| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne ErfolgWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.03.2013, 22:55
| #1 |
 |  PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Hi, jetzt hat es auch meinen Rechner irgendwie erwischt: Problematik - seit einigen Tagen ist der Rechner extrem langsam, Malware hat heute 2 Funde gehabt - nichts gelöscht. Weiteres Problem - habe Avira Free drauf - bisher keine Probleme - seit dem letzten automatischen update schliesst sich der Schirm ständig und dann kommt noch die Meldung der Browserschutz hat sich deaktiviert. Noch ein Prolem - automatische Windows updates - das Silverlight Update geht nicht - sagt immer konnte nicht installiert werden. Kann mir bitte jemand helfen - will den Rechner nicht einfach nur platt machen. Logfile von malware: Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.03.22.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Manu´s :: MANU´S-PC [Administrator] 22.03.2013 20:08:41 MBAM-log-2013-03-22 (22-06-43).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|O:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 491098 Laufzeit: 1 Stunde(n), 19 Minute(n), 19 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Program Files\Join Air\EXETimer.exe (Trojan.Passwords.LD) -> Keine Aktion durchgeführt. C:\Windows\System32\SupportAppCB\EXETimer.exe (Trojan.Passwords.LD) -> Keine Aktion durchgeführt. (Ende) |
|
23.03.2013, 10:19
| #2 |
| /// TB-Ausbilder  | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich.  Bitte Lesen: Regeln für die Bereinigung Damit die Bereinigung funktioniert bitte ich dich, die folgenden Punkte aufmerksam zu lesen:
Gelesen und verstanden? Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:Schritt 2: Scan mit aswMBR
Schritt 3: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.
Schritt 4: Scan mit DDS+ (mit attach) Downloade dir bitte DDS (von sUBs) und speichere die Datei auf deinem Desktop.
__________________ |
|
25.03.2013, 13:59
| #3 |
| /// TB-Ausbilder | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Fehlende Rückmeldung
__________________Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Keine Logfiles einsenden, nur kurzer Hinweis. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________ |
|
26.03.2013, 18:55
| #4 |
| /// TB-Ausbilder | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Gut hier bitte dann deine Logfiles.
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
26.03.2013, 20:51
| #5 |
| | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Guten Abend Ryder, Inet geht endlich wieder. Hier nun die Logfiles: Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:02 on 26/03/2013 (Manu´s)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-26 20:03:11
-----------------------------
20:03:11.238 OS Version: Windows 6.1.7601 Service Pack 1
20:03:11.238 Number of processors: 2 586 0x170A
20:03:11.238 ComputerName: MANU´S-PC UserName: Manu´s
20:03:12.564 Initialize success
20:07:43.637 AVAST engine defs: 13032600
20:07:56.507 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:07:56.507 Disk 0 Vendor: SAMSUNG_HM500JI 2AC101C4 Size: 476940MB BusType: 11
20:07:56.663 Disk 0 MBR read successfully
20:07:56.678 Disk 0 MBR scan
20:07:56.788 Disk 0 Windows 7 default MBR code
20:07:56.788 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 20002 MB offset 63
20:07:56.819 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 188934 MB offset 40965750
20:07:56.850 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 268000 MB offset 427905024
20:07:56.866 Disk 0 scanning sectors +976769024
20:07:56.959 Disk 0 scanning C:\Windows\system32\drivers
20:08:12.077 Service scanning
20:08:48.988 Modules scanning
20:08:58.941 Disk 0 trace - called modules:
20:08:58.972 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
20:08:58.988 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8694d490]
20:08:59.004 3 CLASSPNP.SYS[8bc5f59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86865030]
20:08:59.784 AVAST engine scan C:\Windows
20:09:03.481 AVAST engine scan C:\Windows\system32
20:15:59.131 AVAST engine scan C:\Windows\system32\drivers
20:16:30.597 AVAST engine scan C:\Users\Manu´s
20:33:34.988 AVAST engine scan C:\ProgramData
20:36:21.740 Scan finished successfully
20:38:51.515 Disk 0 MBR has been saved successfully to "C:\Users\Manu´s\Desktop\Virenbehebung\MBR.dat"
20:38:51.515 The log file has been saved successfully to "C:\Users\Manu´s\Desktop\Virenbehebung\aswMBR.txt"
Code:
ATTFilter 20:39:17.0477 1372 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:39:19.0505 1372 ============================================================
20:39:19.0505 1372 Current date / time: 2013/03/26 20:39:19.0505
20:39:19.0505 1372 SystemInfo:
20:39:19.0505 1372
20:39:19.0505 1372 OS Version: 6.1.7601 ServicePack: 1.0
20:39:19.0505 1372 Product type: Workstation
20:39:19.0505 1372 ComputerName: MANU´S-PC
20:39:19.0505 1372 UserName: Manu´s
20:39:19.0505 1372 Windows directory: C:\Windows
20:39:19.0505 1372 System windows directory: C:\Windows
20:39:19.0505 1372 Processor architecture: Intel x86
20:39:19.0505 1372 Number of processors: 2
20:39:19.0505 1372 Page size: 0x1000
20:39:19.0505 1372 Boot type: Normal boot
20:39:19.0505 1372 ============================================================
20:39:49.0523 1372 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:39:49.0569 1372 Drive \Device\Harddisk1\DR9 - Size: 0x3BC000000 (14.94 Gb), SectorSize: 0x200, Cylinders: 0x79D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:39:49.0569 1372 ============================================================
20:39:49.0569 1372 \Device\Harddisk0\DR0:
20:39:49.0569 1372 MBR partitions:
20:39:49.0569 1372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x1710322D
20:39:49.0569 1372 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x19815000, BlocksNum 0x20B70000
20:39:49.0569 1372 \Device\Harddisk1\DR9:
20:39:49.0569 1372 MBR partitions:
20:39:49.0569 1372 \Device\Harddisk1\DR9\Partition1: MBR, Type 0xC, StartLBA 0x8B0, BlocksNum 0x1DDF750
20:39:49.0569 1372 ============================================================
20:39:49.0616 1372 C: <-> \Device\Harddisk0\DR0\Partition1
20:39:49.0647 1372 O: <-> \Device\Harddisk0\DR0\Partition2
20:39:49.0663 1372 ============================================================
20:39:49.0663 1372 Initialize success
20:39:49.0663 1372 ============================================================
20:40:09.0943 3676 ============================================================
20:40:09.0943 3676 Scan started
20:40:09.0943 3676 Mode: Manual; TDLFS;
20:40:09.0943 3676 ============================================================
20:40:11.0675 3676 ================ Scan system memory ========================
20:40:11.0675 3676 System memory - ok
20:40:11.0675 3676 ================ Scan services =============================
20:40:11.0831 3676 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:40:11.0846 3676 1394ohci - ok
20:40:11.0877 3676 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:40:11.0893 3676 ACPI - ok
