| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Browser starten nicht --- Virus ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.12.2012, 14:11
| #1 |
 |  Browser starten nicht --- Virus ? Hallo ich habe seit ein paar Tage das Problem das mein Browser sich immer wieder aufhängt, gar nicht erst startet etc. surfen ist eine einzige katastrophe es sind Google Chrome und Safari bei denen das problem auftritt beim Internet Explorer gibt's kein Problem habe Malwarebytes durchlaufen und habe 1 Fund aber keine ahnung ob es jetzt ein Virus ist oder nicht weiß nicht ob ich nicht den ganzen rechner formatieren muss/soll hier die Logfile Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.10.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Michi :: MICHI-PC [Administrator] 12/12/2012 09:30:39 mbam-log-2012-12-12 (10-50-42).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 460370 Laufzeit: 1 Stunde(n), 15 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{975670D0-7EFB-4FA8-90FA-3AE575B9FB77} (Trojan.Banker) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
12.12.2012, 18:52
| #2 | |
| /// TB-Ausbilder  | Browser starten nicht --- Virus ? Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich. Schritt 1: Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:Schritt 2: Scan mit aswMBR Schritt 3: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Schritt 4: Scan mit DDS (+ attach) Downloade dir bitte DDS (von sUBs) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop.
__________________ |
|
12.12.2012, 20:13
| #3 |
| | Browser starten nicht --- Virus ? Hallo hier sind die gewünschten Logfiles
__________________aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-12 19:28:16
-----------------------------
19:28:16.137 OS Version: Windows x64 6.1.7601 Service Pack 1
19:28:16.137 Number of processors: 2 586 0x603
19:28:16.137 ComputerName: MICHI-PC UserName: Michi
19:28:18.975 Initialize success
19:30:20.297 AVAST engine defs: 12121200
19:38:12.938 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-5
19:38:12.953 Disk 0 Vendor: Hitachi_HDS721010CLA332 JP4OA3EA Size: 953869MB BusType: 3
19:38:12.953 Disk 0 MBR read successfully
19:38:12.969 Disk 0 MBR scan
19:38:12.984 Disk 0 Windows 7 default MBR code
19:38:12.984 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 54 MB offset 63
19:38:13.000 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 99998 MB offset 112455
19:38:13.016 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 853814 MB offset 204910592
19:38:13.047 Disk 0 scanning C:\Windows\system32\drivers
19:38:23.078 Service scanning
19:38:48.443 Modules scanning
19:38:48.459 Disk 0 trace - called modules:
19:38:48.474 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
19:38:48.490 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800490d790]
19:38:48.506 3 CLASSPNP.SYS[fffff8800196643f] -> nt!IofCallDriver -> [0xfffffa8004893520]
19:38:48.506 5 ACPI.sys[fffff88000f107a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-5[0xfffffa800488e680]
19:38:49.130 AVAST engine scan C:\Windows
19:38:51.532 AVAST engine scan C:\Windows\system32
19:41:58.374 AVAST engine scan C:\Windows\system32\drivers
19:42:10.635 AVAST engine scan C:\Users\Michi
19:48:18.163 AVAST engine scan C:\ProgramData
19:52:49.224 Scan finished successfully
19:55:22.104 Disk 0 MBR has been saved successfully to "C:\Users\Michi\Desktop\MBR.dat"
19:55:22.104 The log file has been saved successfully to "C:\Users\Michi\Desktop\aswMBR.txt"
Code:
ATTFilter 19:56:20.0650 8112 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:56:20.0920 8112 ============================================================
19:56:20.0920 8112 Current date / time: 2012/12/12 19:56:20.0920
19:56:20.0920 8112 SystemInfo:
19:56:20.0920 8112
19:56:20.0920 8112 OS Version: 6.1.7601 ServicePack: 1.0
19:56:20.0920 8112 Product type: Workstation
19:56:20.0920 8112 ComputerName: MICHI-PC
19:56:20.0920 8112 UserName: Michi
19:56:20.0920 8112 Windows directory: C:\Windows
19:56:20.0920 8112 System windows directory: C:\Windows
19:56:20.0920 8112 Running under WOW64
19:56:20.0920 8112 Processor architecture: Intel x64
19:56:20.0920 8112 Number of processors: 2
19:56:20.0920 8112 Page size: 0x1000
19:56:20.0920 8112 Boot type: Normal boot
19:56:20.0920 8112 ============================================================
19:56:22.0310 8112 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:56:22.0370 8112 ============================================================
19:56:22.0370 8112 \Device\Harddisk0\DR0:
19:56:22.0370 8112 MBR partitions:
19:56:22.0370 8112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B708
19:56:22.0370 8112 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0xC34F2CC
19:56:22.0370 8112 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC36B000, BlocksNum 0x6839B000
19:56:22.0370 8112 ============================================================
19:56:22.0380 8112 C: <-> \Device\Harddisk0\DR0\Partition2
19:56:22.0420 8112 E: <-> \Device\Harddisk0\DR0\Partition3
19:56:22.0420 8112 ============================================================
19:56:22.0420 8112 Initialize success
19:56:22.0420 8112 ============================================================
19:56:40.0771 6448 ============================================================
19:56:40.0771 6448 Scan started
19:56:40.0771 6448 Mode: Manual; TDLFS;
19:56:40.0771 6448 ============================================================
19:56:41.0176 6448 ================ Scan system memory ========================
19:56:41.0176 6448 System memory - ok
19:56:41.0176 6448 ================ Scan services =============================
19:56:41.0317 6448 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:56:41.0332 6448 1394ohci - ok
19:56:41.0348 6448 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:56:41.0348 6448 ACPI - ok
19:56:41.0363 6448 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:56:41.0363 6448 AcpiPmi - ok
19:56:41.0473 6448 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:56:41.0488 6448 AdobeARMservice - ok
19:56:41.0597 6448 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:41.0597 6448 AdobeFlashPlayerUpdateSvc - ok
19:56:41.0644 6448 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:56:41.0660 6448 adp94xx - ok
19:56:41.0675 6448 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:56:41.0691 6448 adpahci - ok
19:56:41.0707 6448 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:56:41.0707 6448 adpu320 - ok
19:56:41.0722 6448 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:41.0722 6448 AeLookupSvc - ok
19:56:41.0753 6448 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:56:41.0769 6448 AFD - ok
19:56:41.0785 6448 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:56:41.0785 6448 agp440 - ok
19:56:41.0831 6448 [ BC569A6C209D94F6643EE35710AEC1F6 ] aksdf C:\Windows\system32\DRIVERS\aksdf.sys
19:56:41.0831 6448 aksdf - ok
19:56:41.0831 6448 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:56:41.0847 6448 ALG - ok
19:56:41.0847 6448 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:56:41.0847 6448 aliide - ok
19:56:41.0894 6448 [ AFDC33B6DA788D88E5D7F19C965DA3F4 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:56:41.0894 6448 AMD External Events Utility - ok
19:56:41.0956 6448 AMD FUEL Service - ok
19:56:41.0987 6448 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:56:41.0987 6448 amdide - ok
19:56:42.0003 6448 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:56:42.0003 6448 AmdK8 - ok
19:56:42.0206 6448 [ E3512A0A3F3F7CC9FEED94CC67E97FFF ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:56:42.0346 6448 amdkmdag - ok
19:56:42.0393 6448 [ 604B3220FDAD8428CE4E3FE8A8F27361 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:56:42.0409 6448 amdkmdap - ok
19:56:42.0424 6448 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:56:42.0424 6448 AmdPPM - ok
19:56:42.0455 6448 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:56:42.0471 6448 amdsata - ok
19:56:42.0487 6448 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:56:42.0502 6448 amdsbs - ok
19:56:42.0518 6448 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:56:42.0518 6448 amdxata - ok
19:56:42.0565 6448 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:56:42.0580 6448 AntiVirSchedulerService - ok
19:56:42.0627 6448 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:56:42.0643 6448 AntiVirService - ok
19:56:42.0689 6448 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:56:42.0689 6448 AODDriver4.2 - ok
19:56:42.0721 6448 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:56:42.0721 6448 AppID - ok
19:56:42.0752 6448 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:56:42.0752 6448 AppIDSvc - ok
19:56:42.0783 6448 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:56:42.0783 6448 Appinfo - ok
19:56:42.0830 6448 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:56:42.0830 6448 arc - ok
19:56:42.0845 6448 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:56:42.0845 6448 arcsas - ok
19:56:42.0861 6448 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:42.0861 6448 AsyncMac - ok
19:56:42.0892 6448 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:56:42.0892 6448 atapi - ok
19:56:42.0939 6448 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:56:42.0939 6448 AtiHDAudioService - ok
19:56:43.0111 6448 [ E3512A0A3F3F7CC9FEED94CC67E97FFF ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:56:43.0157 6448 atikmdag - ok
19:56:43.0189 6448 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
19:56:43.0189 6448 AtiPcie - ok
19:56:43.0235 6448 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:43.0251 6448 AudioEndpointBuilder - ok
19:56:43.0267 6448 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:56:43.0267 6448 AudioSrv - ok
19:56:43.0313 6448 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:56:43.0313 6448 avgntflt - ok
19:56:43.0345 6448 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:56:43.0345 6448 avipbb - ok
19:56:43.0391 6448 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:56:43.0391 6448 avkmgr - ok
19:56:43.0438 6448 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
19:56:43.0469 6448 AVM WLAN Connection Service - ok
19:56:43.0485 6448 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
19:56:43.0485 6448 avmeject - ok
19:56:43.0516 6448 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:56:43.0532 6448 AxInstSV - ok
19:56:43.0563 6448 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:56:43.0579 6448 b06bdrv - ok
19:56:43.0610 6448 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:43.0610 6448 b57nd60a - ok
19:56:43.0657 6448 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:56:43.0657 6448 BDESVC - ok
19:56:43.0672 6448 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:56:43.0688 6448 Beep - ok
