| |
| |||||||
Log-Analyse und Auswertung: Browser gekapert google wird auf isearch.avg weitergeleitetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.02.2013, 11:06
| #1 |
 |  Browser gekapert google wird auf isearch.avg weitergeleitet Hallo liebes Trojanerboard! Trotz oder gerade wegen AVG hat es mich wohl auch erwischt. Mein PC ist zum surfen kaum noch benutzbar. Suchanfragen von Chrome und IE und in etwas geringerem Ausmaß auch Firefox landen automatisch auf isearch.avg mit befremdlichen Suchergebnissen, selbst bei Eingabe gültiger Webadressen wie chip.de. Meine Internet-Recherche ergab nur beunruhigendes. Dort warteten kostenflichtige Angebote und weitere Schadsoftware. Hier fand ich einen Beitrag hier über TDSSKiller dieser hat aber rein nichts gefunden?  Was soll ich machen? Ich hoffe jemand kann mir weiterhelfen. Katja1 hier die LOGs (Sie sollten ja nicht als Anhang hochgeladen werden?) defogger_disable by jpshortstuff (23.02.10.1) Log created at 00:03 on 10/02/2013 (Katja) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- OTL logfile created on: 10.02.2013 00:04:56 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katja\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 57,90% Memory free 6,19 Gb Paging File | 4,92 Gb Available in Paging File | 79,51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 126,37 Gb Total Space | 60,28 Gb Free Space | 47,70% Space Free | Partition Type: NTFS Drive D: | 22,66 Gb Total Space | 12,51 Gb Free Space | 55,19% Space Free | Partition Type: FAT32 Computer Name: KATJA-NOTEBOOK | User Name: Katja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.02.09 23:08:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Katja\Desktop\OTL.exe PRC - [2013.02.09 22:40:16 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2013.01.26 13:13:35 | 001,101,488 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe PRC - [2013.01.26 13:13:35 | 000,945,328 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe PRC - [2012.11.19 17:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgtray.exe PRC - [2012.02.14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe PRC - [2011.09.25 19:23:45 | 000,336,896 | ---- | M] (AVM Berlin) -- C:\Users\Katja\AppData\Local\Apps\2.0\03EHO1C7.LHX\EJMOLZRB.ZZL\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe PRC - [2010.03.15 21:36:58 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.10.07 13:36:20 | 000,086,016 | ---- | M] () -- C:\Programme\gateProtect\VPN Client\bin\GPVPNService.exe PRC - [2007.11.02 12:31:24 | 000,069,632 | ---- | M] () -- C:\Programme\Softex\OmniPass\opvapp.exe PRC - [2007.11.02 12:31:08 | 000,040,960 | ---- | M] (Softex Inc.) -- C:\Programme\Softex\OmniPass\OmniServ.exe PRC - [2007.10.31 12:35:58 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007.10.17 15:42:40 | 000,128,296 | ---- | M] (CyberLink) -- C:\Programme\HomeCinema\Power2Go\CLMLSvc.exe PRC - [2007.10.15 09:15:08 | 001,410,344 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2007.10.15 09:14:48 | 000,202,024 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMBgMonitor.exe PRC - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.10.03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007.09.18 11:19:02 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2007.09.11 14:37:58 | 000,118,784 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WisLMSvc.exe PRC - [2007.09.07 08:26:54 | 000,086,016 | ---- | M] (Wistron) -- C:\Programme\Launch Manager\WButton.exe PRC - [2007.09.06 10:23:36 | 000,188,416 | ---- | M] (Wistron) -- C:\Programme\Launch Manager\HotkeyApp.exe PRC - [2007.09.01 13:03:50 | 000,032,768 | ---- | M] () -- C:\Programme\Launch Manager\LaunchAp.exe PRC - [2007.08.31 10:04:26 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe PRC - [2007.08.16 09:31:40 | 001,681,408 | ---- | M] (Buhl Data Service GmbH) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe PRC - [2007.04.19 12:11:08 | 000,016,384 | ---- | M] (Empolis GmbH) -- C:\Programme\Medion\MEDIONbox\Program\GCS.exe PRC - [2007.04.19 12:11:06 | 000,036,864 | ---- | M] (Empolis GmbH) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe PRC - [2007.02.09 20:51:34 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Programme\HomeCinema\PowerDVD\PDVDServ.exe PRC - [2006.12.26 10:23:34 | 000,180,224 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\OSD.exe PRC - [2006.11.02 13:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2006.11.02 13:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2006.11.02 10:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe ========== Modules (No Company Name) ========== MOD - [2013.02.09 22:40:16 | 003,023,256 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2013.01.26 13:13:35 | 001,101,488 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe MOD - [2013.01.26 13:13:35 | 000,156,848 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll MOD - [2011.09.25 19:23:38 | 000,368,640 | ---- | M] () -- C:\Users\Katja\AppData\Local\Apps\2.0\03EHO1C7.LHX\EJMOLZRB.ZZL\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\managedupnp.dll MOD - [2010.10.24 12:29:40 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\1255d7783a4c6ac254a55fde7b30019b\System.Deployment.ni.dll MOD - [2010.10.24 12:29:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll MOD - [2010.10.10 11:41:22 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll MOD - [2010.10.10 11:41:00 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll MOD - [2010.10.10 11:40:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll MOD - [2010.10.10 11:40:25 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a122c56b60812fb5cbc2e941d4875a87\PresentationFramework.Aero.ni.dll MOD - [2010.10.10 11:40:23 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\29eb51a21ce62ed759b162307bd65e32\PresentationFramework.ni.dll MOD - [2010.10.10 11:40:01 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\dc8dccca85718096c895b74094e09e5a\PresentationCore.ni.dll MOD - [2010.10.10 11:39:41 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c049bc39cb33f7459936a689484285d6\WindowsBase.ni.dll MOD - [2010.10.09 11:36:32 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll MOD - [2010.10.09 11:34:50 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll MOD - [2010.03.15 20:53:01 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2010.03.15 20:48:40 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll MOD - [2010.03.15 20:48:38 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2010.03.15 20:25:14 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2007.11.02 12:36:16 | 000,048,208 | ---- | M] () -- C:\Programme\Softex\OmniPass\hdddrv.dll MOD - [2007.11.02 12:28:16 | 000,434,176 | ---- | M] () -- C:\Programme\Softex\OmniPass\userdata.dll MOD - [2007.11.02 12:28:04 | 001,077,248 | ---- | M] () -- C:\Programme\Softex\OmniPass\autheng.dll MOD - [2007.11.02 12:27:48 | 000,532,480 | ---- | M] () -- C:\Programme\Softex\OmniPass\storeng.dll MOD - [2007.11.02 12:27:38 | 000,065,536 | ---- | M] () -- C:\Programme\Softex\OmniPass\opfsdll.dll MOD - [2007.11.02 12:27:28 | 000,016,896 | ---- | M] () -- C:\Programme\Softex\OmniPass\cryptodll.dll MOD - [2007.11.02 12:27:26 | 000,013,824 | ---- | M] () -- C:\Programme\Softex\OmniPass\SSPLogon.dll MOD - [2007.10.17 15:42:42 | 000,013,096 | ---- | M] () -- C:\Programme\HomeCinema\Power2Go\CLMLSvcPS.dll MOD - [2007.10.17 15:42:30 | 000,636,200 | ---- | M] () -- C:\Programme\HomeCinema\Power2Go\CLMediaLibrary.dll MOD - [2007.09.01 13:03:50 | 000,032,768 | ---- | M] () -- C:\Programme\Launch Manager\LaunchAp.exe ========== Services (SafeList) ========== SRV - [2013.02.09 23:31:12 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.02.09 22:40:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.01.26 13:13:35 | 000,945,328 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe -- (vToolbarUpdater14.0.1) SRV - [2013.01.08 14:41:40 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.11.02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.02.14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011.11.10 14:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2008.10.07 13:36:20 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Programme\gateProtect\VPN Client\bin\GPVPNService.exe -- (GPVPNService) SRV - [2007.12.27 17:26:57 | 000,069,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Programme\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager) SRV - [2007.11.02 12:31:08 | 000,040,960 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Programme\Softex\OmniPass\OmniServ.exe -- (omniserv) SRV - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2007.09.18 11:19:02 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.09.11 14:37:58 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Programme\Launch Manager\WisLMSvc.exe -- (WisLMSvc) SRV - [2007.08.24 03:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2007.08.16 09:31:40 | 001,681,408 | ---- | M] (Buhl Data Service GmbH) [Auto | Running] -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe -- (srvcPVR) SRV - [2007.04.19 12:11:06 | 000,036,864 | ---- | M] (Empolis GmbH) [Auto | Running] -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe -- (GnabService) SRV - [2006.11.02 13:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\igdkmd32.sys -- (igfx) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2013.01.26 13:13:35 | 000,031,576 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012.12.10 03:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2012.11.08 03:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012.08.24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012.04.19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012.01.31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011.12.23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011.12.23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2011.12.23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter) DRV - [2011.09.25 19:23:40 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio) DRV - [2010.06.23 08:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009.02.05 17:39:08 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiWinAcc.sys -- (SiFilter) DRV - [2009.02.05 17:39:00 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiRemFil.sys -- (SiRemFil) DRV - [2009.02.05 17:38:24 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Si3531.sys -- (Si3531) DRV - [2008.04.01 15:48:14 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2007.12.18 11:31:00 | 007,630,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007.08.30 19:24:24 | 000,805,416 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607) DRV - [2007.08.28 15:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) DRV - [2007.08.22 18:50:38 | 001,749,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) DRV - [2007.08.08 07:26:06 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) DRV - [2007.07.31 10:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap) DRV - [2006.11.30 14:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF) DRV - [2006.11.28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.11.02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2003.04.28 10:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/webhp?sourceid=navclient&hl=de&ie=UTF-8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA_deDE278 IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "hxxp://isearch.avg.com/?