20:40:11.0940 3676 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:40:11.0940 3676 AcpiPmi - ok
20:40:12.0096 3676 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:40:12.0158 3676 AdobeARMservice - ok
20:40:12.0267 3676 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:40:12.0267 3676 AdobeFlashPlayerUpdateSvc - ok
20:40:12.0314 3676 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:40:12.0330 3676 adp94xx - ok
20:40:12.0377 3676 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:40:12.0377 3676 adpahci - ok
20:40:12.0392 3676 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:40:12.0408 3676 adpu320 - ok
20:40:12.0439 3676 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:40:12.0455 3676 AeLookupSvc - ok
20:40:12.0501 3676 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:40:12.0501 3676 AFD - ok
20:40:12.0548 3676 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
20:40:12.0564 3676 AgereSoftModem - ok
20:40:12.0595 3676 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:40:12.0595 3676 agp440 - ok
20:40:12.0626 3676 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:40:12.0642 3676 aic78xx - ok
20:40:12.0673 3676 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:40:12.0782 3676 ALG - ok
20:40:12.0798 3676 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:40:12.0798 3676 aliide - ok
20:40:12.0829 3676 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:40:12.0829 3676 amdagp - ok
20:40:12.0845 3676 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:40:12.0845 3676 amdide - ok
20:40:12.0891 3676 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:40:12.0891 3676 AmdK8 - ok
20:40:12.0907 3676 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:40:12.0907 3676 AmdPPM - ok
20:40:12.0954 3676 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:40:12.0954 3676 amdsata - ok
20:40:12.0969 3676 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:40:12.0985 3676 amdsbs - ok
20:40:13.0001 3676 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:40:13.0001 3676 amdxata - ok
20:40:13.0063 3676 [ 64F24088DBB1D68EE9963F66F8EB68CF ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
20:40:13.0079 3676 AnyDVD - ok
20:40:13.0110 3676 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:40:13.0110 3676 AppID - ok
20:40:13.0157 3676 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:40:13.0188 3676 AppIDSvc - ok
20:40:13.0219 3676 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:40:13.0219 3676 Appinfo - ok
20:40:13.0297 3676 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:40:13.0391 3676 Apple Mobile Device - ok
20:40:13.0453 3676 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
20:40:13.0515 3676 AppMgmt - ok
20:40:13.0578 3676 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:40:13.0578 3676 arc - ok
20:40:13.0609 3676 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:40:13.0609 3676 arcsas - ok
20:40:13.0640 3676 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:40:13.0640 3676 AsyncMac - ok
20:40:13.0656 3676 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:40:13.0656 3676 atapi - ok
20:40:13.0718 3676 [ B01751CC563AECAC09BBE36AAA21FBEF ] athr C:\Windows\system32\DRIVERS\athr.sys
20:40:13.0734 3676 athr - ok
20:40:13.0781 3676 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:40:13.0796 3676 AudioEndpointBuilder - ok
20:40:13.0812 3676 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:40:13.0812 3676 Audiosrv - ok
20:40:13.0952 3676 [ A1ADE0E06E057E3E7C3C931413AD9665 ] AVKProxy C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
20:40:13.0968 3676 AVKProxy - ok
20:40:14.0046 3676 [ 68F93849B4197243E8454E704B063F9B ] AVKService C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
20:40:14.0046 3676 AVKService - ok
20:40:14.0093 3676 [ 0D82622BF14D167EAA26DDF69F81B187 ] AVKWCtl C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
20:40:14.0233 3676 AVKWCtl - ok
20:40:14.0264 3676 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:40:14.0295 3676 AxInstSV - ok
20:40:14.0342 3676 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:40:14.0342 3676 b06bdrv - ok
20:40:14.0373 3676 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:40:14.0389 3676 b57nd60x - ok
20:40:14.0420 3676 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:40:14.0436 3676 BDESVC - ok
20:40:14.0498 3676 [ CB7CE2E47139B620D2B87078165F1AD0 ] becldr3Service C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe
20:40:14.0576 3676 becldr3Service - ok
20:40:14.0607 3676 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:40:14.0607 3676 Beep - ok
20:40:14.0654 3676 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:40:14.0654 3676 BFE - ok
20:40:14.0701 3676 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:40:14.0732 3676 BITS - ok
20:40:14.0748 3676 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:40:14.0763 3676 blbdrive - ok
20:40:14.0826 3676 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:40:14.0888 3676 Bonjour Service - ok
20:40:14.0935 3676 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:40:14.0935 3676 bowser - ok
20:40:14.0966 3676 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:40:14.0966 3676 BrFiltLo - ok
20:40:14.0982 3676 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:40:14.0997 3676 BrFiltUp - ok
20:40:15.0029 3676 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:40:15.0029 3676 Browser - ok
20:40:15.0044 3676 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:40:15.0060 3676 Brserid - ok
20:40:15.0091 3676 [ 1A5FC78E41840EDF79D65EC16EFF2787 ] BrSerIf C:\Windows\system32\Drivers\BrSerIf.sys
20:40:15.0091 3676 BrSerIf - ok
20:40:15.0107 3676 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:40:15.0107 3676 BrSerWdm - ok
20:40:15.0122 3676 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:40:15.0138 3676 BrUsbMdm - ok
20:40:15.0153 3676 [ A24C7B39602218F8DBDB2B6704325FC7 ] BrUsbSer C:\Windows\system32\Drivers\BrUsbSer.sys
20:40:15.0153 3676 BrUsbSer - ok
20:40:15.0185 3676 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:40:15.0200 3676 BTHMODEM - ok
20:40:15.0231 3676 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:40:15.0341 3676 bthserv - ok
20:40:15.0372 3676 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:40:15.0372 3676 cdfs - ok
20:40:15.0419 3676 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:40:15.0419 3676 cdrom - ok
20:40:15.0465 3676 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:40:15.0465 3676 CertPropSvc - ok
20:40:15.0497 3676 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:40:15.0512 3676 circlass - ok
20:40:15.0543 3676 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:40:15.0543 3676 CLFS - ok
20:40:15.0621 3676 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:40:15.0715 3676 clr_optimization_v2.0.50727_32 - ok
20:40:15.0809 3676 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:40:15.0871 3676 clr_optimization_v4.0.30319_32 - ok
20:40:15.0887 3676 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:40:15.0887 3676 CmBatt - ok