19:56:43.0719 6448 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:56:43.0735 6448 BFE - ok
19:56:43.0766 6448 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:56:43.0781 6448 BITS - ok
19:56:43.0797 6448 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:56:43.0797 6448 blbdrive - ok
19:56:43.0828 6448 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:56:43.0844 6448 Bonjour Service - ok
19:56:43.0859 6448 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:43.0875 6448 bowser - ok
19:56:43.0891 6448 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:56:43.0891 6448 BrFiltLo - ok
19:56:43.0906 6448 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:56:43.0906 6448 BrFiltUp - ok
19:56:43.0953 6448 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:56:43.0953 6448 BridgeMP - ok
19:56:43.0984 6448 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:56:43.0984 6448 Browser - ok
19:56:44.0125 6448 [ EBBA16A88F517BFB1B7681ABF006C8B0 ] Browser Manager C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
19:56:44.0140 6448 Browser Manager - ok
19:56:44.0171 6448 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:56:44.0171 6448 Brserid - ok
19:56:44.0171 6448 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:44.0171 6448 BrSerWdm - ok
19:56:44.0187 6448 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:44.0187 6448 BrUsbMdm - ok
19:56:44.0218 6448 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:44.0218 6448 BrUsbSer - ok
19:56:44.0218 6448 BTCFilterService - ok
19:56:44.0234 6448 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:56:44.0234 6448 BTHMODEM - ok
19:56:44.0265 6448 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:56:44.0281 6448 bthserv - ok
19:56:44.0296 6448 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:56:44.0296 6448 cdfs - ok
19:56:44.0327 6448 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:56:44.0327 6448 cdrom - ok
19:56:44.0359 6448 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:56:44.0359 6448 CertPropSvc - ok
19:56:44.0359 6448 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:56:44.0359 6448 circlass - ok
19:56:44.0374 6448 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:56:44.0390 6448 CLFS - ok
19:56:44.0437 6448 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:44.0452 6448 clr_optimization_v2.0.50727_32 - ok
19:56:44.0483 6448 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:44.0483 6448 clr_optimization_v2.0.50727_64 - ok
19:56:44.0546 6448 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:44.0561 6448 clr_optimization_v4.0.30319_32 - ok
19:56:44.0593 6448 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:56:44.0593 6448 clr_optimization_v4.0.30319_64 - ok
19:56:44.0624 6448 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:56:44.0624 6448 CmBatt - ok
19:56:44.0639 6448 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:56:44.0639 6448 cmdide - ok
19:56:44.0671 6448 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:56:44.0686 6448 CNG - ok
19:56:44.0686 6448 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:56:44.0686 6448 Compbatt - ok
19:56:44.0717 6448 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:56:44.0717 6448 CompositeBus - ok
19:56:44.0733 6448 COMSysApp - ok
19:56:44.0764 6448 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:56:44.0764 6448 crcdisk - ok
19:56:44.0795 6448 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:56:44.0795 6448 CryptSvc - ok
19:56:44.0827 6448 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:56:44.0842 6448 DcomLaunch - ok
19:56:44.0858 6448 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:56:44.0858 6448 defragsvc - ok
19:56:44.0873 6448 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:56:44.0889 6448 DfsC - ok
19:56:44.0905 6448 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:56:44.0905 6448 Dhcp - ok
19:56:44.0920 6448 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:56:44.0920 6448 discache - ok
19:56:44.0936 6448 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:56:44.0936 6448 Disk - ok
19:56:44.0967 6448 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:56:44.0967 6448 Dnscache - ok
19:56:44.0998 6448 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:56:44.0998 6448 dot3svc - ok
19:56:45.0014 6448 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:56:45.0029 6448 DPS - ok
19:56:45.0045 6448 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:56:45.0045 6448 drmkaud - ok
19:56:45.0092 6448 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:56:45.0092 6448 DXGKrnl - ok
19:56:45.0107 6448 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:56:45.0107 6448 EapHost - ok
19:56:45.0185 6448 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:56:45.0201 6448 ebdrv - ok
19:56:45.0232 6448 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:56:45.0232 6448 EFS - ok
19:56:45.0263 6448 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:56:45.0279 6448 ehRecvr - ok
19:56:45.0310 6448 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:56:45.0326 6448 ehSched - ok
19:56:45.0357 6448 [ A14D6E3EF78F6D6AC42F98D633F2400A ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
19:56:45.0357 6448 ElbyCDIO - ok
19:56:45.0404 6448 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:56:45.0419 6448 elxstor - ok
19:56:45.0451 6448 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:56:45.0451 6448 ErrDev - ok
19:56:45.0513 6448 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:56:45.0513 6448 EventSystem - ok
19:56:45.0544 6448 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:56:45.0544 6448 exfat - ok
19:56:45.0607 6448 Fabs - ok
19:56:45.0622 6448 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:56:45.0622 6448 fastfat - ok
19:56:45.0669 6448 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:56:45.0685 6448 Fax - ok
19:56:45.0700 6448 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:56:45.0700 6448 fdc - ok
19:56:45.0747 6448 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:56:45.0747 6448 fdPHost - ok
19:56:45.0763 6448 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:56:45.0763 6448 FDResPub - ok
19:56:45.0778 6448 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:56:45.0778 6448 FileInfo - ok
19:56:45.0794 6448 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:56:45.0794 6448 Filetrace - ok
19:56:45.0856 6448 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:56:45.0903 6448 FirebirdServerMAGIXInstance - ok
19:56:45.0903 6448 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:56:45.0903 6448 flpydisk - ok
19:56:45.0934 6448 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:56:45.0934 6448 FltMgr - ok
19:56:45.0981 6448 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:56:45.0997 6448 FontCache - ok
19:56:46.0043 6448 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:46.0043 6448 FontCache3.0.0.0 - ok
19:56:46.0075 6448 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:56:46.0075 6448 FsDepends - ok
19:56:46.0106 6448 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
19:56:46.0106 6448 fssfltr - ok
19:56:46.0184 6448 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:56:46.0231 6448 fsssvc - ok
19:56:46.0246 6448 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:56:46.0246 6448 Fs_Rec - ok
19:56:46.0277 6448 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:56:46.0277 6448 fvevol - ok
19:56:46.0309 6448 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
19:56:46.0324 6448 FWLANUSB - ok
19:56:46.0340 6448 FXDrv32 - ok
19:56:46.0371 6448 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:56:46.0371 6448 gagp30kx - ok
19:56:46.0418 6448 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:56:46.0418 6448 gpsvc - ok
19:56:46.0496 6448 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:46.0527 6448 gupdate - ok
19:56:46.0543 6448 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:46.0543 6448 gupdatem - ok
19:56:46.0605 6448 [ D8BF3C594BD17A37960362E6C6739B90 ] Hardlock C:\Windows\system32\drivers\hardlock.sys
19:56:46.0605 6448 Hardlock - ok
19:56:46.0636 6448 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:56:46.0636 6448 hcw85cir - ok
19:56:46.0683 6448 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:46.0683 6448 HdAudAddService - ok
19:56:46.0699 6448 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:56:46.0714 6448 HDAudBus - ok
19:56:46.0714 6448 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:56:46.0714 6448 HidBatt - ok
19:56:46.0730 6448 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:56:46.0730 6448 HidBth - ok
19:56:46.0730 6448 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:56:46.0730 6448 HidIr - ok
19:56:46.0745 6448 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:56:46.0745 6448 hidserv - ok
19:56:46.0792 6448 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:56:46.0792 6448 HidUsb - ok
19:56:46.0823 6448 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:46.0823 6448 hkmsvc - ok
19:56:46.0855 6448 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:46.0855 6448 HomeGroupListener - ok
19:56:46.0870 6448 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:46.0886 6448 HomeGroupProvider - ok
19:56:46.0917 6448 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:56:46.0917 6448 HpSAMD - ok
19:56:46.0964 6448 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:46.0979 6448 HTTP - ok
19:56:46.0995 6448 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:56:46.0995 6448 hwpolicy - ok
19:56:47.0011 6448 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:56:47.0011 6448 i8042prt - ok
19:56:47.0042 6448 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:56:47.0042 6448 iaStorV - ok
19:56:47.0073 6448 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:47.0104 6448 idsvc - ok
19:56:47.0120 6448 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:56:47.0120 6448 iirsp - ok
19:56:47.0151 6448 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:47.0151 6448 IKEEXT - ok
19:56:47.0167 6448 IntcAzAudAddService - ok
19:56:47.0198 6448 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:56:47.0198 6448 intelide - ok
19:56:47.0213 6448 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:56:47.0213 6448 intelppm - ok
19:56:47.0229 6448 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:47.0229 6448 IPBusEnum - ok
19:56:47.0260 6448 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:47.0260 6448 IpFilterDriver - ok
19:56:47.0291 6448 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:56:47.0291 6448 iphlpsvc - ok
19:56:47.0307 6448 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:56:47.0307 6448 IPMIDRV - ok
19:56:47.0323 6448 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:56:47.0323 6448 IPNAT - ok
19:56:47.0338 6448 [ 05360B1EA5A2ABF620D1D96EBD8BD8F1 ] irda C:\Windows\system32\DRIVERS\irda.sys
