \Device\Harddisk0\DR0\Partition2 - ok
18:07:57.0952 5328 ============================================================
18:07:57.0952 5328 Scan finished
18:07:57.0952 5328 ============================================================
18:07:57.0967 4244 Detected object count: 2
18:07:57.0967 4244 Actual detected object count: 2
18:09:41.0143 4244 C:\Program Files\System Control Manager\MSIService.exe - copied to quarantine
18:09:41.0143 4244 Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
18:09:41.0158 4244 C:\Windows\system32\Drivers\SSPORT.sys - copied to quarantine
18:09:41.0158 4244 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
|
|
15.11.2012, 21:59
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie Claro-Search bei Firefox entfernen?Zitat:
Ich hab dich anfangs gebeten die Anleitungen sorgfältig zu lesen und umzusetzen und dennoch schlägst du die gut sichtbar geposteten Hinweise zum TDSS-Killer in den Wind! Du solltest doch alles was der listet auf skip lassen!
__________________ --> Wie Claro-Search bei Firefox entfernen? |
|
16.11.2012, 03:57
| #7 |
| | Wie Claro-Search bei Firefox entfernen? Hallo, das stimmt. Ich war unaufmerksam. Dies ist nun leider nicht mehr zu ändern und ich werde versuchen in Zukunft besser aufzupassen. Es tut mir leid. F.H. |
|
16.11.2012, 09:49
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie Claro-Search bei Firefox entfernen? Ich hoffe mal nur, dass der TDSS-Killer die Sachen nur in seine Q kopiert und nicht verschoben hat. Führ den TDSS-Killer bitte nochmal richtig aus und poste das neue Log.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2012, 11:22
| #9 |
| | Wie Claro-Search bei Firefox entfernen? Hallo, hier die neue Auswertung. Ich hoffe auch, dass ich durch meinen Fehler nicht noch mehr Schaden angerichtet habe. Ich danke sehr für die Bereitschaft weiter mit mir zu arbeiten. Code:
ATTFilter 11:19:28.0585 2588 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:19:28.0715 2588 ============================================================
11:19:28.0715 2588 Current date / time: 2012/11/16 11:19:28.0715
11:19:28.0715 2588 SystemInfo:
11:19:28.0715 2588
11:19:28.0715 2588 OS Version: 6.1.7601 ServicePack: 1.0
11:19:28.0715 2588 Product type: Workstation
11:19:28.0715 2588 ComputerName: FRIEDERIKE-MSI
11:19:28.0715 2588 UserName: Friederike
11:19:28.0715 2588 Windows directory: C:\Windows
11:19:28.0715 2588 System windows directory: C:\Windows
11:19:28.0715 2588 Processor architecture: Intel x86
11:19:28.0715 2588 Number of processors: 2
11:19:28.0715 2588 Page size: 0x1000
11:19:28.0715 2588 Boot type: Normal boot
11:19:28.0715 2588 ============================================================
11:19:32.0347 2588 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:19:32.0347 2588 ============================================================
11:19:32.0347 2588 \Device\Harddisk0\DR0:
11:19:32.0347 2588 MBR partitions:
11:19:32.0347 2588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x222CB800
11:19:32.0347 2588 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x236FE000, BlocksNum 0x16C87800
11:19:32.0347 2588 ============================================================
11:19:32.0387 2588 C: <-> \Device\Harddisk0\DR0\Partition1
11:19:32.0417 2588 D: <-> \Device\Harddisk0\DR0\Partition2
11:19:32.0417 2588 ============================================================
11:19:32.0417 2588 Initialize success
11:19:32.0417 2588 ============================================================
11:19:53.0977 2780 ============================================================
11:19:53.0977 2780 Scan started
11:19:53.0977 2780 Mode: Manual; SigCheck; TDLFS;
11:19:53.0977 2780 ============================================================
11:19:57.0117 2780 ================ Scan system memory ========================
11:19:57.0117 2780 System memory - ok
11:19:57.0117 2780 ================ Scan services =============================
11:19:57.0597 2780 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:19:57.0787 2780 1394ohci - ok
11:19:57.0917 2780 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:19:57.0937 2780 ACDaemon - ok
11:19:57.0987 2780 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:19:58.0007 2780 ACPI - ok
11:19:58.0057 2780 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:19:58.0177 2780 AcpiPmi - ok
11:19:58.0297 2780 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:19:58.0317 2780 AdobeARMservice - ok
11:19:58.0377 2780 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:19:58.0477 2780 adp94xx - ok
11:19:58.0517 2780 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:19:58.0557 2780 adpahci - ok
11:19:58.0587 2780 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:19:58.0607 2780 adpu320 - ok
11:19:58.0707 2780 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:19:58.0807 2780 AeLookupSvc - ok
11:19:58.0867 2780 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
11:19:58.0987 2780 AFD - ok
11:19:59.0047 2780 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
11:19:59.0117 2780 AgereModemAudio - ok
11:19:59.0187 2780 [ 7C4297D354445AD0A3435889A2E4CAC2 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
11:19:59.0537 2780 AgereSoftModem - ok
11:19:59.0557 2780 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
11:19:59.0597 2780 agp440 - ok
11:19:59.0627 2780 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
11:19:59.0647 2780 aic78xx - ok
11:19:59.0697 2780 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
11:19:59.0737 2780 ALG - ok
11:19:59.0767 2780 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
11:19:59.0777 2780 aliide - ok
11:19:59.0797 2780 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:19:59.0817 2780 amdagp - ok
11:19:59.0837 2780 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
11:19:59.0857 2780 amdide - ok
11:19:59.0877 2780 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:19:59.0947 2780 AmdK8 - ok
11:19:59.0947 2780 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:20:00.0017 2780 AmdPPM - ok
11:20:00.0057 2780 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:20:00.0077 2780 amdsata - ok
11:20:00.0107 2780 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:20:00.0127 2780 amdsbs - ok
11:20:00.0137 2780 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:20:00.0157 2780 amdxata - ok
11:20:00.0227 2780 [ A5569C4429D1C5494049FBFE2B2D20FF ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:20:00.0247 2780 AntiVirSchedulerService - ok
11:20:00.0337 2780 [ CB7EA00A4E70DF6828EBB68633D000D2 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:20:00.0347 2780 AntiVirService - ok
11:20:00.0397 2780 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
11:20:00.0587 2780 AppID - ok
11:20:00.0617 2780 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:20:00.0777 2780 AppIDSvc - ok
11:20:00.0837 2780 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
11:20:01.0047 2780 Appinfo - ok
11:20:01.0107 2780 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:20:01.0157 2780 arc - ok
11:20:01.0167 2780 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:20:01.0197 2780 arcsas - ok
11:20:01.0247 2780 [ DFD07F0A36BD4F7E7AD2BC5548213694 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
11:20:01.0267 2780 ArcSoftKsUFilter - ok
11:20:01.0327 2780 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:20:01.0417 2780 AsyncMac - ok
11:20:01.0497 2780 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
11:20:01.0517 2780 atapi - ok
11:20:01.0597 2780 [ 2EB96571FE865F07ED1FD6017575026F ] athr C:\Windows\system32\DRIVERS\athr.sys
11:20:01.0807 2780 athr - ok
11:20:01.0907 2780 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:20:02.0007 2780 AudioEndpointBuilder - ok
11:20:02.0017 2780 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:20:02.0047 2780 Audiosrv - ok
11:20:02.0117 2780 [ 680B3A1BE559B5D5AAC04C7949469DD6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
11:20:02.0147 2780 avgntflt - ok
11:20:02.0227 2780 [ 6B289080B9752DAD39C1C2B98B479DCE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
11:20:02.0267 2780 avipbb - ok
11:20:02.0317 2780 [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
11:20:02.0337 2780 avkmgr - ok
11:20:02.0407 2780 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:20:02.0447 2780 AxInstSV - ok
11:20:02.0497 2780 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
11:20:02.0537 2780 b06bdrv - ok
11:20:02.0567 2780 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
11:20:02.0617 2780 b57nd60x - ok
11:20:02.0687 2780 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
11:20:02.0737 2780 BDESVC - ok
11:20:02.0757 2780 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
11:20:02.0797 2780 Beep - ok
11:20:02.0847 2780 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
11:20:02.0917 2780 BFE - ok
11:20:02.0967 2780 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
11:20:03.0017 2780 BITS - ok
11:20:03.0027 2780 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:20:03.0067 2780 blbdrive - ok
11:20:03.0097 2780 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:20:03.0137 2780 bowser - ok