20:40:15.0918 3676 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:40:15.0918 3676 cmdide - ok
20:40:15.0949 3676 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
20:40:15.0965 3676 CNG - ok
20:40:15.0996 3676 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:40:15.0996 3676 Compbatt - ok
20:40:16.0058 3676 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:40:16.0058 3676 CompositeBus - ok
20:40:16.0074 3676 COMSysApp - ok
20:40:16.0105 3676 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:40:16.0105 3676 crcdisk - ok
20:40:16.0152 3676 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:40:16.0152 3676 CryptSvc - ok
20:40:16.0183 3676 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
20:40:16.0199 3676 CSC - ok
20:40:16.0245 3676 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
20:40:16.0245 3676 CscService - ok
20:40:16.0277 3676 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:40:16.0292 3676 DcomLaunch - ok
20:40:16.0323 3676 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:40:16.0370 3676 defragsvc - ok
20:40:16.0401 3676 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:40:16.0401 3676 DfsC - ok
20:40:16.0464 3676 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:40:16.0464 3676 Dhcp - ok
20:40:16.0495 3676 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:40:16.0511 3676 discache - ok
20:40:16.0542 3676 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:40:16.0542 3676 Disk - ok
20:40:16.0573 3676 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:40:16.0589 3676 Dnscache - ok
20:40:16.0604 3676 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:40:16.0667 3676 dot3svc - ok
20:40:16.0682 3676 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:40:16.0682 3676 DPS - ok
20:40:16.0729 3676 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:40:16.0729 3676 drmkaud - ok
20:40:16.0776 3676 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:40:16.0791 3676 DXGKrnl - ok
20:40:16.0838 3676 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:40:16.0838 3676 EapHost - ok
20:40:16.0947 3676 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:40:16.0979 3676 ebdrv - ok
20:40:17.0025 3676 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:40:17.0025 3676 EFS - ok
20:40:17.0088 3676 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:40:17.0197 3676 ehRecvr - ok
20:40:17.0228 3676 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:40:17.0369 3676 ehSched - ok
20:40:17.0400 3676 [ CE37E3D51912E59C80C6D84337C0B4CD ] ElbyCDFL C:\Windows\system32\Drivers\ElbyCDFL.sys
20:40:17.0400 3676 ElbyCDFL - ok
20:40:17.0447 3676 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
20:40:17.0447 3676 ElbyCDIO - ok
20:40:17.0509 3676 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:40:17.0525 3676 elxstor - ok
20:40:17.0556 3676 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:40:17.0556 3676 ErrDev - ok
20:40:17.0618 3676 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:40:17.0618 3676 EventSystem - ok
20:40:17.0665 3676 [ 95BCB4321962028799EB2EA53319BB0C ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
20:40:17.0665 3676 ewusbnet - ok
20:40:17.0696 3676 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
20:40:17.0696 3676 ew_hwusbdev - ok
20:40:17.0727 3676 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:40:17.0727 3676 exfat - ok
20:40:17.0743 3676 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:40:17.0759 3676 fastfat - ok
20:40:17.0790 3676 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:40:17.0790 3676 Fax - ok
20:40:17.0821 3676 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:40:17.0821 3676 fdc - ok
20:40:17.0852 3676 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:40:17.0852 3676 fdPHost - ok
20:40:17.0852 3676 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:40:17.0868 3676 FDResPub - ok
20:40:17.0868 3676 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:40:17.0883 3676 FileInfo - ok
20:40:17.0899 3676 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:40:17.0899 3676 Filetrace - ok
20:40:17.0930 3676 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:40:17.0930 3676 flpydisk - ok
20:40:17.0946 3676 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:40:17.0961 3676 FltMgr - ok
20:40:18.0008 3676 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
20:40:18.0008 3676 FontCache - ok
20:40:18.0102 3676 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:40:18.0102 3676 FontCache3.0.0.0 - ok
20:40:18.0117 3676 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:40:18.0133 3676 FsDepends - ok
20:40:18.0164 3676 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:40:18.0164 3676 Fs_Rec - ok
20:40:18.0195 3676 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:40:18.0211 3676 fvevol - ok
20:40:18.0258 3676 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:40:18.0258 3676 gagp30kx - ok
20:40:18.0320 3676 [ A68E0A837461A558905688968F0285BD ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
20:40:18.0320 3676 GDBehave - ok
20:40:18.0414 3676 [ 803A7B7A4CE932582AE39EF3247BF57D ] GDFwSvc C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
20:40:18.0539 3676 GDFwSvc - ok
20:40:18.0585 3676 [ 4CE604412EBC18BEA302FAB474CCF74C ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
20:40:18.0585 3676 GDMnIcpt - ok
20:40:18.0617 3676 [ EEAAE600C3025D7D693B3A159F103561 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
20:40:18.0648 3676 GDPkIcpt - ok
20:40:18.0726 3676 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
20:40:18.0788 3676 GDScan - ok
20:40:18.0835 3676 [ 3383007F653980C6E26D803B6F404B3C ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd32.sys
20:40:18.0835 3676 gdwfpcd - ok
20:40:18.0882 3676 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:40:18.0882 3676 GEARAspiWDM - ok
20:40:18.0913 3676 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:40:18.0929 3676 gpsvc - ok
20:40:18.0960 3676 [ 4CA6B974710E9D34B0757BBFA32EB98D ] GSService C:\Windows\system32\GSService.exe
20:40:19.0053 3676 GSService - ok
20:40:19.0069 3676 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:40:19.0069 3676 hcw85cir - ok
20:40:19.0116 3676 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:40:19.0116 3676 HdAudAddService - ok
20:40:19.0147 3676 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:40:19.0147 3676 HDAudBus - ok
20:40:19.0163 3676 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:40:19.0178 3676 HidBatt - ok
20:40:19.0194 3676 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:40:19.0194 3676 HidBth - ok
20:40:19.0225 3676 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:40:19.0225 3676 HidIr - ok
20:40:19.0256 3676 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:40:19.0256 3676 hidserv - ok
20:40:19.0319 3676 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:40:19.0319 3676 HidUsb - ok
20:40:19.0334 3676 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:40:19.0350 3676 hkmsvc - ok
