Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Youtube suche mit Chrome funktioniert nicht.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.02.2013, 22:38   #1
cic55
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



Hallo Forumsgemeinde.

Habe ein problem.
Seit einigen tagen funktioniert meine suche bei Youtube nicht mehr.
Mit dem IE funktioniert es.
Egal was ich suche es kommt kein suchergebnis.
Es kommt auch keine Fehlermeldung.
Wenn ich aber im web suche und auf ein video klicken kann ich ganz normal die videos schauen.
nur halt keine suchergebnisse bei youtube.

Was denkt ihr? Benutze kaspersky Internetsecuruty 2011 und der findet nix.
Letztens habe ich irgendwo gelesen was von einem downloader von irgendeiner seite der sowas hevorrufen kann. ob das softsonic was oder soo....

wer kann helfen. benutze ständig chrome und bitte keine antworten wie benutz doch IE oder sowas.

Alt 15.02.2013, 22:41   #2
markusg
/// Malware-holic
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



hi
warum Kaspersky 2011, aktuell ist 2013.

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 15.02.2013, 23:06   #3
cic55
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.02.2013 22:51:38 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Cihan\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,80 Gb Total Physical Memory | 3,98 Gb Available Physical Memory | 68,62% Memory free
11,59 Gb Paging File | 8,91 Gb Available in Paging File | 76,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,64 Gb Total Space | 7,81 Gb Free Space | 3,89% Space Free | Partition Type: NTFS
Drive Z: | 32,14 Gb Total Space | 29,63 Gb Free Space | 92,17% Space Free | Partition Type: NTFS
 
Computer Name: HP2540P | User Name: Cihan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.15 22:45:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cihan\Downloads\OTL.exe
PRC - [2012.10.25 17:34:08 | 000,593,784 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2012.10.25 17:33:34 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.09.17 12:41:58 | 000,508,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012.08.10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.16 12:23:56 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.07.16 12:23:56 | 000,975,800 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.01.20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.11.02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010.03.03 14:46:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.03.03 14:46:54 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.01.08 22:56:26 | 000,186,904 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
PRC - [2010.01.08 22:55:54 | 000,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009.12.29 14:19:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009.11.11 14:00:54 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.01.13 03:10:11 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll
MOD - [2013.01.13 03:09:58 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll
MOD - [2013.01.13 03:09:47 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll
MOD - [2013.01.13 03:09:43 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013.01.13 03:09:43 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll
MOD - [2013.01.13 03:09:38 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll
MOD - [2013.01.13 03:09:37 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013.01.13 03:09:31 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2012.10.05 11:53:24 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012.10.05 11:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012.10.05 11:53:24 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2011.12.25 21:42:15 | 005,255,168 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:58:50 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.11.05 02:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010.11.05 02:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.06.10 22:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009.12.29 23:03:24 | 002,019,120 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.10 01:15:42 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.25 17:33:34 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2012.10.25 17:33:14 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.09.27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2012.08.10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.06.01 13:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.11.02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010.09.08 00:05:34 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010.08.23 10:40:40 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.03 14:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.03.03 14:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.01.08 22:55:54 | 000,354,840 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009.12.29 22:44:24 | 001,639,728 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009.12.29 14:19:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.11.18 12:40:26 | 000,012,288 | ---- | M] (Chris Pietschmann (hxxp://pietschsoft.com)) [Auto | Running] -- C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe -- (Virtual Router)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.02 00:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2007.05.31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.02 10:43:02 | 000,509,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2011.09.02 21:29:54 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2011.09.02 21:29:52 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2011.06.22 00:54:30 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.06.02 06:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.06.02 06:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.06.02 06:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.11 10:16:36 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.02.10 18:50:32 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2010.12.21 06:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.12.21 06:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010.12.21 06:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.08 00:05:34 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.08.31 04:07:04 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.06.09 16:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2010.06.09 16:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010.06.04 02:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.06.03 15:56:06 | 001,803,904 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2010.04.22 18:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2010.02.26 14:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.01.13 16:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010.01.08 22:45:26 | 000,409,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.01.07 19:22:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.01.07 19:22:40 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.01.07 19:22:36 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.01.07 19:22:34 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.11.02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.20 15:05:50 | 000,059,008 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rismcx64.sys -- (rismcx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.25 17:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.04.29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.02.17 10:18:48 | 000,069,192 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2009.02.17 10:17:16 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2012.10.25 17:33:26 | 000,071,032 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.com/?ref=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A 3E 49 5C 44 D2 CB 01  [binary data]
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888; https=127.0.0.1:8888
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Cihan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Cihan\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Cihan\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2011.06.02 09:22:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2011.06.02 09:22:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2011.06.02 09:22:33 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Cihan\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Cihan\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Cihan\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Cihan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Cihan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: HP Product Detection Plugin = C:\Users\Cihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\1.0.19.2_0\
CHR - Extension: AdBlock = C:\Users\Cihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.58_0\
CHR - Extension: AdBlock = C:\Users\Cihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.60_0\
CHR - Extension: Skype Click to Call = C:\Users\Cihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Cihan\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_11_5_502_149_ActiveX.exe -update activex File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C7F3E6F-E5D7-49E0-A41E-DCB0913B7B82}: NameServer = 198.153.194.1,198.153.192.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FF2DEC9-E2B5-4137-8096-8B7B919AF919}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36E6DF71-7F5F-4E4E-823D-E409566366D5}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36E6DF71-7F5F-4E4E-823D-E409566366D5}: NameServer = 198.153.194.1,198.153.192.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98D91A74-DDD7-45A4-AD0F-DABBF4C524F1}: NameServer = 198.153.194.1,198.153.192.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A56AC4DD-82CE-4F95-B912-EA0BF6EF3B5A}: NameServer = 198.153.194.1,198.153.192.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC70E012-8A3F-474B-B54D-C7986015F9E5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC70E012-8A3F-474B-B54D-C7986015F9E5}: NameServer = 198.153.194.1,198.153.192.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B8174EEB-4193-4038-8650-93148FE525A9}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E60FFC6F-7C89-40FF-87B2-85A610E6E103}: NameServer = 198.153.194.1,198.153.192.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4581EC6-DE52-4275-BBE1-62D1C126BAD3}: NameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1eee0412-34a8-11e0-a9be-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1eee0412-34a8-11e0-a9be-806e6f6e6963}\Shell\AutoRun\command - "" = D:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
O33 - MountPoints2\{3678388c-9c61-11e0-8ab6-68b599e55e1d}\Shell - "" = AutoRun
O33 - MountPoints2\{3678388c-9c61-11e0-8ab6-68b599e55e1d}\Shell\AutoRun\command - "" = E:\INSTALL\Instprog.exe
O33 - MountPoints2\{5153d00b-9c65-11e0-9dda-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5153d00b-9c65-11e0-9dda-806e6f6e6963}\Shell\AutoRun\command - "" = F:\INSTALL\Instprog.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.15 20:45:07 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{A5A055E4-3D7E-494B-B897-EDCEE4B57949}
[2013.02.14 22:01:43 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{7D692DC9-E23C-4BAF-ACB3-DB12E4D6235A}
[2013.02.11 10:51:39 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{4C7E9AE2-8C12-48EB-A048-854152416937}
[2013.02.10 22:51:27 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{9289DD9D-4BEE-4234-ADB4-205E7B9424B8}
[2013.02.10 22:47:57 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{5DB13E9E-9EA9-4EF2-A50F-4A8E585B1B3F}
[2013.02.10 01:15:12 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{43C8C42B-5F12-4BA8-A7EB-538EF7670C45}
[2013.02.08 20:45:42 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{2D2E599C-079A-4452-AC41-C310DDED7CD1}
[2013.02.08 02:29:41 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{69BF5E61-2096-4EC1-B275-F28E1EA8A616}
[2013.02.08 02:29:33 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{4D61D2FE-72F6-4ED5-B93A-BC00366ACDE2}
[2013.02.07 13:23:15 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{40C20804-5DB1-4A8F-B0C6-D4BBC52AD988}
[2013.02.06 11:08:37 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{234A01D0-0301-443C-B462-9B3F8EB57669}
[2013.02.05 21:40:27 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{F291BF5A-256E-49AC-910E-FE8A0D7B3ABF}
[2013.02.04 14:50:14 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{0CF0BFA2-04CC-4CFC-B573-6C23AD12DE1F}
[2013.02.03 13:39:34 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{EB5C81D5-9273-420C-A139-CE4EFE865400}
[2013.02.02 13:03:52 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{9236DE75-3F99-4401-AE86-E417DD52F8D0}
[2013.02.02 11:50:09 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{DEFD5874-3E24-4385-942F-A8BABD269016}
[2013.02.01 10:56:07 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{E8EFAFD9-B13B-4AAA-A5A2-9250A4987AA0}
[2013.01.31 22:13:25 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{FA142269-AE4D-4D40-BF29-1D7072A03A22}
[2013.01.31 00:46:26 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{E7782B84-F6E7-4EA8-A3B9-F6CAD9CC433D}
[2013.01.30 09:24:03 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{9F5EF711-B13F-45C4-88F5-1D031332C2BB}
[2013.01.28 23:59:28 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{4871B47B-F219-497B-BD57-00CC58764E55}
[2013.01.28 01:10:27 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{7BCA72D4-A477-4F3A-8A43-000EA95936C8}
[2013.01.27 03:22:16 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{6D2B5391-794D-4DC9-8294-F6616C810FFE}
[2013.01.26 12:18:43 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{3BCD9A80-3DFB-4C09-8CBD-01D049CA1525}
[2013.01.25 02:23:25 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{9AE41E3D-938A-4A30-B916-5F5165BDE8C2}
[2013.01.24 14:23:20 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{F3C49170-A0CE-497B-92C8-CA219FED2B0A}
[2013.01.23 16:33:16 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{CDBC425B-E7A5-4221-9A31-480A7ABA782D}
[2013.01.23 16:29:46 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{DD31087B-8815-4AEC-84D9-42B2D27D177B}
[2013.01.21 02:57:01 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{B78641A7-F4E0-4C42-80E4-1B3E86D07F1D}
[2013.01.20 14:04:25 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{6AB8677E-20FF-41EB-A503-4542C5004D10}
[2013.01.19 14:24:24 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{67E4BE66-E776-4593-BB00-36B826E733DE}
[2013.01.19 02:23:48 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{12627EEB-822D-4B43-A7B6-7E8381B6F463}
[2013.01.17 13:50:21 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2013.01.17 13:02:09 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{C563E0D2-2575-47AF-BA6D-4FDFF7667989}
[2013.01.17 01:01:57 | 000,000,000 | ---D | C] -- C:\Users\Cihan\AppData\Local\{DEEDA852-4435-4E3D-ABCB-A0AAE80AF025}
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.15 22:53:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.15 22:53:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.15 22:34:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.15 22:07:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929057395-2147905070-1016382134-1000UA.job
[2013.02.15 22:07:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929057395-2147905070-1016382134-1000Core.job
[2013.02.15 21:51:01 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929057395-2147905070-1016382134-1000UA.job
[2013.02.15 20:59:27 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3929057395-2147905070-1016382134-1000Core.job
[2013.02.15 20:44:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.11 00:38:08 | 000,249,397 | ---- | M] () -- C:\Users\Cihan\Desktop\bumbur.jpg
[2013.02.10 22:54:17 | 000,016,656 | ---- | M] () -- C:\Users\Cihan\Documents\Servoöl bmw.pdf
[2013.01.31 22:43:44 | 000,002,367 | ---- | M] () -- C:\Users\Cihan\Desktop\Google Chrome.lnk
[2013.01.28 02:26:04 | 000,095,512 | ---- | M] () -- C:\Users\Cihan\Desktop\bumbur turkbase berlin.jpg
[2013.01.24 14:28:40 | 000,015,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.24 14:28:40 | 000,015,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.17 13:45:54 | 1928,728,575 | -HS- | M] () -- C:\hiberfil.sys
 