11:20:03.0147 2780 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:20:03.0197 2780 BrFiltLo - ok
11:20:03.0207 2780 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:20:03.0247 2780 BrFiltUp - ok
11:20:03.0277 2780 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
11:20:03.0337 2780 Browser - ok
11:20:03.0377 2780 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:20:03.0447 2780 Brserid - ok
11:20:03.0447 2780 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:20:03.0497 2780 BrSerWdm - ok
11:20:03.0497 2780 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:20:03.0547 2780 BrUsbMdm - ok
11:20:03.0557 2780 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:20:03.0607 2780 BrUsbSer - ok
11:20:03.0637 2780 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:20:03.0717 2780 BthEnum - ok
11:20:03.0727 2780 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:20:03.0767 2780 BTHMODEM - ok
11:20:03.0777 2780 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:20:03.0817 2780 BthPan - ok
11:20:03.0857 2780 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:20:03.0937 2780 BTHPORT - ok
11:20:03.0987 2780 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
11:20:04.0077 2780 bthserv - ok
11:20:04.0087 2780 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:20:04.0127 2780 BTHUSB - ok
11:20:04.0167 2780 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:20:04.0227 2780 cdfs - ok
11:20:04.0267 2780 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
11:20:04.0317 2780 cdrom - ok
11:20:04.0367 2780 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
11:20:04.0437 2780 CertPropSvc - ok
11:20:04.0477 2780 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:20:04.0547 2780 circlass - ok
11:20:04.0587 2780 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
11:20:04.0637 2780 CLFS - ok
11:20:04.0737 2780 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:20:04.0767 2780 clr_optimization_v2.0.50727_32 - ok
11:20:04.0837 2780 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:20:04.0877 2780 clr_optimization_v4.0.30319_32 - ok
11:20:04.0907 2780 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:20:04.0947 2780 CmBatt - ok
11:20:04.0977 2780 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:20:05.0007 2780 cmdide - ok
11:20:05.0047 2780 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
11:20:05.0127 2780 CNG - ok
11:20:05.0157 2780 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:20:05.0187 2780 Compbatt - ok
11:20:05.0227 2780 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:20:05.0267 2780 CompositeBus - ok
11:20:05.0277 2780 COMSysApp - ok
11:20:05.0307 2780 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:20:05.0337 2780 crcdisk - ok
11:20:05.0387 2780 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:20:05.0447 2780 CryptSvc - ok
11:20:05.0477 2780 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
11:20:05.0567 2780 DcomLaunch - ok
11:20:05.0607 2780 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
11:20:05.0697 2780 defragsvc - ok
11:20:05.0737 2780 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:20:05.0797 2780 DfsC - ok
11:20:05.0837 2780 DgiVecp - ok
11:20:05.0897 2780 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:20:05.0937 2780 Dhcp - ok
11:20:05.0967 2780 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
11:20:06.0037 2780 discache - ok
11:20:06.0077 2780 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:20:06.0097 2780 Disk - ok
11:20:06.0127 2780 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:20:06.0187 2780 Dnscache - ok
11:20:06.0227 2780 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
11:20:06.0307 2780 dot3svc - ok
11:20:06.0327 2780 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
11:20:06.0407 2780 DPS - ok
11:20:06.0447 2780 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:20:06.0497 2780 drmkaud - ok
11:20:06.0547 2780 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:20:06.0607 2780 DXGKrnl - ok
11:20:06.0627 2780 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
11:20:06.0677 2780 EapHost - ok
11:20:06.0757 2780 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
11:20:06.0917 2780 ebdrv - ok
11:20:06.0947 2780 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
11:20:06.0967 2780 EFS - ok
11:20:07.0027 2780 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:20:07.0117 2780 ehRecvr - ok
11:20:07.0157 2780 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
11:20:07.0197 2780 ehSched - ok
11:20:07.0257 2780 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:20:07.0297 2780 elxstor - ok
11:20:07.0337 2780 [ F13C945115B8A8C7C4427D5925F88F23 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
11:20:07.0387 2780 enecir - ok
11:20:07.0407 2780 [ 65BF24816C2814596253F312DD35F171 ] enecirhid C:\Windows\system32\DRIVERS\enecirhid.sys
11:20:07.0427 2780 enecirhid - ok
11:20:07.0437 2780 [ 97D41E2831AC117AF9BF8D0D9E9D027F ] enecirhidma C:\Windows\system32\DRIVERS\enecirhidma.sys
11:20:07.0457 2780 enecirhidma - ok
11:20:07.0487 2780 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:20:07.0517 2780 ErrDev - ok
11:20:07.0577 2780 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
11:20:07.0657 2780 EventSystem - ok
11:20:07.0677 2780 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
11:20:07.0767 2780 exfat - ok
11:20:07.0777 2780 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:20:07.0857 2780 fastfat - ok
11:20:07.0907 2780 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
11:20:07.0977 2780 Fax - ok
11:20:07.0997 2780 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:20:08.0027 2780 fdc - ok
11:20:08.0057 2780 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
11:20:08.0127 2780 fdPHost - ok
11:20:08.0147 2780 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
11:20:08.0207 2780 FDResPub - ok
11:20:08.0237 2780 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:20:08.0257 2780 FileInfo - ok
11:20:08.0257 2780 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:20:08.0327 2780 Filetrace - ok
11:20:08.0327 2780 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:20:08.0357 2780 flpydisk - ok
11:20:08.0377 2780 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:20:08.0437 2780 FltMgr - ok
11:20:08.0497 2780 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
11:20:08.0577 2780 FontCache - ok
11:20:08.0637 2780 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:20:08.0667 2780 FontCache3.0.0.0 - ok
11:20:08.0677 2780 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:20:08.0707 2780 FsDepends - ok
11:20:08.0727 2780 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:20:08.0757 2780 Fs_Rec - ok
11:20:08.0817 2780 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:20:08.0877 2780 fvevol - ok
11:20:08.0917 2780 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:20:08.0957 2780 gagp30kx - ok
11:20:09.0007 2780 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
11:20:09.0107 2780 gpsvc - ok
11:20:09.0137 2780 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:20:09.0157 2780 hcw85cir - ok
11:20:09.0217 2780 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:20:09.0357 2780 HdAudAddService - ok
11:20:09.0387 2780 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:20:09.0427 2780 HDAudBus - ok
11:20:09.0447 2780 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:20:09.0487 2780 HidBatt - ok
11:20:09.0487 2780 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:20:09.0527 2780 HidBth - ok
11:20:09.0587 2780 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:20:09.0627 2780 HidIr - ok
11:20:09.0667 2780 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
11:20:09.0737 2780 hidserv - ok
11:20:09.0777 2780 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
11:20:09.0817 2780 HidUsb - ok
11:20:09.0847 2780 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:20:09.0917 2780 hkmsvc - ok
11:20:09.0957 2780 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:20:10.0037 2780 HomeGroupListener - ok
11:20:10.0067 2780 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:20:10.0137 2780 HomeGroupProvider - ok
11:20:10.0177 2780 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:20:10.0217 2780 HpSAMD - ok
11:20:10.0247 2780 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:20:10.0337 2780 HTTP - ok
11:20:10.0377 2780 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:20:10.0387 2780 hwpolicy - ok
11:20:10.0447 2780 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:20:10.0477 2780 i8042prt - ok
11:20:10.0547 2780 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:20:10.0567 2780 IAANTMON - ok
11:20:10.0617 2780 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:20:10.0627 2780 iaStor - ok
11:20:10.0647 2780 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:20:10.0687 2780 iaStorV - ok
11:20:10.0747 2780 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:20:10.0857 2780 idsvc - ok
11:20:10.0897 2780 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:20:10.0937 2780 iirsp - ok