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&v=14.0.2.14&pid=avg&sg=&sap=hp" FF - prefs.js..extensions.enabledAddons: avg%40toolbar:14.0.2.14 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&pid=avg&sg=&v=14.0.2.14&sap=ku&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2013.01.30 22:57:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14 [2013.01.26 13:14:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.09 22:40:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.24 14:39:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katja\AppData\Roaming\mozilla\Extensions [2013.02.09 22:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.01.26 13:14:47 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.0.2.14 [2013.02.09 22:40:17 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013.02.09 22:40:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.26 13:14:00 | 000,003,591 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2013.02.09 22:40:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013.02.09 22:40:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2013.02.09 22:40:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.02.09 22:40:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2013.02.09 22:40:12 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://isearch.avg.com/?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&v=14.0.2.14&pid=avg&sg=&sap=hp CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}sourceid=chrome&ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://isearch.avg.com/?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&v=14.0.2.14&pid=avg&sg=&sap=hp CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: Google Drive = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: HTTPS Everywhere = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.1.18_0\ CHR - Extension: AVG Safe Search = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\ CHR - Extension: AVG Secure Search = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.0.2.14_0\ CHR - Extension: Google Mail = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" File not found O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron) O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe File not found O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe () O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe File not found O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Users\Katja\AppData\Local\Apps\2.0\03EHO1C7.LHX\EJMOLZRB.ZZL\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe (AVM Berlin) O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background File not found O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -update plugin File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre7\bin\jp2iexp.dll () O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: GD ([http] in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197719312979 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 10.9.2) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C395699-C9E9-4033-BBF3-620ECC9DDFB9}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71A6F85B-BE0E-45A8-9E15-75E79E66A30C}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll () O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{9c746514-056c-11e2-b59b-0016d388d80c}\Shell\AutoRun\command - "" = I:\PMBP_Win.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.02.09 23:08:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Katja\Desktop\OTL.exe [2013.02.09 22:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.02.03 19:15:51 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\TuneUp Software [2013.01.30 22:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013.01.13 17:59:27 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\Skype [2013.01.13 17:59:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.01.13 17:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013.01.13 17:59:16 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2013.01.13 17:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype ========== Files - Modified Within 30 Days ========== [2013.02.10 00:02:29 | 000,365,568 | ---- | M] () -- C:\Users\Katja\Desktop\gmer_2.0.18454.exe [2013.02.09 23:58:59 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.09 23:58:24 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.09 23:58:24 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.09 23:31:13 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.09 23:08:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Katja\Desktop\OTL.exe [2013.02.09 23:07:17 | 000,000,000 | ---- | M] () -- C:\Users\Katja\defogger_reenable [2013.02.09 23:06:31 | 000,050,477 | ---- | M] () -- C:\Users\Katja\Desktop\Defogger.exe [2013.02.09 22:05:11 | 000,651,112 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.02.09 22:05:11 | 000,618,272 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.02.09 22:05:11 | 000,120,908 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.02.09 22:05:11 | 000,107,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.02.09 21:58:52 | 000,088,947 | ---- | M] () -- C:\Users\Katja\AppData\Roaming\nvModes.001 [2013.02.09 21:58:43 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013.02.09 21:58:40 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.09 21:58:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.09 21:58:25 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys [2013.02.03 19:04:48 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013.02.03 17:23:01 | 108,664,694 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2013.01.30 22:57:45 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2013.01.26 13:13:35 | 000,031,576 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys [2013.01.18 17:47:11 | 000,001,975 | ---- | M] () -- C:\Users\Katja\Desktop\Google Chrome.lnk [2013.01.14 19:46:03 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2013.01.13 17:32:30 | 000,313,656 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm ========== Files Created - No Company Name ========== [2013.02.10 00:02:29 | 000,365,568 | ---- | C] () -- C:\Users\Katja\Desktop\gmer_2.0.18454.exe [2013.02.09 23:07:17 | 000,000,000 | ---- | C] () -- C:\Users\Katja\defogger_reenable [2013.02.09 23:06:30 | 000,050,477 | ---- | C] () -- C:\Users\Katja\Desktop\Defogger.exe [2013.01.26 13:14:45 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013.01.13 17:59:17 | 000,002,379 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.06.20 15:51:40 | 003,119,659 | ---- | C] () -- C:\Users\Katja\RIMG0892.JPG [2011.07.28 19:34:20 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.07.24 14:36:30 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2009.06.10 10:35:36 | 000,088,947 | ---- | C] () -- C:\Users\Katja\AppData\Roaming\nvModes.001 [2009.06.10 10:31:38 | 000,088,947 | ---- | C] () -- C:\Users\Katja\AppData\Roaming\nvModes.dat [2008.03.01 17:08:15 | 000,006,144 | ---- | C] () -- C:\Users\Katja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.03.01 17:01:59 | 000,000,093 | ---- | C] () -- C:\Users\Katja\AppData\Local\fusioncache.dat ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2010.03.15 21:43:01 | 011,315,712 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.03.15 21:22:28 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2006.11.02 10:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.08.04 07:48:09 | 000,000,000 | ---D | M] -- C:\Users\Katja\AppData\Roaming\AVG2012 [2010.09.22 13:18:29 | 000,000,000 | ---D | M] -- C:\Users\Katja\AppData\Roaming\gateProtect [2013.02.03 19:15:51 | 000,000,000 | ---D | M] -- C:\Users\Katja\AppData\Roaming\TuneUp Software ========== Purity Check ========== < End of report > OTL Extras logfile created on: 10.02.2013 00:04:56 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katja\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 57,90% Memory free 6,19 Gb Paging File | 4,92 Gb Available in Paging File | 79,51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 126,37 Gb Total Space | 60,28 Gb Free Space | 47,70% Space Free | Partition Type: NTFS Drive D: | 22,66 Gb Total Space | 12,51 Gb Free Space | 55,19% Space Free | Partition Type: FAT32 Computer Name: KATJA-NOTEBOOK | User Name: Katja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{2E1B1AA4-FEC3-42EC-9859-DB605B21EDA8}" = rport=445 | protocol=6 | dir=out | app=system | "{2F6B451D-222F-4078-820F-0857A8A8C6B6}" = rport=139 | protocol=6 | dir=out | app=system | "{318E450F-8752-4745-A5FC-63CAF78BD6D5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{36A04E1C-BB35-4236-8D01-824D53FE54D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3B47AF7F-33A6-4936-89A8-71DF40372710}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{46C799F3-97AB-418F-8B00-4B8A5B235F82}" = rport=10243 | protocol=6 | dir=out | app=system | "{524B0050-7DD3-4710-9E68-74122B27A0E9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5F59DC46-95ED-470C-AF6D-B61B38F09621}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{7D63F533-5478-42DE-8652-99A717CABCDC}" = lport=138 | protocol=17 | dir=in | app=system | "{866D3D89-1444-4BCB-8D49-B05C427375F8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{89AB623D-4B15-43BF-8E8C-C2E90402643D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8E58E178-CDE8-46AC-A7E8-17B04960E919}" = lport=2869 | protocol=6 | dir=in | app=system | "{93B12594-D9B5-431D-AB1B-1DFDE61A9160}" = rport=138 | protocol=17 | dir=out | app=system | "{98E3B07C-9330-452F-BCAE-7BD8617B24B4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9B3B5E2B-9613-4F35-869C-3636D28610D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{A6EE8515-A9B0-4729-8E4C-BA55B859E050}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{C0C11B4F-D51E-4C55-A5BE-F2C76C354DCB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{C1B9ADF4-E413-4A40-99D0-8BE37A7B40C3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{C9592E8A-BD2D-421A-A70F-097D816AE23B}" = lport=139 | protocol=6 | dir=in | app=system | "{D6D68B9B-0813-432B-A1B0-59149E891395}" = lport=445 | protocol=6 | dir=in | app=system | "{DBAC3A22-6B08-4D63-AA89-3396CD2FF1E9}" = rport=137 | protocol=17 | dir=out | app=system | "{DFF27173-23A1-4D33-90FE-7C4B36264200}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E3CABC93-55C7-4366-8600-D5BE6A938EA8}" = lport=2869 | protocol=6 | dir=in | app=system | "{E74A989B-F695-4090-9A1E-9B9C2E5EF319}" = lport=137 | protocol=17 | dir=in | app=system | "{F4D2A2D3-40C2-4C80-859A-53586D02B438}" = lport=10243 