19:56:47.0338 6448 irda - ok
19:56:47.0369 6448 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:56:47.0369 6448 IRENUM - ok
19:56:47.0385 6448 [ 3848384AB383F0A8F506C4370635C1F9 ] Irmon C:\Windows\System32\irmon.dll
19:56:47.0385 6448 Irmon - ok
19:56:47.0432 6448 [ D2CA12736624BA636F8357DC3EF0757E ] irsir C:\Windows\system32\DRIVERS\irsir.sys
19:56:47.0432 6448 irsir - ok
19:56:47.0447 6448 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:56:47.0447 6448 isapnp - ok
19:56:47.0463 6448 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:56:47.0463 6448 iScsiPrt - ok
19:56:47.0479 6448 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:47.0479 6448 kbdclass - ok
19:56:47.0510 6448 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:47.0510 6448 kbdhid - ok
19:56:47.0525 6448 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:56:47.0525 6448 KeyIso - ok
19:56:47.0541 6448 [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
19:56:47.0541 6448 KMWDFILTER - ok
19:56:47.0572 6448 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:56:47.0572 6448 KSecDD - ok
19:56:47.0603 6448 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:56:47.0603 6448 KSecPkg - ok
19:56:47.0619 6448 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:56:47.0619 6448 ksthunk - ok
19:56:47.0650 6448 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:56:47.0666 6448 KtmRm - ok
19:56:47.0681 6448 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:56:47.0681 6448 LanmanServer - ok
19:56:47.0713 6448 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:47.0713 6448 LanmanWorkstation - ok
19:56:47.0744 6448 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:56:47.0744 6448 lltdio - ok
19:56:47.0759 6448 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:56:47.0759 6448 lltdsvc - ok
19:56:47.0775 6448 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:56:47.0775 6448 lmhosts - ok
19:56:47.0806 6448 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:56:47.0806 6448 LSI_FC - ok
19:56:47.0806 6448 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:56:47.0806 6448 LSI_SAS - ok
19:56:47.0822 6448 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:56:47.0822 6448 LSI_SAS2 - ok
19:56:47.0822 6448 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:56:47.0822 6448 LSI_SCSI - ok
19:56:47.0837 6448 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:56:47.0837 6448 luafv - ok
19:56:47.0869 6448 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:56:47.0869 6448 Mcx2Svc - ok
19:56:47.0884 6448 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:56:47.0884 6448 megasas - ok
19:56:47.0884 6448 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:56:47.0884 6448 MegaSR - ok
19:56:47.0962 6448 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:56:47.0978 6448 Microsoft Office Groove Audit Service - ok
19:56:48.0009 6448 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:56:48.0025 6448 MMCSS - ok
19:56:48.0040 6448 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:56:48.0040 6448 Modem - ok
19:56:48.0071 6448 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:56:48.0071 6448 monitor - ok
19:56:48.0087 6448 motccgp - ok
19:56:48.0087 6448 motccgpfl - ok
19:56:48.0103 6448 MotDev - ok
19:56:48.0134 6448 [ EB03D4164E7F10B601D280413655ADE4 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
19:56:48.0134 6448 MotioninJoyXFilter - ok
19:56:48.0149 6448 motmodem - ok
19:56:48.0149 6448 MotoSwitchService - ok
19:56:48.0149 6448 Motousbnet - ok
19:56:48.0165 6448 motusbdevice - ok
19:56:48.0196 6448 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:56:48.0196 6448 mouclass - ok
19:56:48.0227 6448 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:56:48.0227 6448 mouhid - ok
19:56:48.0243 6448 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:56:48.0243 6448 mountmgr - ok
19:56:48.0259 6448 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:56:48.0259 6448 mpio - ok
19:56:48.0274 6448 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:56:48.0274 6448 mpsdrv - ok
19:56:48.0305 6448 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:56:48.0321 6448 MpsSvc - ok
19:56:48.0352 6448 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:56:48.0352 6448 MRxDAV - ok
19:56:48.0368 6448 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:48.0383 6448 mrxsmb - ok
19:56:48.0399 6448 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:48.0415 6448 mrxsmb10 - ok
19:56:48.0430 6448 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:48.0446 6448 mrxsmb20 - ok
19:56:48.0461 6448 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:56:48.0461 6448 msahci - ok
19:56:48.0477 6448 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:56:48.0493 6448 msdsm - ok
19:56:48.0493 6448 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:56:48.0493 6448 MSDTC - ok
19:56:48.0539 6448 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:56:48.0539 6448 Msfs - ok
19:56:48.0555 6448 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:56:48.0555 6448 mshidkmdf - ok
19:56:48.0586 6448 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:56:48.0586 6448 msisadrv - ok
19:56:48.0602 6448 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:56:48.0602 6448 MSiSCSI - ok
19:56:48.0617 6448 msiserver - ok
19:56:48.0633 6448 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:56:48.0633 6448 MSKSSRV - ok
19:56:48.0633 6448 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:48.0649 6448 MSPCLOCK - ok
19:56:48.0649 6448 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:56:48.0649 6448 MSPQM - ok
19:56:48.0680 6448 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:56:48.0680 6448 MsRPC - ok
19:56:48.0695 6448 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:56:48.0695 6448 mssmbios - ok
19:56:48.0711 6448 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:56:48.0711 6448 MSTEE - ok
19:56:48.0727 6448 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:56:48.0727 6448 MTConfig - ok
19:56:48.0758 6448 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:56:48.0758 6448 Mup - ok
19:56:48.0789 6448 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:56:48.0789 6448 napagent - ok
19:56:48.0836 6448 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:56:48.0836 6448 NativeWifiP - ok
19:56:48.0867 6448 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:56:48.0883 6448 NDIS - ok
19:56:48.0898 6448 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:48.0898 6448 NdisCap - ok
19:56:48.0914 6448 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:48.0914 6448 NdisTapi - ok
19:56:48.0945 6448 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:48.0945 6448 Ndisuio - ok
19:56:48.0976 6448 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:48.0976 6448 NdisWan - ok
19:56:49.0007 6448 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:56:49.0007 6448 NDProxy - ok
19:56:49.0085 6448 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
19:56:49.0117 6448 Nero BackItUp Scheduler 4.0 - ok
19:56:49.0132 6448 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:56:49.0148 6448 NetBIOS - ok
19:56:49.0163 6448 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:56:49.0163 6448 NetBT - ok
19:56:49.0163 6448 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:56:49.0179 6448 Netlogon - ok
19:56:49.0210 6448 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:56:49.0210 6448 Netman - ok
19:56:49.0226 6448 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:56:49.0226 6448 netprofm - ok
19:56:49.0257 6448 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:56:49.0257 6448 NetTcpPortSharing - ok
19:56:49.0288 6448 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:56:49.0288 6448 nfrd960 - ok
19:56:49.0304 6448 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:56:49.0304 6448 NlaSvc - ok
19:56:49.0351 6448 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
19:56:49.0366 6448 NMSAccess - ok
19:56:49.0382 6448 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:56:49.0397 6448 Npfs - ok
19:56:49.0413 6448 NSHE - ok
19:56:49.0429 6448 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:56:49.0429 6448 nsi - ok
19:56:49.0444 6448 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:56:49.0444 6448 nsiproxy - ok
19:56:49.0491 6448 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:56:49.0507 6448 Ntfs - ok
19:56:49.0522 6448 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:56:49.0522 6448 Null - ok
19:56:49.0538 6448 NVHDA - ok
19:56:49.0553 6448 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:56:49.0553 6448 nvraid - ok
19:56:49.0569 6448 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:56:49.0569 6448 nvstor - ok
19:56:49.0585 6448 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:56:49.0600 6448 nv_agp - ok
19:56:49.0663 6448 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:56:49.0709 6448 odserv - ok
19:56:49.0725 6448 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:56:49.0725 6448 ohci1394 - ok
19:56:49.0772 6448 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:56:49.0787 6448 ose - ok
19:56:49.0819 6448 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:56:49.0819 6448 p2pimsvc - ok
19:56:49.0850 6448 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:56:49.0850 6448 p2psvc - ok
19:56:49.0881 6448 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:56:49.0881 6448 Parport - ok
19:56:49.0912 6448 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:56:49.0912 6448 partmgr - ok
19:56:49.0928 6448 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:56:49.0928 6448 PcaSvc - ok
19:56:49.0943 6448 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:56:49.0943 6448 pci - ok
19:56:49.0975 6448 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:56:49.0975 6448 pciide - ok
19:56:49.0975 6448 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:56:49.0990 6448 pcmcia - ok
19:56:50.0006 6448 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:56:50.0006 6448 pcw - ok
19:56:50.0021 6448 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:56:50.0021 6448 PEAUTH - ok
19:56:50.0084 6448 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:56:50.0099 6448 PerfHost - ok
19:56:50.0131 6448 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:56:50.0146 6448 pla - ok
19:56:50.0209 6448 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:56:50.0209 6448 PlugPlay - ok
19:56:50.0240 6448 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:56:50.0240 6448 PNRPAutoReg - ok
19:56:50.0255 6448 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:56:50.0271 6448 PNRPsvc - ok
19:56:50.0287 6448 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:56:50.0287 6448 PolicyAgent - ok
19:56:50.0318 6448 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:56:50.0318 6448 Power - ok