========== Files Created - No Company Name ==========
 
[2013.02.11 00:38:08 | 000,249,397 | ---- | C] () -- C:\Users\Cihan\Desktop\bumbur.jpg
[2013.02.10 22:54:17 | 000,016,656 | ---- | C] () -- C:\Users\Cihan\Documents\Servoöl bmw.pdf
[2013.01.28 02:26:04 | 000,095,512 | ---- | C] () -- C:\Users\Cihan\Desktop\bumbur turkbase berlin.jpg
[2013.01.08 02:58:21 | 000,003,584 | ---- | C] () -- C:\Users\Cihan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.26 15:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.06.26 15:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.06.26 15:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.06.26 15:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.06.26 15:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.05.23 00:30:10 | 000,000,137 | -H-- | C] () -- C:\Windows\SysWow64\crkmo.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.03.10 16:00:38 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\Ashampoo
[2011.02.22 04:26:52 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\Charles
[2011.06.15 16:05:21 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\DAEMON Tools Lite
[2012.08.22 21:44:25 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\DesktopIconForAmazon
[2011.06.22 00:48:07 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\GetRightToGo
[2012.09.17 20:52:45 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\HDRsoft
[2011.10.15 03:09:45 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\ICQ
[2012.08.29 21:25:49 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\Notepad++
[2012.08.05 00:26:03 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\Samsung
[2012.08.22 22:01:59 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\Sony
[2011.08.09 19:22:39 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\TeamViewer
[2011.06.22 00:48:06 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\uTorrent
[2011.02.14 20:42:13 | 000,000,000 | ---D | M] -- C:\Users\Cihan\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:C68DE4A3

< End of report >
         
--- --- ---

#
#
#
#
#
#
#
#
#
#
#
#
#OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.02.2013 22:51:38 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Cihan\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,80 Gb Total Physical Memory | 3,98 Gb Available Physical Memory | 68,62% Memory free
11,59 Gb Paging File | 8,91 Gb Available in Paging File | 76,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,64 Gb Total Space | 7,81 Gb Free Space | 3,89% Space Free | Partition Type: NTFS
Drive Z: | 32,14 Gb Total Space | 29,63 Gb Free Space | 92,17% Space Free | Partition Type: NTFS
 
Computer Name: HP2540P | User Name: Cihan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02A2529E-931B-4A10-8D01-4C32C4357EAD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{06C047AE-D0E9-4D4E-8B4D-CDBC6476A49E}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{0C160578-9691-4086-8ECF-FB84FA25ED88}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{0F105304-DDE4-4C87-B230-3B92B156FF19}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{138022A9-2F7E-4BC5-AB76-6D78E8CFB447}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{1B259D48-508F-43B4-9E64-D24A462D030A}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1C339C21-9B9F-4DDC-B1D7-A65A832F7E83}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1EF73E09-8D52-4B81-99B0-8E176582A754}" = lport=138 | protocol=17 | dir=in | app=system | 
"{243A19EC-A083-430C-926B-8C8C292409D6}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{3D41A840-D2B6-4D34-B6A2-ABC79EC1DC47}" = rport=445 | protocol=6 | dir=out | app=system | 
"{422EBF5B-8982-4F08-B3F7-6A1FA91B23BB}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{47A2B31B-1FFD-415F-A5FA-ED508FE549D9}" = rport=138 | protocol=17 | dir=out | app=system | 
"{4CBA55BC-D35A-44D0-A7EE-AFDC0EA5E79B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4D2559DF-5177-49CC-A462-241252D5F6D7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4E8482DB-B28D-4362-A326-A8EF1A73AA21}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{4F9DCBE4-1A56-4264-8C5D-E01665D2DEC5}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{5EAD1D5C-CC3C-4882-BDD5-F7375157B05C}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{6314C4B6-9D59-4057-A95E-303EE9331532}" = lport=445 | protocol=6 | dir=in | app=system | 
"{67459CC9-A300-4BF3-8697-13727A8CEE2D}" = rport=137 | protocol=17 | dir=out | app=system | 
"{7DD87F4F-8C1B-49E7-B1EA-FED5F468F853}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{8B170649-3413-4F55-B259-8AE21250489A}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{8C787C72-2BEA-4DC2-B641-BF48D8527AC4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{942A078A-89A3-481E-A5B7-B74AAE97BC23}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9BDCA13E-1D37-4662-8C3F-2C4D417340CF}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{9C257814-153D-4D1D-9561-0A429B46EEAF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AA17AC5E-DFB7-4401-B32F-3AE0124D095B}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{B050B0B4-5071-4332-B917-15AE83FD7AF1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{BCD5A949-4A7F-4976-9073-88ACDC5D90E0}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C06A1CDE-0FDC-433A-B433-8983759FA661}" = rport=139 | protocol=6 | dir=out | app=system | 
"{CE1026B3-4A14-47CB-AD47-ABFE5C108D34}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D651020E-4E7A-4B23-A495-3E0E68420A42}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{DB0E0CC7-90AC-4329-B450-BED823C85194}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{E4F76725-46E9-4D4E-84D2-7AEA8C5AB375}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{E6D63718-7019-4770-8C67-AF12012FEA0D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EA3E29B4-C71B-4591-BC7A-77B5D7A7580B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{ED7D032E-C12C-4D59-9E06-2FD64A6D6668}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F0A3930B-7EF3-4AB3-933C-CA94F4C4E515}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042E5B14-9A16-40CD-83DF-37DC24177066}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{081C2FBB-D9DC-4CBC-A79B-D890C5C3D079}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{0BDA84C0-B609-4B45-89A3-546255F11BDF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0C04F747-60E1-4EF9-8284-26F533594CED}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{14196593-E10E-4528-BE08-7360C87D3AD5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{18A7874D-B776-45D8-A257-3A99AAF576F0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{1E786822-3405-4611-9170-2E3C91E675B8}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{1FE8FEA0-B13D-4567-A4C4-F3B15034F45B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{2045D98B-EDA1-4D9F-AE07-76351330A240}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{21DCBE79-081E-4CCD-A73A-6E8C534E7BCD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{2C0BB000-978D-4E5C-B55D-A0DFF92C0C12}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | 
"{2C534A8F-AF23-4959-AAB8-B91D5075CD1C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 
"{2D212AD5-7BDB-4D6D-8CDA-3B80488D5A62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{31B41607-E23F-479D-9453-34CAC45E95B1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{3A8497A9-868B-489D-967D-A929B12CC7BA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3CB508B2-4E36-4F83-872C-5DEBFABC6843}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{3D69E65A-3825-4ACF-BF01-A269C2774238}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{41585BBC-B76B-4889-ABF1-1B3543D8DDA0}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{46672B78-34A2-4FC9-B22F-FF11AE48DF49}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{5240DC9B-FA30-49C3-B277-B0625311D996}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{53DB9791-426D-45E1-8CB2-EFBB8348DC2D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{649621C1-2C88-4535-A89F-3548641050C3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{6560B4CB-72A2-4B0C-9000-C30A20303722}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{679C4CB7-CDD0-4592-AE53-D52B0A60C2EF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{739D6FF7-ACD1-49BA-BE1F-A680B2AB2825}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{7B8E864A-C326-4D2E-A9CA-E164CA05DB90}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 
"{833FCE67-93FD-4DF3-8B89-13FABB0CFAD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{87088715-896E-4B52-965C-25F5DAF1320C}" = dir=in | app=c:\users\cihan\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{897719FE-232D-4CD0-A966-D5D85E9E18C0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{8A1EEBC3-BB8D-4663-A227-A0AF9F876539}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | 
"{905C228D-C7B6-4D36-AFD2-3712BD7CFB0F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9229A278-447C-4E55-91A2-F8D54B480DB5}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{94E143B6-84F2-4DEC-9927-D666E2B655EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9FF4A2FF-243D-42AB-9707-19413E2616A4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A3AAF763-38E8-46E3-9CBC-97119332F7E6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A515A6D9-B33A-4026-9ECD-071F822EBA55}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{A5197914-C0AE-4FEF-A6E7-9D53B9312C71}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{A6009786-0AE9-47CA-9FE8-EF666E2A6BBB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{A8C2E6CD-5F5C-4CE7-9898-11DFED5EBB36}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{AB138E6E-19F8-44F1-A690-A22964766F27}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{ABBA179F-1978-40D4-BF37-C1FF49C5EFFB}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | 
"{AEB908F0-7CA1-4687-B9EB-97F03F2568AF}" = protocol=6 | dir=out | app=system | 
"{AF77B65A-7C71-4137-A6C9-6BCF60F5359D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B59FBB7F-F59C-46A0-9FCA-C7A6882B5DBE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{B63ABA39-61AA-434F-B915-FCD99495623C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{B96F05A4-86CE-4B07-B0F4-E30EA4D0553C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{BB10BE1F-878F-41EC-8A95-C432A409807E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe | 
"{CE21F858-A375-46F3-A5B5-7AE3C2DFC305}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D74BF239-ABFD-4F1A-A20D-4446C097BF77}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{DCC37809-BF36-4154-95C5-2F4CD01CD425}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{DF9608D2-10AB-4DEA-9F3B-599206C4DF59}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{E02765B9-D58D-4344-94B2-A2AA5A8D54CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E647537F-ECBE-4721-AEF2-218C7F0756B4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{EBA22701-B248-482C-A175-B27184AAAB28}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{EC04D42D-24FA-4B0D-8E31-0462C4EA2B49}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F88C6065-B147-47A8-81B0-6720A9111757}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"TCP Query User{B7EE1422-FE26-4579-8658-76C0738EBB64}C:\users\cihan\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\cihan\appdata\local\google\chrome\application\chrome.exe | 
"UDP Query User{552E6C9D-E7A9-4D91-9101-E91B1A510E6C}C:\users\cihan\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\cihan\appdata\local\google\chrome\application\chrome.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1DC83950-68C7-4649-B120-328CD963C536}" = HP Power Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{64A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java(TM) SE Development Kit 6 Update 24 (64-bit)
"{7F41676C-B432-4360-B988-99D11095F3C1}" = HP Power Data
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6079F8-EBA2-4C55-96A6-325E8E22DF0C}" = HP 3D DriveGuard
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Broadcom 2070 Bluetooth 2.1 + EDR
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B4867F47-1E4E-4EA2-8FE7-1153BD5B121E}" = Validity Fingerprint Driver
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)
"7E38E30BB92ED94B21CF062A7386554CBA991FEB" = Windows Driver Package - Broadcom Bluetooth  (12/16/2009 6.2.0.9414)
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"DesktopIconAmazon" = Desktop Icon für Amazon
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PhotomatixPro42x64_is1" = Photomatix Pro version 4.2.2
"PROSet" = Intel(R) Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{040FF9BD-17BE-427B-85DD-67694FB8F786}" = Badoo Desktop
"{04DF4A51-DE2A-11E0-9AB5-F04DA23A5C58}" = DVD Architect Studio 5.0
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{12EE0B2A-84C6-494E-A7AC-6771E898F6A0}_is1" = HD2 Toolkit Version 4.3
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 37
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{384FA0C0-BB19-4CA0-8DB4-5FD4E938277F}" = Notification Center
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F38594F-2C4A-4C42-B2C4-505E225F6F80}" = HP Product Detection
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}" = Virtual Router v0.9 Beta
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F379330-2044-11E1-937A-005056C00008}" = MSVCRT Redists
"{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter
"{A6365256-0FBA-4DCD-88CE-D92A4DC9328E}" = HP ESU for Microsoft Windows 7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2A2E5CD-801A-4B8D-8119-F79449A09B67}" = HP System Default Settings
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA00F140-1C03-11E1-AE47-F04DA23A5C58}" = Vegas Movie Studio HD Platinum 11.0
"{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1" = MiniTool Partition Wizard Home Edition 7.0
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"BlueStacks App Player" = BlueStacks App Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"EatCam Webcam Recorder 5.0 for MSN_is1" = EatCam Webcam Recorder 5.0 for MSN
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"JPGVideo_is1" = JPGVideo 1.05.0.0
"moDiag_is1" = moDiag 2.8.515
"Notepad++" = Notepad++
"TeamViewer 6" = TeamViewer 6
"VLC media player" = VLC media player 2.0.4
"WinAce Archiver" = WinAce Archiver
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.02.2013 08:23:10 | Computer Name = HP2540P | Source = Google Update | ID = 20
Description = 
 