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{022BEC5F-4776-41A9-B273-979091EBF42E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{053C979F-8C4C-454B-AC7F-53699B9A8CEE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{11C65853-84B5-49E5-916F-BE5B112F4146}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{19280D1A-B6D7-4358-A5E0-90F41EC5E990}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "{1D41DC67-1DFD-4E7C-88C8-9EBEB18A9C28}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{1F2AFEE5-3795-43DD-A266-9566869C4830}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{21414FA7-3F37-4E11-8D5C-980CF98F1FE3}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{2FF3650F-5831-4281-8EDD-738CE056FE94}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3012225F-F405-4ACF-8A86-87015178C65C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3A85E5B9-FA3B-4829-A44A-9E37CF31E577}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3C2273B7-AF18-4E85-832C-75C86C165F63}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{3FA1A0C0-0B49-4A09-8DDB-73628879A0E6}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{457C4A84-BF49-491C-98FF-A0B0E0870D65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{4C7B764F-9A94-4027-9D43-5FC71D67B683}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{4EB2A490-881C-46D0-8ECB-C4F4C683BCD4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{59E76224-0BB8-4E07-9058-38DA326F3C42}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{5AD42548-6C2E-448E-9F27-CB44896B9FA4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{616D9E22-6306-4B86-9945-9706D4337D60}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{7E3F0BDE-91D8-41C8-98B4-CF4C869A2FED}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe | "{7F97FC2E-32E8-40DE-BF0E-B57156EABC19}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{81E6D8C7-B035-4738-BC32-005CFE4A9CA9}" = protocol=17 | dir=in | app=c:\users\katja\appdata\local\apps\2.0\03eho1c7.lhx\ejmolzrb.zzl\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | "{82174958-DA37-4CE9-AC1F-DF59CFE770FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8F147490-AF22-4033-999D-E9091A3E804B}" = protocol=17 | dir=in | app=c:\users\katja\appdata\local\apps\2.0\03eho1c7.lhx\ejmolzrb.zzl\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | "{92270740-28F3-4205-8EF7-32DC683AAF2C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{92D89671-5D37-43D2-9AF8-1E7795DE98F2}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{93C542C2-70A8-4FA9-AEF4-E9B08D23E756}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{9DD7CC8D-4D49-4FD8-840D-12838BA3F018}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{A0608C90-AF30-4D9B-9F4F-FEEF8537EDC9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A2597468-56AA-424E-BF5E-A023B3B9A6F7}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | "{A6094089-7AFA-4976-AD56-DDF6F01B6DCB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{A96ECD7E-2C9A-4DE3-863C-A262872DCC29}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{AE91C2E5-0E58-44A0-BD3B-3FB003986A73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{AED6F70E-C940-460F-BAAC-25A3DFF802DC}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe | "{BA93C9C4-683A-415F-8BAF-049516488432}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe | "{BBB0F565-3ADE-4355-8AC2-0D6134045D27}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | "{BCD8F906-A1A4-4726-8F80-E33EAEB938AF}" = protocol=6 | dir=in | app=c:\users\katja\appdata\local\apps\2.0\03eho1c7.lhx\ejmolzrb.zzl\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | "{BDC45900-34DD-47AB-9AC3-4A15D1BF0AB6}" = protocol=6 | dir=out | app=system | "{C1216FB7-7530-4497-8158-14D03AC7073B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C18F21F0-AAFE-400B-BE01-476F63B3129F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe | "{CA6D6820-003D-44CE-B61A-778F3AC1EC9F}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe | "{CFC334D3-EEDC-45CD-8C33-FBACDE825A3E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe | "{D426DEF0-8C57-4894-A644-E45CFEAA3A8F}" = protocol=6 | dir=in | app=c:\users\katja\appdata\local\apps\2.0\03eho1c7.lhx\ejmolzrb.zzl\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | "{D4449984-D561-4099-AD9D-A25DACB4F705}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe | "{D75B2324-D253-4901-B7D5-BF2973F27EE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E60F1560-D3B8-424C-A37B-8FF905C40418}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{F4F4A35B-4C79-420A-A6B0-9C44A84E5FCB}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe | "{FA96CC29-1097-4042-A251-E0459DAB41F2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe | "{FBA6B899-2FE8-4BAE-9721-899B3FFAB103}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe | "{FF1F94BE-6786-4DEF-8BCA-96AEA9786A39}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{40A6213E-A4F2-4363-88AF-7FEAD8B1AAD4}F:\easysetupassistant\wr842n\easysetupassistant.exe" = protocol=6 | dir=in | app=f:\easysetupassistant\wr842n\easysetupassistant.exe | "UDP Query User{04860FC6-0896-4730-ADF7-5B26B4507D27}F:\easysetupassistant\wr842n\easysetupassistant.exe" = protocol=17 | dir=in | app=f:\easysetupassistant\wr842n\easysetupassistant.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = YouCam "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime "{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9 "{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox "{286C5BE9-7E61-4AC1-B674-BED333C35F73}" = AVG 2012 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{53DF73B1-37F5-4B7F-86ED-FA7CC4041031}" = Nero 8 Essentials "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink Wireless LAN "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A5EA10B8-304A-412E-8ED8-4D8488F19A49}" = AVG 2012 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch "{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}" = TVsweeper "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.9 "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! "{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{E0091C29-DEE8-4B24-BF65-8C35B5940D77}" = Letstrade "{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.18 "{E815FB81-995F-4F33-8E25-F16712123AB7}" = AuthenTec Fingerprint Sensor Minimum Install "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass 5.00.91 "{FEDE400D-3381-4087-ACCB-689DD8A56123}" = Inst5657 "{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}" = CyberLink YouCam "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "Agere Systems Soft Modem" = Agere Systems HDA Modem "ALDI Foto Manager Free Sued D" = ALDI Foto Manager Free Sued "ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued) "ALDI Sued Foto Service D" = ALDI Sued Foto Service "Aldi Süd Fotoservice_is1" = Aldi Süd Fotoservice "AVG" = AVG 2012 "AVG Secure Search" = AVG Security Toolbar "AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss "CCleaner" = CCleaner "Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition "gateProtect VPN Client 1.5" = gateProtect VPN Client 1.5 "Google Chrome" = Google Chrome "Google Desktop" = Google Desktop "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIA Drivers" = NVIDIA Drivers "SynTPDeinstKey" = Synaptics Pointing Device Driver ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 29.01.2013 16:26:05 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 30.01.2013 01:20:52 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 30.01.2013 17:56:12 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 31.01.2013 16:26:57 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 31.01.2013 17:39:48 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 01.02.2013 11:46:20 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 02.02.2013 06:36:29 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 02.02.2013 08:22:22 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 03.02.2013 06:31:15 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 03.02.2013 14:42:35 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = Error - 09.02.2013 17:05:11 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007 Description = [ System Events ] Error - 01.02.2013 11:40:26 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000 Description = Error - 02.02.2013 06:30:30 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000 Description = Error - 02.02.2013 08:16:31 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000 Description = Error - 03.02.2013 06:25:25 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000 Description = Error - 03.02.2013 08:56:47 | Computer Name = Katja-Notebook | Source = Dhcp | ID = 1002 Description = Die IP-Adresslease 192.168.254.2 für die Netzwerkkarte mit der Netzwerkadresse 00FF2D7EF27E wurde durch den DHCP-Server 192.168.254.254 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error - 03.02.2013 14:36:33 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000 Description = Error - 03.02.2013 14:38:42 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7031 Description = Error - 03.02.2013 14:38:52 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7031 Description = Error - 03.02.2013 15:00:42 | Computer Name = Katja-Notebook | Source = Dhcp | ID = 1002 Description = Die IP-Adresslease 192.168.254.2 für die Netzwerkkarte mit der Netzwerkadresse 00FF2D7EF27E wurde durch den DHCP-Server 192.168.254.254 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet). Error - 09.02.2013 16:59:13 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000 Description = < End of report > GMER 2.0.18454 - hxxp://www.gmer.net Rootkit scan 2013-02-10 09:58:12 Windows 6.0.6000 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD16 rev.04.0 149,05GB Running: gmer_2.0.18454.exe; Driver: C:\Users\Katja\AppData\Local\Temp\kxtyraog.sys ---- System - GMER 2.0 ---- SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0xA0D69004] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0xA0D690D4] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xA0D68D76] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xA0D68E1E] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xA0D68EBA] SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xA0D68F56] ---- Kernel code sections - GMER 2.0 ---- .text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8E6B9360, 0x35BF98, 0xE8000020] ---- Registry - GMER 2.0 ---- Reg HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@c!s!f!`!j!`!m!`!\22!t!t!r!j!r!s!f! 19583823 ---- EOF - GMER 2.0 ---- |
|
10.02.2013, 21:06
| #2 |
| /// Malware-holic   | Browser gekapert google wird auf isearch.avg weitergeleitet hi
__________________warum hast du noch nie windows Updates gemacht? download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________ |
|
11.02.2013, 23:37
| #3 |
| | Browser gekapert google wird auf isearch.avg weitergeleitet Danke für die Rückmeldung,