19:56:50.0333 6448 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:56:50.0333 6448 PptpMiniport - ok
19:56:50.0365 6448 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:56:50.0365 6448 Processor - ok
19:56:50.0396 6448 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:56:50.0411 6448 ProfSvc - ok
19:56:50.0427 6448 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:50.0427 6448 ProtectedStorage - ok
19:56:50.0458 6448 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:56:50.0458 6448 Psched - ok
19:56:50.0489 6448 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:56:50.0521 6448 ql2300 - ok
19:56:50.0521 6448 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:56:50.0521 6448 ql40xx - ok
19:56:50.0552 6448 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:56:50.0552 6448 QWAVE - ok
19:56:50.0567 6448 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:56:50.0567 6448 QWAVEdrv - ok
19:56:50.0583 6448 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:56:50.0583 6448 RasAcd - ok
19:56:50.0614 6448 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:50.0614 6448 RasAgileVpn - ok
19:56:50.0630 6448 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:56:50.0630 6448 RasAuto - ok
19:56:50.0645 6448 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:50.0645 6448 Rasl2tp - ok
19:56:50.0677 6448 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:56:50.0692 6448 RasMan - ok
19:56:50.0708 6448 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:50.0708 6448 RasPppoe - ok
19:56:50.0723 6448 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:56:50.0723 6448 RasSstp - ok
19:56:50.0739 6448 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:56:50.0739 6448 rdbss - ok
19:56:50.0755 6448 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:56:50.0755 6448 rdpbus - ok
19:56:50.0770 6448 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:50.0770 6448 RDPCDD - ok
19:56:50.0801 6448 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:56:50.0801 6448 RDPENCDD - ok
19:56:50.0801 6448 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:56:50.0801 6448 RDPREFMP - ok
19:56:50.0833 6448 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:56:50.0848 6448 RDPWD - ok
19:56:50.0864 6448 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:56:50.0864 6448 rdyboost - ok
19:56:50.0895 6448 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:56:50.0895 6448 RemoteAccess - ok
19:56:50.0911 6448 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:56:50.0926 6448 RemoteRegistry - ok
19:56:50.0926 6448 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:56:50.0926 6448 RpcEptMapper - ok
19:56:50.0942 6448 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:56:50.0957 6448 RpcLocator - ok
19:56:50.0973 6448 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:56:50.0989 6448 RpcSs - ok
19:56:51.0004 6448 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:56:51.0004 6448 rspndr - ok
19:56:51.0035 6448 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:56:51.0051 6448 RTL8167 - ok
19:56:51.0051 6448 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:56:51.0051 6448 SamSs - ok
19:56:51.0082 6448 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:56:51.0082 6448 sbp2port - ok
19:56:51.0098 6448 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:56:51.0098 6448 SCardSvr - ok
19:56:51.0113 6448 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:56:51.0113 6448 scfilter - ok
19:56:51.0160 6448 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:56:51.0176 6448 Schedule - ok
19:56:51.0191 6448 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:56:51.0207 6448 SCPolicySvc - ok
19:56:51.0207 6448 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:56:51.0223 6448 SDRSVC - ok
19:56:51.0238 6448 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:56:51.0238 6448 secdrv - ok
19:56:51.0254 6448 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:56:51.0254 6448 seclogon - ok
19:56:51.0269 6448 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:56:51.0269 6448 SENS - ok
19:56:51.0285 6448 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:56:51.0285 6448 SensrSvc - ok
19:56:51.0301 6448 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:56:51.0301 6448 Serenum - ok
19:56:51.0316 6448 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:56:51.0316 6448 Serial - ok
19:56:51.0332 6448 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:56:51.0332 6448 sermouse - ok
19:56:51.0363 6448 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:56:51.0363 6448 SessionEnv - ok
19:56:51.0379 6448 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:56:51.0379 6448 sffdisk - ok
19:56:51.0394 6448 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:56:51.0394 6448 sffp_mmc - ok
19:56:51.0410 6448 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:56:51.0410 6448 sffp_sd - ok
19:56:51.0425 6448 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:56:51.0425 6448 sfloppy - ok
19:56:51.0441 6448 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:56:51.0441 6448 SharedAccess - ok
19:56:51.0457 6448 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:51.0457 6448 ShellHWDetection - ok
19:56:51.0503 6448 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:56:51.0503 6448 SiSRaid2 - ok
19:56:51.0519 6448 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:56:51.0519 6448 SiSRaid4 - ok
19:56:51.0550 6448 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:56:51.0550 6448 Smb - ok
19:56:51.0581 6448 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:56:51.0597 6448 SNMPTRAP - ok
19:56:51.0597 6448 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:56:51.0597 6448 spldr - ok
19:56:51.0628 6448 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:56:51.0644 6448 Spooler - ok
19:56:51.0722 6448 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:56:51.0753 6448 sppsvc - ok
19:56:51.0769 6448 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:56:51.0784 6448 sppuinotify - ok
19:56:51.0784 6448 sptd - ok
19:56:51.0815 6448 [ 46BE3584FE0F72D3430E669225ACCB40 ] SRS_AE_Service C:\Windows\system32\drivers\SRS_AE_amd64.sys
19:56:51.0831 6448 SRS_AE_Service - ok
19:56:51.0862 6448 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:56:51.0862 6448 srv - ok
19:56:51.0878 6448 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:56:51.0878 6448 srv2 - ok
19:56:51.0893 6448 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:56:51.0893 6448 srvnet - ok
19:56:51.0925 6448 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:56:51.0925 6448 SSDPSRV - ok
19:56:51.0940 6448 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:56:51.0940 6448 SstpSvc - ok
19:56:51.0987 6448 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
19:56:51.0987 6448 StarOpen - ok
19:56:52.0081 6448 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
19:56:52.0112 6448 StarWindServiceAE - ok
19:56:52.0127 6448 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:56:52.0127 6448 stexstor - ok
19:56:52.0159 6448 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:56:52.0159 6448 stisvc - ok
19:56:52.0190 6448 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:56:52.0190 6448 swenum - ok
19:56:52.0205 6448 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:56:52.0205 6448 swprv - ok
19:56:52.0252 6448 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:56:52.0268 6448 SysMain - ok
19:56:52.0299 6448 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:52.0299 6448 TabletInputService - ok
19:56:52.0330 6448 [ F33FDC72298DF4BF9813A55D21F4EB31 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
19:56:52.0330 6448 taphss - ok
19:56:52.0346 6448 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:56:52.0346 6448 TapiSrv - ok
19:56:52.0377 6448 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:56:52.0377 6448 TBS - ok
19:56:52.0424 6448 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:56:52.0455 6448 Tcpip - ok
19:56:52.0486 6448 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:56:52.0486 6448 TCPIP6 - ok
19:56:52.0502 6448 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:56:52.0502 6448 tcpipreg - ok
19:56:52.0533 6448 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:56:52.0533 6448 TDPIPE - ok
19:56:52.0549 6448 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:56:52.0549 6448 TDTCP - ok
19:56:52.0580 6448 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:56:52.0595 6448 tdx - ok
19:56:52.0611 6448 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:56:52.0627 6448 TermDD - ok
19:56:52.0658 6448 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:56:52.0673 6448 TermService - ok
19:56:52.0705 6448 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:56:52.0705 6448 Themes - ok
19:56:52.0720 6448 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:56:52.0720 6448 THREADORDER - ok
19:56:52.0736 6448 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:56:52.0736 6448 TrkWks - ok
19:56:52.0767 6448 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:52.0783 6448 TrustedInstaller - ok
19:56:52.0798 6448 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:52.0798 6448 tssecsrv - ok
19:56:52.0829 6448 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:56:52.0845 6448 TsUsbFlt - ok
19:56:52.0876 6448 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:56:52.0876 6448 tunnel - ok
19:56:52.0892 6448 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:56:52.0892 6448 uagp35 - ok
19:56:52.0923 6448 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:56:52.0923 6448 udfs - ok
19:56:52.0939 6448 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:56:52.0939 6448 UI0Detect - ok
19:56:52.0970 6448 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:56:52.0970 6448 uliagpkx - ok
19:56:53.0001 6448 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:56:53.0001 6448 umbus - ok
19:56:53.0001 6448 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:56:53.0001 6448 UmPass - ok
19:56:53.0017 6448 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:56:53.0032 6448 upnphost - ok
19:56:53.0063 6448 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:56:53.0063 6448 usbaudio - ok
19:56:53.0079 6448 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:53.0079 6448 usbccgp - ok
19:56:53.0079 6448 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:56:53.0079 6448 usbcir - ok
19:56:53.0095 6448 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:56:53.0095 6448 usbehci - ok
19:56:53.0110 6448 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:56:53.0110 6448 usbhub - ok
19:56:53.0110 6448 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:56:53.0110 6448 usbohci - ok
19:56:53.0141 6448 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:56:53.0141 6448 usbprint - ok