20:40:19.0365 3676 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:40:19.0381 3676 HomeGroupListener - ok
20:40:19.0412 3676 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:40:19.0412 3676 HomeGroupProvider - ok
20:40:19.0459 3676 [ 584D01D20F1BC377313AF55671DE8147 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
20:40:19.0459 3676 HookCentre - ok
20:40:19.0506 3676 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:40:19.0506 3676 HpSAMD - ok
20:40:19.0568 3676 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:40:19.0584 3676 HTTP - ok
20:40:19.0631 3676 [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
20:40:19.0631 3676 huawei_enumerator - ok
20:40:19.0677 3676 [ A89423D0132C8AB69BA621B6CE191714 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:40:19.0677 3676 hwdatacard - ok
20:40:19.0709 3676 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:40:19.0709 3676 hwpolicy - ok
20:40:19.0755 3676 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:40:19.0755 3676 i8042prt - ok
20:40:19.0802 3676 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:40:19.0818 3676 iaStorV - ok
20:40:19.0865 3676 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:40:20.0145 3676 idsvc - ok
20:40:20.0317 3676 [ 36CC40B02AE593D6152AC8BD657720AF ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:40:20.0457 3676 igfx - ok
20:40:20.0489 3676 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:40:20.0489 3676 iirsp - ok
20:40:20.0535 3676 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:40:20.0535 3676 IKEEXT - ok
20:40:20.0660 3676 [ B29E79C67F3779E70BA187E31B639EBC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:40:20.0691 3676 IntcAzAudAddService - ok
20:40:20.0707 3676 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:40:20.0707 3676 intelide - ok
20:40:20.0738 3676 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:40:20.0738 3676 intelppm - ok
20:40:20.0769 3676 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:40:20.0801 3676 IPBusEnum - ok
20:40:20.0816 3676 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:40:20.0832 3676 IpFilterDriver - ok
20:40:20.0879 3676 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:40:20.0894 3676 iphlpsvc - ok
20:40:20.0910 3676 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:40:20.0910 3676 IPMIDRV - ok
20:40:20.0941 3676 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:40:20.0941 3676 IPNAT - ok
20:40:21.0019 3676 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:40:21.0097 3676 iPod Service - ok
20:40:21.0128 3676 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:40:21.0128 3676 IRENUM - ok
20:40:21.0144 3676 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:40:21.0144 3676 isapnp - ok
20:40:21.0175 3676 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:40:21.0191 3676 iScsiPrt - ok
20:40:21.0222 3676 [ C4C95805B85BCE1EB9D20F4A02FC5F9B ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
20:40:21.0237 3676 k57nd60x - ok
20:40:21.0284 3676 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:40:21.0284 3676 kbdclass - ok
20:40:21.0315 3676 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:40:21.0315 3676 kbdhid - ok
20:40:21.0362 3676 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:40:21.0362 3676 KeyIso - ok
20:40:21.0393 3676 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:40:21.0393 3676 KSecDD - ok
20:40:21.0425 3676 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:40:21.0440 3676 KSecPkg - ok
20:40:21.0471 3676 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:40:21.0487 3676 KtmRm - ok
20:40:21.0518 3676 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:40:21.0518 3676 LanmanServer - ok
20:40:21.0534 3676 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:40:21.0534 3676 LanmanWorkstation - ok
20:40:21.0596 3676 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:40:21.0596 3676 lltdio - ok
20:40:21.0643 3676 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:40:21.0705 3676 lltdsvc - ok
20:40:21.0721 3676 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:40:21.0721 3676 lmhosts - ok
20:40:21.0752 3676 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:40:21.0752 3676 LSI_FC - ok
20:40:21.0783 3676 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:40:21.0783 3676 LSI_SAS - ok
20:40:21.0799 3676 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:40:21.0799 3676 LSI_SAS2 - ok
20:40:21.0830 3676 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:40:21.0830 3676 LSI_SCSI - ok
20:40:21.0846 3676 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:40:21.0846 3676 luafv - ok
20:40:21.0893 3676 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
20:40:21.0893 3676 LVRS - ok
20:40:22.0017 3676 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
20:40:22.0142 3676 LVUVC - ok
20:40:22.0189 3676 [ 567D3CBC0BA3332887D091A237D4FD3C ] massfilter C:\Windows\system32\drivers\massfilter.sys
20:40:22.0189 3676 massfilter - ok
20:40:22.0267 3676 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:40:22.0267 3676 MBAMProtector - ok
20:40:22.0345 3676 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:40:22.0392 3676 MBAMScheduler - ok
20:40:22.0423 3676 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:40:22.0470 3676 MBAMService - ok
20:40:22.0501 3676 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:40:22.0532 3676 Mcx2Svc - ok
20:40:22.0563 3676 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:40:22.0579 3676 megasas - ok
20:40:22.0610 3676 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:40:22.0610 3676 MegaSR - ok
20:40:22.0641 3676 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:40:22.0641 3676 MMCSS - ok
20:40:22.0657 3676 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:40:22.0657 3676 Modem - ok
20:40:22.0673 3676 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:40:22.0688 3676 monitor - ok
20:40:22.0704 3676 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:40:22.0704 3676 mouclass - ok
20:40:22.0751 3676 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:40:22.0751 3676 mouhid - ok
20:40:22.0782 3676 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:40:22.0782 3676 mountmgr - ok
20:40:22.0875 3676 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:40:22.0938 3676 MozillaMaintenance - ok
20:40:22.0969 3676 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:40:22.0969 3676 mpio - ok
20:40:23.0000 3676 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:40:23.0000 3676 mpsdrv - ok
20:40:23.0031 3676 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:40:23.0031 3676 MpsSvc - ok
20:40:23.0063 3676 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:40:23.0063 3676 MRxDAV - ok
20:40:23.0109 3676 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:40:23.0109 3676 mrxsmb - ok
20:40:23.0141 3676 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:40:23.0156 3676 mrxsmb10 - ok
20:40:23.0172 3676 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:40:23.0172 3676 mrxsmb20 - ok
20:40:23.0203 3676 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\drivers\msahci.sys