__________________Vista Updateversuche endeten leider zweimal in größerem Abstand nach umfangreichem Download mit "Update wurde nicht installiert" da hatte ich keinen Nerv mehr. hier der Report des TDSSKillersmit den beiden Optionen: (die Default Haken habe ich belassen) 23:20:27.0949 3672 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 23:20:28.0019 3672 ============================================================ 23:20:28.0019 3672 Current date / time: 2013/02/11 23:20:28.0019 23:20:28.0019 3672 SystemInfo: 23:20:28.0019 3672 23:20:28.0019 3672 OS Version: 6.0.6000 ServicePack: 0.0 23:20:28.0019 3672 Product type: Workstation 23:20:28.0019 3672 ComputerName: KATJA-NOTEBOOK 23:20:28.0020 3672 UserName: Katja 23:20:28.0020 3672 Windows directory: C:\Windows 23:20:28.0020 3672 System windows directory: C:\Windows 23:20:28.0020 3672 Processor architecture: Intel x86 23:20:28.0020 3672 Number of processors: 2 23:20:28.0020 3672 Page size: 0x1000 23:20:28.0020 3672 Boot type: Normal boot 23:20:28.0020 3672 ============================================================ 23:20:28.0630 3672 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 23:20:28.0663 3672 ============================================================ 23:20:28.0663 3672 \Device\Harddisk0\DR0: 23:20:28.0663 3672 MBR partitions: 23:20:28.0719 3672 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0xFCBF370, BlocksNum 0x2D59751 23:20:28.0719 3672 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFCBF2F2 23:20:28.0719 3672 ============================================================ 23:20:28.0765 3672 C: <-> \Device\Harddisk0\DR0\Partition2 23:20:28.0786 3672 D: <-> \Device\Harddisk0\DR0\Partition1 23:20:28.0787 3672 ============================================================ 23:20:28.0787 3672 Initialize success 23:20:28.0787 3672 ============================================================ 23:21:34.0461 3088 ============================================================ 23:21:34.0462 3088 Scan started 23:21:34.0462 3088 Mode: Manual; SigCheck; TDLFS; 23:21:34.0462 3088 ============================================================ 23:21:34.0751 3088 ================ Scan system memory ======================== 23:21:34.0751 3088 System memory - ok 23:21:34.0755 3088 ================ Scan services ============================= 23:21:34.0957 3088 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys 23:21:35.0105 3088 ACPI - ok 23:21:35.0194 3088 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 23:21:35.0219 3088 AdobeFlashPlayerUpdateSvc - ok 23:21:35.0274 3088 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 23:21:35.0331 3088 adp94xx - ok 23:21:35.0391 3088 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys 23:21:35.0420 3088 adpahci - ok 23:21:35.0460 3088 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 23:21:35.0481 3088 adpu160m - ok 23:21:35.0540 3088 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys 23:21:35.0562 3088 adpu320 - ok 23:21:35.0617 3088 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 23:21:35.0689 3088 AeLookupSvc - ok 23:21:35.0727 3088 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys 23:21:35.0856 3088 AFD - ok 23:21:35.0905 3088 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe 23:21:35.0948 3088 AgereModemAudio - ok 23:21:36.0016 3088 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys 23:21:36.0154 3088 AgereSoftModem - ok 23:21:36.0206 3088 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 23:21:36.0226 3088 aic78xx - ok 23:21:36.0282 3088 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe 23:21:36.0313 3088 ALG - ok 23:21:36.0343 3088 [ 496EDA16A127AC9A38BB285BEF17DBB5 ] aliide C:\Windows\system32\drivers\aliide.sys 23:21:36.0356 3088 aliide - ok 23:21:36.0405 3088 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys 23:21:36.0419 3088 amdagp - ok 23:21:36.0443 3088 [ 6F65F4147C54398D7280B18CEBBED215 ] amdide C:\Windows\system32\drivers\amdide.sys 23:21:36.0456 3088 amdide - ok 23:21:36.0471 3088 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 23:21:36.0541 3088 AmdK7 - ok 23:21:36.0557 3088 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 23:21:36.0613 3088 AmdK8 - ok 23:21:36.0664 3088 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll 23:21:36.0732 3088 Appinfo - ok 23:21:36.0753 3088 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys 23:21:36.0768 3088 arc - ok 23:21:36.0793 3088 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys 23:21:36.0845 3088 arcsas - ok 23:21:36.0876 3088 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 23:21:36.0964 3088 AsyncMac - ok 23:21:37.0004 3088 [ E03E8C99D15D0381E02743C36AFC7C6F ] atapi C:\Windows\system32\drivers\atapi.sys 23:21:37.0018 3088 atapi - ok 23:21:37.0063 3088 [ 69E65A2CE11619F0C868967CA9540B80 ] ATSWPDRV C:\Windows\system32\DRIVERS\ATSwpDrv.sys 23:21:37.0103 3088 ATSWPDRV - ok 23:21:37.0154 3088 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 23:21:37.0232 3088 AudioEndpointBuilder - ok 23:21:37.0264 3088 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 23:21:37.0333 3088 Audiosrv - ok 23:21:37.0461 3088 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe 23:21:37.0482 3088 AVG Security Toolbar Service - ok 23:21:37.0729 3088 [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent C:\Program Files\AVG\AVG2012\avgidsagent.exe 23:21:38.0182 3088 AVGIDSAgent - ok 23:21:38.0229 3088 [ EF67527CC2AD77D22AB1405C6470407E ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys 23:21:38.0266 3088 AVGIDSDriver - ok 23:21:38.0291 3088 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys 23:21:38.0304 3088 AVGIDSFilter - ok 23:21:38.0391 3088 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys 23:21:38.0404 3088 AVGIDSHX - ok 23:21:38.0443 3088 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys 23:21:38.0457 3088 AVGIDSShim - ok 23:21:38.0487 3088 [ 6671345A6E2669AF1966BAF68EC5620F ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys 23:21:38.0510 3088 Avgldx86 - ok 23:21:38.0541 3088 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys 23:21:38.0558 3088 Avgmfx86 - ok 23:21:38.0600 3088 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys 23:21:38.0618 3088 Avgrkx86 - ok 23:21:38.0675 3088 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys 23:21:38.0717 3088 Avgtdix - ok 23:21:38.0769 3088 [ F3D2D8D48E3B0CA83D70A420240E509B ] avgtp C:\Windows\system32\drivers\avgtpx86.sys 23:21:38.0827 3088 avgtp - ok 23:21:38.0885 3088 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe 23:21:38.0999 3088 avgwd - ok 23:21:39.0045 3088 [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys 23:21:39.0174 3088 avmaudio - ok 23:21:39.0232 3088 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys 23:21:39.0314 3088 Beep - ok 23:21:39.0374 3088 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll 23:21:39.0480 3088 BFE - ok 23:21:39.0554 3088 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll 23:21:39.0620 3088 BITS - ok 23:21:39.0627 3088 blbdrive - ok 23:21:39.0648 3088 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 23:21:39.0717 3088 bowser - ok 23:21:39.0748 3088 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 23:21:39.0810 3088 BrFiltLo - ok 23:21:39.0832 3088 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 23:21:39.0892 3088 BrFiltUp - ok 23:21:39.0929 3088 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll 23:21:40.0039 3088 Browser - ok 23:21:40.0074 3088 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 23:21:40.0174 3088 Brserid - ok 23:21:40.0200 3088 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 23:21:40.0299 3088 BrSerWdm - ok 23:21:40.0333 3088 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 23:21:40.0403 3088 BrUsbMdm - ok 23:21:40.0422 3088 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 23:21:40.0478 3088 BrUsbSer - ok 23:21:40.0505 3088 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 23:21:40.0581 3088 BTHMODEM - ok 23:21:40.0658 3088 [ 48F64A84054771B2FEF55606ADF57557 ] Cam5607 C:\Windows\system32\Drivers\BisonC07.sys 23:21:40.0791 3088 Cam5607 - ok 23:21:40.0861 3088 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 23:21:40.0953 3088 cdfs - ok 23:21:41.0080 3088 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 23:21:41.0182 3088 cdrom - ok 23:21:41.0212 3088 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll 23:21:41.0277 3088 CertPropSvc - ok 23:21:41.0297 3088 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys 23:21:41.0353 3088 circlass - ok 23:21:41.0396 3088 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys 23:21:41.0412 3088 CLFS - ok 23:21:41.0489 3088 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:21:41.0516 3088 clr_optimization_v2.0.50727_32 - ok 23:21:41.0558 3088 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 23:21:41.0652 3088 CmBatt - ok 23:21:41.0677 3088 [ 59172A0724F2AB769F31D61B0571D75B ] cmdide C:\Windows\system32\drivers\cmdide.sys 23:21:41.0693 3088 cmdide - ok 23:21:41.0732 3088 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 23:21:41.0771 3088 Compbatt - ok 23:21:41.0779 3088 COMSysApp - ok 23:21:41.0816 3088 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 23:21:41.0833 3088 crcdisk - ok 23:21:41.0850 3088 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys 23:21:41.0939 3088 Crusoe - ok 23:21:41.0981 3088 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll 23:21:42.0038 3088 CryptSvc - ok 23:21:42.0092 3088 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll 23:21:42.0206 3088 DcomLaunch - ok 23:21:42.0217 3088 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys 23:21:42.0290 3088 DfsC - ok 23:21:42.0401 3088 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe 23:21:42.0625 3088 DFSR - ok 23:21:42.0686 3088 [ 4E04126C04C38DA7FF86C2AFC87E89AC ] Dhcp C:\Windows\System32\dhcpcsvc.dll 23:21:42.0731 3088 Dhcp - ok 23:21:42.0756 3088 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys 23:21:42.0780 3088 disk - ok 23:21:42.0819 3088 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll 23:21:42.0894 3088 Dnscache - ok 23:21:42.0938 3088 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll 23:21:43.0041 3088 dot3svc - ok 23:21:43.0094 3088 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll 23:21:43.0134 3088 DPS - ok 23:21:43.0168 3088 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 23:21:43.0247 3088 drmkaud - ok 23:21:43.0286 3088 [ B95202EFD0464D226E7542C1E319C028 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 23:21:43.0362 3088 DXGKrnl - ok 23:21:43.0390 3088 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 23:21:43.0465 3088 E1G60 - ok 23:21:43.0505 3088 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll 23:21:43.0570 3088 EapHost - ok 23:21:43.0606 3088 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys 23:21:43.0621 3088 Ecache - ok 23:21:43.0685 3088 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 23:21:43.0725 3088 ehRecvr - ok 23:21:43.0753 3088 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 23:21:43.0785 3088 ehSched - ok 23:21:43.0812 3088 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 23:21:43.0828 3088 ehstart - ok 23:21:43.0870 3088 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys 23:21:43.0895 3088 elxstor - ok 23:21:43.0954 3088 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll 23:21:44.0036 3088 EMDMgmt - ok 23:21:44.0084 3088 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll 23:21:44.0116 3088 EventSystem - ok 23:21:44.0142 3088 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys 23:21:44.0216 3088 fastfat - ok 23:21:44.0255 3088 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 23:21:44.0323 3088 fdc - ok 23:21:44.0330 3088 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll 23:21:44.0407 3088 fdPHost - ok 23:21:44.0432 3088 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 23:21:44.0489 3088 FDResPub - ok 23:21:44.0519 3088 [ B2B2C38E916184FF8523C7439DDD417F ] FETNDIS C:\Windows\system32\DRIVERS\fetnd5.sys 23:21:44.0592 3088 FETNDIS - ok 23:21:44.0601 3088 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 23:21:44.0614 3088 FileInfo - ok 23:21:44.0635 3088 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 23:21:44.0701 3088 Filetrace - ok 23:21:44.0842 3088 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe 23:21:45.0059 3088 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning 23:21:45.0059 3088 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1) 23:21:45.0125 3088 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 23:21:45.0224 3088 flpydisk - ok 23:21:45.0249 3088 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 23:21:45.0272 3088 FltMgr - ok 23:21:45.0343 3088 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 23:21:45.0395 3088 FontCache3.0.0.0 - ok 23:21:45.0443 3088 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 23:21:45.0508 3088 Fs_Rec - ok 23:21:45.0545 3088 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 23:21:45.0565 3088 gagp30kx - ok 23:21:45.0642 3088 [ 51B2D8629E1A0F463682F365D56325CB ] GnabService c:\program files\common files\gnab\service\servicecontroller.exe 23:21:46.0071 3088 GnabService ( UnsignedFile.Multi.Generic ) - warning 23:21:46.0071 3088 GnabService - detected UnsignedFile.Multi.Generic (1) 23:21:46.0138 3088 [ 4A381768FCAF9096EC96A29F9602A3ED ] GoogleDesktopManager C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe 23:21:46.0198 3088 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - warning 23:21:46.0198 3088 GoogleDesktopManager - detected UnsignedFile.Multi.Generic (1) 23:21:46.0264 3088 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll 23:21:46.0391 3088 gpsvc - ok 23:21:46.0463 3088 [ A6EE96D04E0455A76A0BE1400147DE9F ] GPVPNService C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe 23:21:46.0518 3088 GPVPNService ( UnsignedFile.Multi.Generic ) - warning 23:21:46.0518 3088 GPVPNService - detected UnsignedFile.Multi.Generic (1) 23:21:46.0613 3088 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 23:21:46.0631 3088 gupdate - ok 23:21:46.0680 3088 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 23:21:46.0696 3088 gupdatem - ok 23:21:46.0791 3088 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 23:21:46.0822 3088 gusvc - ok 23:21:46.0873 3088 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 23:21:46.0970 3088 HdAudAddService - ok 23:21:46.0998 3088 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 23:21:47.0037 3088 HDAudBus - ok 23:21:47.0061 3088 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 23:21:47.0129 3088 HidBth - ok 23:21:47.0157 3088 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 23:21:47.0228 3088 HidIr - ok 23:21:47.0254 3088 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll 23:21:47.0333 3088 hidserv - ok 23:21:47.0386 3088 [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 23:21:47.0416 3088 HidUsb - ok 23:21:47.0441 3088 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll 23:21:47.0499 3088 hkmsvc - ok 23:21:47.0577 3088 [ 8B566EA71D5B76157A9CDB78F25A5731 ] Hotkey C:\Windows\system32\drivers\Hotkey.sys 23:21:47.0649 3088 Hotkey ( UnsignedFile.Multi.Generic ) - warning 23:21:47.0649 3088 Hotkey - detected UnsignedFile.Multi.Generic (1) 23:21:47.0697 3088 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 23:21:47.0710 3088 HpCISSs - ok 23:21:47.0759 3088 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys 23:21:47.0818 3088 HTTP - ok 23:21:47.0865 3088 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys 23:21:47.0883 3088 i2omp - ok 23:21:47.0943 3088 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 23:21:48.0004 3088 i8042prt - ok 23:21:48.0083 3088 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 23:21:48.0123 3088 IAANTMON - ok 23:21:48.0166 3088 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 23:21:48.0200 3088 iaStor - ok 23:21:48.0243 3088 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 23:21:48.0277 3088 iaStorV - ok 23:21:48.0351 3088 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 23:21:48.0450 3088 idsvc - ok 23:21:48.0473 3088 igfx - ok 23:21:48.0503 3088 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 23:21:48.0528 3088 iirsp - ok 23:21:48.0583 3088 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll 23:21:48.0726 3088 IKEEXT - ok 23:21:48.0908 3088 [ 4E38A2883DF3BA382A59132B3E7D709E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 23:21:49.0052 3088 IntcAzAudAddService - ok 23:21:49.0081 3088 [ 59B00EFB24EAD979BECF413703BB1FAC ] intelide C:\Windows\system32\drivers\intelide.sys 23:21:49.0116 3088 intelide - ok 23:21:49.0139 3088 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 23:21:49.0238 3088 intelppm - ok 23:21:49.0262 3088 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll 23:21:49.0375 3088 IPBusEnum - ok 23:21:49.0401 3088 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:21:49.0507 3088 IpFilterDriver - ok 23:21:49.0548 3088 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 23:21:49.0590 3088 iphlpsvc - ok 23:21:49.0606 3088 IpInIp - ok 23:21:49.0625 3088 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 23:21:49.0707 3088 IPMIDRV - ok 23:21:49.0738 3088 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 23:21:49.0817 3088 IPNAT - ok 23:21:49.0834 3088 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys 23:21:49.0909 3088 IRENUM - ok 23:21:49.0935 3088 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys 23:21:49.0949 3088 isapnp - ok 23:21:49.0968 3088 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 23:21:49.0984 3088 iScsiPrt - ok 23:21:50.0000 3088 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 23:21:50.0014 3088 iteatapi - ok 23:21:50.0034 3088 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 23:21:50.0049 3088 iteraid - ok 23:21:50.0085 3088 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 23:21:50.0099 3088 kbdclass - ok 23:21:50.0131 3088 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 23:21:50.0177 3088 kbdhid - ok 23:21:50.0208 3088 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe 23:21:50.0258 3088 KeyIso - ok 23:21:50.0290 3088 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 23:21:50.0322 3088 KSecDD - ok 23:21:50.0382 3088 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll 23:21:50.0469 3088 KtmRm - ok 23:21:50.0497 3088 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll 23:21:50.0561 3088 LanmanServer - ok 23:21:50.0610 3088 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 23:21:50.0635 3088 LanmanWorkstation - ok 23:21:50.0673 3088 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 23:21:50.0730 3088 lltdio - ok 23:21:50.0764 3088 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll 23:21:50.0825 3088 lltdsvc - ok 23:21:50.0844 3088 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 23:21:50.0920 3088 lmhosts - ok 23:21:50.0942 3088 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 23:21:50.0956 3088 LSI_FC - ok 23:21:50.0997 3088 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 23:21:51.0011 3088 LSI_SAS - ok 23:21:51.0041 3088 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 23:21:51.0057 3088 LSI_SCSI - ok 23:21:51.0079 3088 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys 23:21:51.0149 3088 luafv - ok 23:21:51.0178 3088 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 23:21:51.0199 3088 Mcx2Svc - ok 23:21:51.0227 3088 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys 23:21:51.0242 3088 megasas - ok 23:21:51.0276 3088 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll 23:21:51.0355 3088 MMCSS - ok 23:21:51.0378 3088 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys 23:21:51.0444 3088 Modem - ok 23:21:51.0480 3088 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 23:21:51.0528 3088 monitor - ok 23:21:51.0564 3088 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 23:21:51.0579 3088 mouclass - ok 23:21:51.0605 3088 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 23:21:51.0660 3088 mouhid - ok 23:21:51.0711 3088 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 23:21:51.0727 3088 MountMgr - ok 23:21:51.0810 3088 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 23:21:51.0865 3088 MozillaMaintenance - ok 23:21:51.0891 3088 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys 23:21:51.0911 3088 mpio - ok 23:21:51.0950 3088 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 23:21:52.0002 3088 mpsdrv - ok 23:21:52.0037 3088 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll 23:21:52.0081 3088 MpsSvc - ok 23:21:52.0111 3088 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 23:21:52.0123 3088 Mraid35x - ok 23:21:52.0160 3088 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 23:21:52.0194 3088 MRxDAV - ok 23:21:52.0211 3088 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 23:21:52.0260 3088 mrxsmb - ok 23:21:52.0282 3088 [ A6130566AC4178473B5DAC8F8F74407D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:21:52.0314 3088 mrxsmb10 - ok 23:21:52.0340 3088 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:21:52.0378 3088 mrxsmb20 - ok 23:21:52.0415 3088 [ 86068B8B54A5EB092F51657F00B2222A ] msahci C:\Windows\system32\drivers\msahci.sys 23:21:52.0433 3088 msahci - ok 23:21:52.0468 3088 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys 23:21:52.0486 3088 msdsm - ok 23:21:52.0505 3088 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe 23:21:52.0533 3088 MSDTC - ok 23:21:52.0557 3088 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys 23:21:52.0649 3088 Msfs - ok 23:21:52.0676 3088 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 23:21:52.0693 3088 msisadrv - ok 23:21:52.0731 3088 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 23:21:52.0808 3088 MSiSCSI - ok 23:21:52.0814 3088 msiserver - ok 23:21:52.0852 3088 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 23:21:52.0922 3088 MSKSSRV - ok 23:21:52.0943 3088 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 23:21:52.0999 3088 MSPCLOCK - ok 23:21:53.0013 3088 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 23:21:53.0084 3088 MSPQM - ok 23:21:53.0111 3088 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 23:21:53.0125 3088 MsRPC - ok 23:21:53.0141 3088 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 23:21:53.0154 3088 mssmbios - ok 23:21:53.0163 3088 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 23:21:53.0238 3088 MSTEE - ok 23:21:53.0263 3088 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys 23:21:53.0275 3088 Mup - ok 23:21:53.0324 3088 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll 23:21:53.0414 3088 napagent - ok 23:21:53.0480 3088 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 23:21:53.0568 3088 NativeWifiP - ok 23:21:53.0610 3088 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys 23:21:53.0635 3088 NDIS - ok 23:21:53.0688 3088 [ 658B0FDD57EBE34DB6FA1E00141C3640 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 23:21:53.0717 3088 NdisTapi - ok 23:21:53.0750 3088 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 23:21:53.0830 3088 Ndisuio - ok 23:21:53.0857 3088 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 