19:56:53.0157 6448 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:56:53.0157 6448 usbscan - ok
19:56:53.0173 6448 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:53.0173 6448 USBSTOR - ok
19:56:53.0188 6448 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:56:53.0188 6448 usbuhci - ok
19:56:53.0204 6448 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:56:53.0204 6448 UxSms - ok
19:56:53.0219 6448 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:56:53.0219 6448 VaultSvc - ok
19:56:53.0235 6448 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:56:53.0235 6448 vdrvroot - ok
19:56:53.0266 6448 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:56:53.0266 6448 vds - ok
19:56:53.0282 6448 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:53.0282 6448 vga - ok
19:56:53.0282 6448 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:56:53.0282 6448 VgaSave - ok
19:56:53.0313 6448 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:56:53.0313 6448 vhdmp - ok
19:56:53.0329 6448 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:56:53.0329 6448 viaide - ok
19:56:53.0344 6448 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:56:53.0344 6448 volmgr - ok
19:56:53.0360 6448 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:56:53.0360 6448 volmgrx - ok
19:56:53.0375 6448 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:56:53.0391 6448 volsnap - ok
19:56:53.0422 6448 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:56:53.0422 6448 vsmraid - ok
19:56:53.0453 6448 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:56:53.0469 6448 VSS - ok
19:56:53.0485 6448 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:56:53.0485 6448 vwifibus - ok
19:56:53.0516 6448 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:56:53.0516 6448 W32Time - ok
19:56:53.0531 6448 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:56:53.0531 6448 WacomPen - ok
19:56:53.0563 6448 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:56:53.0563 6448 WANARP - ok
19:56:53.0563 6448 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:56:53.0563 6448 Wanarpv6 - ok
19:56:53.0594 6448 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:56:53.0609 6448 wbengine - ok
19:56:53.0625 6448 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:56:53.0625 6448 WbioSrvc - ok
19:56:53.0656 6448 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:56:53.0656 6448 wcncsvc - ok
19:56:53.0672 6448 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:53.0672 6448 WcsPlugInService - ok
19:56:53.0687 6448 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:56:53.0687 6448 Wd - ok
19:56:53.0719 6448 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:56:53.0719 6448 Wdf01000 - ok
19:56:53.0734 6448 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:56:53.0734 6448 WdiServiceHost - ok
19:56:53.0734 6448 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:56:53.0734 6448 WdiSystemHost - ok
19:56:53.0797 6448 Web Assistant Updater - ok
19:56:53.0812 6448 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:56:53.0828 6448 WebClient - ok
19:56:53.0843 6448 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:56:53.0859 6448 Wecsvc - ok
19:56:53.0859 6448 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:56:53.0859 6448 wercplsupport - ok
19:56:53.0890 6448 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:56:53.0890 6448 WerSvc - ok
19:56:53.0921 6448 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:53.0921 6448 WfpLwf - ok
19:56:53.0937 6448 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:56:53.0937 6448 WIMMount - ok
19:56:53.0953 6448 WinDefend - ok
19:56:53.0953 6448 WinHttpAutoProxySvc - ok
19:56:53.0999 6448 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:56:53.0999 6448 Winmgmt - ok
19:56:54.0062 6448 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:56:54.0077 6448 WinRM - ok
19:56:54.0140 6448 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:56:54.0140 6448 WinUsb - ok
19:56:54.0171 6448 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:56:54.0171 6448 Wlansvc - ok
19:56:54.0202 6448 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:56:54.0218 6448 wlcrasvc - ok
19:56:54.0311 6448 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:56:54.0343 6448 wlidsvc - ok
19:56:54.0358 6448 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:56:54.0358 6448 WmiAcpi - ok
19:56:54.0389 6448 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:56:54.0389 6448 wmiApSrv - ok
19:56:54.0421 6448 WMPNetworkSvc - ok
19:56:54.0499 6448 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
19:56:54.0499 6448 WMZuneComm - ok
19:56:54.0530 6448 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:56:54.0530 6448 WPCSvc - ok
19:56:54.0561 6448 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:56:54.0561 6448 WPDBusEnum - ok
19:56:54.0577 6448 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:56:54.0577 6448 ws2ifsl - ok
19:56:54.0592 6448 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:56:54.0592 6448 wscsvc - ok
19:56:54.0592 6448 WSearch - ok
19:56:54.0655 6448 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:56:54.0686 6448 wuauserv - ok
19:56:54.0717 6448 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:56:54.0717 6448 WudfPf - ok
19:56:54.0733 6448 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:54.0733 6448 WUDFRd - ok
19:56:54.0748 6448 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:56:54.0748 6448 wudfsvc - ok
19:56:54.0779 6448 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:56:54.0779 6448 WwanSvc - ok
19:56:54.0826 6448 [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:56:54.0826 6448 xusb21 - ok
19:56:54.0998 6448 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
19:56:55.0076 6448 ZuneNetworkSvc - ok
19:56:55.0107 6448 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
19:56:55.0107 6448 ZuneWlanCfgSvc - ok
19:56:55.0138 6448 ================ Scan global ===============================
19:56:55.0154 6448 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:56:55.0185 6448 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:56:55.0201 6448 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:56:55.0216 6448 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:56:55.0216 6448 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:56:55.0232 6448 [Global] - ok
19:56:55.0232 6448 ================ Scan MBR ==================================
19:56:55.0232 6448 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:56:55.0544 6448 \Device\Harddisk0\DR0 - ok
19:56:55.0544 6448 ================ Scan VBR ==================================
19:56:55.0544 6448 [ 8A2128FB5CEAFE554E84FC1D16E4306B ] \Device\Harddisk0\DR0\Partition1
19:56:55.0544 6448 \Device\Harddisk0\DR0\Partition1 - ok
19:56:55.0559 6448 [ 5B2B2EE27F75936D4F480364889BDD53 ] \Device\Harddisk0\DR0\Partition2
19:56:55.0559 6448 \Device\Harddisk0\DR0\Partition2 - ok
19:56:55.0575 6448 [ 9858D57BC8EDDF62B32953AAC1ED941B ] \Device\Harddisk0\DR0\Partition3
19:56:55.0591 6448 \Device\Harddisk0\DR0\Partition3 - ok
19:56:55.0591 6448 ============================================================
19:56:55.0591 6448 Scan finished
19:56:55.0591 6448 ============================================================
19:56:55.0606 7476 Detected object count: 0
19:56:55.0606 7476 Actual detected object count: 0
19:57:08.0819 8140 Deinitialize success
DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by Michi at 19:58:45 on 2012-12-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2639 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.de/
uSearch Bar = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
uSearch Page = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
uDefault_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
mStart Page = hxxp://www.searchcompletion.com?si=10195&home=true
mSearch Bar = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
mSearch Page = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
mDefault_Search_URL = hxxp://search.searchcompletion.com?si=10195&bs=true&q=
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
dURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
dURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Michi\AppData\Roaming\Complitly\Complitly.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [miCoach Manager] C:\Program Files (x86)\adidas\miCoach Manager\SyncManager.exe -autorun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DS3 Tool] C:\PROGRA~1\MOTION~1\ds3\DS3_Tool.exe -mini
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
uPolicies-Explorer: NoDriveAutorun = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: An OneNote s&enden - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Michi\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Users\Michi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{079E8C8E-8A1B-4954-BC98-F66FB81E75A6} : DHCPNameServer = 192.168.20.1 192.168.20.254
TCP: Interfaces\{21293506-167C-4D02-A825-C1192261D519} : DHCPNameServer = 192.168.20.1 192.168.20.254
TCP: Interfaces\{3C74DC25-ED9B-4D03-9CFE-52BD0A982456} : DHCPNameServer = 192.168.20.1 192.168.20.254
TCP: Interfaces\{9CACCDA0-76ED-4896-8A60-27AC23564C40} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{B977B551-FFED-4C87-B364-936CBD4B0E9E} : DHCPNameServer = 192.168.20.1 192.168.20.254
TCP: Interfaces\{CD02B375-CEFE-431D-985C-4160A8EDB0F1} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{FAB50E2B-451B-49E1-9D1C-0E8E3A3A6F1F} : DHCPNameServer = 192.168.20.1 192.168.20.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll {dll_str}
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Michi\AppData\Roaming\Complitly\64\Complitly64.dll
x64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-STS: Deskscapes Class - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} -
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-11-15 27800]
R2 aksdf;aksdf;C:\Windows\System32\drivers\aksdf.sys [2011-2-21 65024]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-11-12 240640]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-12 361984]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-11-15 85280]
R2 AntiVirService;Avira Echtzeit-Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-11-15 109344]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-11-15 99912]
R2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.5.976.107\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\mngr.exe [2012-12-7 2403352]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-5-24 1840128]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]
R3 FWLANUSB;AVM FRITZ!WLAN;C:\Windows\System32\drivers\fwlanusb.sys [2011-11-14 460800]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-8-9 346144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe --> C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [?]