Error - 07.02.2013 21:29:31 | Computer Name = HP2540P | Source = Google Update | ID = 20
Description = 
 
Error - 08.02.2013 15:56:20 | Computer Name = HP2540P | Source = System Restore | ID = 8193
Description = 
 
Error - 09.02.2013 22:48:34 | Computer Name = HP2540P | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Cihan\Downloads\SoftonicDownloader_for_vmware-workstation.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 10.02.2013 05:45:39 | Computer Name = HP2540P | Source = Google Update | ID = 20
Description = 
 
Error - 10.02.2013 17:47:52 | Computer Name = HP2540P | Source = Google Update | ID = 20
Description = 
 
Error - 11.02.2013 05:01:44 | Computer Name = HP2540P | Source = Google Update | ID = 20
Description = 
 
Error - 14.02.2013 17:01:40 | Computer Name = HP2540P | Source = Google Update | ID = 20
Description = 
 
Error - 14.02.2013 17:13:03 | Computer Name = HP2540P | Source = System Restore | ID = 8193
Description = 
 
Error - 15.02.2013 15:45:02 | Computer Name = HP2540P | Source = Google Update | ID = 20
Description = 
 
Error - 15.02.2013 15:56:09 | Computer Name = HP2540P | Source = System Restore | ID = 8193
Description = 
 
[ Hewlett-Packard Events ]
Error - 29.03.2012 14:02:59 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 19.04.2012 17:53:11 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 02.05.2012 18:07:02 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 19.05.2012 21:53:50 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 25.05.2012 18:41:46 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 25.05.2012 18:43:29 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 30.05.2012 17:31:20 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 06.06.2012 17:11:45 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 28.06.2012 10:09:49 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
Error - 20.08.2012 12:39:01 | Computer Name = HP2540P | Source = HPSF.exe | ID = 4000
Description = 
 
[ HP Power Assistant Events ]
Error - 07.01.2013 23:45:20 | Computer Name = HP2540P | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
 found in the dat file.
 
Error - 13.01.2013 09:43:11 | Computer Name = HP2540P | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
 found in the dat file.
 
Error - 16.01.2013 06:02:03 | Computer Name = HP2540P | Source = HP PA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.  
  bei PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)
 
Error - 16.01.2013 06:02:27 | Computer Name = HP2540P | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
 found in the dat file.
 
Error - 17.01.2013 10:12:30 | Computer Name = HP2540P | Source = HP PA Application | ID = 0
Description = System.Exception HardwareAccess hasn't been instantiated properly.  
  bei PAProgramAccess.Impl.UpdatePowerSchemeInformation(PowerScheme powerScheme)
 
Error - 17.01.2013 10:13:01 | Computer Name = HP2540P | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=64, version=6.1, servicePack=1.0) not
 found in the dat file.
 
Error - 20.01.2013 10:10:05 | Computer Name = HP2540P | Source = HP PA Service | ID = 0
Description = System.InvalidOperationException Fehler im XML-Dokument.    bei System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader
 xmlReader, String encodingStyle, XmlDeserializationEvents events)     bei System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader
 xmlReader)     bei HP_Common.CaslWrapper.GetPMCData(GetPMCDataOutput& pmcData)     
bei HPPA_Service.CurrentConfiguration.getPMCData(GetPMCDataOutput& pmcData)
 
Error - 20.01.2013 10:10:05 | Computer Name = HP2540P | Source = HP PA Service | ID = 0
Description = System.FormatException Die Zeichenfolge '2015-15-15T15:15:15' kein 
gültiger AllXsd-Wert.    bei System.Xml.Schema.XsdDateTime..ctor(String text, XsdDateTimeFlags
 kinds)     bei System.Xml.XmlConvert.ToDateTime(String s, XmlDateTimeSerializationMode
 dateTimeOption)     bei System.Xml.Serialization.XmlSerializationReader.ToDateTime(String
 value)     bei Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReader1.Read79_GetPMCDataOutputOutputData(Boolean
 isNullable, Boolean checkType)     bei Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReader1.Read80_GetPMCDataOutputOutput(Boolean
 isNullable, Boolean checkType)     bei Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReader1.Read81_GetPMCDataOutput(Boolean
 isNullable, Boolean checkType)     bei Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReader1.Read210_GetPMCDataOutput()
 
Error - 07.02.2013 23:24:16 | Computer Name = HP2540P | Source = HP PA Service | ID = 0
Description = System.InvalidOperationException Fehler im XML-Dokument.    bei System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader
 xmlReader, String encodingStyle, XmlDeserializationEvents events)     bei System.Xml.Serialization.XmlSerializer.Deserialize(XmlReader
 xmlReader)     bei HP_Common.CaslWrapper.GetPMCData(GetPMCDataOutput& pmcData)     
bei HPPA_Service.CurrentConfiguration.getPMCData(GetPMCDataOutput& pmcData)
 
Error - 07.02.2013 23:24:16 | Computer Name = HP2540P | Source = HP PA Service | ID = 0
Description = System.FormatException Die Zeichenfolge '2013-13-13T13:13:13' kein 
gültiger AllXsd-Wert.    bei System.Xml.Schema.XsdDateTime..ctor(String text, XsdDateTimeFlags
 kinds)     bei System.Xml.XmlConvert.ToDateTime(String s, XmlDateTimeSerializationMode
 dateTimeOption)     bei System.Xml.Serialization.XmlSerializationReader.ToDateTime(String
 value)     bei Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReader1.Read79_GetPMCDataOutputOutputData(Boolean
 isNullable, Boolean checkType)     bei Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReader1.Read80_GetPMCDataOutputOutput(Boolean
 isNullable, Boolean checkType)     bei Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReader1.Read81_GetPMCDataOutput(Boolean
 isNullable, Boolean checkType)     bei Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationReader1.Read210_GetPMCDataOutput()
 
[ System Events ]
Error - 16.01.2013 04:50:01 | Computer Name = HP2540P | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst HP Power Assistant Service erreicht.
 
Error - 16.01.2013 05:57:19 | Computer Name = HP2540P | Source = Service Control Manager | ID = 7023
Description = Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler
 beendet:   %%1064
 
Error - 16.01.2013 05:58:53 | Computer Name = HP2540P | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Kaspersky Anti-Virus Service" wurde nicht richtig gestartet.
 
Error - 16.01.2013 05:58:55 | Computer Name = HP2540P | Source = Service Control Manager | ID = 7022
Description = Der Dienst "VirtualRouterService" wurde nicht richtig gestartet.
 
Error - 16.01.2013 05:58:55 | Computer Name = HP2540P | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   Ext2Fsd
 
Error - 17.01.2013 08:46:05 | Computer Name = HP2540P | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?17.?01.?2013 um 13:03:42 unerwartet heruntergefahren.
 
Error - 17.01.2013 08:46:46 | Computer Name = HP2540P | Source = Service Control Manager | ID = 7023
Description = Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler
 beendet:   %%1064
 
Error - 17.01.2013 08:48:21 | Computer Name = HP2540P | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   Ext2Fsd
 
Error - 24.01.2013 19:59:15 | Computer Name = HP2540P | Source = DCOM | ID = 10005
Description = 
 
Error - 24.01.2013 19:59:15 | Computer Name = HP2540P | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%109
 
 
< End of report >
         
--- --- ---


Und ich benutze KIS 2011 weil es installiert ist.
Habe noch nicht auf 2013 geupdatet.
__________________

Alt 15.02.2013, 23:20   #4
markusg
/// Malware-holic
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



Hi
upgrade mal auf 2013 bitte.
Upgrades sind kostenlos
Danach:
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.02.2013, 23:23   #5
cic55
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



ok das wird aber ein paar minuten dauern.
trotzdem jetzt schonmal danke für die hilfe.


Alt 15.02.2013, 23:25   #6
markusg
/// Malware-holic
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



Kein problem, du musst mir nicht bescheid sagen, wenns ein paar minuten dauert, mach einfach in Ruhe
__________________
--> Youtube suche mit Chrome funktioniert nicht.

Alt 15.02.2013, 23:51   #7
cic55
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