11:20:10.0977 2780 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
11:20:11.0097 2780 IKEEXT - ok
11:20:11.0207 2780 [ F2BAA4FF548F7F0317F7638951C1CD9C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:20:11.0287 2780 IntcAzAudAddService - ok
11:20:11.0307 2780 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
11:20:11.0327 2780 intelide - ok
11:20:11.0347 2780 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:20:11.0367 2780 intelppm - ok
11:20:11.0407 2780 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:20:11.0467 2780 IPBusEnum - ok
11:20:11.0487 2780 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:20:11.0537 2780 IpFilterDriver - ok
11:20:11.0567 2780 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:20:11.0607 2780 iphlpsvc - ok
11:20:11.0627 2780 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:20:11.0657 2780 IPMIDRV - ok
11:20:11.0677 2780 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:20:11.0707 2780 IPNAT - ok
11:20:11.0737 2780 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:20:11.0787 2780 IRENUM - ok
11:20:11.0827 2780 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:20:11.0857 2780 isapnp - ok
11:20:11.0877 2780 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:20:11.0927 2780 iScsiPrt - ok
11:20:11.0957 2780 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:20:11.0987 2780 kbdclass - ok
11:20:12.0027 2780 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:20:12.0077 2780 kbdhid - ok
11:20:12.0087 2780 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
11:20:12.0117 2780 KeyIso - ok
11:20:12.0137 2780 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:20:12.0177 2780 KSecDD - ok
11:20:12.0187 2780 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:20:12.0227 2780 KSecPkg - ok
11:20:12.0277 2780 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
11:20:12.0367 2780 KtmRm - ok
11:20:12.0397 2780 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
11:20:12.0447 2780 LanmanServer - ok
11:20:12.0477 2780 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:20:12.0557 2780 LanmanWorkstation - ok
11:20:12.0617 2780 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:20:12.0697 2780 lltdio - ok
11:20:12.0737 2780 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:20:12.0797 2780 lltdsvc - ok
11:20:12.0817 2780 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
11:20:12.0857 2780 lmhosts - ok
11:20:12.0887 2780 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:20:12.0907 2780 LSI_FC - ok
11:20:12.0917 2780 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:20:12.0937 2780 LSI_SAS - ok
11:20:12.0947 2780 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:20:12.0967 2780 LSI_SAS2 - ok
11:20:12.0987 2780 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:20:13.0007 2780 LSI_SCSI - ok
11:20:13.0027 2780 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
11:20:13.0077 2780 luafv - ok
11:20:13.0137 2780 [ 59A2783ABA6019BED0C843C706E10A6A ] massfilter C:\Windows\system32\drivers\massfilter.sys
11:20:13.0177 2780 massfilter - ok
11:20:13.0237 2780 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
11:20:13.0317 2780 McComponentHostService - ok
11:20:13.0337 2780 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:20:13.0377 2780 Mcx2Svc - ok
11:20:13.0427 2780 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:20:13.0447 2780 megasas - ok
11:20:13.0477 2780 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:20:13.0507 2780 MegaSR - ok
11:20:13.0577 2780 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\Program Files\System Control Manager\MSIService.exe
11:20:13.0597 2780 Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
11:20:13.0597 2780 Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
11:20:13.0627 2780 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
11:20:13.0677 2780 MMCSS - ok
11:20:13.0697 2780 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
11:20:13.0737 2780 Modem - ok
11:20:13.0757 2780 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:20:13.0787 2780 monitor - ok
11:20:13.0817 2780 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
11:20:13.0837 2780 mouclass - ok
11:20:13.0847 2780 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:20:13.0887 2780 mouhid - ok
11:20:13.0907 2780 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:20:13.0927 2780 mountmgr - ok
11:20:13.0977 2780 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:20:13.0997 2780 MozillaMaintenance - ok
11:20:14.0037 2780 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
11:20:14.0067 2780 mpio - ok
11:20:14.0077 2780 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:20:14.0127 2780 mpsdrv - ok
11:20:14.0167 2780 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:20:14.0247 2780 MpsSvc - ok
11:20:14.0297 2780 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:20:14.0367 2780 MRxDAV - ok
11:20:14.0387 2780 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:20:14.0417 2780 mrxsmb - ok
11:20:14.0437 2780 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:20:14.0487 2780 mrxsmb10 - ok
11:20:14.0517 2780 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:20:14.0557 2780 mrxsmb20 - ok
11:20:14.0587 2780 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
11:20:14.0617 2780 msahci - ok
11:20:14.0637 2780 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:20:14.0657 2780 msdsm - ok
11:20:14.0677 2780 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
11:20:14.0717 2780 MSDTC - ok
11:20:14.0767 2780 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:20:14.0877 2780 Msfs - ok
11:20:14.0937 2780 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:20:14.0977 2780 mshidkmdf - ok
11:20:15.0007 2780 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:20:15.0017 2780 msisadrv - ok
11:20:15.0077 2780 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:20:15.0127 2780 MSiSCSI - ok
11:20:15.0127 2780 msiserver - ok
11:20:15.0147 2780 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:20:15.0197 2780 MSKSSRV - ok
11:20:15.0207 2780 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:20:15.0257 2780 MSPCLOCK - ok
11:20:15.0267 2780 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:20:15.0327 2780 MSPQM - ok
11:20:15.0347 2780 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:20:15.0387 2780 MsRPC - ok
11:20:15.0417 2780 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:20:15.0437 2780 mssmbios - ok
11:20:15.0457 2780 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:20:15.0487 2780 MSTEE - ok
11:20:15.0497 2780 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:20:15.0527 2780 MTConfig - ok
11:20:15.0557 2780 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
11:20:15.0587 2780 Mup - ok
11:20:15.0617 2780 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
11:20:15.0677 2780 napagent - ok
11:20:15.0697 2780 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:20:15.0717 2780 NativeWifiP - ok
11:20:15.0777 2780 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:20:15.0827 2780 NDIS - ok
11:20:15.0877 2780 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:20:15.0937 2780 NdisCap - ok
11:20:15.0967 2780 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:20:15.0997 2780 NdisTapi - ok
11:20:16.0037 2780 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:20:16.0067 2780 Ndisuio - ok
11:20:16.0107 2780 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:20:16.0157 2780 NdisWan - ok
11:20:16.0167 2780 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:20:16.0217 2780 NDProxy - ok
11:20:16.0247 2780 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:20:16.0297 2780 NetBIOS - ok
11:20:16.0327 2780 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:20:16.0407 2780 NetBT - ok
11:20:16.0427 2780 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
11:20:16.0437 2780 Netlogon - ok
11:20:16.0517 2780 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
11:20:16.0577 2780 Netman - ok
11:20:16.0597 2780 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
11:20:16.0657 2780 netprofm - ok
11:20:16.0687 2780 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:20:16.0707 2780 NetTcpPortSharing - ok
11:20:16.0867 2780 [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
11:20:17.0097 2780 NETw5s32 - ok
11:20:17.0117 2780 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:20:17.0137 2780 nfrd960 - ok
11:20:17.0167 2780 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
11:20:17.0187 2780 NlaSvc - ok
11:20:17.0217 2780 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:20:17.0267 2780 Npfs - ok
11:20:17.0297 2780 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
11:20:17.0337 2780 nsi - ok
11:20:17.0357 2780 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:20:17.0407 2780 nsiproxy - ok
11:20:17.0517 2780 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:20:17.0677 2780 Ntfs - ok
11:20:17.0707 2780 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
11:20:17.0757 2780 Null - ok
11:20:18.0007 2780 [ 2713392707E515EFB671751FA767EBD2 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:20:18.0437 2780 nvlddmkm - ok