S3 avmeject;AVM Eject;C:\Windows\System32\drivers\avmeject.sys [2011-11-14 14120]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-13 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-2-19 117520]
S3 SRS_AE_Service;SRS Audio Essentials;C:\Windows\System32\drivers\SRS_AE_amd64.sys [2011-8-1 513824]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-14 59392]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-12-10 16:39:02 -------- d-----w- C:\Users\Michi\AppData\Roaming\Malwarebytes
2012-12-10 16:38:49 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-10 16:38:48 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-10 16:38:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-05 08:11:38 -------- d-----w- C:\Program Files\Bonjour
2012-12-05 08:11:38 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-12-05 08:10:54 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-05 08:10:54 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-05 08:10:54 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-05 08:10:54 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-05 08:10:54 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-05 08:10:54 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-05 08:10:54 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-02 18:49:49 -------- d-----w- C:\Windows\SysWow64\searchplugins
2012-12-02 18:49:49 -------- d-----w- C:\Windows\SysWow64\Extensions
2012-12-02 18:49:45 -------- d-----w- C:\ProgramData\Browser Manager
2012-12-02 18:47:44 -------- d-----w- C:\Users\Michi\AppData\Roaming\FLVPlayerPackages
2012-12-02 18:47:12 -------- d-----w- C:\Users\Michi\AppData\Roaming\Babylon
2012-12-02 18:47:12 -------- d-----w- C:\ProgramData\Babylon
2012-12-02 10:31:07 -------- d-----w- C:\Program Files\InterActual
2012-12-01 08:43:24 -------- d-----w- C:\Users\Michi\AppData\Roaming\UBitMenu
2012-11-18 13:21:17 -------- d-----w- C:\Windows\rescache
2012-11-18 12:37:21 -------- d-----w- C:\Program Files (x86)\EA GAMES
2012-11-18 10:17:44 -------- d-----w- C:\Program Files (x86)\AMD AVT
2012-11-18 10:17:39 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-11-18 09:53:11 3615888 ----a-w- C:\Windows\System32\RtkAPO64.dll
2012-11-18 09:36:50 -------- d-----w- C:\Windows\ehome
2012-11-18 07:23:24 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-11-18 07:23:17 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-18 06:58:33 -------- d-----w- C:\Users\Michi\AppData\Roaming\Windows Live Writer
2012-11-18 06:58:33 -------- d-----w- C:\Users\Michi\AppData\Local\Windows Live Writer
2012-11-18 06:20:56 -------- d-----w- C:\Users\Michi\AppData\Local\{0C3DE67A-9648-4C1A-8F81-6C40F7A18B0A}
2012-11-17 06:08:07 -------- d-----w- C:\Users\Michi\AppData\Local\{67DA8AE8-DE9E-4EA2-BCD0-FE16FF9CE4AB}
2012-11-16 06:14:24 -------- d-----w- C:\Users\Michi\AppData\Local\{7E7C6554-5E98-4A6F-8D34-933207E46E04}
2012-11-15 11:36:52 -------- d-----w- C:\Users\Michi\AppData\Local\AMD
2012-11-15 11:35:50 -------- d-----w- C:\ProgramData\AMD
2012-11-15 11:17:39 -------- d-----w- C:\AMD
2012-11-15 09:06:47 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-15 09:06:47 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-15 09:06:47 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-15 09:06:47 2560 ----a-w- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
2012-11-15 09:00:46 -------- d-----w- C:\Users\Michi\AppData\Roaming\Avira
2012-11-15 08:59:32 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-15 08:59:32 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-15 08:59:32 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-15 08:59:32 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-15 08:59:31 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-15 08:59:31 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-15 08:59:31 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-15 08:55:10 99912 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2012-11-15 08:55:10 27800 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2012-11-15 08:55:07 -------- d-----w- C:\ProgramData\Avira
2012-11-15 08:55:07 -------- d-----w- C:\Program Files (x86)\Avira
2012-11-15 08:07:17 -------- d-----w- C:\Windows\System32\IO
2012-11-15 07:54:56 -------- d-----w- C:\Program Files (x86)\AlphaTast
2012-11-15 07:48:38 -------- d-----w- C:\Users\Michi\AppData\Roaming\Complitly
2012-11-15 07:48:38 -------- d-----w- C:\Program Files (x86)\Complitly
2012-11-15 07:48:37 -------- d-----w- C:\Program Files (x86)\Complitly Setup
2012-11-15 07:48:29 -------- d-----w- C:\ProgramData\SearchOnline
2012-11-15 07:48:05 -------- d-----w- C:\Users\Michi\AppData\Roaming\DesktopIconForAmazon
2012-11-15 07:48:02 -------- d-----w- C:\Users\Michi\AppData\Roaming\OCS
2012-11-15 06:39:23 -------- d-----w- C:\Users\Michi\AppData\Local\{179E46CC-3965-4E14-ACF8-D90EF6C45F18}
2012-11-14 06:26:24 -------- d-----w- C:\Users\Michi\AppData\Local\{E86A8D00-C956-425F-A853-06C584EB4E61}
2012-11-13 06:13:21 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9003FA25-BADE-4447-8A95-D2590A50C414}\mpengine.dll
2012-11-12 21:08:26 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
2012-11-12 21:08:26 -------- d-----w- C:\Program Files (x86)\Common Files\DVDVideoSoft
2012-11-12 20:52:18 5624488 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-11-12 20:50:08 11270656 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-11-12 20:36:32 23436288 ----a-w- C:\Windows\System32\atio6axx.dll
2012-11-12 20:29:22 70144 ----a-w- C:\Windows\System32\coinst_9.01.8.dll
2012-11-12 20:27:14 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-11-12 20:25:50 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-11-12 20:25:48 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-11-12 20:25:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-11-12 20:25:40 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-11-12 20:25:28 16082944 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-11-12 20:21:10 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-11-12 20:19:00 18958336 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-11-12 20:14:48 6678528 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-11-12 20:04:50 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2012-11-12 20:04:42 548864 ----a-w- C:\Windows\System32\atieclxx.exe
2012-11-12 20:03:54 240640 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-11-12 20:02:32 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-11-12 20:02:18 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-11-12 20:02:14 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-11-12 20:02:08 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-11-12 20:00:22 4674048 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-11-12 19:56:44 7370752 ----a-w- C:\Windows\System32\atidxx64.dll
2012-11-12 19:52:02 6779392 ----a-w- C:\Windows\System32\atiumd64.dll
2012-11-12 19:49:48 3862528 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-11-12 19:41:22 618496 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-11-12 19:41:12 421888 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-11-12 19:41:00 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-11-12 19:40:56 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-11-12 19:40:56 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-11-12 19:40:52 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-11-12 19:40:44 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-11-12 19:40:36 546304 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-11-12 19:40:14 56320 ----a-w- C:\Windows\System32\atimpc64.dll
2012-11-12 19:40:14 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-11-12 19:40:06 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-11-12 19:40:06 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-11-12 19:37:10 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
.
==================== Find3M ====================
.
2012-12-11 18:49:35 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 18:49:35 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-12 20:18:54 949248 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-11-12 20:16:58 1137664 ----a-w- C:\Windows\System32\aticfx64.dll
2012-11-12 19:38:58 130048 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-11-12 19:38:50 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-11-12 19:38:42 104448 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-11-12 19:38:34 83968 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-11-12 14:46:54 222720 ----a-w- C:\Windows\System32\clinfo.exe
2012-11-12 14:46:36 76288 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-11-12 14:46:32 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-11-12 14:46:26 64512 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-11-12 14:46:24 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-11-12 14:46:14 34523136 ----a-w- C:\Windows\System32\amdocl64.dll
2012-11-12 14:41:32 28737536 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-11-12 14:37:28 54784 ----a-w- C:\Windows\System32\OpenCL.dll
2012-11-12 14:37:26 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-10-25 02:12:26 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12:26 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-10-22 13:01:00 72704 ----a-w- C:\Windows\ST5UNST.EXE
2012-10-22 13:01:00 1355776 ----a-w- C:\Windows\SysWow64\MSVBVM50.dll
2012-10-18 18:25:58 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 19:59:15,35 ===============
Attach Code:
ATTFilter . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 03/02/2011 16:17:30 System Uptime: 12/12/2012 13:23:18 (6 hours ago) . Motherboard: FOXCONN | | A76ML-K 30 Processor: AMD Athlon(tm) II X2 255 Processor | Socket AM3 | 3100/200mhz . ==== Disk Partitions ========================= . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 3D Morris Prof 1.0 Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS5 Adobe Reader X (10.1.4) - Deutsch Advertising Center AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD VISION Engine Control Center Angry Birds Rio Apple Application Support Apple Software Update ATI Catalyst Registration Avira Free Antivirus AVM FRITZ!WLAN Babylon Chrome Toolbar Bonjour Browser Manager Canon Inkjet Printer Driver Add-On Module V2.00 Canon Utilities Easy-PhotoPrint EX Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CDBurnerXP CloneDVD2 Complitly D3DX10 DVDVideoMedia Free 3GP Video Converter 2.1 EA SPORTS online 2006 ESET Online Scanner v3 FIFA Fussball-Weltmeisterschaft 2006 (TM) Firebird SQL Server - MAGIX Edition FLV Player Packages Free YouTube Download version 3.1.40.1031 Free YouTube to MP3 Converter version 3.11.35.1031 G-Force GIMP 2.8.0 Google Chrome Google Earth Plug-in Google Update Helper Grand Theft Auto San Andreas Grand Theft Auto Vice City GTAIII Hardlock Gerätetreiber iCloud ICQ7.5 ImagXpress IsoBuster 2.3 Java 7 Update 9 Java Auto Updater Java(TM) 7 Update 2 (64-bit) K-Lite Codec Pack 6.4.0 (Full) MAGIX Music Maker 16 Premium Download-Version MAGIX Music Maker MX Production Suite Download-Version MAGIX Music Maker MX Production Suite Download-Version (Einführungsvideos) MAGIX Music Maker MX Production Suite Download-Version (Instrumenten-Paket 1) MAGIX Music Maker MX Production Suite Download-Version (Instrumenten-Paket 2) MAGIX Music Maker MX Production Suite Download-Version (Instrumenten-Paket 3) MAGIX Music Maker MX Production Suite Download-Version (Instrumenten-Paket 4) MAGIX Music Maker MX Production Suite Download-Version (Instrumenten-Paket 5) MAGIX Music Maker MX Production Suite Download-Version (Instrumenten-Paket 6) MAGIX Music Maker MX Production Suite Download-Version (Soundpaket) MAGIX Music Maker MX Production Suite Download-Version (Synthesizer und Effekte) MAGIX Music Maker MX Production Suite Download-Version (Visuals) MAGIX Screenshare MAGIX Speed burnR MAGIX Speed burnR (MSI) Malwarebytes Anti-Malware Version 1.65.1.1000 Medal of Honor Allied Assault Medal of Honor Allied Assault(tm) Breakthrough Medal of Honor Pacific Assault(tm) Media Go Media Go Video Playback Engine 1.84.110.07010 Menu Templates - Starter Kit Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (German) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (German) 2007 Microsoft Office InfoPath MUI (German) 2007 Microsoft Office Live Add-in 1.5 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (German) 2007 Microsoft Office Outlook MUI (German) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (German) 2007 Microsoft Office Shared 64-bit MUI (German) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Word MUI (German) 2007 Microsoft Outlook Hotmail Connector 64-Bit Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 MotioninJoy ds3 driver version 0.6.0003 Movie Templates - Starter Kit MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB973685) Need For Speed™ World Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero CoverDesigner Help Nero Disc Copy Gadget Nero Disc Copy Gadget Help Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero Rescue Agent Nero RescueAgent Help Nero ShowTime Nero StartSmart Nero StartSmart Help Nero Vision Nero Vision Help NeroExpress neroxml PDF Settings CS5 PDFCreator PlayStation(R)Network Downloader PlayStation(R)Store QuickTime Ravensburger Puzzle Realtek Ethernet Controller Driver For Windows 7 Safari Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition simfy Text-To-Speech-Runtime Tom Clancy's Rainbow Six Vegas 2 UBitMenuDE Unreal Tournament 2003 Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition VLC media player 1.1.8 VNC Free Edition 4.1.2 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mesh Windows Live Mesh ActiveX control for remote connections Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Mobile Device Updater Component WinRAR Zune Zune Language Pack (CHS) Zune Language Pack (CHT) Zune Language Pack (CSY) Zune Language Pack (DAN) Zune Language Pack (DEU) Zune Language Pack (ELL) Zune Language Pack (ESP) Zune Language Pack (FIN) Zune Language Pack (FRA) Zune Language Pack (HUN) Zune Language Pack (IND) Zune Language Pack (ITA) Zune Language Pack (JPN) Zune Language Pack (KOR) Zune Language Pack (MSL) Zune Language Pack (NLD) Zune Language Pack (NOR) Zune Language Pack (PLK) Zune Language Pack (PTB) Zune Language Pack (PTG) Zune Language Pack (RUS) Zune Language Pack (SVE) . ==== End Of File =========================== |
|
12.12.2012, 20:29
| #4 | ||
| /// TB-Ausbilder | Browser starten nicht --- Virus ? Dann weiter  Schritt 1: Deinstalliere: Java(TM) 7 Update 2 (64-bit) Schritt 2: AdwCleaner: Werbeprogramme suchen und löschen Schritt 3: Scan mit Combofix
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
13.12.2012, 00:03
| #5 |
| | Browser starten nicht --- Virus ? Okay, Java Update deinstaliert und die 2 logfiles AdwCleaner Code:
ATTFilter # AdwCleaner v2.100 - Datei am 12/12/2012 um 22:51:36 erstellt
# Aktualisiert am 09/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Michi - MICHI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Michi\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : Browser Manager
Gestoppt & Gelöscht : Web Assistant Updater
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\user.js
Gelöscht mit Neustart : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\Program Files (x86)\Complitly
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\InstallMate
Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Ordner Gelöscht : C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Ordner Gelöscht : C:\Users\Michi\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Michi\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\Michi\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Michi\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Michi\AppData\Roaming\Complitly
Ordner Gelöscht : C:\Users\Michi\AppData\Roaming\OpenCandy
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKCU\Software\Complitly
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Microsoft\Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Schlüssel Gelöscht : HKLM\Software\SweetIM
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16455
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=em&q={searchTerms} --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://www.searchcompletion.com?si=10195&home=true --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://www.searchcompletion.com?si=10195&home=true --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://www.searchcompletion.com?si=10195&home=true --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://www.searchcompletion.com?si=10195&home=true --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://www.searchcompletion.com?si=10195&home=true --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchcompletion.com?si=10195&home=true --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://www.searchcompletion.com?si=10195&home=true --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.searchcompletion.com?si=10195&bs=true&q= --> hxxp://www.google.com
-\\ Google Chrome v23.0.1271.95
Datei : C:\Users\Michi\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [16499 octets] - [12/12/2012 22:51:36]
########## EOF - C:\AdwCleaner[S1].txt - [16560 octets] ##########
Code:
ATTFilter ComboFix 12-12-10.01 - Michi 12/12/2012 22:58:01.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2647 [GMT 1:00]
ausgeführt von:: c:\users\Michi\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\sdelevURL.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-11-12 bis 2012-12-12 ))))))))))))))))))))))))))))))
.
.
2012-12-12 22:12 . 2012-12-12 22:12 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-12 22:12 . 2012-12-12 22:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-10 16:39 . 2012-12-10 16:39 -------- d-----w- c:\users\Michi\AppData\Roaming\Malwarebytes
2012-12-10 16:38 . 2012-12-10 16:38 -------- d-----w- c:\programdata\Malwarebytes
2012-12-10 16:38 . 2012-12-10 16:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-10 16:38 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-05 16:14 . 2012-12-05 16:14 -------- d-----w- c:\program files\Common Files\Apple
2012-12-05 08:11 . 2012-12-05 08:11 -------- d-----w- c:\program files\Bonjour
2012-12-05 08:11 . 2012-12-05 08:11 -------- d-----w- c:\program files (x86)\Bonjour
2012-12-05 08:10 . 2012-12-05 16:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-12-05 08:10 . 2012-12-05 16:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-12-05 08:10 . 2012-12-05 16:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-12-05 08:10 . 2012-12-05 16:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-12-05 08:10 . 2012-12-05 16:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-12-05 08:10 . 2012-12-05 16:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-12-05 08:10 . 2012-12-05 16:19 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-12-05 08:10 . 2012-12-05 16:14 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-12-03 17:45 . 2012-12-03 17:45 -------- d-----w- c:\program files (x86)\Safari
2012-12-03 17:44 . 2012-12-03 17:44 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-12-02 18:49 . 2012-12-02 18:49 -------- d-----w- c:\windows\SysWow64\searchplugins
2012-12-02 18:49 . 2012-12-02 18:49 -------- d-----w- c:\windows\SysWow64\Extensions
2012-12-02 18:47 . 2012-12-02 18:47 -------- d-----w- c:\users\Michi\AppData\Roaming\FLVPlayerPackages
2012-12-02 10:48 . 2012-12-05 16:19 -------- d-----w- c:\program files (x86)\QuickTime
2012-12-02 10:31 . 2012-12-02 18:47 -------- d-----w- c:\program files\InterActual
2012-12-01 08:43 . 2012-12-01 08:45 -------- d-----w- c:\users\Michi\AppData\Roaming\UBitMenu
2012-11-18 13:21 . 2012-11-29 06:11 -------- d-----w- c:\windows\rescache
2012-11-18 12:37 . 2012-11-18 12:37 -------- d-----w- c:\program files (x86)\EA GAMES
2012-11-18 10:17 . 2012-11-18 10:17 -------- d-----w- c:\programdata\ATI
2012-11-18 10:17 . 2012-11-18 10:17 -------- d-----w- c:\program files (x86)\AMD AVT
2012-11-18 10:17 . 2012-11-18 10:17 -------- d-----w- c:\program files (x86)\AMD APP
2012-11-18 09:53 . 2012-06-08 15:18 3615888 ----a-w- c:\windows\system32\RtkAPO64.dll
2012-11-18 09:36 . 2012-11-18 09:36 -------- d-----w- c:\windows\ehome
2012-11-18 09:36 . 2012-11-18 09:39 -------- d-----r- c:\users\Public\Recorded TV
2012-11-18 09:36 . 2012-11-18 09:36 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
2012-11-18 07:23 . 2012-11-18 07:23 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-11-18 07:23 . 2012-11-18 07:23 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-18 07:23 . 2012-11-18 07:23 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-18 06:58 . 2012-11-18 06:58 -------- d-----w- c:\users\Michi\AppData\Local\Windows Live Writer
2012-11-18 06:58 . 2012-11-18 06:58 -------- d-----w- c:\users\Michi\AppData\Roaming\Windows Live Writer
2012-11-15 11:36 . 2012-11-15 11:36 -------- d-----w- c:\users\Michi\AppData\Local\AMD
2012-11-15 11:35 . 2012-11-18 10:17 -------- d-----w- c:\programdata\AMD
2012-11-15 11:17 . 2012-11-18 10:12 -------- d-----w- C:\AMD
2012-11-15 09:06 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-15 09:06 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 09:06 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 09:06 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 09:00 . 2012-11-15 09:00 -------- d-----w- c:\users\Michi\AppData\Roaming\Avira
2012-11-15 08:59 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 08:59 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 08:59 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 08:59 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 08:59 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 08:59 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-15 08:59 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 08:55 . 2012-12-11 17:54 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-11-15 08:55 . 2012-12-11 17:54 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-11-15 08:55 . 2012-09-24 08:58 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-11-15 08:55 . 2012-11-15 08:55 -------- d-----w- c:\programdata\Avira
2012-11-15 08:55 . 2012-11-15 08:55 -------- d-----w- c:\program files (x86)\Avira
2012-11-15 08:07 . 2012-11-15 08:07 -------- d-----w- c:\windows\system32\IO