23:48:20.0500 8824 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:48:21.0077 8824 ============================================================
23:48:21.0077 8824 Current date / time: 2013/02/15 23:48:21.0077
23:48:21.0077 8824 SystemInfo:
23:48:21.0077 8824
23:48:21.0077 8824 OS Version: 6.1.7601 ServicePack: 1.0
23:48:21.0077 8824 Product type: Workstation
23:48:21.0077 8824 ComputerName: HP2540P
23:48:21.0077 8824 UserName: Cihan
23:48:21.0077 8824 Windows directory: C:\Windows
23:48:21.0077 8824 System windows directory: C:\Windows
23:48:21.0077 8824 Running under WOW64
23:48:21.0077 8824 Processor architecture: Intel x64
23:48:21.0077 8824 Number of processors: 4
23:48:21.0077 8824 Page size: 0x1000
23:48:21.0077 8824 Boot type: Normal boot
23:48:21.0077 8824 ============================================================
23:48:21.0966 8824 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:48:21.0982 8824 ============================================================
23:48:21.0982 8824 \Device\Harddisk0\DR0:
23:48:21.0982 8824 MBR partitions:
23:48:21.0982 8824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:48:21.0982 8824 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x19148A1D
23:48:22.0138 8824 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1917B25C, BlocksNum 0x4049325
23:48:22.0138 8824 ============================================================
23:48:22.0325 8824 C: <-> \Device\Harddisk0\DR0\Partition2
23:48:22.0372 8824 Z: <-> \Device\Harddisk0\DR0\Partition3
23:48:22.0372 8824 ============================================================
23:48:22.0372 8824 Initialize success
23:48:22.0372 8824 ============================================================
23:48:30.0484 8916 ============================================================
23:48:30.0484 8916 Scan started
23:48:30.0484 8916 Mode: Manual; SigCheck; TDLFS;
23:48:30.0484 8916 ============================================================
23:48:32.0371 8916 ================ Scan system memory ========================
23:48:32.0371 8916 System memory - ok
23:48:32.0371 8916 ================ Scan services =============================
23:48:32.0793 8916 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:48:32.0886 8916 1394ohci - ok
23:48:32.0980 8916 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
23:48:33.0011 8916 Accelerometer - ok
23:48:33.0105 8916 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:48:33.0136 8916 ACPI - ok
23:48:33.0183 8916 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:48:33.0245 8916 AcpiPmi - ok
23:48:33.0432 8916 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:48:33.0479 8916 AdobeARMservice - ok
23:48:33.0885 8916 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:48:33.0963 8916 AdobeFlashPlayerUpdateSvc - ok
23:48:34.0072 8916 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:48:34.0103 8916 adp94xx - ok
23:48:34.0165 8916 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:48:34.0197 8916 adpahci - ok
23:48:34.0243 8916 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:48:34.0259 8916 adpu320 - ok
23:48:34.0353 8916 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:48:34.0415 8916 AeLookupSvc - ok
23:48:34.0727 8916 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
23:48:34.0789 8916 AESTFilters - ok
23:48:34.0961 8916 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:48:35.0039 8916 AFD - ok
23:48:35.0164 8916 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
23:48:35.0257 8916 AgereSoftModem - ok
23:48:35.0320 8916 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:48:35.0351 8916 agp440 - ok
23:48:35.0413 8916 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:48:35.0491 8916 ALG - ok
23:48:35.0538 8916 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:48:35.0554 8916 aliide - ok
23:48:35.0585 8916 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:48:35.0616 8916 amdide - ok
23:48:35.0663 8916 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:48:35.0694 8916 AmdK8 - ok
23:48:35.0710 8916 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:48:35.0757 8916 AmdPPM - ok
23:48:35.0850 8916 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:48:35.0881 8916 amdsata - ok
23:48:35.0897 8916 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:48:35.0928 8916 amdsbs - ok
23:48:35.0959 8916 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:48:35.0975 8916 amdxata - ok
23:48:36.0053 8916 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:48:36.0131 8916 AppID - ok
23:48:36.0178 8916 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:48:36.0271 8916 AppIDSvc - ok
23:48:36.0287 8916 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:48:36.0349 8916 Appinfo - ok
23:48:36.0443 8916 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:48:36.0490 8916 AppMgmt - ok
23:48:36.0552 8916 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:48:36.0568 8916 arc - ok
23:48:36.0646 8916 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:48:36.0661 8916 arcsas - ok
23:48:36.0739 8916 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:48:36.0833 8916 AsyncMac - ok
23:48:36.0895 8916 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:48:36.0911 8916 atapi - ok
23:48:37.0020 8916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:48:37.0129 8916 AudioEndpointBuilder - ok
23:48:37.0145 8916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:48:37.0176 8916 AudioSrv - ok
23:48:37.0660 8916 AVP - ok
23:48:37.0707 8916 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:48:37.0769 8916 AxInstSV - ok
23:48:37.0800 8916 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:48:37.0847 8916 b06bdrv - ok
23:48:37.0894 8916 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:48:37.0956 8916 b57nd60a - ok
23:48:38.0034 8916 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:48:38.0081 8916 BDESVC - ok
23:48:38.0128 8916 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:48:38.0206 8916 Beep - ok
23:48:38.0284 8916 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:48:38.0346 8916 BFE - ok
23:48:38.0455 8916 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:48:38.0549 8916 BITS - ok
23:48:38.0596 8916 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:48:38.0643 8916 blbdrive - ok
23:48:38.0736 8916 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:48:38.0752 8916 bowser - ok
23:48:38.0799 8916 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:48:38.0877 8916 BrFiltLo - ok
23:48:38.0877 8916 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:48:38.0892 8916 BrFiltUp - ok
23:48:38.0970 8916 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:48:38.0986 8916 Browser - ok
23:48:39.0017 8916 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:48:39.0064 8916 Brserid - ok
23:48:39.0064 8916 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:48:39.0095 8916 BrSerWdm - ok
23:48:39.0095 8916 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:48:39.0157 8916 BrUsbMdm - ok
23:48:39.0173 8916 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:48:39.0204 8916 BrUsbSer - ok
23:48:39.0438 8916 [ A9C4AEE6AC10D41BB815468D2E734045 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
23:48:39.0469 8916 BstHdAndroidSvc - ok
23:48:39.0547 8916 [ EAE75499461AE856330EBDB3489DB1E9 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
23:48:39.0563 8916 BstHdDrv - ok
23:48:39.0625 8916 [ CD96992A52B454CDBB77E56F9F7FA151 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
23:48:39.0657 8916 BstHdLogRotatorSvc - ok
23:48:39.0750 8916 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:48:39.0844 8916 BthEnum - ok
23:48:39.0922 8916 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:48:39.0953 8916 BTHMODEM - ok
23:48:40.0031 8916 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:48:40.0078 8916 BthPan - ok
23:48:40.0125 8916 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:48:40.0203 8916 BTHPORT - ok
23:48:40.0249 8916 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:48:40.0312 8916 bthserv - ok
23:48:40.0343 8916 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:48:40.0390 8916 BTHUSB - ok
23:48:40.0468 8916 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:48:40.0483 8916 btwaudio - ok
23:48:40.0577 8916 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
23:48:40.0608 8916 btwavdt - ok
23:48:40.0920 8916 [ 10FFB5FA51D5713D872B41A59DFC2213 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
23:48:40.0936 8916 btwdins - ok
23:48:41.0029 8916 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:48:41.0045 8916 btwl2cap - ok
23:48:41.0076 8916 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:48:41.0092 8916 btwrchid - ok
23:48:41.0123 8916 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:48:41.0201 8916 cdfs - ok
23:48:41.0310 8916 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:48:41.0388 8916 cdrom - ok
23:48:41.0451 8916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:48:41.0497 8916 CertPropSvc - ok
23:48:41.0544 8916 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:48:41.0591 8916 circlass - ok
23:48:41.0685 8916 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:48:41.0716 8916 CLFS - ok
23:48:41.0965 8916 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:48:41.0997 8916 clr_optimization_v2.0.50727_32 - ok
23:48:42.0168 8916 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:48:42.0184 8916 clr_optimization_v2.0.50727_64 - ok
23:48:42.0387 8916 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:48:42.0402 8916 clr_optimization_v4.0.30319_32 - ok
23:48:42.0480 8916 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:48:42.0496 8916 clr_optimization_v4.0.30319_64 - ok
23:48:42.0605 8916 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:48:42.0636 8916 CmBatt - ok
23:48:42.0667 8916 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:48:42.0683 8916 cmdide - ok
23:48:42.0730 8916 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:48:42.0777 8916 CNG - ok
23:48:42.0979 8916 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
23:48:43.0011 8916 Com4QLBEx - ok
23:48:43.0042 8916 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:48:43.0057 8916 Compbatt - ok
23:48:43.0104 8916 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:48:43.0167 8916 CompositeBus - ok
23:48:43.0182 8916 COMSysApp - ok
23:48:43.0198 8916 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:48:43.0229 8916 crcdisk - ok
23:48:43.0291 8916 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:48:43.0338 8916 CryptSvc - ok
23:48:43.0432 8916 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
23:48:43.0494 8916 CSC - ok
23:48:43.0541 8916 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
23:48:43.0588 8916 CscService - ok
23:48:43.0619 8916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:48:43.0681 8916 DcomLaunch - ok
23:48:43.0744 8916 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:48:43.0806 8916 defragsvc - ok
23:48:43.0869 8916 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:48:43.0931 8916 DfsC - ok
23:48:44.0009 8916 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:48:44.0056 8916 Dhcp - ok
23:48:44.0165 8916 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:48:44.0212 8916 discache - ok
23:48:44.0227 8916 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:48:44.0259 8916 Disk - ok
23:48:44.0305 8916 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:48:44.0337 8916 Dnscache - ok
23:48:44.0383 8916 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:48:44.0446 8916 dot3svc - ok
23:48:44.0539 8916 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:48:44.0602 8916 DPS - ok
23:48:44.0633 8916 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:48:44.0680 8916 drmkaud - ok
23:48:44.0773 8916 [ FB9BEF3401EE5ECC2603311B9C64F44A ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:48:44.0805 8916 dtsoftbus01 - ok
23:48:44.0898 8916 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:48:44.0945 8916 DXGKrnl - ok
23:48:45.0007 8916 [ 324FCD2DD8A4229DDEF3CC954FF12FA5 ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
23:48:45.0039 8916 e1kexpress - ok
23:48:45.0101 8916 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:48:45.0163 8916 EapHost - ok
23:48:45.0335 8916 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:48:45.0491 8916 ebdrv - ok
23:48:45.0538 8916 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:48:45.0553 8916 EFS - ok
23:48:45.0678 8916 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:48:45.0741 8916 ehRecvr - ok
23:48:45.0803 8916 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:48:45.0834 8916 ehSched - ok
23:48:45.0928 8916 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:48:45.0959 8916 elxstor - ok
23:48:46.0021 8916 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:48:46.0068 8916 ErrDev - ok
23:48:46.0177 8916 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:48:46.0224 8916 EventSystem - ok
23:48:46.0240 8916 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:48:46.0287 8916 exfat - ok
23:48:46.0318 8916 Ext2Fsd - ok
23:48:46.0349 8916 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:48:46.0411 8916 fastfat - ok
23:48:46.0505 8916 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:48:46.0567 8916 Fax - ok
23:48:46.0583 8916 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:48:46.0614 8916 fdc - ok
23:48:46.0645 8916 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:48:46.0708 8916 fdPHost - ok
23:48:46.0817 8916 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:48:46.0879 8916 FDResPub - ok
23:48:46.0942 8916 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:48:46.0973 8916 FileInfo - ok
23:48:46.0989 8916 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:48:47.0067 8916 Filetrace - ok
23:48:47.0082 8916 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:48:47.0129 8916 flpydisk - ok
23:48:47.0223 8916 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:48:47.0238 8916 FltMgr - ok
23:48:47.0301 8916 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
23:48:47.0363 8916 FontCache - ok
23:48:47.0503 8916 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:48:47.0519 8916 FontCache3.0.0.0 - ok
23:48:47.0550 8916 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:48:47.0566 8916 FsDepends - ok
23:48:47.0613 8916 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:48:47.0644 8916 Fs_Rec - ok
23:48:47.0706 8916 [ 82D4BD620F7E27EA268EA0E2F701A7AE ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
23:48:47.0722 8916 FTDIBUS - ok
23:48:47.0800 8916 [ 1FA21FF2D7B50B528D8B73DB34AD06BC ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
23:48:47.0815 8916 FTSER2K - ok
23:48:47.0847 8916 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:48:47.0878 8916 fvevol - ok
23:48:47.0925 8916 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:48:47.0956 8916 gagp30kx - ok
23:48:48.0081 8916 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:48:48.0159 8916 gpsvc - ok
23:48:48.0268 8916 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:48:48.0299 8916 gupdate - ok
23:48:48.0330 8916 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:48:48.0330 8916 gupdatem - ok
23:48:48.0393 8916 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:48:48.0424 8916 hcw85cir - ok
23:48:48.0486 8916 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:48:48.0533 8916 HdAudAddService - ok
23:48:48.0549 8916 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:48:48.0627 8916 HDAudBus - ok
23:48:48.0720 8916 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:48:48.0736 8916 HECIx64 - ok
23:48:48.0814 8916 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:48:48.0845 8916 HidBatt - ok
23:48:48.0892 8916 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:48:48.0939 8916 HidBth - ok
23:48:48.0939 8916 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:48:49.0001 8916 HidIr - ok
23:48:49.0048 8916 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:48:49.0110 8916 hidserv - ok
23:48:49.0173 8916 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:48:49.0204 8916 HidUsb - ok
23:48:49.0282 8916 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:48:49.0375 8916 hkmsvc - ok
23:48:49.0422 8916 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:48:49.0469 8916 HomeGroupListener - ok
23:48:49.0500 8916 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:48:49.0547 8916 HomeGroupProvider - ok
23:48:49.0797 8916 [ 74E65F650FAF75550C96CDFF302DEB28 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
23:48:49.0812 8916 HP Power Assistant Service - ok
23:48:49.0953 8916 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
23:48:49.0984 8916 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
23:48:49.0984 8916 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
23:48:50.0124 8916 [ B7382BEC806B7B00FC84B3E2061FF48E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
23:48:50.0155 8916 HPDrvMntSvc.exe - ok
23:48:50.0233 8916 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
23:48:50.0249 8916 hpdskflt - ok
23:48:50.0280 8916 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
23:48:50.0311 8916 HpqKbFiltr - ok
23:48:50.0374 8916 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:48:50.0389 8916 hpqwmiex - ok