11:20:18.0477 2780 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:20:18.0497 2780 nvraid - ok
11:20:18.0527 2780 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:20:18.0557 2780 nvstor - ok
11:20:18.0587 2780 [ D445466C0A10536486FBEBBC271D6E34 ] nvsvc C:\windows\system32\nvvsvc.exe
11:20:18.0607 2780 nvsvc - ok
11:20:18.0647 2780 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:20:18.0667 2780 nv_agp - ok
11:20:18.0737 2780 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:20:18.0777 2780 odserv - ok
11:20:18.0797 2780 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:20:18.0827 2780 ohci1394 - ok
11:20:18.0887 2780 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:20:18.0907 2780 ose - ok
11:20:18.0937 2780 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:20:18.0997 2780 p2pimsvc - ok
11:20:19.0037 2780 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
11:20:19.0077 2780 p2psvc - ok
11:20:19.0127 2780 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:20:19.0157 2780 Parport - ok
11:20:19.0187 2780 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:20:19.0207 2780 partmgr - ok
11:20:19.0217 2780 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:20:19.0267 2780 Parvdm - ok
11:20:19.0287 2780 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:20:19.0317 2780 PcaSvc - ok
11:20:19.0347 2780 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
11:20:19.0387 2780 pci - ok
11:20:19.0417 2780 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
11:20:19.0437 2780 pciide - ok
11:20:19.0457 2780 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:20:19.0487 2780 pcmcia - ok
11:20:19.0497 2780 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
11:20:19.0517 2780 pcw - ok
11:20:19.0537 2780 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:20:19.0597 2780 PEAUTH - ok
11:20:19.0707 2780 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
11:20:19.0857 2780 pla - ok
11:20:19.0897 2780 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:20:19.0957 2780 PlugPlay - ok
11:20:19.0977 2780 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:20:20.0007 2780 PNRPAutoReg - ok
11:20:20.0027 2780 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:20:20.0047 2780 PNRPsvc - ok
11:20:20.0087 2780 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:20:20.0157 2780 PolicyAgent - ok
11:20:20.0177 2780 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
11:20:20.0237 2780 Power - ok
11:20:20.0277 2780 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:20:20.0307 2780 PptpMiniport - ok
11:20:20.0347 2780 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:20:20.0367 2780 Processor - ok
11:20:20.0407 2780 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
11:20:20.0437 2780 ProfSvc - ok
11:20:20.0457 2780 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:20:20.0467 2780 ProtectedStorage - ok
11:20:20.0517 2780 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:20:20.0547 2780 Psched - ok
11:20:20.0597 2780 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:20:20.0687 2780 ql2300 - ok
11:20:20.0697 2780 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:20:20.0717 2780 ql40xx - ok
11:20:20.0747 2780 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
11:20:20.0797 2780 QWAVE - ok
11:20:20.0827 2780 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:20:20.0877 2780 QWAVEdrv - ok
11:20:20.0877 2780 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:20:20.0927 2780 RasAcd - ok
11:20:20.0977 2780 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:20:21.0017 2780 RasAgileVpn - ok
11:20:21.0027 2780 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
11:20:21.0077 2780 RasAuto - ok
11:20:21.0097 2780 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:20:21.0137 2780 Rasl2tp - ok
11:20:21.0207 2780 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
11:20:21.0267 2780 RasMan - ok
11:20:21.0277 2780 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:20:21.0327 2780 RasPppoe - ok
11:20:21.0367 2780 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:20:21.0437 2780 RasSstp - ok
11:20:21.0487 2780 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:20:21.0577 2780 rdbss - ok
11:20:21.0607 2780 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:20:21.0627 2780 rdpbus - ok
11:20:21.0657 2780 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:20:21.0687 2780 RDPCDD - ok
11:20:21.0727 2780 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:20:21.0767 2780 RDPENCDD - ok
11:20:21.0787 2780 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:20:21.0847 2780 RDPREFMP - ok
11:20:21.0887 2780 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:20:21.0937 2780 RDPWD - ok
11:20:21.0997 2780 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:20:22.0027 2780 rdyboost - ok
11:20:22.0057 2780 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
11:20:22.0097 2780 RemoteAccess - ok
11:20:22.0137 2780 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:20:22.0197 2780 RemoteRegistry - ok
11:20:22.0257 2780 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:20:22.0297 2780 RFCOMM - ok
11:20:22.0347 2780 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:20:22.0417 2780 RpcEptMapper - ok
11:20:22.0457 2780 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
11:20:22.0497 2780 RpcLocator - ok
11:20:22.0537 2780 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
11:20:22.0587 2780 RpcSs - ok
11:20:22.0627 2780 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:20:22.0707 2780 rspndr - ok
11:20:22.0747 2780 [ 434DCF7AE4300C876AA40873E3113983 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
11:20:22.0817 2780 RSUSBSTOR - ok
11:20:22.0867 2780 [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
11:20:22.0937 2780 RTL8167 - ok
11:20:22.0967 2780 RtsUIR - ok
11:20:22.0977 2780 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
11:20:23.0007 2780 SamSs - ok
11:20:23.0037 2780 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:20:23.0077 2780 sbp2port - ok
11:20:23.0127 2780 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:20:23.0207 2780 SCardSvr - ok
11:20:23.0227 2780 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:20:23.0267 2780 scfilter - ok
11:20:23.0327 2780 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
11:20:23.0437 2780 Schedule - ok
11:20:23.0467 2780 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:20:23.0497 2780 SCPolicySvc - ok
11:20:23.0547 2780 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
11:20:23.0607 2780 sdbus - ok
11:20:23.0657 2780 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:20:23.0727 2780 SDRSVC - ok
11:20:23.0777 2780 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:20:23.0837 2780 secdrv - ok
11:20:23.0877 2780 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
11:20:23.0947 2780 seclogon - ok
11:20:23.0967 2780 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
11:20:24.0017 2780 SENS - ok
11:20:24.0027 2780 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:20:24.0047 2780 SensrSvc - ok
11:20:24.0067 2780 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:20:24.0077 2780 Serenum - ok
11:20:24.0087 2780 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:20:24.0117 2780 Serial - ok
11:20:24.0137 2780 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:20:24.0167 2780 sermouse - ok
11:20:24.0217 2780 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
11:20:24.0267 2780 SessionEnv - ok
11:20:24.0297 2780 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:20:24.0327 2780 sffdisk - ok
11:20:24.0347 2780 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:20:24.0387 2780 sffp_mmc - ok
11:20:24.0407 2780 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:20:24.0437 2780 sffp_sd - ok
11:20:24.0447 2780 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:20:24.0487 2780 sfloppy - ok
11:20:24.0527 2780 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:20:24.0627 2780 SharedAccess - ok
11:20:24.0647 2780 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:20:24.0737 2780 ShellHWDetection - ok
11:20:24.0767 2780 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:20:24.0797 2780 sisagp - ok
11:20:24.0817 2780 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:20:24.0857 2780 SiSRaid2 - ok
11:20:24.0897 2780 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:20:24.0927 2780 SiSRaid4 - ok
11:20:24.0987 2780 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:20:25.0007 2780 SkypeUpdate - ok
11:20:25.0037 2780 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:20:25.0087 2780 Smb - ok
11:20:25.0137 2780 [ 19301C27F3425DC39F6C599F527E507D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
11:20:25.0207 2780 smserial - ok
11:20:25.0247 2780 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:20:25.0267 2780 SNMPTRAP - ok
11:20:25.0297 2780 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
11:20:25.0317 2780 spldr - ok
11:20:25.0347 2780 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
11:20:25.0407 2780 Spooler - ok