20:40:23.0203 3676 msahci - ok
20:40:23.0219 3676 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:40:23.0234 3676 msdsm - ok
20:40:23.0250 3676 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:40:23.0343 3676 MSDTC - ok
20:40:23.0375 3676 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:40:23.0375 3676 Msfs - ok
20:40:23.0390 3676 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:40:23.0390 3676 mshidkmdf - ok
20:40:23.0421 3676 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:40:23.0421 3676 msisadrv - ok
20:40:23.0484 3676 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:40:23.0515 3676 MSiSCSI - ok
20:40:23.0531 3676 msiserver - ok
20:40:23.0562 3676 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:40:23.0562 3676 MSKSSRV - ok
20:40:23.0577 3676 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:40:23.0577 3676 MSPCLOCK - ok
20:40:23.0609 3676 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:40:23.0609 3676 MSPQM - ok
20:40:23.0624 3676 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:40:23.0640 3676 MsRPC - ok
20:40:23.0655 3676 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:40:23.0655 3676 mssmbios - ok
20:40:23.0671 3676 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:40:23.0671 3676 MSTEE - ok
20:40:23.0687 3676 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:40:23.0687 3676 MTConfig - ok
20:40:23.0702 3676 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:40:23.0702 3676 Mup - ok
20:40:23.0749 3676 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:40:23.0749 3676 napagent - ok
20:40:23.0827 3676 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:40:23.0843 3676 NativeWifiP - ok
20:40:23.0874 3676 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:40:23.0889 3676 NDIS - ok
20:40:23.0905 3676 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:40:23.0921 3676 NdisCap - ok
20:40:23.0952 3676 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:40:23.0952 3676 NdisTapi - ok
20:40:23.0983 3676 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:40:23.0999 3676 Ndisuio - ok
20:40:24.0014 3676 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:40:24.0030 3676 NdisWan - ok
20:40:24.0030 3676 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:40:24.0045 3676 NDProxy - ok
20:40:24.0061 3676 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:40:24.0061 3676 NetBIOS - ok
20:40:24.0092 3676 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:40:24.0092 3676 NetBT - ok
20:40:24.0108 3676 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:40:24.0108 3676 Netlogon - ok
20:40:24.0155 3676 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:40:24.0170 3676 Netman - ok
20:40:24.0186 3676 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:40:24.0186 3676 netprofm - ok
20:40:24.0217 3676 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:40:24.0233 3676 NetTcpPortSharing - ok
20:40:24.0264 3676 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:40:24.0264 3676 nfrd960 - ok
20:40:24.0326 3676 [ A0236B16575F0770C05F432BC41CACE0 ] NitroReaderDriverReadSpool2 C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
20:40:24.0373 3676 NitroReaderDriverReadSpool2 - ok
20:40:24.0404 3676 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:40:24.0404 3676 NlaSvc - ok
20:40:24.0451 3676 [ B0A67DE1A128389AEA4D42C5A56215FD ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
20:40:24.0451 3676 nmwcd - ok
20:40:24.0498 3676 [ 025C54F9F8C8BC1894EA38529C742C54 ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
20:40:24.0498 3676 nmwcdc - ok
20:40:24.0545 3676 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:40:24.0545 3676 Npfs - ok
20:40:24.0576 3676 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:40:24.0576 3676 nsi - ok
20:40:24.0591 3676 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:40:24.0591 3676 nsiproxy - ok
20:40:24.0669 3676 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:40:24.0685 3676 Ntfs - ok
20:40:24.0701 3676 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:40:24.0701 3676 Null - ok
20:40:24.0732 3676 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:40:24.0732 3676 nvraid - ok
20:40:24.0763 3676 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:40:24.0763 3676 nvstor - ok
20:40:24.0794 3676 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:40:24.0794 3676 nv_agp - ok
20:40:24.0872 3676 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:40:25.0013 3676 odserv - ok
20:40:25.0044 3676 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:40:25.0044 3676 ohci1394 - ok
20:40:25.0091 3676 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:40:25.0247 3676 ose - ok
20:40:25.0309 3676 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:40:25.0325 3676 p2pimsvc - ok
20:40:25.0340 3676 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:40:25.0340 3676 p2psvc - ok
20:40:25.0371 3676 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:40:25.0371 3676 Parport - ok
20:40:25.0403 3676 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:40:25.0403 3676 partmgr - ok
20:40:25.0418 3676 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:40:25.0434 3676 Parvdm - ok
20:40:25.0465 3676 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:40:25.0465 3676 PcaSvc - ok
20:40:25.0527 3676 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:40:25.0543 3676 pccsmcfd - ok
20:40:25.0559 3676 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:40:25.0574 3676 pci - ok
20:40:25.0605 3676 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:40:25.0605 3676 pciide - ok
20:40:25.0637 3676 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:40:25.0637 3676 pcmcia - ok
20:40:25.0652 3676 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:40:25.0668 3676 pcw - ok
20:40:25.0715 3676 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:40:25.0730 3676 PEAUTH - ok
20:40:25.0777 3676 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:40:25.0793 3676 PeerDistSvc - ok
20:40:25.0871 3676 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:40:25.0964 3676 pla - ok
20:40:26.0011 3676 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:40:26.0011 3676 PlugPlay - ok
20:40:26.0042 3676 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:40:26.0073 3676 PNRPAutoReg - ok
20:40:26.0105 3676 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:40:26.0105 3676 PNRPsvc - ok
20:40:26.0151 3676 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:40:26.0151 3676 PolicyAgent - ok
20:40:26.0198 3676 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:40:26.0198 3676 Power - ok
20:40:26.0245 3676 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:40:26.0245 3676 PptpMiniport - ok
20:40:26.0261 3676 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:40:26.0261 3676 Processor - ok
20:40:26.0307 3676 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:40:26.0307 3676 ProfSvc - ok
20:40:26.0323 3676 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:40:26.0323 3676 ProtectedStorage - ok