23:48:50.0499 8916 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:48:50.0530 8916 HpSAMD - ok
23:48:50.0546 8916 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
23:48:50.0561 8916 hpsrv - ok
23:48:50.0686 8916 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:48:50.0764 8916 HTTP - ok
23:48:50.0842 8916 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:48:50.0858 8916 hwpolicy - ok
23:48:50.0936 8916 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:48:50.0951 8916 i8042prt - ok
23:48:51.0107 8916 [ D782F0C741EE2D50AC8D38774597FB2B ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
23:48:51.0154 8916 IAANTMON - ok
23:48:51.0216 8916 [ DC0B4553D089E2BD07AEBD9EA30BEAFB ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:48:51.0232 8916 iaStor - ok
23:48:51.0357 8916 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:48:51.0388 8916 iaStorV - ok
23:48:51.0560 8916 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:48:51.0606 8916 idsvc - ok
23:48:52.0371 8916 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:48:52.0745 8916 igfx - ok
23:48:52.0823 8916 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:48:52.0839 8916 iirsp - ok
23:48:52.0901 8916 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:48:52.0979 8916 IKEEXT - ok
23:48:53.0042 8916 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
23:48:53.0088 8916 Impcd - ok
23:48:53.0166 8916 [ 4429B91B0FE91F9BE8E24E93CC960368 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
23:48:53.0213 8916 IntcDAud - ok
23:48:53.0260 8916 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:48:53.0276 8916 intelide - ok
23:48:53.0369 8916 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:48:53.0385 8916 intelppm - ok
23:48:53.0432 8916 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:48:53.0478 8916 IPBusEnum - ok
23:48:53.0525 8916 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:48:53.0588 8916 IpFilterDriver - ok
23:48:53.0759 8916 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:48:53.0775 8916 iphlpsvc - ok
23:48:53.0837 8916 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:48:53.0884 8916 IPMIDRV - ok
23:48:53.0915 8916 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:48:53.0993 8916 IPNAT - ok
23:48:54.0040 8916 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:48:54.0087 8916 IRENUM - ok
23:48:54.0134 8916 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:48:54.0165 8916 isapnp - ok
23:48:54.0180 8916 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:48:54.0212 8916 iScsiPrt - ok
23:48:54.0290 8916 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:48:54.0321 8916 kbdclass - ok
23:48:54.0368 8916 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:48:54.0399 8916 kbdhid - ok
23:48:54.0414 8916 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:48:54.0430 8916 KeyIso - ok
23:48:54.0492 8916 [ 8B5219318DF5895ABD230C373F2DF18A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
23:48:54.0524 8916 KL1 - ok
23:48:54.0617 8916 [ 8191BB24F61EBCAF84719993C7F7B5C6 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
23:48:54.0648 8916 KLIF - ok
23:48:54.0695 8916 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
23:48:54.0711 8916 KLIM6 - ok
23:48:54.0758 8916 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
23:48:54.0773 8916 klkbdflt - ok
23:48:54.0898 8916 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
23:48:54.0914 8916 klmouflt - ok
23:48:54.0945 8916 [ FFC0501A1EA742406F1904A0CFE3BFE2 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
23:48:54.0960 8916 kltdi - ok
23:48:55.0038 8916 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
23:48:55.0070 8916 kneps - ok
23:48:55.0194 8916 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:48:55.0210 8916 KSecDD - ok
23:48:55.0241 8916 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:48:55.0272 8916 KSecPkg - ok
23:48:55.0350 8916 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:48:55.0444 8916 ksthunk - ok
23:48:55.0506 8916 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:48:55.0569 8916 KtmRm - ok
23:48:55.0694 8916 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:48:55.0756 8916 LanmanServer - ok
23:48:55.0803 8916 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:48:55.0881 8916 LanmanWorkstation - ok
23:48:55.0912 8916 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:48:55.0974 8916 lltdio - ok
23:48:56.0068 8916 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:48:56.0130 8916 lltdsvc - ok
23:48:56.0146 8916 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:48:56.0193 8916 lmhosts - ok
23:48:56.0286 8916 [ 271F79326CD571BD271D45C47148ED78 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:48:56.0318 8916 LMS - ok
23:48:56.0349 8916 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:48:56.0380 8916 LSI_FC - ok
23:48:56.0442 8916 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:48:56.0458 8916 LSI_SAS - ok
23:48:56.0489 8916 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:48:56.0505 8916 LSI_SAS2 - ok
23:48:56.0536 8916 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:48:56.0567 8916 LSI_SCSI - ok
23:48:56.0598 8916 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:48:56.0645 8916 luafv - ok
23:48:56.0723 8916 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:48:56.0801 8916 Mcx2Svc - ok
23:48:56.0817 8916 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:48:56.0848 8916 megasas - ok
23:48:56.0848 8916 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:48:56.0895 8916 MegaSR - ok
23:48:56.0973 8916 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:48:57.0035 8916 MMCSS - ok
23:48:57.0098 8916 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:48:57.0160 8916 Modem - ok
23:48:57.0191 8916 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:48:57.0238 8916 monitor - ok
23:48:57.0300 8916 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
23:48:57.0316 8916 mouclass - ok
23:48:57.0332 8916 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:48:57.0378 8916 mouhid - ok
23:48:57.0425 8916 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:48:57.0456 8916 mountmgr - ok
23:48:57.0488 8916 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:48:57.0519 8916 mpio - ok
23:48:57.0550 8916 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:48:57.0597 8916 mpsdrv - ok
23:48:57.0690 8916 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:48:57.0784 8916 MpsSvc - ok
23:48:57.0815 8916 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:48:57.0862 8916 MRxDAV - ok
23:48:57.0971 8916 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:48:58.0018 8916 mrxsmb - ok
23:48:58.0080 8916 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:48:58.0127 8916 mrxsmb10 - ok
23:48:58.0190 8916 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:48:58.0236 8916 mrxsmb20 - ok
23:48:58.0314 8916 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:48:58.0330 8916 msahci - ok
23:48:58.0361 8916 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:48:58.0392 8916 msdsm - ok
23:48:58.0408 8916 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:48:58.0455 8916 MSDTC - ok
23:48:58.0533 8916 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:48:58.0580 8916 Msfs - ok
23:48:58.0595 8916 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:48:58.0658 8916 mshidkmdf - ok
23:48:58.0689 8916 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:48:58.0704 8916 msisadrv - ok
23:48:58.0736 8916 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:48:58.0814 8916 MSiSCSI - ok
23:48:58.0814 8916 msiserver - ok
23:48:58.0860 8916 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:48:58.0938 8916 MSKSSRV - ok
23:48:58.0970 8916 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:48:59.0016 8916 MSPCLOCK - ok
23:48:59.0063 8916 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:48:59.0126 8916 MSPQM - ok
23:48:59.0235 8916 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:48:59.0250 8916 MsRPC - ok
23:48:59.0313 8916 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:48:59.0328 8916 mssmbios - ok
23:48:59.0344 8916 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:48:59.0406 8916 MSTEE - ok
23:48:59.0438 8916 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:48:59.0453 8916 MTConfig - ok
23:48:59.0484 8916 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:48:59.0500 8916 Mup - ok
23:48:59.0594 8916 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:48:59.0656 8916 napagent - ok
23:48:59.0718 8916 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:48:59.0781 8916 NativeWifiP - ok
23:48:59.0999 8916 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
23:49:00.0046 8916 NAUpdate - ok
23:49:00.0108 8916 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:49:00.0155 8916 NDIS - ok
23:49:00.0202 8916 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:49:00.0264 8916 NdisCap - ok
23:49:00.0280 8916 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:49:00.0358 8916 NdisTapi - ok
23:49:00.0436 8916 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:49:00.0514 8916 Ndisuio - ok
23:49:00.0545 8916 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:49:00.0608 8916 NdisWan - ok
23:49:00.0670 8916 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:49:00.0748 8916 NDProxy - ok
23:49:00.0810 8916 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:49:00.0873 8916 NetBIOS - ok
23:49:00.0951 8916 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:49:01.0013 8916 NetBT - ok
23:49:01.0029 8916 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:49:01.0044 8916 Netlogon - ok
23:49:01.0091 8916 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:49:01.0154 8916 Netman - ok
23:49:01.0200 8916 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:49:01.0263 8916 netprofm - ok
23:49:01.0294 8916 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:49:01.0325 8916 NetTcpPortSharing - ok
23:49:01.0653 8916 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
23:49:01.0840 8916 NETw5s64 - ok
23:49:01.0902 8916 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:49:01.0918 8916 nfrd960 - ok
23:49:02.0043 8916 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:49:02.0090 8916 NlaSvc - ok
23:49:02.0121 8916 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:49:02.0168 8916 Npfs - ok
23:49:02.0230 8916 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:49:02.0292 8916 nsi - ok
23:49:02.0308 8916 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:49:02.0386 8916 nsiproxy - ok
23:49:02.0542 8916 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:49:02.0589 8916 Ntfs - ok
23:49:02.0667 8916 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:49:02.0745 8916 Null - ok
23:49:02.0760 8916 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:49:02.0776 8916 nvraid - ok
23:49:02.0870 8916 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:49:02.0901 8916 nvstor - ok
23:49:02.0963 8916 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:49:02.0979 8916 nv_agp - ok
23:49:03.0041 8916 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:49:03.0072 8916 ohci1394 - ok
23:49:03.0119 8916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:49:03.0166 8916 p2pimsvc - ok
23:49:03.0213 8916 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:49:03.0244 8916 p2psvc - ok
23:49:03.0291 8916 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:49:03.0306 8916 Parport - ok
23:49:03.0338 8916 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:49:03.0369 8916 partmgr - ok
23:49:03.0384 8916 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:49:03.0431 8916 PcaSvc - ok
23:49:03.0556 8916 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:49:03.0572 8916 pci - ok
23:49:03.0603 8916 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:49:03.0618 8916 pciide - ok
23:49:03.0634 8916 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:49:03.0665 8916 pcmcia - ok
23:49:03.0712 8916 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:49:03.0728 8916 pcw - ok
23:49:03.0806 8916 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:49:03.0930 8916 PEAUTH - ok
23:49:04.0071 8916 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:49:04.0133 8916 PeerDistSvc - ok
23:49:04.0289 8916 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:49:04.0320 8916 PerfHost - ok
23:49:04.0430 8916 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:49:04.0508 8916 pla - ok
23:49:04.0570 8916 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:49:04.0586 8916 PlugPlay - ok
23:49:04.0664 8916 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:49:04.0726 8916 PNRPAutoReg - ok
23:49:04.0757 8916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:49:04.0773 8916 PNRPsvc - ok
23:49:04.0898 8916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:49:04.0976 8916 PolicyAgent - ok
23:49:05.0038 8916 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:49:05.0100 8916 Power - ok
23:49:05.0147 8916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:49:05.0210 8916 PptpMiniport - ok
23:49:05.0256 8916 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:49:05.0303 8916 Processor - ok
23:49:05.0350 8916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:49:05.0381 8916 ProfSvc - ok
23:49:05.0412 8916 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:49:05.0428 8916 ProtectedStorage - ok
23:49:05.0490 8916 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:49:05.0537 8916 Psched - ok
23:49:05.0615 8916 [ 595A22C4CCE855E72D475835F3DF2D53 ] pwdrvio C:\Windows\system32\pwdrvio.sys
23:49:05.0646 8916 pwdrvio - ok
23:49:05.0693 8916 [ 70EB529F6FEDAC79D0A8E3BB79999277 ] pwdspio C:\Windows\system32\pwdspio.sys
23:49:05.0709 8916 pwdspio - ok
23:49:05.0771 8916 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:49:05.0818 8916 ql2300 - ok
23:49:05.0880 8916 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:49:05.0896 8916 ql40xx - ok
23:49:05.0943 8916 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:49:05.0990 8916 QWAVE - ok
23:49:06.0021 8916 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:49:06.0068 8916 QWAVEdrv - ok
23:49:06.0161 8916 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
23:49:06.0177 8916 RapiMgr - ok
23:49:06.0192 8916 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:49:06.0255 8916 RasAcd - ok
23:49:06.0317 8916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:49:06.0364 8916 RasAgileVpn - ok
23:49:06.0380 8916 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:49:06.0426 8916 RasAuto - ok
23:49:06.0458 8916 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:49:06.0536 8916 Rasl2tp - ok
23:49:06.0629 8916 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:49:06.0707 8916 RasMan - ok
23:49:06.0754 8916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:49:06.0816 8916 RasPppoe - ok
23:49:06.0848 8916 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:49:06.0910 8916 RasSstp - ok
23:49:06.0972 8916 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:49:07.0019 8916 rdbss - ok
23:49:07.0050 8916 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:49:07.0082 8916 rdpbus - ok
23:49:07.0097 8916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:49:07.0144 8916 RDPCDD - ok
23:49:07.0191 8916 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:49:07.0222 8916 RDPDR - ok
23:49:07.0222 8916 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:49:07.0284 8916 RDPENCDD - ok
23:49:07.0316 8916 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:49:07.0362 8916 RDPREFMP - ok
23:49:07.0425 8916 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:49:07.0472 8916 RDPWD - ok
23:49:07.0534 8916 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:49:07.0550 8916 rdyboost - ok
23:49:07.0596 8916 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:49:07.0674 8916 RemoteAccess - ok
23:49:07.0721 8916 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:49:07.0784 8916 RemoteRegistry - ok
23:49:07.0830 8916 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:49:07.0877 8916 RFCOMM - ok
23:49:07.0955 8916 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
23:49:08.0002 8916 rimmptsk - ok
23:49:08.0018 8916 [ D018844DC53D8428410A2FEEEEE9373E ] rismcx64 C:\Windows\system32\DRIVERS\rismcx64.sys
23:49:08.0049 8916 rismcx64 - ok
23:49:08.0080 8916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:49:08.0142 8916 RpcEptMapper - ok
23:49:08.0189 8916 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:49:08.0205 8916 RpcLocator - ok
23:49:08.0267 8916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:49:08.0314 8916 RpcSs - ok
23:49:08.0361 8916 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:49:08.0423 8916 rspndr - ok
23:49:08.0486 8916 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:49:08.0517 8916 s3cap - ok
23:49:08.0548 8916 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:49:08.0564 8916 SamSs - ok
23:49:08.0579 8916 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:49:08.0610 8916 sbp2port - ok
23:49:08.0673 8916 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:49:08.0735 8916 SCardSvr - ok
23:49:08.0766 8916 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:49:08.0844 8916 scfilter - ok