11:20:25.0507 2780 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
11:20:25.0627 2780 sppsvc - ok
11:20:25.0697 2780 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:20:25.0777 2780 sppuinotify - ok
11:20:25.0827 2780 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:20:25.0917 2780 srv - ok
11:20:25.0937 2780 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:20:25.0987 2780 srv2 - ok
11:20:26.0017 2780 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:20:26.0067 2780 srvnet - ok
11:20:26.0097 2780 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:20:26.0177 2780 SSDPSRV - ok
11:20:26.0217 2780 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
11:20:26.0247 2780 ssmdrv - ok
11:20:26.0287 2780 [ EF3458337D7341A05169CEFC73709264 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
11:20:26.0307 2780 SSPORT ( UnsignedFile.Multi.Generic ) - warning
11:20:26.0307 2780 SSPORT - detected UnsignedFile.Multi.Generic (1)
11:20:26.0317 2780 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:20:26.0377 2780 SstpSvc - ok
11:20:26.0397 2780 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:20:26.0427 2780 stexstor - ok
11:20:26.0467 2780 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
11:20:26.0527 2780 StiSvc - ok
11:20:26.0567 2780 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
11:20:26.0587 2780 swenum - ok
11:20:26.0607 2780 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
11:20:26.0687 2780 swprv - ok
11:20:26.0737 2780 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
11:20:26.0827 2780 SysMain - ok
11:20:26.0857 2780 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:20:26.0907 2780 TabletInputService - ok
11:20:26.0947 2780 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
11:20:27.0007 2780 TapiSrv - ok
11:20:27.0047 2780 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
11:20:27.0087 2780 TBS - ok
11:20:27.0137 2780 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:20:27.0257 2780 Tcpip - ok
11:20:27.0297 2780 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:20:27.0347 2780 TCPIP6 - ok
11:20:27.0377 2780 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:20:27.0407 2780 tcpipreg - ok
11:20:27.0447 2780 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:20:27.0477 2780 TDPIPE - ok
11:20:27.0497 2780 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:20:27.0517 2780 TDTCP - ok
11:20:27.0547 2780 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:20:27.0617 2780 tdx - ok
11:20:27.0637 2780 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:20:27.0667 2780 TermDD - ok
11:20:27.0717 2780 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
11:20:27.0817 2780 TermService - ok
11:20:27.0837 2780 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
11:20:27.0877 2780 Themes - ok
11:20:27.0897 2780 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
11:20:27.0917 2780 THREADORDER - ok
11:20:27.0987 2780 [ AC88D258F20909EEB91796F490CFBB73 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
11:20:27.0997 2780 TOSHIBA Bluetooth Service - ok
11:20:28.0037 2780 [ 85B6FF02491B6DB3572B4F93E56CAB7C ] toshidpt C:\Windows\system32\drivers\Toshidpt.sys
11:20:28.0047 2780 toshidpt - ok
11:20:28.0087 2780 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
11:20:28.0107 2780 tosporte - ok
11:20:28.0137 2780 [ 00371CE4DA09B68BA0FF953E61820981 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
11:20:28.0177 2780 tosrfbd - ok
11:20:28.0187 2780 [ 74392BAB3F0D4810DA8436EC79D6955D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
11:20:28.0217 2780 tosrfbnp - ok
11:20:28.0247 2780 [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
11:20:28.0267 2780 Tosrfcom - ok
11:20:28.0287 2780 [ A72A3473180F378CC07D342803FFD580 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
11:20:28.0307 2780 Tosrfhid - ok
11:20:28.0347 2780 [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
11:20:28.0377 2780 tosrfnds - ok
11:20:28.0397 2780 [ F1CA74CCA8241D8B8A024AECC643C547 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
11:20:28.0427 2780 TosRfSnd - ok
11:20:28.0427 2780 [ F400FB9616261A1B66E6D2E04B6C3538 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
11:20:28.0457 2780 Tosrfusb - ok
11:20:28.0507 2780 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
11:20:28.0587 2780 TrkWks - ok
11:20:28.0647 2780 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:20:28.0707 2780 TrustedInstaller - ok
11:20:28.0737 2780 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:20:28.0767 2780 tssecsrv - ok
11:20:28.0807 2780 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:20:28.0847 2780 TsUsbFlt - ok
11:20:28.0897 2780 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:20:28.0977 2780 tunnel - ok
11:20:28.0997 2780 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:20:29.0017 2780 uagp35 - ok
11:20:29.0037 2780 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:20:29.0087 2780 udfs - ok
11:20:29.0157 2780 [ 13BFF97E926BF8D9C1230CECC371A0C0 ] UI Assistant Service C:\Program Files\1&1 Surf-Stick\AssistantServices.exe
11:20:29.0177 2780 UI Assistant Service - ok
11:20:29.0207 2780 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:20:29.0257 2780 UI0Detect - ok
11:20:29.0297 2780 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:20:29.0327 2780 uliagpkx - ok
11:20:29.0367 2780 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
11:20:29.0417 2780 umbus - ok
11:20:29.0447 2780 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:20:29.0487 2780 UmPass - ok
11:20:29.0517 2780 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
11:20:29.0587 2780 upnphost - ok
11:20:29.0617 2780 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:20:29.0647 2780 usbccgp - ok
11:20:29.0647 2780 USBCCID - ok
11:20:29.0707 2780 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:20:29.0767 2780 usbcir - ok
11:20:29.0797 2780 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:20:29.0837 2780 usbehci - ok
11:20:29.0857 2780 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:20:29.0917 2780 usbhub - ok
11:20:29.0937 2780 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:20:29.0987 2780 usbohci - ok
11:20:30.0027 2780 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:20:30.0077 2780 usbprint - ok
11:20:30.0097 2780 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:20:30.0147 2780 USBSTOR - ok
11:20:30.0177 2780 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:20:30.0207 2780 usbuhci - ok
11:20:30.0247 2780 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:20:30.0287 2780 usbvideo - ok
11:20:30.0317 2780 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
11:20:30.0377 2780 UxSms - ok
11:20:30.0387 2780 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
11:20:30.0417 2780 VaultSvc - ok
11:20:30.0457 2780 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:20:30.0487 2780 vdrvroot - ok
11:20:30.0537 2780 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
11:20:30.0617 2780 vds - ok
11:20:30.0647 2780 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:20:30.0667 2780 vga - ok
11:20:30.0697 2780 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:20:30.0727 2780 VgaSave - ok
11:20:30.0757 2780 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:20:30.0787 2780 vhdmp - ok
11:20:30.0817 2780 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:20:30.0827 2780 viaagp - ok
11:20:30.0847 2780 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:20:30.0897 2780 ViaC7 - ok
11:20:30.0917 2780 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
11:20:30.0937 2780 viaide - ok
11:20:30.0957 2780 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:20:30.0977 2780 volmgr - ok
11:20:30.0997 2780 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:20:31.0027 2780 volmgrx - ok
11:20:31.0037 2780 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:20:31.0087 2780 volsnap - ok
11:20:31.0117 2780 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:20:31.0147 2780 vsmraid - ok
11:20:31.0197 2780 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
11:20:31.0307 2780 VSS - ok
11:20:31.0317 2780 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:20:31.0347 2780 vwifibus - ok
11:20:31.0377 2780 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:20:31.0417 2780 vwififlt - ok
11:20:31.0457 2780 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
11:20:31.0557 2780 W32Time - ok
11:20:31.0567 2780 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:20:31.0597 2780 WacomPen - ok
11:20:31.0637 2780 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:20:31.0707 2780 WANARP - ok
11:20:31.0717 2780 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:20:31.0737 2780 Wanarpv6 - ok
11:20:31.0787 2780 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
11:20:31.0867 2780 wbengine - ok
11:20:31.0897 2780 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:20:31.0947 2780 WbioSrvc - ok
11:20:31.0987 2780 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:20:32.0037 2780 wcncsvc - ok
11:20:32.0067 2780 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:20:32.0097 2780 WcsPlugInService - ok