20:40:26.0354 3676 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:40:26.0354 3676 Psched - ok
20:40:26.0385 3676 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
20:40:26.0385 3676 PxHelp20 - ok
20:40:26.0432 3676 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:40:26.0448 3676 ql2300 - ok
20:40:26.0479 3676 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:40:26.0479 3676 ql40xx - ok
20:40:26.0526 3676 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:40:26.0557 3676 QWAVE - ok
20:40:26.0573 3676 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:40:26.0573 3676 QWAVEdrv - ok
20:40:26.0651 3676 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
20:40:26.0713 3676 RapiMgr - ok
20:40:26.0744 3676 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:40:26.0760 3676 RasAcd - ok
20:40:26.0791 3676 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:40:26.0807 3676 RasAgileVpn - ok
20:40:26.0838 3676 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:40:26.0885 3676 RasAuto - ok
20:40:26.0916 3676 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:40:26.0916 3676 Rasl2tp - ok
20:40:26.0963 3676 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:40:26.0963 3676 RasMan - ok
20:40:26.0963 3676 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:40:26.0978 3676 RasPppoe - ok
20:40:27.0009 3676 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:40:27.0009 3676 RasSstp - ok
20:40:27.0041 3676 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:40:27.0056 3676 rdbss - ok
20:40:27.0056 3676 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:40:27.0056 3676 rdpbus - ok
20:40:27.0087 3676 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:40:27.0087 3676 RDPCDD - ok
20:40:27.0103 3676 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:40:27.0119 3676 RDPDR - ok
20:40:27.0134 3676 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:40:27.0150 3676 RDPENCDD - ok
20:40:27.0150 3676 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:40:27.0165 3676 RDPREFMP - ok
20:40:27.0228 3676 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:40:27.0243 3676 RdpVideoMiniport - ok
20:40:27.0275 3676 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:40:27.0290 3676 RDPWD - ok
20:40:27.0321 3676 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:40:27.0337 3676 rdyboost - ok
20:40:27.0384 3676 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:40:27.0415 3676 RemoteAccess - ok
20:40:27.0446 3676 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:40:27.0509 3676 RemoteRegistry - ok
20:40:27.0571 3676 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:40:27.0571 3676 RpcEptMapper - ok
20:40:27.0587 3676 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:40:27.0602 3676 RpcLocator - ok
20:40:27.0618 3676 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:40:27.0633 3676 RpcSs - ok
20:40:27.0665 3676 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:40:27.0680 3676 rspndr - ok
20:40:27.0711 3676 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:40:27.0711 3676 s3cap - ok
20:40:27.0727 3676 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:40:27.0727 3676 SamSs - ok
20:40:27.0743 3676 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:40:27.0758 3676 sbp2port - ok
20:40:27.0774 3676 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:40:27.0789 3676 SCardSvr - ok
20:40:27.0821 3676 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:40:27.0821 3676 scfilter - ok
20:40:27.0867 3676 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:40:27.0867 3676 Schedule - ok
20:40:27.0899 3676 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:40:27.0914 3676 SCPolicySvc - ok
20:40:27.0914 3676 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:40:27.0930 3676 SDRSVC - ok
20:40:27.0977 3676 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:40:27.0977 3676 secdrv - ok
20:40:28.0008 3676 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:40:28.0023 3676 seclogon - ok
20:40:28.0039 3676 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:40:28.0055 3676 SENS - ok
20:40:28.0086 3676 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:40:28.0101 3676 SensrSvc - ok
20:40:28.0117 3676 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:40:28.0117 3676 Serenum - ok
20:40:28.0133 3676 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:40:28.0133 3676 Serial - ok
20:40:28.0164 3676 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:40:28.0164 3676 sermouse - ok
20:40:28.0257 3676 [ 2D841B7B7F6DEC32162EDFCC69D61F42 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:40:28.0320 3676 ServiceLayer - ok
20:40:28.0367 3676 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:40:28.0367 3676 SessionEnv - ok
20:40:28.0398 3676 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:40:28.0398 3676 sffdisk - ok
20:40:28.0413 3676 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:40:28.0413 3676 sffp_mmc - ok
20:40:28.0429 3676 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:40:28.0429 3676 sffp_sd - ok
20:40:28.0445 3676 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:40:28.0445 3676 sfloppy - ok
20:40:28.0507 3676 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:40:28.0538 3676 SharedAccess - ok
20:40:28.0569 3676 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:40:28.0569 3676 ShellHWDetection - ok
20:40:28.0601 3676 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:40:28.0601 3676 sisagp - ok
20:40:28.0647 3676 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:40:28.0647 3676 SiSRaid2 - ok
20:40:28.0679 3676 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:40:28.0679 3676 SiSRaid4 - ok
20:40:28.0741 3676 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:40:28.0897 3676 SkypeUpdate - ok
20:40:28.0928 3676 SliceDisk5 - ok
20:40:28.0959 3676 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:40:28.0975 3676 Smb - ok
20:40:29.0006 3676 [ A247EF7B238795EBBC33744221A391DE ] SMServer C:\Windows\system32\snmvtsvc.exe
20:40:29.0084 3676 SMServer - ok
20:40:29.0131 3676 [ DA44FCEBF4EFB826667ED1FAB6159BEA ] SndTAudio C:\Windows\system32\drivers\SndTAudio.sys
20:40:29.0131 3676 SndTAudio - ok
20:40:29.0193 3676 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:40:29.0209 3676 SNMPTRAP - ok
20:40:29.0240 3676 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:40:29.0256 3676 spldr - ok
20:40:29.0303 3676 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:40:29.0318 3676 Spooler - ok
20:40:29.0396 3676 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:40:29.0552 3676 sppsvc - ok
20:40:29.0583 3676 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:40:29.0615 3676 sppuinotify - ok
20:40:29.0661 3676 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:40:29.0661 3676 srv - ok
20:40:29.0677 3676 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:40:29.0693 3676 srv2 - ok
20:40:29.0708 3676 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:40:29.0708 3676 srvnet - ok