23:49:09.0047 8916 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:49:09.0110 8916 Schedule - ok
23:49:09.0156 8916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:49:09.0188 8916 SCPolicySvc - ok
23:49:09.0250 8916 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
23:49:09.0312 8916 sdbus - ok
23:49:09.0390 8916 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:49:09.0422 8916 SDRSVC - ok
23:49:09.0468 8916 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:49:09.0546 8916 secdrv - ok
23:49:09.0609 8916 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:49:09.0656 8916 seclogon - ok
23:49:09.0734 8916 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:49:09.0780 8916 SENS - ok
23:49:09.0812 8916 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:49:09.0858 8916 SensrSvc - ok
23:49:09.0905 8916 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:49:09.0921 8916 Serenum - ok
23:49:09.0936 8916 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:49:09.0983 8916 Serial - ok
23:49:10.0061 8916 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:49:10.0077 8916 sermouse - ok
23:49:10.0124 8916 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:49:10.0155 8916 SessionEnv - ok
23:49:10.0217 8916 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:49:10.0264 8916 sffdisk - ok
23:49:10.0280 8916 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:49:10.0326 8916 sffp_mmc - ok
23:49:10.0342 8916 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:49:10.0389 8916 sffp_sd - ok
23:49:10.0451 8916 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:49:10.0498 8916 sfloppy - ok
23:49:10.0545 8916 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:49:10.0623 8916 SharedAccess - ok
23:49:10.0685 8916 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:49:10.0763 8916 ShellHWDetection - ok
23:49:10.0794 8916 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:49:10.0826 8916 SiSRaid2 - ok
23:49:10.0841 8916 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:49:10.0872 8916 SiSRaid4 - ok
23:49:11.0278 8916 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:49:11.0340 8916 Skype C2C Service - ok
23:49:11.0434 8916 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:49:11.0528 8916 SkypeUpdate - ok
23:49:11.0590 8916 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:49:11.0652 8916 Smb - ok
23:49:11.0715 8916 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:49:11.0762 8916 SNMPTRAP - ok
23:49:11.0855 8916 [ 84E347359A28E9E544FF169FBDEA5F59 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
23:49:11.0902 8916 SNP2UVC - ok
23:49:11.0933 8916 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:49:11.0949 8916 spldr - ok
23:49:12.0011 8916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:49:12.0042 8916 Spooler - ok
23:49:12.0198 8916 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:49:12.0292 8916 sppsvc - ok
23:49:12.0386 8916 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:49:12.0432 8916 sppuinotify - ok
23:49:12.0510 8916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:49:12.0557 8916 srv - ok
23:49:12.0666 8916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:49:12.0698 8916 srv2 - ok
23:49:12.0744 8916 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:49:12.0791 8916 srvnet - ok
23:49:12.0854 8916 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
23:49:12.0900 8916 ssadbus - ok
23:49:12.0978 8916 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
23:49:13.0025 8916 ssadmdfl - ok
23:49:13.0088 8916 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
23:49:13.0134 8916 ssadmdm - ok
23:49:13.0212 8916 [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
23:49:13.0228 8916 sscdbus - ok
23:49:13.0275 8916 [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
23:49:13.0290 8916 sscdmdfl - ok
23:49:13.0306 8916 [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
23:49:13.0337 8916 sscdmdm - ok
23:49:13.0384 8916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:49:13.0446 8916 SSDPSRV - ok
23:49:13.0493 8916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:49:13.0524 8916 SstpSvc - ok
23:49:13.0712 8916 [ F8807AAF697E1D20C9D7716A4941E574 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
23:49:13.0743 8916 STacSV - ok
23:49:13.0774 8916 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:49:13.0790 8916 stexstor - ok
23:49:13.0868 8916 [ 96DF19A03D37F8568141612D31F0D035 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
23:49:13.0914 8916 STHDA - ok
23:49:13.0992 8916 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:49:14.0024 8916 stisvc - ok
23:49:14.0086 8916 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:49:14.0117 8916 storflt - ok
23:49:14.0195 8916 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
23:49:14.0211 8916 StorSvc - ok
23:49:14.0273 8916 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:49:14.0289 8916 storvsc - ok
23:49:14.0336 8916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:49:14.0351 8916 swenum - ok
23:49:14.0398 8916 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:49:14.0476 8916 swprv - ok
23:49:14.0585 8916 [ D268D2A0DB2A2BBE963E688D0B039267 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:49:14.0616 8916 SynTP - ok
23:49:14.0710 8916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:49:14.0757 8916 SysMain - ok
23:49:14.0788 8916 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:49:14.0835 8916 TabletInputService - ok
23:49:14.0897 8916 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:49:14.0960 8916 TapiSrv - ok
23:49:14.0991 8916 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:49:15.0053 8916 TBS - ok
23:49:15.0178 8916 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:49:15.0240 8916 Tcpip - ok
23:49:15.0272 8916 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:49:15.0303 8916 TCPIP6 - ok
23:49:15.0365 8916 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:49:15.0412 8916 tcpipreg - ok
23:49:15.0459 8916 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:49:15.0506 8916 TDPIPE - ok
23:49:15.0537 8916 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:49:15.0568 8916 TDTCP - ok
23:49:15.0630 8916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:49:15.0708 8916 tdx - ok
23:49:15.0958 8916 [ 8A9828975A857E477EFEF5A61BA45AC0 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
23:49:16.0223 8916 TeamViewer6 - ok
23:49:16.0301 8916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:49:16.0317 8916 TermDD - ok
23:49:16.0379 8916 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:49:16.0457 8916 TermService - ok
23:49:16.0504 8916 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:49:16.0535 8916 Themes - ok
23:49:16.0566 8916 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:49:16.0598 8916 THREADORDER - ok
23:49:16.0644 8916 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
23:49:16.0691 8916 TPM - ok
23:49:16.0722 8916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:49:16.0785 8916 TrkWks - ok
23:49:16.0894 8916 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:49:16.0941 8916 TrustedInstaller - ok
23:49:16.0988 8916 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:49:17.0034 8916 tssecsrv - ok
23:49:17.0097 8916 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:49:17.0112 8916 TsUsbFlt - ok
23:49:17.0159 8916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:49:17.0206 8916 tunnel - ok
23:49:17.0253 8916 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:49:17.0268 8916 uagp35 - ok
23:49:17.0331 8916 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:49:17.0378 8916 udfs - ok
23:49:17.0424 8916 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:49:17.0440 8916 UI0Detect - ok
23:49:17.0471 8916 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:49:17.0487 8916 uliagpkx - ok
23:49:17.0549 8916 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
23:49:17.0580 8916 umbus - ok
23:49:17.0596 8916 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:49:17.0612 8916 UmPass - ok
23:49:17.0705 8916 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
23:49:17.0752 8916 UmRdpService - ok
23:49:17.0970 8916 [ 5713E039C0622F40347735CBA460B8FC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:49:18.0017 8916 UNS - ok
23:49:18.0064 8916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:49:18.0111 8916 upnphost - ok
23:49:18.0189 8916 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:49:18.0236 8916 usbccgp - ok
23:49:18.0314 8916 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:49:18.0329 8916 usbcir - ok
23:49:18.0392 8916 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:49:18.0438 8916 usbehci - ok
23:49:18.0470 8916 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:49:18.0516 8916 usbhub - ok
23:49:18.0532 8916 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:49:18.0563 8916 usbohci - ok
23:49:18.0594 8916 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:49:18.0641 8916 usbprint - ok
23:49:18.0672 8916 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:49:18.0704 8916 USBSTOR - ok
23:49:18.0750 8916 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:49:18.0813 8916 usbuhci - ok
23:49:18.0860 8916 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:49:18.0906 8916 usbvideo - ok
23:49:18.0984 8916 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
23:49:19.0000 8916 usb_rndisx - ok
23:49:19.0047 8916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:49:19.0125 8916 UxSms - ok
23:49:19.0140 8916 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:49:19.0156 8916 VaultSvc - ok
23:49:19.0250 8916 [ 790F7F11D4CF4E9B9E3AD7A181092E4B ] vcsFPService C:\Windows\system32\vcsFPService.exe
23:49:19.0296 8916 vcsFPService - ok
23:49:19.0312 8916 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:49:19.0343 8916 vdrvroot - ok
23:49:19.0374 8916 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:49:19.0452 8916 vds - ok
23:49:19.0499 8916 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:49:19.0530 8916 vga - ok
23:49:19.0562 8916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:49:19.0640 8916 VgaSave - ok
23:49:19.0702 8916 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:49:19.0718 8916 vhdmp - ok
23:49:19.0764 8916 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:49:19.0780 8916 viaide - ok
23:49:19.0889 8916 [ F307DA7E96BC760B4628E204E234DCD0 ] Virtual Router C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
23:49:19.0920 8916 Virtual Router ( UnsignedFile.Multi.Generic ) - warning
23:49:19.0920 8916 Virtual Router - detected UnsignedFile.Multi.Generic (1)
23:49:19.0967 8916 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:49:19.0998 8916 vmbus - ok
23:49:20.0014 8916 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:49:20.0045 8916 VMBusHID - ok
23:49:20.0061 8916 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:49:20.0092 8916 volmgr - ok
23:49:20.0154 8916 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:49:20.0186 8916 volmgrx - ok
23:49:20.0232 8916 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:49:20.0248 8916 volsnap - ok
23:49:20.0310 8916 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:49:20.0326 8916 vsmraid - ok
23:49:20.0466 8916 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:49:20.0513 8916 VSS - ok
23:49:20.0544 8916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:49:20.0591 8916 vwifibus - ok
23:49:20.0654 8916 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:49:20.0700 8916 vwififlt - ok
23:49:20.0716 8916 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:49:20.0747 8916 vwifimp - ok
23:49:20.0825 8916 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:49:20.0919 8916 W32Time - ok
23:49:20.0950 8916 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:49:20.0997 8916 WacomPen - ok
23:49:21.0044 8916 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:49:21.0106 8916 WANARP - ok
23:49:21.0106 8916 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:49:21.0137 8916 Wanarpv6 - ok
23:49:21.0231 8916 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:49:21.0262 8916 WatAdminSvc - ok
23:49:21.0356 8916 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:49:21.0402 8916 wbengine - ok
23:49:21.0449 8916 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:49:21.0465 8916 WbioSrvc - ok
23:49:21.0512 8916 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
23:49:21.0543 8916 WcesComm - ok
23:49:21.0621 8916 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:49:21.0683 8916 wcncsvc - ok
23:49:21.0699 8916 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:49:21.0714 8916 WcsPlugInService - ok
23:49:21.0761 8916 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:49:21.0777 8916 Wd - ok
23:49:21.0824 8916 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:49:21.0870 8916 Wdf01000 - ok
23:49:21.0886 8916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:49:21.0933 8916 WdiServiceHost - ok
23:49:21.0933 8916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:49:21.0964 8916 WdiSystemHost - ok
23:49:22.0026 8916 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:49:22.0089 8916 WebClient - ok
23:49:22.0136 8916 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:49:22.0182 8916 Wecsvc - ok
23:49:22.0198 8916 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:49:22.0245 8916 wercplsupport - ok
23:49:22.0276 8916 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:49:22.0323 8916 WerSvc - ok
23:49:22.0370 8916 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:49:22.0416 8916 WfpLwf - ok
23:49:22.0448 8916 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:49:22.0463 8916 WIMMount - ok
23:49:22.0479 8916 WinDefend - ok
23:49:22.0494 8916 WinHttpAutoProxySvc - ok
23:49:22.0604 8916 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:49:22.0635 8916 Winmgmt - ok
23:49:22.0775 8916 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:49:22.0884 8916 WinRM - ok
23:49:22.0978 8916 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
23:49:23.0025 8916 WinUSB - ok
23:49:23.0118 8916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:49:23.0165 8916 Wlansvc - ok
23:49:23.0352 8916 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:49:23.0399 8916 wlidsvc - ok
23:49:23.0446 8916 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:49:23.0493 8916 WmiAcpi - ok
23:49:23.0540 8916 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:49:23.0586 8916 wmiApSrv - ok
23:49:23.0602 8916 WMPNetworkSvc - ok
23:49:23.0664 8916 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:49:23.0680 8916 WPCSvc - ok
23:49:23.0742 8916 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:49:23.0774 8916 WPDBusEnum - ok
23:49:23.0820 8916 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:49:23.0883 8916 ws2ifsl - ok
23:49:23.0914 8916 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:49:23.0945 8916 wscsvc - ok
23:49:23.0945 8916 WSearch - ok
23:49:24.0070 8916 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:49:24.0117 8916 wuauserv - ok
23:49:24.0164 8916 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:49:24.0210 8916 WudfPf - ok
23:49:24.0242 8916 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:49:24.0288 8916 WUDFRd - ok
23:49:24.0335 8916 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:49:24.0382 8916 wudfsvc - ok
23:49:24.0444 8916 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
23:49:24.0476 8916 WwanSvc - ok
23:49:24.0538 8916 ================ Scan global ===============================
23:49:24.0585 8916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:49:24.0647 8916 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
23:49:24.0663 8916 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
23:49:24.0710 8916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:49:24.0772 8916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:49:24.0772 8916 [Global] - ok
23:49:24.0772 8916 ================ Scan MBR ==================================
23:49:24.0788 8916 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:49:25.0973 8916 \Device\Harddisk0\DR0 - ok
23:49:25.0973 8916 ================ Scan VBR ==================================
23:49:26.0020 8916 [ 91F09E63C5375CE3CF76720448E06897 ] \Device\Harddisk0\DR0\Partition1
23:49:26.0020 8916 \Device\Harddisk0\DR0\Partition1 - ok
23:49:26.0036 8916 [ CB2EA9CBFBD2D41E4709828F52D78216 ] \Device\Harddisk0\DR0\Partition2
23:49:26.0036 8916 \Device\Harddisk0\DR0\Partition2 - ok
23:49:26.0036 8916 [ 97E48506144BA99ECED03A621400C012 ] \Device\Harddisk0\DR0\Partition3
23:49:26.0036 8916 \Device\Harddisk0\DR0\Partition3 - ok
23:49:26.0036 8916 ============================================================
23:49:26.0036 8916 Scan finished
23:49:26.0036 8916 ============================================================
23:49:26.0051 3668 Detected object count: 2
23:49:26.0051 3668 Actual detected object count: 2
23:49:49.0616 3668 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:49:49.0616 3668 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:49:49.0616 3668 Virtual Router ( UnsignedFile.Multi.Generic ) - skipped by user
23:49:49.0616 3668 Virtual Router ( UnsignedFile.Multi.Generic ) - User select action: Skip