11:20:32.0117 2780 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:20:32.0147 2780 Wd - ok
11:20:32.0177 2780 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:20:32.0247 2780 Wdf01000 - ok
11:20:32.0267 2780 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:20:32.0297 2780 WdiServiceHost - ok
11:20:32.0297 2780 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:20:32.0317 2780 WdiSystemHost - ok
11:20:32.0347 2780 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
11:20:32.0397 2780 WebClient - ok
11:20:32.0417 2780 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:20:32.0447 2780 Wecsvc - ok
11:20:32.0467 2780 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:20:32.0517 2780 wercplsupport - ok
11:20:32.0537 2780 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
11:20:32.0577 2780 WerSvc - ok
11:20:32.0637 2780 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:20:32.0707 2780 WfpLwf - ok
11:20:32.0717 2780 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:20:32.0737 2780 WIMMount - ok
11:20:32.0807 2780 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:20:32.0877 2780 WinDefend - ok
11:20:32.0887 2780 WinHttpAutoProxySvc - ok
11:20:32.0967 2780 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:20:33.0047 2780 Winmgmt - ok
11:20:33.0097 2780 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
11:20:33.0237 2780 WinRM - ok
11:20:33.0287 2780 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
11:20:33.0337 2780 WinUsb - ok
11:20:33.0387 2780 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:20:33.0447 2780 Wlansvc - ok
11:20:33.0477 2780 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:20:33.0527 2780 WmiAcpi - ok
11:20:33.0547 2780 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:20:33.0607 2780 wmiApSrv - ok
11:20:33.0687 2780 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:20:33.0767 2780 WMPNetworkSvc - ok
11:20:33.0787 2780 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:20:33.0827 2780 WPCSvc - ok
11:20:33.0867 2780 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:20:33.0917 2780 WPDBusEnum - ok
11:20:33.0947 2780 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:20:34.0007 2780 ws2ifsl - ok
11:20:34.0027 2780 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
11:20:34.0097 2780 wscsvc - ok
11:20:34.0107 2780 WSearch - ok
11:20:34.0197 2780 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:20:34.0297 2780 wuauserv - ok
11:20:34.0317 2780 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:20:34.0337 2780 WudfPf - ok
11:20:34.0357 2780 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:20:34.0387 2780 WUDFRd - ok
11:20:34.0407 2780 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:20:34.0427 2780 wudfsvc - ok
11:20:34.0457 2780 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:20:34.0497 2780 WwanSvc - ok
11:20:34.0527 2780 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
11:20:34.0557 2780 ZTEusbmdm6k - ok
11:20:34.0587 2780 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
11:20:34.0617 2780 ZTEusbnmea - ok
11:20:34.0637 2780 [ 3862318F85BE7A91957ADA5E814ED58C ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
11:20:34.0667 2780 ZTEusbser6k - ok
11:20:34.0687 2780 ================ Scan global ===============================
11:20:34.0727 2780 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
11:20:34.0767 2780 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
11:20:34.0797 2780 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
11:20:34.0837 2780 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
11:20:34.0877 2780 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
11:20:34.0897 2780 [Global] - ok
11:20:34.0897 2780 ================ Scan MBR ==================================
11:20:34.0927 2780 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:20:35.0357 2780 \Device\Harddisk0\DR0 - ok
11:20:35.0357 2780 ================ Scan VBR ==================================
11:20:35.0367 2780 [ FD1A05EB21DD92D9D3644AE8F4376E1B ] \Device\Harddisk0\DR0\Partition1
11:20:35.0367 2780 \Device\Harddisk0\DR0\Partition1 - ok
11:20:35.0387 2780 [ 0BAECE3662EFD8A20E6E9F3703269473 ] \Device\Harddisk0\DR0\Partition2
11:20:35.0397 2780 \Device\Harddisk0\DR0\Partition2 - ok
11:20:35.0397 2780 ============================================================
11:20:35.0397 2780 Scan finished
11:20:35.0397 2780 ============================================================
11:20:35.0407 2948 Detected object count: 2
11:20:35.0407 2948 Actual detected object count: 2
11:20:43.0327 2948 Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:43.0327 2948 Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:20:43.0327 2948 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:43.0327 2948 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
16.11.2012, 11:40
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie Claro-Search bei Firefox entfernen? Ist ok, da wurde zum Glück nichts gelöscht. Der TDSS-Killer hat die Sachen nur in seine Q kopiert und nicht verschoben. adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2012, 12:14
| #11 |
| | Wie Claro-Search bei Firefox entfernen? Hallo, das ist die Datei: Code:
ATTFilter # AdwCleaner v2.007 - Logfile created 11/16/2012 at 12:14:01
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Friederike - FRIEDERIKE-MSI
# Boot Mode : Normal
# Running from : C:\Users\Friederike\Downloads\adwcleaner(1).exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\searchplugins\browsemngr.xml
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\Users\Friederike\AppData\Roaming\Babylon
***** [Registry] *****
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKU\S-1-5-21-205577914-2600898699-3477215697-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v16.0.2 (de)
Profile name : default
File : C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\prefs.js
Found : user_pref("browser.search.selectedEngine", "Claro Search");
Found : user_pref("browser.startup.homepage", "hxxp://www.claro-search.com/?affID=114506&tt=4612_4&babsrc=HP[...]
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114506&tt=461[...]
Found : user_pref("extensions.claro.admin", false);
Found : user_pref("extensions.claro.aflt", "babsst");
Found : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Found : user_pref("extensions.claro.dfltLng", "en");
Found : user_pref("extensions.claro.excTlbr", false);
Found : user_pref("extensions.claro.id", "feefe68b0000000000000025d39b5fea");
Found : user_pref("extensions.claro.instlDay", "15657");
Found : user_pref("extensions.claro.instlRef", "sst");
Found : user_pref("extensions.claro.prdct", "claro");
Found : user_pref("extensions.claro.prtnrId", "claro");
Found : user_pref("extensions.claro.tlbrId", "claro");
Found : user_pref("extensions.claro.tlbrSrchUrl", "");
Found : user_pref("extensions.claro.vrsn", "1.8.3.10");
Found : user_pref("extensions.claro.vrsni", "1.8.3.10");
Found : user_pref("extensions.claro_i.smplGrp", "none");
Found : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1012:03:54");
*************************
AdwCleaner[R3].txt - [3132 octets] - [16/11/2012 12:14:01]
########## EOF - C:\AdwCleaner[R3].txt - [3192 octets] ##########
Noch eine Frage: Kann ich den cleaner einfach schließen. Der zeigt mir gerade an "Waiting for an action". F.H. |
|
16.11.2012, 14:08
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie Claro-Search bei Firefox entfernen? Versuch bitte alle im adwCleaner-Log erwähnten Einträge (wie zB Babylon oder Softonic) über die Systemsteuerung zu deinstallieren, danach ein neues Suchlog mit dem adwCleaner machen. Reste und was sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2012, 15:03
| #13 |
| | Wie Claro-Search bei Firefox entfernen? Hallo, mein Computer läuft auf englisch, deshalb habe ich jetzt unter "control panel" und dann unter "Programs" "Uninstall a Program" nachgeschaut. Babylon und Softonic konnte ich dort nicht finden. Kann es sein, dass ich woanders nachschauen muss? Das ist bestimmt eine ziemlich blöde Frage, aber ich weiß es nicht besser. Viele Grüße F.H. |
|
16.11.2012, 16:15
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wie Claro-Search bei Firefox entfernen? adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.11.2012, 16:54
| #15 |
| | Wie Claro-Search bei Firefox entfernen? Hallo, hier die Auswertung des adw.cleaners: Code:
ATTFilter # AdwCleaner v2.007 - Logfile created 11/16/2012 at 16:39:22
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Friederike - FRIEDERIKE-MSI
# Boot Mode : Normal
# Running from : C:\Users\Friederike\Downloads\adwcleaner(2).exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\searchplugins\browsemngr.xml
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\Users\Friederike\AppData\Roaming\Babylon
***** [Registry] *****
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v16.0.2 (de)
Profile name : default
File : C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\prefs.js
C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\user.js ... Deleted !