20:40:29.0739 3676 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:40:29.0755 3676 SSDPSRV - ok
20:40:29.0771 3676 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:40:29.0771 3676 SstpSvc - ok
20:40:29.0802 3676 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:40:29.0802 3676 stexstor - ok
20:40:29.0880 3676 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:40:29.0895 3676 StiSvc - ok
20:40:29.0927 3676 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:40:29.0927 3676 storflt - ok
20:40:29.0958 3676 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
20:40:30.0020 3676 StorSvc - ok
20:40:30.0051 3676 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:40:30.0051 3676 storvsc - ok
20:40:30.0114 3676 [ 422394FDF08173E04038781AEC0E447C ] STSService C:\Program Files\SoundTaxi Media Suite\STSService.exe
20:40:30.0192 3676 STSService - ok
20:40:30.0223 3676 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:40:30.0223 3676 swenum - ok
20:40:30.0254 3676 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:40:30.0317 3676 swprv - ok
20:40:30.0379 3676 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:40:30.0395 3676 SysMain - ok
20:40:30.0426 3676 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:40:30.0473 3676 TabletInputService - ok
20:40:30.0504 3676 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:40:30.0504 3676 TapiSrv - ok
20:40:30.0551 3676 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:40:30.0582 3676 TBS - ok
20:40:30.0644 3676 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:40:30.0660 3676 Tcpip - ok
20:40:30.0691 3676 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:40:30.0691 3676 TCPIP6 - ok
20:40:30.0738 3676 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:40:30.0738 3676 tcpipreg - ok
20:40:30.0769 3676 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:40:30.0769 3676 TDPIPE - ok
20:40:30.0800 3676 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:40:30.0800 3676 TDTCP - ok
20:40:30.0831 3676 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:40:30.0831 3676 tdx - ok
20:40:30.0863 3676 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:40:30.0863 3676 TermDD - ok
20:40:30.0894 3676 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:40:30.0909 3676 TermService - ok
20:40:30.0972 3676 [ 46B389E1A1C8E66D877402FC0821A371 ] TGCM_ImportWiFiSvc C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
20:40:31.0003 3676 TGCM_ImportWiFiSvc - ok
20:40:31.0034 3676 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:40:31.0050 3676 Themes - ok
20:40:31.0050 3676 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:40:31.0065 3676 THREADORDER - ok
20:40:31.0081 3676 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:40:31.0081 3676 TrkWks - ok
20:40:31.0143 3676 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:40:31.0190 3676 TrustedInstaller - ok
20:40:31.0221 3676 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:40:31.0237 3676 tssecsrv - ok
20:40:31.0268 3676 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:40:31.0268 3676 TsUsbFlt - ok
20:40:31.0315 3676 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:40:31.0331 3676 tunnel - ok
20:40:31.0362 3676 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:40:31.0362 3676 uagp35 - ok
20:40:31.0393 3676 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:40:31.0409 3676 udfs - ok
20:40:31.0471 3676 [ A447361E6156AFEF47A42AE9E89B2BB3 ] UI Assistant Service C:\Program Files\Join Air\AssistantServices.exe
20:40:31.0518 3676 UI Assistant Service - ok
20:40:31.0549 3676 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:40:31.0689 3676 UI0Detect - ok
20:40:31.0736 3676 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:40:31.0736 3676 uliagpkx - ok
20:40:31.0767 3676 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:40:31.0783 3676 umbus - ok
20:40:31.0830 3676 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:40:31.0830 3676 UmPass - ok
20:40:31.0877 3676 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
20:40:31.0877 3676 UmRdpService - ok
20:40:31.0955 3676 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
20:40:32.0126 3676 UMVPFSrv - ok
20:40:32.0157 3676 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:40:32.0173 3676 upnphost - ok
20:40:32.0204 3676 [ 78B74AF8727A28C128E164E9B53A5413 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
20:40:32.0204 3676 upperdev - ok
20:40:32.0267 3676 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
20:40:32.0267 3676 USBAAPL - ok
20:40:32.0313 3676 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:40:32.0313 3676 usbaudio - ok
20:40:32.0360 3676 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:40:32.0360 3676 usbccgp - ok
20:40:32.0391 3676 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:40:32.0391 3676 usbcir - ok
20:40:32.0438 3676 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:40:32.0438 3676 usbehci - ok
20:40:32.0469 3676 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:40:32.0485 3676 usbhub - ok
20:40:32.0516 3676 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:40:32.0516 3676 usbohci - ok
20:40:32.0547 3676 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:40:32.0547 3676 usbprint - ok
20:40:32.0579 3676 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:40:32.0579 3676 usbscan - ok
20:40:32.0610 3676 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
20:40:32.0610 3676 usbser - ok
20:40:32.0657 3676 [ 4F8FBC51A1C0A17310846B417A447F91 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
20:40:32.0657 3676 UsbserFilt - ok
20:40:32.0688 3676 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:40:32.0688 3676 USBSTOR - ok
20:40:32.0703 3676 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:40:32.0703 3676 usbuhci - ok
20:40:32.0735 3676 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:40:32.0735 3676 UxSms - ok
20:40:32.0735 3676 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:40:32.0750 3676 VaultSvc - ok
20:40:32.0781 3676 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:40:32.0781 3676 vdrvroot - ok
20:40:32.0844 3676 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:40:32.0906 3676 vds - ok
20:40:32.0937 3676 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:40:32.0937 3676 vga - ok
20:40:32.0937 3676 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:40:32.0937 3676 VgaSave - ok
20:40:32.0984 3676 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:40:32.0984 3676 vhdmp - ok
20:40:33.0015 3676 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:40:33.0015 3676 viaagp - ok
20:40:33.0031 3676 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:40:33.0047 3676 ViaC7 - ok
20:40:33.0078 3676 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:40:33.0078 3676 viaide - ok
20:40:33.0093 3676 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:40:33.0109 3676 vmbus - ok
20:40:33.0125 3676 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:40:33.0125 3676 VMBusHID - ok
20:40:33.0140 3676 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:40:33.0140 3676 volmgr - ok