Mir ist gerade noch was aufgefallen.
Wenn ich eine suche starte bei youtube und fange an die "suchergebnisse" zu markieren sieht es so aus.



und?
was meinst du?
Ich habe kis2013 mal durchlaufen lassen. es wurden 4-5 trojaner erkannt die teils gelöscht und teils desinfiziert wurden.
Problem besteht aber weiterhin und jetzt reagiert der Laptop auch noch träger als vorher...

Geändert von cic55 (16.02.2013 um 00:03 Uhr)

Alt 17.02.2013, 17:24   #8
markusg
/// Malware-holic
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



hi
und was wurde gelöscht, wie soll ich mit solch ungenauen Angaben arbeiten, poste bitte alle Meldungen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.02.2013, 21:46   #9
cic55
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



Hallo. Sorry. hier mal ein Bild mit den gefundenen trojanern.
Naja das mit so träge funktionieren stimmt nicht ganz.
Wenn ich jetzt ein video mir anschaue macht es kein spass mehr. es stockt immer wieder ohne grund.
Laptop ist auf gar kein fall ausgelastet. Es ist ja ein I7 prozessor mit 8GB Ram und gestocjt hat es bei videos noch nie ausser volle HD auflösung mal.



Geändert von cic55 (17.02.2013 um 22:19 Uhr)

Alt 18.02.2013, 15:01   #10
markusg
/// Malware-holic
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



bitte meldungen als text posten, danke (mit Pfadangaben)
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 00:52   #11
cic55
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



Wie soll ich das denn machen? gibt es eine datei wo man das als text dokument abgespeichert wurde im kis2013?

Alt 19.02.2013, 12:58   #12
markusg
/// Malware-holic
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



nutze kein Kis, einfach mal durchklicken, da ists dann zu finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.02.2013, 22:46   #13
cic55
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



Zitat:
Typ: trojanisches Programm (6)
HEUR:Trojan.Script.Iframer Inaktiv 16.02.2013 18:40:02 Crazy BMW crash on the Nurburgring!! (VIDEO) - Daily News World
Trojan-Dropper.Win32.Injector.fbii Gelöscht 16.02.2013 12:30:30 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\45091238-00002064.eml//Einzelheiten.zip// Einzug 07.06.2012 .com
Trojan.Win32.Yakes.bbet Gelöscht 16.02.2013 12:30:27 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\45091238-000026AD.eml//MAHNUNG Nr1104657.zip//Mahngebühren nach Vertrag 27.09.2012.zip// Mahngebühren nach Vertrag 27.09.2012.com
Trojan.Win32.Yakes.bbet Gelöscht 16.02.2013 12:29:06 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\3E121A49-000026BB.eml//Bescheid ID2198582.zip//Mahngebühren nach Vertrag 27.09.2012.zip// Mahngebühren nach Vertrag 27.09.2012.com
Trojan-Dropper.Win32.Injector.fbii Gelöscht 16.02.2013 12:28:53 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\39B32D12-0000205E.eml//Einzelheiten.zip// Einzug 07.06.2012 .com
Trojan-Dropper.Win32.Dorifel.vmc Gelöscht 16.02.2013 12:24:33 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\00294823-0000288C.eml//BritishAirways-eticket.zip// BritishAirways-eticket.pdf.exe
Typ: Unbekannt (5)
45091238-00002064.eml Desinfiziert 16.02.2013 12:30:30 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\ 45091238-00002064.eml
45091238-000026AD.eml Desinfiziert 16.02.2013 12:30:27 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\ 45091238-000026AD.eml
3E121A49-000026BB.eml Desinfiziert 16.02.2013 12:29:06 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\ 3E121A49-000026BB.eml
39B32D12-0000205E.eml Desinfiziert 16.02.2013 12:28:53 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\ 39B32D12-0000205E.eml
00294823-0000288C.eml Desinfiziert 16.02.2013 12:24:33 C:\Documents and Settings\Cihan\AppData\Local\Microsoft\Windows Live Mail\T-online (c 2d7\Inbox\ 00294823-0000288C.eml
Hier die gewünschten daten

Alt 19.02.2013, 23:43   #14
markusg
/// Malware-holic
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



sehr gut
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.02.2013, 01:01   #15
cic55
 
Youtube suche mit Chrome funktioniert nicht. - Standard

Youtube suche mit Chrome funktioniert nicht.