23:21:53.0916 3088 NdisWan - ok 23:21:53.0944 3088 [ DBCC3F1E63AC0E00BA368C55C514B468 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 23:21:53.0969 3088 NDProxy - ok 23:21:54.0076 3088 [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 23:21:54.0196 3088 Nero BackItUp Scheduler 3 - ok 23:21:54.0249 3088 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 23:21:54.0330 3088 NetBIOS - ok 23:21:54.0358 3088 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 23:21:54.0433 3088 netbt - ok 23:21:54.0451 3088 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe 23:21:54.0469 3088 Netlogon - ok 23:21:54.0506 3088 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll 23:21:54.0567 3088 Netman - ok 23:21:54.0599 3088 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll 23:21:54.0699 3088 netprofm - ok 23:21:54.0758 3088 [ B05FFE38336193A9B988B00B230C5B80 ] netr28 C:\Windows\system32\DRIVERS\netr28.sys 23:21:54.0789 3088 netr28 - ok 23:21:54.0831 3088 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:21:54.0846 3088 NetTcpPortSharing - ok 23:21:54.0935 3088 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys 23:21:55.0252 3088 NETw3v32 - ok 23:21:55.0401 3088 [ DD194A025D1C0472F45F57DE8D8388EB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys 23:21:55.0671 3088 NETw4v32 - ok 23:21:55.0752 3088 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 23:21:55.0775 3088 nfrd960 - ok 23:21:55.0824 3088 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll 23:21:55.0935 3088 NlaSvc - ok 23:21:56.0024 3088 [ D36107465E716CF2335A25C54B6D11C2 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 23:21:56.0044 3088 NMIndexingService - ok 23:21:56.0072 3088 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys 23:21:56.0142 3088 Npfs - ok 23:21:56.0169 3088 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll 23:21:56.0231 3088 nsi - ok 23:21:56.0248 3088 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 23:21:56.0315 3088 nsiproxy - ok 23:21:56.0393 3088 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 23:21:56.0451 3088 Ntfs - ok 23:21:56.0471 3088 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 23:21:56.0541 3088 ntrigdigi - ok 23:21:56.0560 3088 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys 23:21:56.0626 3088 Null - ok 23:21:56.0937 3088 [ E2E55C958E46346A419EC341189BD8E3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 23:21:57.0501 3088 nvlddmkm - ok 23:21:57.0528 3088 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys 23:21:57.0543 3088 nvraid - ok 23:21:57.0559 3088 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys 23:21:57.0572 3088 nvstor - ok 23:21:57.0597 3088 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 23:21:57.0613 3088 nv_agp - ok 23:21:57.0619 3088 NwlnkFlt - ok 23:21:57.0629 3088 NwlnkFwd - ok 23:21:57.0711 3088 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 23:21:57.0739 3088 odserv - ok 23:21:57.0779 3088 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 23:21:57.0857 3088 ohci1394 - ok 23:21:57.0926 3088 [ 27915BDFF44CA08E85DA3D1DDB7B6ECD ] omniserv C:\Program Files\Softex\OmniPass\OmniServ.exe 23:21:57.0964 3088 omniserv ( UnsignedFile.Multi.Generic ) - warning 23:21:57.0964 3088 omniserv - detected UnsignedFile.Multi.Generic (1) 23:21:58.0001 3088 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:21:58.0018 3088 ose - ok 23:21:58.0067 3088 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll 23:21:58.0149 3088 p2pimsvc - ok 23:21:58.0189 3088 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll 23:21:58.0231 3088 p2psvc - ok 23:21:58.0279 3088 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\DRIVERS\parport.sys 23:21:58.0386 3088 Parport - ok 23:21:58.0407 3088 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys 23:21:58.0424 3088 partmgr - ok 23:21:58.0439 3088 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 23:21:58.0495 3088 Parvdm - ok 23:21:58.0505 3088 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll 23:21:58.0543 3088 PcaSvc - ok 23:21:58.0553 3088 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys 23:21:58.0568 3088 pci - ok 23:21:58.0642 3088 [ 304048C2565A803D091CCA1AC945F593 ] pciide C:\Windows\system32\drivers\pciide.sys 23:21:58.0655 3088 pciide - ok 23:21:58.0676 3088 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 23:21:58.0693 3088 pcmcia - ok 23:21:58.0786 3088 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 23:21:58.0933 3088 PEAUTH - ok 23:21:59.0030 3088 [ F433B5AA6DBAC3C8626EEFAF134E4763 ] PhilCap C:\Windows\system32\DRIVERS\PhilCap.sys 23:21:59.0126 3088 PhilCap - ok 23:21:59.0197 3088 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll 23:21:59.0340 3088 pla - ok 23:21:59.0383 3088 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 23:21:59.0425 3088 PlugPlay - ok 23:21:59.0466 3088 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 23:21:59.0508 3088 PNRPAutoReg - ok 23:21:59.0555 3088 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll 23:21:59.0616 3088 PNRPsvc - ok 23:21:59.0685 3088 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 23:21:59.0802 3088 PolicyAgent - ok 23:21:59.0849 3088 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 23:21:59.0893 3088 PptpMiniport - ok 23:21:59.0923 3088 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys 23:22:00.0014 3088 Processor - ok 23:22:00.0044 3088 [ 8B8E8F4734C5C576E3B910DB73756CF1 ] ProfSvc C:\Windows\system32\profsvc.dll 23:22:00.0072 3088 ProfSvc - ok 23:22:00.0093 3088 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe 23:22:00.0119 3088 ProtectedStorage - ok 23:22:00.0157 3088 [ C35020E28A9F3537CD9EB435A932A090 ] PSched C:\Windows\system32\DRIVERS\pacer.sys 23:22:00.0179 3088 PSched - ok 23:22:00.0234 3088 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys 23:22:00.0374 3088 ql2300 - ok 23:22:00.0409 3088 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 23:22:00.0430 3088 ql40xx - ok 23:22:00.0469 3088 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll 23:22:00.0493 3088 QWAVE - ok 23:22:00.0511 3088 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 23:22:00.0548 3088 QWAVEdrv - ok 23:22:00.0655 3088 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys 23:22:00.0847 3088 R300 - ok 23:22:00.0872 3088 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 23:22:00.0953 3088 RasAcd - ok 23:22:00.0983 3088 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll 23:22:01.0051 3088 RasAuto - ok 23:22:01.0073 3088 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 23:22:01.0102 3088 Rasl2tp - ok 23:22:01.0128 3088 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll 23:22:01.0239 3088 RasMan - ok 23:22:01.0272 3088 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 23:22:01.0374 3088 RasPppoe - ok 23:22:01.0408 3088 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 23:22:01.0472 3088 rdbss - ok 23:22:01.0492 3088 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 23:22:01.0548 3088 RDPCDD - ok 23:22:01.0572 3088 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 23:22:01.0645 3088 rdpdr - ok 23:22:01.0653 3088 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 23:22:01.0710 3088 RDPENCDD - ok 23:22:01.0733 3088 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 23:22:01.0807 3088 RDPWD - ok 23:22:01.0860 3088 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll 23:22:01.0918 3088 RemoteAccess - ok 23:22:01.0959 3088 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll 23:22:02.0032 3088 RemoteRegistry - ok 23:22:02.0129 3088 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe 23:22:02.0157 3088 RichVideo - ok 23:22:02.0195 3088 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 23:22:02.0230 3088 RpcLocator - ok 23:22:02.0274 3088 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll 23:22:02.0304 3088 RpcSs - ok 23:22:02.0347 3088 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 23:22:02.0403 3088 rspndr - ok 23:22:02.0448 3088 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys 23:22:02.0485 3088 RTL8169 - ok 23:22:02.0522 3088 [ 557D431125AA3D58F2D132FDA1EB8255 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS 23:22:02.0556 3088 RTSTOR - ok 23:22:02.0570 3088 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe 23:22:02.0591 3088 SamSs - ok 23:22:02.0615 3088 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 23:22:02.0632 3088 sbp2port - ok 23:22:02.0672 3088 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll 23:22:02.0757 3088 SCardSvr - ok 23:22:02.0810 3088 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll 23:22:02.0868 3088 Schedule - ok 23:22:02.0903 3088 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll 23:22:02.0959 3088 SCPolicySvc - ok 23:22:02.0978 3088 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll 23:22:03.0012 3088 SDRSVC - ok 23:22:03.0038 3088 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 23:22:03.0098 3088 secdrv - ok 23:22:03.0112 3088 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll 23:22:03.0173 3088 seclogon - ok 23:22:03.0198 3088 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll 23:22:03.0273 3088 SENS - ok 23:22:03.0293 3088 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 23:22:03.0349 3088 Serenum - ok 23:22:03.0374 3088 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\DRIVERS\serial.sys 23:22:03.0433 3088 Serial - ok 23:22:03.0493 3088 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys 23:22:03.0559 3088 sermouse - ok 23:22:03.0590 3088 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll 23:22:03.0670 3088 SessionEnv - ok 23:22:03.0713 3088 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 23:22:03.0777 3088 sffdisk - ok 23:22:03.0788 3088 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 23:22:03.0875 3088 sffp_mmc - ok 23:22:03.0919 3088 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 23:22:03.0974 3088 sffp_sd - ok 23:22:03.0986 3088 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 23:22:04.0054 3088 sfloppy - ok 23:22:04.0097 3088 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll 23:22:04.0133 3088 SharedAccess - ok 23:22:04.0165 3088 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 23:22:04.0199 3088 ShellHWDetection - ok 23:22:04.0255 3088 [ 93BEACC3815A4653A655C8BD7622FF63 ] Si3531 C:\Windows\system32\DRIVERS\Si3531.sys 23:22:04.0274 3088 Si3531 - ok 23:22:04.0291 3088 [ 165448BC832D424B97270C8D1276E24A ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys 23:22:04.0306 3088 SiFilter - ok 23:22:04.0321 3088 [ 9BE8EA3A8C7E6D47E710F6FA14B7442B ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys 23:22:04.0336 3088 SiRemFil - ok 23:22:04.0361 3088 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 23:22:04.0380 3088 SiSRaid2 - ok 23:22:04.0427 3088 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 23:22:04.0449 3088 SiSRaid4 - ok 23:22:04.0516 3088 [ 011E958267FEB6ED72F1BFA80072943C ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 23:22:04.0536 3088 SkypeUpdate - ok 23:22:04.0654 3088 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe 23:22:05.0033 3088 slsvc - ok 23:22:05.0069 3088 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll 23:22:05.0095 3088 SLUINotify - ok 