2012-11-15 07:54 . 2012-11-15 08:05 -------- d-----w- c:\program files (x86)\AlphaTast
2012-11-15 07:48 . 2012-11-15 07:48 -------- d-----w- c:\program files (x86)\Complitly Setup
2012-11-15 07:48 . 2012-11-15 07:48 -------- d-----w- c:\programdata\SearchOnline
2012-11-15 07:48 . 2012-11-15 08:05 -------- d-----w- c:\users\Michi\AppData\Roaming\DesktopIconForAmazon
2012-11-15 07:48 . 2012-11-15 07:48 -------- d-----w- c:\users\Michi\AppData\Roaming\OCS
2012-11-13 06:13 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9003FA25-BADE-4447-8A95-D2590A50C414}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-11 18:49 . 2012-04-04 04:30 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 18:49 . 2011-06-04 05:58 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-15 09:00 . 2010-05-27 10:46 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-12 20:52 . 2012-11-12 20:52 5624488 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-11-12 20:50 . 2012-11-12 20:50 11270656 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-11-12 20:36 . 2012-11-12 20:36 23436288 ----a-w- c:\windows\system32\atio6axx.dll
2012-11-12 20:29 . 2012-11-12 20:29 70144 ----a-w- c:\windows\system32\coinst_9.01.8.dll
2012-11-12 20:27 . 2012-11-12 20:27 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-11-12 20:25 . 2012-11-12 20:25 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-11-12 20:25 . 2012-11-12 20:25 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-11-12 20:25 . 2012-11-12 20:25 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-11-12 20:25 . 2012-11-12 20:25 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-11-12 20:25 . 2012-11-12 20:25 16082944 ----a-w- c:\windows\system32\aticaldd64.dll
2012-11-12 20:21 . 2012-11-12 20:21 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-11-12 20:19 . 2012-11-12 20:19 18958336 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-11-12 20:18 . 2010-08-26 02:01 949248 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-11-12 20:16 . 2010-08-26 02:00 1137664 ----a-w- c:\windows\system32\aticfx64.dll
2012-11-12 20:14 . 2012-11-12 20:14 6678528 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-11-12 20:04 . 2012-11-12 20:04 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-11-12 20:04 . 2012-11-12 20:04 548864 ----a-w- c:\windows\system32\atieclxx.exe
2012-11-12 20:03 . 2012-11-12 20:03 240640 ----a-w- c:\windows\system32\atiesrxx.exe
2012-11-12 20:02 . 2012-11-12 20:02 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-11-12 20:02 . 2012-11-12 20:02 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-11-12 20:02 . 2012-11-12 20:02 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-11-12 20:02 . 2012-11-12 20:02 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-11-12 20:00 . 2012-11-12 20:00 4674048 ----a-w- c:\windows\system32\atiumd6a.dll
2012-11-12 19:56 . 2012-11-12 19:56 7370752 ----a-w- c:\windows\system32\atidxx64.dll
2012-11-12 19:52 . 2012-11-12 19:52 6779392 ----a-w- c:\windows\system32\atiumd64.dll
2012-11-12 19:49 . 2012-11-12 19:49 3862528 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-11-12 19:41 . 2012-11-12 19:41 618496 ----a-w- c:\windows\system32\atiadlxx.dll
2012-11-12 19:41 . 2012-11-12 19:41 421888 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-11-12 19:41 . 2012-11-12 19:41 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-11-12 19:40 . 2012-11-12 19:40 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-11-12 19:40 . 2012-11-12 19:40 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-11-12 19:40 . 2012-11-12 19:40 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-11-12 19:40 . 2012-11-12 19:40 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-11-12 19:40 . 2012-11-12 19:40 546304 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-11-12 19:40 . 2012-11-12 19:40 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-11-12 19:40 . 2012-11-12 19:40 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-11-12 19:40 . 2012-11-12 19:40 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-11-12 19:40 . 2012-11-12 19:40 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-11-12 19:38 . 2010-08-26 01:20 130048 ----a-w- c:\windows\system32\atiuxp64.dll
2012-11-12 19:38 . 2010-08-26 01:20 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-11-12 19:38 . 2010-08-26 01:20 104448 ----a-w- c:\windows\system32\atiu9p64.dll
2012-11-12 19:38 . 2010-08-26 01:19 83968 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-11-12 19:37 . 2012-11-12 19:37 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-11-12 14:46 . 2012-11-12 14:46 222720 ----a-w- c:\windows\system32\clinfo.exe
2012-11-12 14:46 . 2012-11-12 14:46 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-11-12 14:46 . 2012-11-12 14:46 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-11-12 14:46 . 2012-11-12 14:46 64512 ----a-w- c:\windows\system32\OVDecode64.dll
2012-11-12 14:46 . 2012-11-12 14:46 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-11-12 14:46 . 2012-11-12 14:46 34523136 ----a-w- c:\windows\system32\amdocl64.dll
2012-11-12 14:41 . 2012-11-12 14:41 28737536 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-11-12 14:37 . 2012-11-12 14:37 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-11-12 14:37 . 2012-11-12 14:37 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-10-22 13:01 . 2012-10-26 07:35 72704 ----a-w- c:\windows\ST5UNST.EXE
2012-10-22 13:01 . 2012-10-26 07:35 1355776 ----a-w- c:\windows\SysWow64\MSVBVM50.dll
2012-10-16 08:38 . 2012-11-28 06:19 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 06:19 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 06:19 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-09-14 19:19 . 2012-10-10 06:05 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 06:05 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DS3 Tool"="c:\progra~1\MOTION~1\ds3\DS3_Tool.exe" [2012-02-19 112400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-12 642216]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" [2012-12-02 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\Drivers\NSHE.SYS [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2006-12-28 14120]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R3 FXDrv32;FXDrv32;D:\FXDrv64.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2012-02-19 117520]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 SRS_AE_Service;SRS Audio Essentials;c:\windows\system32\drivers\SRS_AE_amd64.sys [2011-08-01 513824]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R4 sptd;sptd; [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-12 240640]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-12 361984]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [2006-12-28 460800]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 18:49]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-07 17:53]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-07 17:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Michi\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Michi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-miCoach Manager - c:\program files (x86)\adidas\miCoach Manager\SyncManager.exe
AddRemove-Hardlock Gerätetreiber - c:\windows\system32\UNWISE.EXE
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-1002632433-2949645387-1526579763-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-1002632433-2949645387-1526579763-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-1002632433-2949645387-1526579763-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1002632433-2949645387-1526579763-1000)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-1002632433-2949645387-1526579763-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-1002632433-2949645387-1526579763-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-1002632433-2949645387-1526579763-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-12 23:39:03
ComboFix-quarantined-files.txt 2012-12-12 22:38
.
Vor Suchlauf: 15 Verzeichnis(se), 27.211.554.816 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 26.877.493.248 Bytes frei
.
- - End Of File - - B1F0BF08A49E7BD1584D48BBFAFE03E2
|
|
13.12.2012, 00:05
| #6 | |
| /// TB-Ausbilder | Browser starten nicht --- Virus ? Gut!  Soweit ich das sehe haben wir damit alles Schädliche entfernt. Um sicher sein zu können müssen jetzt noch ein paar Kontrollen machen. Da diese sehr lange dauern können bitte ich dich mir erst wieder zu schreiben, wenn du auch wirklich alles erledigt hast oder Probleme auftreten sollten. Schritt 1: Quick-Scan mit Malwarebytes Schritt 2: ESET Online Scanner Zitat:
Schritt 3: Scan mit SecurityCheck Downloade Dir bitte SecurityCheck: LINK1 LINK2
__________________ --> Browser starten nicht --- Virus ? |
|
13.12.2012, 09:17
| #7 |
| | Browser starten nicht --- Virus ? Hallo bei Eset wurde nichts gefunden die anderen beiden logfiles sehen wie folgt aus: malewarebytes Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.13.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Michi :: MICHI-PC [Administrator] 13/12/2012 07:24:37 mbam-log-2012-12-13 (07-24-37).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 214209 Laufzeit: 2 Minute(n), 38 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.65.1.1000 Java 7 Update 9 Adobe Flash Player 11.5.502.135 Adobe Reader 10.1.4 Adobe Reader out of Date! Google Chrome 22.0.1229.95 Google Chrome 23.0.1271.95 Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
13.12.2012, 11:21
| #8 | ||||
| /// TB-Ausbilder | Browser starten nicht --- Virus ? Prima! Damit wären wir fertig. Wir räumen jetzt noch ein wenig auf und dann habe ich am Ende etwas Lesestoff für dich. Schritt 1: Tools deinstallieren
Schritt 2: ESET deinstallieren (Optional)
Schritt 3: Update: Adobe Reader
Probiere einen alternativen Viewer für pdf-Dokumente aus. Diese sind meist schlanker, schneller und schleusen sehr viel seltener Schädlinge ein. Mein Vorschlag:
Abschließend noch Tipps zu folgenden Themen:
Damit wünsche ich dir noch viel Spaß beim Surfen im Internet ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Eine Bitte: Gib mir eine kurze Rückmeldung, wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
13.12.2012, 13:17
| #9 |
| | Browser starten nicht --- Virus ? Danke für die Hilfe es ist alles erledigt, aber eine frage habe ich noch gibt es für chrome auch ein pop-up blogger? |
|
13.12.2012, 14:07
| #10 |
| /// TB-Ausbilder | Browser starten nicht --- Virus ? Das gibts bestimmt, aber ich nutze Chrome so gar nicht Schön, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen Falls du noch Lob oder Kritik loswerden möchtest, dann gibt es diesen Bereich hier: http://www.trojaner-board.de/lob-kritik-wuensche/
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu Browser starten nicht --- Virus ? |
| administrator, anti-malware, autostart, browser, code, dateien, explorer, formatieren, fund, gen, google, internet, internet explorer, malwarebytes, microsoft, problem, rechner, service, software, speicher, starten, starten nicht, startet, surfen, version, virus, virus ? |
Button.
und dann 
+ R Taste und kopiere folgenden Text in das Ausführen-Fenster und klicke OK.
Linear-Darstellung