hier die log datei bevor ich mein laptop neu starte.
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-18.02 - Cihan 20.02.2013   0:15.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.5935.3692 [GMT 1:00]
ausgeführt von:: c:\users\Cihan\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-19 bis 2013-02-19  ))))))))))))))))))))))))))))))
.
.
2013-02-19 23:29 . 2013-02-19 23:29	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-19 22:27 . 2009-12-03 05:00	430080	----a-w-	c:\windows\system32\wibuKJni64.dll
2013-02-19 22:27 . 2009-12-03 05:00	418304	----a-w-	c:\windows\system32\WkExt64.dll
2013-02-19 22:27 . 2009-12-03 05:00	344576	----a-w-	c:\windows\SysWow64\wibuKJni.dll
2013-02-19 22:27 . 2009-12-03 05:00	333824	----a-w-	c:\windows\SysWow64\WkExt32.dll
2013-02-19 22:27 . 2009-12-03 05:00	22528	----a-w-	c:\windows\SysWow64\WkWin32.lde
2013-02-19 22:27 . 2009-12-03 05:00	22528	----a-w-	c:\windows\system32\WkWin64.lde
2013-02-19 22:27 . 2009-10-21 08:00	451584	----a-w-	c:\windows\system32\WibuXpm4J64.dll
2013-02-19 22:27 . 2009-10-21 08:00	356352	----a-w-	c:\windows\SysWow64\WibuXpm4J32.dll
2013-02-19 22:26 . 2009-08-07 07:59	16896	----a-w-	c:\windows\system32\drivers\Wibukey2_64.sys
2013-02-19 22:26 . 2009-12-03 05:00	169984	----a-w-	c:\windows\system32\WkWin64.dll
2013-02-19 22:26 . 2009-12-03 05:00	150528	----a-w-	c:\windows\SysWow64\WkWin32.dll
2013-02-19 22:26 . 2009-12-03 05:00	103224	----a-w-	c:\windows\system32\drivers\WibuKey64.sys
2013-02-19 22:26 . 2013-02-19 22:26	--------	d-----w-	c:\program files\WIBU-SYSTEMS
2013-02-19 22:26 . 2013-02-19 22:26	--------	d-----w-	c:\program files (x86)\WIBUKEY
2013-02-19 22:26 . 2013-02-19 22:26	--------	d-----w-	c:\program files (x86)\WIBU-SYSTEMS
2013-02-19 22:25 . 2013-02-19 22:25	--------	d-----w-	c:\program files (x86)\N.V. ADS
2013-02-19 21:54 . 2013-01-08 05:32	9161176	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4136BF11-F889-4AFA-BB4C-EA95AB4E37CF}\mpengine.dll
2013-02-18 23:45 . 2013-02-18 23:45	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2013-02-16 02:02 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-16 02:02 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-15 22:34 . 2012-07-11 16:09	64856	----a-w-	c:\windows\system32\klfphc.dll
2013-02-15 22:33 . 2013-02-15 22:33	--------	d-----w-	c:\windows\ELAMBKUP
2013-02-14 21:19 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-14 21:19 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-14 21:19 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-14 21:19 . 2013-01-04 03:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-02-14 21:18 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-14 21:18 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-14 21:18 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-14 21:18 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-14 21:18 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-02-14 21:18 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-14 21:18 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-14 21:18 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-16 02:12 . 2011-02-14 16:36	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-02-15 23:16 . 2012-10-25 11:42	613720	----a-w-	c:\windows\system32\drivers\klif.sys
2013-02-15 23:16 . 2012-06-08 10:38	54104	----a-w-	c:\windows\system32\drivers\kltdi.sys
2013-02-15 22:45 . 2012-04-17 01:53	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-15 22:45 . 2011-10-15 02:07	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-17 00:28 . 2011-02-10 00:47	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-04 04:43 . 2013-02-14 21:18	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-24 14:05	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-24 14:05	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-24 14:05	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-24 14:05	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 07:33	441856	----a-w-	c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 07:33	2746368	----a-w-	c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 07:33	308736	----a-w-	c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 07:33	2576384	----a-w-	c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 07:33	30720	----a-w-	c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 07:33	43520	----a-w-	c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 07:33	23552	----a-w-	c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 07:33	45568	----a-w-	c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 07:33	44544	----a-w-	c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 07:33	20480	----a-w-	c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 07:33	20480	----a-w-	c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 07:33	20480	----a-w-	c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 07:33	46592	----a-w-	c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 07:33	40960	----a-w-	c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 07:33	21504	----a-w-	c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 07:33	15360	----a-w-	c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 07:33	55296	----a-w-	c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 07:33	51712	----a-w-	c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 07:33	43520	----a-w-	c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 07:33	30720	----a-w-	c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 07:33	45568	----a-w-	c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 07:33	44544	----a-w-	c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 07:33	20480	----a-w-	c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 07:33	23552	----a-w-	c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 07:33	20480	----a-w-	c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 07:33	46592	----a-w-	c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 07:33	20480	----a-w-	c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 07:33	21504	----a-w-	c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 07:33	40960	----a-w-	c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 07:33	15360	----a-w-	c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 07:33	51712	----a-w-	c:\windows\SysWow64\esrb.rs
2012-12-07 10:46 . 2013-01-09 07:33	55296	----a-w-	c:\windows\SysWow64\cero.rs
2012-11-30 05:45 . 2013-01-09 07:33	362496	----a-w-	c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 07:33	243200	----a-w-	c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 07:33	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2012-11-30 05:43 . 2013-01-09 07:33	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 07:33	424448	----a-w-	c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 07:33	1161216	----a-w-	c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 07:33	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:53 . 2013-01-09 07:33	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 07:33	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 07:33	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Facebook Update"="c:\users\Cihan\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-07 17706088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-03-03 111640]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2012-10-25 593784]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2013-02-15 356376]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]
Netzwerk Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2013-2-19 5724472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R1 Ext2Fsd;Linux ext2 file system driver; [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-07 161384]
R2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-09-02 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-09-02 13280]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-06 1255736]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-21 254528]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2013-02-15 54104]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-01 89600]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-10-25 71032]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-10-25 384888]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-08-23 103992]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-12-29 2019120]
S2 Virtual Router;VirtualRouterService;c:\program files (x86)\Virtual Router\VirtualRouterService.exe [2009-11-18 12288]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 35104]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-08-31 317440]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-10-25 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-10-25 29528]
S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
S3 rismcx64;RICOH Smart Card Reader;c:\windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WIBUKEY
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 22:45]
.
2013-02-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3929057395-2147905070-1016382134-1000Core.job
- c:\users\Cihan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-13 07:46]
.
2013-02-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3929057395-2147905070-1016382134-1000UA.job
- c:\users\Cihan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-13 07:46]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15 00:35]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-15 00:35]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3929057395-2147905070-1016382134-1000Core.job
- c:\users\Cihan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-10 00:35]
.
2013-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3929057395-2147905070-1016382134-1000UA.job
- c:\users\Cihan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-10 00:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2010-01-08 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-04 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-04 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-04 417304]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-08-23 1691192]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-07 489472]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.facebook.com/?ref=hp
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:8888; https=127.0.0.1:8888
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: Interfaces\{0C7F3E6F-E5D7-49E0-A41E-DCB0913B7B82}: NameServer = 198.153.194.1,198.153.192.1
TCP: Interfaces\{0FF2DEC9-E2B5-4137-8096-8B7B919AF919}: NameServer = 192.168.1.1
TCP: Interfaces\{36E6DF71-7F5F-4E4E-823D-E409566366D5}: NameServer = 198.153.194.1,198.153.192.1
TCP: Interfaces\{98D91A74-DDD7-45A4-AD0F-DABBF4C524F1}: NameServer = 198.153.194.1,198.153.192.1
TCP: Interfaces\{A56AC4DD-82CE-4F95-B912-EA0BF6EF3B5A}: NameServer = 198.153.194.1,198.153.192.1
TCP: Interfaces\{AC70E012-8A3F-474B-B54D-C7986015F9E5}: NameServer = 198.153.194.1,198.153.192.1
TCP: Interfaces\{B8174EEB-4193-4038-8650-93148FE525A9}: NameServer = 192.168.2.1
TCP: Interfaces\{E60FFC6F-7C89-40FF-87B2-85A610E6E103}: NameServer = 198.153.194.1,198.153.192.1
TCP: Interfaces\{F4581EC6-DE52-4275-BBE1-62D1C126BAD3}: NameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3929057395-2147905070-1016382134-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-3929057395-2147905070-1016382134-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3929057395-2147905070-1016382134-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-3929057395-2147905070-1016382134-1000)
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-20  00:58:25
ComboFix-quarantined-files.txt  2013-02-19 23:58
.
Vor Suchlauf: 9.705.902.080 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 19.159.842.816 Bytes frei
.
- - End Of File - - 02C826011C0181A5E9BFEDC4F75921FA
         
--- --- ---


So laptop ist neu gestartet aber all das brachte kein erfolg beim problem.
Youtube suchergebnisse immer noch versteckt sage ich mal.

Antwort

Themen zu Youtube suche mit Chrome funktioniert nicht.
antworten, chrome, downloader, funktionier, funktioniert, funktioniert nicht, inter, interne, kaspersky, klicke, klicken, loader, seite, suche, suchergebnisse, tagen, video, videos, web, worte, youtube




Ähnliche Themen: Youtube suche mit Chrome funktioniert nicht.


  1. Youtube Videos per virustotal.com url Suche üperprüfen lassen
    Plagegeister aller Art und deren Bekämpfung - 06.08.2014 (4)
  2. (save , on) Links im Internet & Chrome funktioniert nicht richtig
    Log-Analyse und Auswertung - 01.08.2014 (33)
  3. Windows 8 - Sound funktioniert nicht richtig/Youtube(andere Musikmöglichkeiten) funktionieren auch nicht!
    Log-Analyse und Auswertung - 17.07.2014 (9)
  4. Windows 8: Das Öffnen von Werbungen mit Google/YouTube-Suche
    Log-Analyse und Auswertung - 09.07.2014 (17)
  5. kurz nach google chrome start funktioniert Internetverbindung teilweise nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 18.02.2014 (6)
  6. trotz flash player update funktioniert youtube etc nicht
    Log-Analyse und Auswertung - 15.01.2014 (2)
  7. Google Suche funktioniert nicht werde andauernd auf Ihavenet.com weitergeleitet!
    Plagegeister aller Art und deren Bekämpfung - 22.10.2013 (3)
  8. Internet funktioniert nach Youtube Videos nicht mehr.
    Alles rund um Windows - 18.10.2013 (0)
  9. Startseite lässt sich nicht ändern und Google Suche funktioniert nicht
    Log-Analyse und Auswertung - 18.07.2013 (22)
  10. Google Suche funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (16)
  11. Ask-Suche nicht löschbar+Windows Defender funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 22.03.2013 (1)
  12. Chrome Aktualisierung funktioniert nicht, Ghost weg
    Antiviren-, Firewall- und andere Schutzprogramme - 01.10.2012 (1)
  13. iPhone gewonnen,Pop Ups erscheinen,Chrome funktioniert nicht mehr und werde immer weitergeleitet :(
    Plagegeister aller Art und deren Bekämpfung - 11.07.2011 (1)
  14. YouTube funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 28.02.2011 (1)
  15. Combofix ausgeführt, weil mein Google Chrome nicht mehr funktioniert hat
    Log-Analyse und Auswertung - 26.09.2010 (1)
  16. Mozilla und Google Chrome starten nicht, dafür Fehlermeldung und Inet Explorer Suche
    Plagegeister aller Art und deren Bekämpfung - 15.12.2009 (7)
  17. Youtube funktioniert nicht
    Log-Analyse und Auswertung - 23.03.2009 (0)

Zum Thema Youtube suche mit Chrome funktioniert nicht. - Hallo Forumsgemeinde. Habe ein problem. Seit einigen tagen funktioniert meine suche bei Youtube nicht mehr. Mit dem IE funktioniert es. Egal was ich suche es kommt kein suchergebnis. Es kommt - Youtube suche mit Chrome funktioniert nicht....
Archiv
Du betrachtest: Youtube suche mit Chrome funktioniert nicht. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.