23:22:05.0186 3088 [ 46BAF398809A0F3B2D3300A1760E4B91 ] Smb C:\Windows\system32\DRIVERS\smb.sys 23:22:05.0231 3088 Smb - ok 23:22:05.0277 3088 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 23:22:05.0328 3088 SNMPTRAP - ok 23:22:05.0447 3088 [ 279C771ED7D5D6132D7FE08EFC781FA4 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys 23:22:05.0653 3088 SNP2UVC - ok 23:22:05.0686 3088 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys 23:22:05.0708 3088 spldr - ok 23:22:05.0735 3088 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe 23:22:05.0775 3088 Spooler - ok 23:22:05.0827 3088 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys 23:22:05.0891 3088 srv - ok 23:22:05.0934 3088 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 23:22:06.0030 3088 srv2 - ok 23:22:06.0172 3088 [ BF94A7553EF257D70CB2287BF7A3BCE1 ] srvcPVR C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe 23:22:06.0498 3088 srvcPVR ( UnsignedFile.Multi.Generic ) - warning 23:22:06.0498 3088 srvcPVR - detected UnsignedFile.Multi.Generic (1) 23:22:06.0535 3088 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 23:22:06.0555 3088 srvnet - ok 23:22:06.0581 3088 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 23:22:06.0648 3088 SSDPSRV - ok 23:22:06.0719 3088 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll 23:22:06.0750 3088 stisvc - ok 23:22:06.0779 3088 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 23:22:06.0791 3088 swenum - ok 23:22:06.0815 3088 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll 23:22:06.0890 3088 swprv - ok 23:22:06.0909 3088 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 23:22:06.0922 3088 Symc8xx - ok 23:22:06.0944 3088 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 23:22:06.0957 3088 Sym_hi - ok 23:22:06.0975 3088 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 23:22:07.0003 3088 Sym_u3 - ok 23:22:07.0057 3088 [ 4C6DE67EBB6C487F7690A373FCFDE279 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 23:22:07.0074 3088 SynTP - ok 23:22:07.0124 3088 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll 23:22:07.0203 3088 SysMain - ok 23:22:07.0241 3088 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 23:22:07.0265 3088 TabletInputService - ok 23:22:07.0286 3088 [ D8C94D074FE516A8509DFA1D81F8AD17 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 23:22:07.0344 3088 tap0901 - ok 23:22:07.0370 3088 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll 23:22:07.0450 3088 TapiSrv - ok 23:22:07.0470 3088 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll 23:22:07.0547 3088 TBS - ok 23:22:07.0601 3088 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 23:22:07.0706 3088 Tcpip - ok 23:22:07.0726 3088 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 23:22:07.0764 3088 Tcpip6 - ok 23:22:07.0818 3088 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 23:22:07.0893 3088 tcpipreg - ok 23:22:07.0919 3088 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 23:22:08.0002 3088 TDPIPE - ok 23:22:08.0050 3088 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 23:22:08.0159 3088 TDTCP - ok 23:22:08.0184 3088 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 23:22:08.0250 3088 tdx - ok 23:22:08.0267 3088 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 23:22:08.0280 3088 TermDD - ok 23:22:08.0324 3088 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll 23:22:08.0390 3088 TermService - ok 23:22:08.0420 3088 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll 23:22:08.0448 3088 Themes - ok 23:22:08.0459 3088 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll 23:22:08.0518 3088 THREADORDER - ok 23:22:08.0530 3088 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll 23:22:08.0606 3088 TrkWks - ok 23:22:08.0693 3088 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 23:22:08.0726 3088 TrustedInstaller - ok 23:22:08.0751 3088 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 23:22:08.0807 3088 tssecsrv - ok 23:22:08.0854 3088 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 23:22:08.0872 3088 tunmp - ok 23:22:08.0882 3088 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 23:22:08.0900 3088 tunnel - ok 23:22:08.0929 3088 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 23:22:08.0944 3088 uagp35 - ok 23:22:08.0964 3088 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 23:22:09.0039 3088 udfs - ok 23:22:09.0088 3088 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe 23:22:09.0106 3088 UI0Detect - ok 23:22:09.0128 3088 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 23:22:09.0142 3088 uliagpkx - ok 23:22:09.0222 3088 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys 23:22:09.0242 3088 uliahci - ok 23:22:09.0274 3088 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 23:22:09.0290 3088 UlSata - ok 23:22:09.0309 3088 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 23:22:09.0325 3088 ulsata2 - ok 23:22:09.0340 3088 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 23:22:09.0410 3088 umbus - ok 23:22:09.0447 3088 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll 23:22:09.0528 3088 upnphost - ok 23:22:09.0591 3088 [ F6BF998AE33E3FB6C7D27F0560F1173F ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 23:22:09.0649 3088 usbaudio - ok 23:22:09.0688 3088 [ 03B01E8DBD2DA2B49157B7E51912AAF2 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 23:22:09.0708 3088 usbccgp - ok 23:22:09.0725 3088 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 23:22:09.0783 3088 usbcir - ok 23:22:09.0811 3088 [ 2F83363F98484F8EDAF49F9B41520D14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 23:22:09.0838 3088 usbehci - ok 23:22:09.0861 3088 [ 14D2A4DCD92C0B3368667AED6893463D ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 23:22:09.0882 3088 usbhub - ok 23:22:09.0895 3088 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 23:22:09.0969 3088 usbohci - ok 23:22:09.0993 3088 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 23:22:10.0062 3088 usbprint - ok 23:22:10.0081 3088 [ 7DA1833F2B2500C755AB6C81C5ABFC88 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:22:10.0099 3088 USBSTOR - ok 23:22:10.0124 3088 [ 7747B902F6B7D0096F9C2BF55D3247F1 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 23:22:10.0139 3088 usbuhci - ok 23:22:10.0188 3088 [ 8CFFEB4AF074FD3E24BAD6381CC33361 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 23:22:10.0239 3088 usbvideo - ok 23:22:10.0275 3088 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll 23:22:10.0350 3088 UxSms - ok 23:22:10.0380 3088 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe 23:22:10.0437 3088 vds - ok 23:22:10.0496 3088 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 23:22:10.0569 3088 vga - ok 23:22:10.0606 3088 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys 23:22:10.0704 3088 VgaSave - ok 23:22:10.0728 3088 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys 23:22:10.0743 3088 viaagp - ok 23:22:10.0755 3088 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys 23:22:10.0824 3088 ViaC7 - ok 23:22:10.0855 3088 [ 7AA7EC9A08DC2C39649C413B1A26E298 ] viaide C:\Windows\system32\drivers\viaide.sys 23:22:10.0869 3088 viaide - ok 23:22:10.0888 3088 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys 23:22:10.0901 3088 volmgr - ok 23:22:10.0920 3088 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 23:22:10.0937 3088 volmgrx - ok 23:22:10.0956 3088 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys 23:22:10.0974 3088 volsnap - ok 23:22:11.0004 3088 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 23:22:11.0020 3088 vsmraid - ok 23:22:11.0083 3088 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe 23:22:11.0157 3088 VSS - ok 23:22:11.0281 3088 [ 87C57CBE385E00726A2113614F6C6BD2 ] vToolbarUpdater14.1.7 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe 23:22:11.0425 3088 vToolbarUpdater14.1.7 - ok 23:22:11.0458 3088 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll 23:22:11.0521 3088 W32Time - ok 23:22:11.0543 3088 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 23:22:11.0618 3088 WacomPen - ok 23:22:11.0659 3088 [ C08D40E3F2BBE617782E7F9DE5F5EC20 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 23:22:11.0689 3088 Wanarp - ok 23:22:11.0695 3088 [ C08D40E3F2BBE617782E7F9DE5F5EC20 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 23:22:11.0714 3088 Wanarpv6 - ok 23:22:11.0743 3088 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll 23:22:11.0772 3088 wcncsvc - ok 23:22:11.0795 3088 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 23:22:11.0836 3088 WcsPlugInService - ok 23:22:11.0864 3088 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys 23:22:11.0879 3088 Wd - ok 23:22:11.0926 3088 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 23:22:11.0960 3088 Wdf01000 - ok 23:22:11.0995 3088 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll 23:22:12.0051 3088 WdiServiceHost - ok 23:22:12.0058 3088 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll 23:22:12.0084 3088 WdiSystemHost - ok 23:22:12.0129 3088 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll 23:22:12.0172 3088 WebClient - ok 23:22:12.0198 3088 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll 23:22:12.0278 3088 Wecsvc - ok 23:22:12.0298 3088 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll 23:22:12.0364 3088 wercplsupport - ok 23:22:12.0379 3088 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll 23:22:12.0440 3088 WerSvc - ok 23:22:12.0503 3088 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 23:22:12.0521 3088 WinDefend - ok 23:22:12.0530 3088 WinHttpAutoProxySvc - ok 23:22:12.0603 3088 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 23:22:12.0660 3088 Winmgmt - ok 23:22:12.0708 3088 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll 23:22:12.0778 3088 WinRM - ok 23:22:12.0842 3088 [ F0FE933E27F1E2A83FF322A0693A4724 ] WisLMSvc C:\Program Files\Launch Manager\WisLMSvc.exe 23:22:12.0862 3088 WisLMSvc ( UnsignedFile.Multi.Generic ) - warning 23:22:12.0862 3088 WisLMSvc - detected UnsignedFile.Multi.Generic (1) 23:22:12.0909 3088 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll 23:22:12.0939 3088 Wlansvc - ok 23:22:12.0987 3088 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 23:22:13.0013 3088 WmiAcpi - ok 23:22:13.0059 3088 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 23:22:13.0093 3088 wmiApSrv - ok 23:22:13.0185 3088 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 23:22:13.0305 3088 WMPNetworkSvc - ok 23:22:13.0359 3088 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll 23:22:13.0388 3088 WPCSvc - ok 23:22:13.0406 3088 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 23:22:13.0444 3088 WPDBusEnum - ok 23:22:13.0473 3088 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 23:22:13.0554 3088 WpdUsb - ok 23:22:13.0604 3088 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 23:22:13.0662 3088 ws2ifsl - ok 23:22:13.0684 3088 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll 23:22:13.0706 3088 wscsvc - ok 23:22:13.0712 3088 WSearch - ok 23:22:13.0832 3088 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll 23:22:14.0084 3088 wuauserv - ok 23:22:14.0179 3088 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 23:22:14.0256 3088 WUDFRd - ok 23:22:14.0286 3088 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 23:22:14.0352 3088 wudfsvc - ok 23:22:14.0419 3088 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys 23:22:14.0476 3088 XUIF - ok 23:22:14.0536 3088 ================ Scan global =============================== 23:22:14.0567 3088 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll 23:22:14.0615 3088 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll 23:22:14.0648 3088 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll 23:22:14.0694 3088 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe 23:22:14.0700 3088 [Global] - ok 23:22:14.0700 3088 ================ Scan MBR ================================== 23:22:14.0713 3088 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 23:22:15.0163 3088 \Device\Harddisk0\DR0 - ok 23:22:15.0164 3088 ================ Scan VBR ================================== 23:22:15.0180 3088 [ E469F8A92404AC24759CA938007B248C ] \Device\Harddisk0\DR0\Partition1 23:22:15.0182 3088 \Device\Harddisk0\DR0\Partition1 - ok 23:22:15.0188 3088 [ 926DE62E4E5056316EDBDF9774B986EA ] \Device\Harddisk0\DR0\Partition2 23:22:15.0191 3088 \Device\Harddisk0\DR0\Partition2 - ok 23:22:15.0193 3088 ============================================================ 23:22:15.0193 3088 Scan finished 23:22:15.0193 3088 ============================================================ 23:22:15.0215 5208 Detected object count: 8 23:22:15.0215 5208 Actual detected object count: 8 23:23:01.0628 5208 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user 23:23:01.0629 5208 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:23:01.0633 5208 GnabService ( UnsignedFile.Multi.Generic ) - skipped by user 23:23:01.0633 5208 GnabService ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:23:01.0637 5208 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user 23:23:01.0637 5208 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:23:01.0641 5208 GPVPNService ( UnsignedFile.Multi.Generic ) - skipped by user 23:23:01.0642 5208 GPVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:23:01.0642 5208 Hotkey ( UnsignedFile.Multi.Generic ) - skipped by user 23:23:01.0643 5208 Hotkey ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:23:01.0647 5208 omniserv ( UnsignedFile.Multi.Generic ) - skipped by user 23:23:01.0647 5208 omniserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:23:01.0651 5208 srvcPVR ( UnsignedFile.Multi.Generic ) - skipped by user 23:23:01.0651 5208 srvcPVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:23:01.0655 5208 WisLMSvc ( UnsignedFile.Multi.Generic ) - skipped by user 23:23:01.0656 5208 WisLMSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
13.02.2013, 11:19
| #4 |
| /// Malware-holic | Browser gekapert google wird auf isearch.avg weitergeleitet hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.02.2013, 23:36
| #5 |
| | Browser gekapert google wird auf isearch.avg weitergeleitet Hallo, hier das Logfile Combifix.txt im Anhang gibt es schon irgendwelche Erkenntnisse? Grüße Katja1 |
|
14.02.2013, 12:10
| #6 |
| /// Malware-holic | Browser gekapert google wird auf isearch.avg weitergeleitet Hi immer mit der Ruhe. malwarebytes: Downloade Dir bitte Malwarebytes
__________________ --> Browser gekapert google wird auf isearch.avg weitergeleitet |
|
14.02.2013, 22:23
| #7 |
| | Browser gekapert google wird auf isearch.avg weitergeleitet Hallo Hier das Malwarebytes Anti-Malware Logfile Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.14.08 Windows Vista x86 NTFS Internet Explorer 7.0.6000.16982 Katja :: KATJA-NOTEBOOK [Administrator] Schutz: Aktiviert 14.02.2013 21:00:44 mbam-log-2013-02-14 (21-00-44).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 319623 Laufzeit: 1 Stunde(n), 2 Minute(n), 41 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
14.02.2013, 22:25
| #8 |
| /// Malware-holic | Browser gekapert google wird auf isearch.avg weitergeleitet Hi ist das ein fertig pc, dann sag mir mal hersteller und Typ.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.02.2013, 23:23
| #9 |
| | Browser gekapert google wird auf isearch.avg weitergeleitet Ja, es handelt sich um ein Medion Notebook MD96630 neu aufsetzen möchte ich ihn aber nicht. Es war recht teuer den Gateprotect VPN Client und die Remotedesktopverbindung installieren zu lassen. Zwei Anläufe durch fragl. kompetenten Servicetechniker waren notwendig. |
|
14.02.2013, 23:27
| #10 |
| /// Malware-holic | Browser gekapert google wird auf isearch.avg weitergeleitet sollst du ja nicht. ich möchte aber später die Windows updates instalieren, dafür benötigen wir die Treiber Updates: MEDION Deutschland - Produktinformation
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.02.2013, 00:02
| #11 |
| | Browser gekapert google wird auf isearch.avg weitergeleitet Nun habe ich alle Treiber heruntergeladen, nach Extrahieren befinden sie sich als je eigener Ordner im C:\Medion Ordner. und nun? |
|
15.02.2013, 00:06
| #12 |
| /// Malware-holic | Browser gekapert google wird auf isearch.avg weitergeleitet Dort müssten ausführbare Programme sein, die musst du dann starten und die Treiber instalieren.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.02.2013, 23:20
| #13 |
| | Browser gekapert google wird auf isearch.avg weitergeleitet Hallo, die Treiberupdates habe ich ist mir etwas entgangen oder gab es in den 5 scans bisher keine Malwarefunde? Gruß Kati1 |
|
15.02.2013, 23:24
| #14 |
| /// Malware-holic | Browser gekapert google wird auf isearch.avg weitergeleitet immer mit der Ruhe. lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.02.2013, 13:21
| #15 |
| | Browser gekapert google wird auf isearch.avg weitergeleitet Hallo, hier die editierte Programmliste aus CC Cleaner Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 01.03.2008 13,5MB notwendig Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 09.02.2013 11.5.502.149 notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 09.02.2013 11.5.502.149 notwendig Adobe Reader 9.5.3 - Deutsch Adobe Systems Incorporated 14.01.2013 123MB 9.5.3 notwendig Adobe Shockwave Player Adobe Systems, Inc. 01.03.2008 10.2.0.23 notwendig Agere Systems HDA Modem Agere Systems 18.09.2007 unbekannt ALDI Foto Manager Free Sued MAGIX AG 16.12.20008 51,6MB 3.4.0.466 unnötig ALDI Online Druck Service (Sued) 01.03.2008 unnötig 8,09MB unnötig ALDI Sued Foto Service MAGIX AG 16.12.2007 57,2MB 1.12.0.93 unnötig Aldi Süd Fotoservice 01.03.2008 41,7MB unnötig Apple Software Update Apple Inc. 24.07.2011 2,38MB 2.1.3.127 unnötig AVG 2012 AVG Technologies 30.01.2013 109MB 2012.1.2238 AVG Security Toolbar AVG Technologies 11.02.2013 20,5MB 14.1.0.10 AVM FRITZ!Box Druckeranschluss AVM Berlin 23.10.2011 notwendig AVM FRITZ!Box USB-Fernanschluss AVM Berlin 25.09.2011 2.2.1.0 notwendig CCleaner Piriform 23.01.2013 3,82MB 3.27 Compatibility Pack für 2007 Office System Microsoft Corporation 23.10.2007 103MB 12.0.4518.1014 CyberLink Power2Go CyberLink Corp. 15.12.2007 124MB 6.0.1109a unbekannt CyberLink YouCam CyberLink Corp. 15.12.2007 39,0MB 1.00.0000 unbekannt Firebird SQL Server - MAGIX Edition MAGIX AG 16.12.2007 6,56MB 2.0.1.8 unbekannt gateProtect VPN Client 1.5 22.09.2010 6,25MB notwendig Google Chrome Google Inc. 03.01.2013 334MB 24.0.1312.57 Google Desktop Google 01.03.2008 7,91MB -unbekannt Google Toolbar for Internet Explorer Google Inc. 15.12.2012 11,9MB 7.4.3607.2246 unnötig Intel(R) Matrix Storage Manager 01.03.2008 3,77MB unbekannt/system Java 7 Update 13 Oracle 11.02.2013 129MB 7.0.130 unnötig Java(TM) 6 Update 3 Sun Microsystems, Inc. 23.10.2007 168MB 1.6.0.30 unnötig Launch Manager V1.4.9 Wistron Corp. 23.10.2007 0,98MB 1.4.9 unbekannt system? Letstrade Buhl Data Service 23.10.2007 25,9MB 1.00.0000 bloatware unnötig MakeDisc CyberLink Corp. 01.03.2008 101MB 3.0.2320 unbekannt Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 14.02.2013 12,2MB 1.70.0.1100 MediaShow CyberLink Corporation 01.03.2008 33,0MB 3.0.4325 bloat unbekannt MEDION Fotos auf CD Sued MAGIX AG 16.12.2007 649MB 6.0.2.0 unnötig MEDIONbox Medion 17.12.2007 26,9MB 1.09.0000.00052 unbekannt Microsoft .NET Framework 1.1 23.10.2007 wahrscheinlich notwendig Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 12.08.2012 36,9MB unbekannt Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 15.03.2010 27,8MB unbekannt Microsoft Office Home and Student 2007 Microsoft Corporation 16.12.2007 299MB 12.0.6215.1000 notwendig Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 23.10.2007 89,0MB 12.0.4518.1014 unbekannt Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 18.09.2007 422KB 8.0.56336 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 24.07.2011 590KB 9.0.30729.4148 unbekannt Microsoft Works Microsoft Corporation 23.10.2007 378MB 9.7.0621 notwendig Mozilla Firefox 18.0.2 (x86 de) Mozilla 09.02.2013 43,3MB 18.0.2 notwendig Mozilla Maintenance Service Mozilla 09.02.2013 204KB 18.0.2 notwendig MSXML 4.0 SP2 (KB925672) Microsoft Corporation 18.09.2007 1,23MB 4.20.9839.0 unbekannt MSXML 4.0 SP2 (KB927978) Microsoft Corporation 18.09.2007 1,23MB 4.20.9841.0 MSXML 4.0 SP2 (KB936181) Microsoft Corporation 18.09.2007 1,26MB 4.20.9848.0 MSXML 4.0 SP2 (KB941833) Microsoft Corporation 17.10.2007 1,26MB 4.20.9849.0 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 15.03.2010 35,0KB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 15.03.2010 1,33MB 4.20.9876.0 alle unbekannt MyPhoneExplorer F.J. Wechselberger 12.02.2013 18,0MB 1.8.4 notwendig Nero 8 Essentials Nero AG 24.10.2007 1,82GB 8.10.124 notwendig NVIDIA Drivers 01.03.2008 unnötig OmniPass 5.00.91 Softex Inc. 15.12.2007 26,5MB 5.00.91 unnötig PhotoNow! CyberLink Corp. 01.03.2008 1,59MB 1.0.4310 unbekannt PowerDirector CyberLink Corp. 15.12.2007 230MB 6.5.2209a notwendig PowerDVD CyberLink Corporation 01.03.2008 87,2MB 7.0.3118.0 notwendig PowerProducer CyberLink Corp. 01.03.2008 190MB 4.2.2219 notwendig QuickTime Apple Computer, Inc. 26.03.2008 70,5MB 7.1.6.200 notwendig Ralink Wireless LAN RaLink 17.12.2007 1,85MB 1.00.0000 notwendig Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista Realtek 18.09.2007 680KB 1.00.0000 notwendig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 15.12.2007 15,5MB 6.0.1.5506 notwendig Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 15.12.2007 2,97MB notwendig Sceneo AbsolutTV 01.03.2008 4,79MB unnötig Skype™ 6.1 Skype Technologies S.A. 13.01.2013 21,1MB 6.1.129 notwendig Synaptics Pointing Device Driver Synaptics 18.09.2007 13,6MB 10.0.14.0 notwendig The Football News App Installer 12.02.2013 1,37MB 2.6 unnötig Tinypic 3.18 E. Fiedler 28.07.2012 2,78MB Tinypic 3.18 notwendig TVsweeper Sonavis 23.10.2007 4,02MB 3.0.2 unnötig Ulead PhotoImpact 12 Ulead System 01.03.2008 389MB 12.0 nice to have unbekannt |
|
| Themen zu Browser gekapert google wird auf isearch.avg weitergeleitet |
| autorun, avg, avg secure search, avg security toolbar, bho, browser, cid, defender, driver./avg, error, firefox, flash player, format, frage, google, helper, home, hotkey.sys, install.exe, intranet, isearch.avg, launch, logfile, mozilla, plug-in, realtek, registry, rundll, scan, secure search, security, senden, svchost.exe, udp, vista, vtoolbarupdater |
WARNUNG an die MITLESER: 
Linear-Darstellung