Deleted : user_pref("browser.search.selectedEngine", "Claro Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.claro-search.com/?affID=114506&tt=4612_4&babsrc=HP[...]
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114506&tt=461[...]
Deleted : user_pref("extensions.claro.admin", false);
Deleted : user_pref("extensions.claro.aflt", "babsst");
Deleted : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Deleted : user_pref("extensions.claro.dfltLng", "en");
Deleted : user_pref("extensions.claro.excTlbr", false);
Deleted : user_pref("extensions.claro.id", "feefe68b0000000000000025d39b5fea");
Deleted : user_pref("extensions.claro.instlDay", "15657");
Deleted : user_pref("extensions.claro.instlRef", "sst");
Deleted : user_pref("extensions.claro.prdct", "claro");
Deleted : user_pref("extensions.claro.prtnrId", "claro");
Deleted : user_pref("extensions.claro.tlbrId", "claro");
Deleted : user_pref("extensions.claro.tlbrSrchUrl", "");
Deleted : user_pref("extensions.claro.vrsn", "1.8.3.10");
Deleted : user_pref("extensions.claro.vrsni", "1.8.3.10");
Deleted : user_pref("extensions.claro_i.smplGrp", "none");
Deleted : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1012:03:54");
*************************
AdwCleaner[R3].txt - [3261 octets] - [16/11/2012 12:14:01]
AdwCleaner[R4].txt - [3321 octets] - [16/11/2012 16:38:57]
AdwCleaner[S1].txt - [3273 octets] - [16/11/2012 16:39:22]
########## EOF - C:\AdwCleaner[S1].txt - [3333 octets] ##########
Code:
ATTFilter OTL Extras logfile created on: 16.11.2012 16:43:20 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Friederike\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,83% Memory free
6,00 Gb Paging File | 4,94 Gb Available in Paging File | 82,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273,40 Gb Total Space | 229,47 Gb Free Space | 83,93% Space Free | Partition Type: NTFS
Drive D: | 182,26 Gb Total Space | 179,91 Gb Free Space | 98,71% Space Free | Partition Type: NTFS
Computer Name: FRIEDERIKE-MSI | User Name: Friederike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-205577914-2600898699-3477215697-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05156E1B-836C-49F1-9E51-AB9B0A0CFC50}" = lport=139 | protocol=6 | dir=in | app=system |
"{07AFC22F-65C6-492B-AD6A-98C267030165}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17D43E0C-B546-4510-A7DB-E580DA4B2E45}" = lport=445 | protocol=6 | dir=in | app=system |
"{1B90647F-5190-4267-80D6-C3F7D03A32A4}" = lport=137 | protocol=17 | dir=in | app=system |
"{2C9A404F-852E-42E9-B791-D2D9652CDB22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2F96E07D-90FA-47DE-BB5E-0221CBB68EE7}" = rport=445 | protocol=6 | dir=out | app=system |
"{3154FB4E-FF00-48C6-844B-D84DBF6ECF15}" = lport=10243 | protocol=6 | dir=in | app=system |
"{50BC5EAF-336F-427B-8841-E9DCEDA6009D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{73634CB8-A70F-4802-9537-3666A5E8FFAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{87CBF515-D526-494D-AE2C-D0043E02FAFE}" = rport=137 | protocol=17 | dir=out | app=system |
"{8A09BB94-CB01-4210-9FE7-43A065339403}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9B141CFF-F7BA-467D-B050-3460170D0DDB}" = rport=138 | protocol=17 | dir=out | app=system |
"{9BC68A29-CB87-4BCA-9ED5-CBFBB466D620}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A1CB940D-C984-40EC-A8A6-4A88F030B1C2}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B6B6AF46-581F-43FC-9C0D-89B99F2906F0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE265DCE-58E3-4927-AF85-69CD3ACA283A}" = rport=139 | protocol=6 | dir=out | app=system |
"{C2ECB3A9-26AA-435B-B263-D07991BFD03D}" = lport=138 | protocol=17 | dir=in | app=system |
"{D88FB8E6-0600-4782-8885-46BFB960E8E9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF400640-54DB-479E-918A-1D6B5BE1E7D1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF540469-3442-43DB-9CC6-9065171ACDA0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FBCF3A19-BF14-492B-92AB-DD6EAD66F2E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{25C16F6C-8B06-46C0-8D05-0725E6722FCB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{29ECC8C0-BD1F-44D8-91EB-21E33759E3D1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{406DB038-38E0-4C56-8A44-FF50A326FCB3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4F2CCF78-1738-4330-A8B2-ECED1B321685}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66B2D108-118E-49A2-A192-F37C83DEA818}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B889761-66EB-4DA6-A062-695DA5B4AAF1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{71C8FF14-66E0-49BF-8210-1481CC5500E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81AAB32C-F465-456A-B199-9F3CD88FBA5A}" = protocol=6 | dir=out | app=system |
"{82BDA7ED-0AD9-4BEF-9473-CA5EBDB19CE5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{85332AA3-70D1-42CC-B18F-AE9CB27BC1EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8E776E00-4C86-4E3D-AF3C-CB2B30FC1A81}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{96A3B29D-FD71-4643-B3AF-84F62FDD5BFE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9CAB2E46-7513-4489-832A-EA17295A2B58}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BB10CA21-83D1-4BF4-87E1-254140DCE284}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C7CA64B4-FF07-4A70-9EE7-741886D182CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC3C5B46-507A-41CE-8E8F-749EA2A866E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D39016F1-6A40-4F16-A21D-4A2BF13FB974}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DE6095B8-9210-43FA-9FD0-7354292D6909}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8677980-7AE0-4C9B-9437-3FEE81204559}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{3D3C8AC3-A9E1-4B76-B3C6-8D03E9070FD6}C:\program files\ihmc cmaptools\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ihmc cmaptools\jre\bin\javaw.exe |
"UDP Query User{1981BE4C-9FA9-427B-8922-0A627BA8D5FF}C:\program files\ihmc cmaptools\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ihmc cmaptools\jre\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{A45C5EC7-F13E-4414-99BE-47373935C0FE}" = Eraser 6.0.10.2620
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = 1&1 Surf-Stick
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{C5D7039E-0803-4FE8-976D-156DE1147E4F}" = ArcSoft Print Creations
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"284D9B4A58796481EC5A61D01DCC5E654761629C" = ENE CIR Receiver Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Digital Editions" = Adobe Digital Editions
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"LSI Soft Modem" = LSI HDA Modem
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Samsung ML-1630 Series" = Samsung ML-1630 Series
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"WinRAR archiver" = WinRAR archiver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.10.2012 16:42:14 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 21.10.2012 15:02:57 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 22.10.2012 07:17:00 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 23.10.2012 04:36:55 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 27.10.2012 15:40:34 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 28.10.2012 06:05:17 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 29.10.2012 11:37:21 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 02.11.2012 14:48:33 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 07.11.2012 15:25:08 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 09.11.2012 13:07:08 | Computer Name = Friederike-msi | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 09.11.2012 15:42:13 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
Error - 09.11.2012 22:24:54 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
Error - 10.11.2012 04:37:21 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
Error - 11.11.2012 14:46:33 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
Error - 11.11.2012 18:21:11 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
Error - 12.11.2012 05:14:06 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
Error - 12.11.2012 11:21:23 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
Error - 12.11.2012 14:11:28 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
Error - 12.11.2012 16:59:33 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
Error - 13.11.2012 06:49:59 | Computer Name = Friederike-msi | Source = Service Control Manager | ID = 7000
Description = The DgiVecp service failed to start due to the following error: %%2
< End of report >
Code:
ATTFilter OTL logfile created on: 16.11.2012 16:43:20 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Friederike\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,83% Memory free
6,00 Gb Paging File | 4,94 Gb Available in Paging File | 82,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 273,40 Gb Total Space | 229,47 Gb Free Space | 83,93% Space Free | Partition Type: NTFS
Drive D: | 182,26 Gb Total Space | 179,91 Gb Free Space | 98,71% Space Free | Partition Type: NTFS
Computer Name: FRIEDERIKE-MSI | User Name: Friederike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Friederike\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
PRC - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files\1&1 Surf-Stick\AssistantServices.exe ()
PRC - C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\CitaviPickerCommunication.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
========== Services (SafeList) ==========
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (UI Assistant Service) -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe ()
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Micro Star SCM) -- C:\Program Files\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
========== Driver Services (SafeList) ==========
DRV - (USBCCID) -- system32\DRIVERS\RtsUCcid.sys File not found
DRV - (RtsUIR) -- system32\DRIVERS\Rts516xIR.sys File not found
DRV - (DgiVecp) -- C:\Windows\system32\Drivers\DgiVecp.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (toshidpt) -- C:\Windows\System32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (enecirhid) -- C:\Windows\System32\drivers\enecirhid.sys (ENE TECHNOLOGY INC.)
DRV - (enecirhidma) -- C:\Windows\System32\drivers\enecirhidma.sys (ENE TECHNOLOGY INC.)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-205577914-2600898699-3477215697-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {8AA36F4F-6DC7-4c06-77AF-5035170634FE}:2012.02.14
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012.08.21 09:12:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.13 12:55:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.30 10:07:49 | 000,000,000 | ---D | M]
[2012.08.16 19:56:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friederike\AppData\Roaming\Mozilla\Extensions
[2012.11.13 12:19:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Friederike\AppData\Roaming\Mozilla\Firefox\Profiles\wvw6vwfn.default\extensions
[2012.11.13 12:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.08.21 09:12:20 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [UIExec] C:\Program Files\1&1 Surf-Stick\UIExec.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 129.217.129.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57B4B11B-F091-4740-9272-58371C560EC4}: DhcpNameServer = 10.3.11.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B568DA77-FCDA-4CFB-8943-51FD96F70FE6}: DhcpNameServer = 129.217.129.42
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.11.16 04:15:23 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.11.16 04:15:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.11.16 04:14:59 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.11.16 04:14:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.11.16 04:14:59 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.11.16 04:14:36 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.11.16 04:14:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.11.16 04:14:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.11.16 04:14:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.11.16 04:14:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.11.16 04:14:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.11.16 04:14:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.11.16 04:14:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.11.16 03:58:48 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012.11.16 03:58:47 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2012.11.16 03:58:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012.11.16 03:58:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.16 03:58:42 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.11.16 03:58:41 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2012.11.16 03:58:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012.11.15 18:09:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.11.13 12:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.11.13 12:09:06 | 000,000,000 | ---D | C] -- C:\Users\Friederike\Documents\My Cmaps
[2012.11.13 12:09:06 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\CmapTools
[2012.11.13 12:09:05 | 000,000,000 | ---D | C] -- C:\Users\Friederike\CmapToolsLogs
[2012.11.13 12:04:59 | 000,000,000 | ---D | C] -- C:\Users\Friederike\.freemind
[2012.11.13 12:04:16 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\PerformerSoft
[2012.11.13 12:04:15 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe
[2012.11.13 11:59:59 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry
[2012.11.13 11:59:31 | 000,000,000 | -H-D | C] -- C:\Users\Friederike\InstallAnywhere
[2012.10.30 10:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.22 14:00:19 | 000,000,000 | ---D | C] -- C:\Users\Friederike\Documents\Bluetooth
[2012.10.21 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Friederike\AppData\Roaming\Avira
[2012.10.21 13:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.21 13:52:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.21 13:52:50 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.21 13:52:50 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.21 13:52:50 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.21 13:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.21 13:52:46 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
========== Files - Modified Within 30 Days ==========
[2012.11.16 16:40:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.16 16:40:21 | 2415,255,552 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.16 16:37:30 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.16 16:37:30 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.16 11:23:15 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 11:23:15 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 11:15:30 | 000,302,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.15 18:04:10 | 000,000,512 | ---- | M] () -- C:\Users\Friederike\Desktop\MBR.dat
[2012.11.13 14:19:12 | 000,031,744 | ---- | M] () -- C:\Users\Friederike\Documents\Rescue.asd
[2012.11.13 13:45:18 | 000,000,000 | ---- | M] () -- C:\Users\Friederike\defogger_reenable
[2012.11.13 12:55:31 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.13 12:09:02 | 000,002,389 | ---- | M] () -- C:\Users\Friederike\.powerupdate.user.properties
[2012.11.13 11:59:47 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.11.13 11:59:47 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.11.13 11:59:47 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.11.08 17:14:12 | 000,675,506 | ---- | M] () -- C:\Users\Public\Documents\sunshine-shakes.pdf
[2012.10.22 14:00:16 | 000,000,914 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2012.10.21 13:53:12 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.18 18:59:05 | 002,345,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
========== Files Created - No Company Name ==========
[2012.11.16 04:15:24 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.16 04:14:59 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.15 18:04:10 | 000,000,512 | ---- | C] () -- C:\Users\Friederike\Desktop\MBR.dat
[2012.11.13 14:19:12 | 000,031,744 | ---- | C] () -- C:\Users\Friederike\Documents\Rescue.asd
[2012.11.13 13:45:18 | 000,000,000 | ---- | C] () -- C:\Users\Friederike\defogger_reenable
[2012.11.13 12:55:31 | 000,001,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.13 12:55:31 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.13 12:09:02 | 000,002,389 | ---- | C] () -- C:\Users\Friederike\.powerupdate.user.properties
[2012.11.08 17:14:12 | 000,675,506 | ---- | C] () -- C:\Users\Public\Documents\sunshine-shakes.pdf
[2012.10.21 13:53:12 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.08.21 14:59:54 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Ich hoffe, ich habe alles richtig gemacht. Viele Grüße F.H. |
|
| Themen zu Wie Claro-Search bei Firefox entfernen? |
| anfrage, anfragen, browser manager, claro-search, download, einfach, eingefangen, entferne, entfernen, eraser, firefox, frage, fragen, gefangen, gen, hoffe, install.exe, kurze, plug-in, poste, unterforum |
Linear-Darstellung