20:40:33.0156 3676 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:40:33.0171 3676 volmgrx - ok
20:40:33.0187 3676 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:40:33.0187 3676 volsnap - ok
20:40:33.0249 3676 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:40:33.0249 3676 vsmraid - ok
20:40:33.0296 3676 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:40:33.0421 3676 VSS - ok
20:40:33.0452 3676 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:40:33.0452 3676 vwifibus - ok
20:40:33.0483 3676 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:40:33.0483 3676 vwififlt - ok
20:40:33.0530 3676 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:40:33.0530 3676 vwifimp - ok
20:40:33.0546 3676 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:40:33.0561 3676 W32Time - ok
20:40:33.0593 3676 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:40:33.0593 3676 WacomPen - ok
20:40:33.0608 3676 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:40:33.0624 3676 WANARP - ok
20:40:33.0624 3676 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:40:33.0624 3676 Wanarpv6 - ok
20:40:33.0733 3676 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:40:33.0842 3676 WatAdminSvc - ok
20:40:33.0889 3676 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:40:33.0967 3676 wbengine - ok
20:40:33.0998 3676 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:40:34.0045 3676 WbioSrvc - ok
20:40:34.0092 3676 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
20:40:34.0139 3676 WcesComm - ok
20:40:34.0185 3676 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:40:34.0185 3676 wcncsvc - ok
20:40:34.0217 3676 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:40:34.0248 3676 WcsPlugInService - ok
20:40:34.0279 3676 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:40:34.0295 3676 Wd - ok
20:40:34.0341 3676 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:40:34.0341 3676 Wdf01000 - ok
20:40:34.0373 3676 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:40:34.0373 3676 WdiServiceHost - ok
20:40:34.0373 3676 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:40:34.0373 3676 WdiSystemHost - ok
20:40:34.0419 3676 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:40:34.0451 3676 WebClient - ok
20:40:34.0497 3676 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:40:34.0544 3676 Wecsvc - ok
20:40:34.0560 3676 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:40:34.0575 3676 wercplsupport - ok
20:40:34.0607 3676 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:40:34.0607 3676 WerSvc - ok
20:40:34.0638 3676 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:40:34.0638 3676 WfpLwf - ok
20:40:34.0653 3676 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:40:34.0669 3676 WIMMount - ok
20:40:34.0731 3676 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:40:34.0794 3676 WinDefend - ok
20:40:34.0809 3676 WinHttpAutoProxySvc - ok
20:40:34.0856 3676 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:40:34.0903 3676 Winmgmt - ok
20:40:34.0950 3676 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:40:34.0981 3676 WinRM - ok
20:40:35.0028 3676 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:40:35.0028 3676 WinUsb - ok
20:40:35.0075 3676 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:40:35.0075 3676 Wlansvc - ok
20:40:35.0168 3676 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:40:35.0199 3676 wlcrasvc - ok
20:40:35.0324 3676 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:40:35.0355 3676 wlidsvc - ok
20:40:35.0387 3676 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:40:35.0387 3676 WmiAcpi - ok
20:40:35.0433 3676 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:40:35.0480 3676 wmiApSrv - ok
20:40:35.0574 3676 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:40:35.0589 3676 WMPNetworkSvc - ok
20:40:35.0621 3676 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:40:35.0636 3676 WPCSvc - ok
20:40:35.0667 3676 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:40:35.0683 3676 WPDBusEnum - ok
20:40:35.0730 3676 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:40:35.0730 3676 ws2ifsl - ok
20:40:35.0761 3676 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
20:40:35.0777 3676 WsAudio_DeviceS(1) - ok
20:40:35.0792 3676 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
20:40:35.0792 3676 WsAudio_DeviceS(2) - ok
20:40:35.0823 3676 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
20:40:35.0839 3676 WsAudio_DeviceS(3) - ok
20:40:35.0870 3676 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
20:40:35.0886 3676 WsAudio_DeviceS(4) - ok
20:40:35.0901 3676 [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
20:40:35.0901 3676 WsAudio_DeviceS(5) - ok
20:40:35.0933 3676 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:40:35.0933 3676 wscsvc - ok
20:40:35.0933 3676 WSearch - ok
20:40:36.0026 3676 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:40:36.0057 3676 wuauserv - ok
20:40:36.0073 3676 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:40:36.0089 3676 WudfPf - ok
20:40:36.0104 3676 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:40:36.0120 3676 WUDFRd - ok
20:40:36.0151 3676 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:40:36.0151 3676 wudfsvc - ok
20:40:36.0182 3676 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:40:36.0182 3676 WwanSvc - ok
20:40:36.0213 3676 [ C2215C6ADA8B1E9FEB507CEE9B446661 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
20:40:36.0213 3676 ZTEusbmdm6k - ok
20:40:36.0229 3676 [ F16CE3C7690AB7426DC96520D54A737E ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
20:40:36.0229 3676 ZTEusbnmea - ok
20:40:36.0245 3676 [ C2215C6ADA8B1E9FEB507CEE9B446661 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
20:40:36.0260 3676 ZTEusbser6k - ok
20:40:36.0307 3676 ================ Scan global ===============================
20:40:36.0338 3676 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:40:36.0369 3676 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:40:36.0385 3676 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
20:40:36.0416 3676 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:40:36.0447 3676 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:40:36.0447 3676 [Global] - ok
20:40:36.0447 3676 ================ Scan MBR ==================================
20:40:36.0463 3676 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:40:36.0915 3676 \Device\Harddisk0\DR0 - ok
20:40:36.0931 3676 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR9
20:40:40.0223 3676 \Device\Harddisk1\DR9 - ok
20:40:40.0223 3676 ================ Scan VBR ==================================
20:40:40.0254 3676 [ 53EAF05A366A68C7B6340677E7CD3642 ] \Device\Harddisk0\DR0\Partition1
20:40:40.0254 3676 \Device\Harddisk0\DR0\Partition1 - ok
20:40:40.0269 3676 [ 30F800D8662D39AF09CBFA6FD33E6AB3 ] \Device\Harddisk0\DR0\Partition2
20:40:40.0269 3676 \Device\Harddisk0\DR0\Partition2 - ok
20:40:40.0285 3676 [ 37D12D603BE95D8DAEB12A7C24A5CB6B ] \Device\Harddisk1\DR9\Partition1
20:40:40.0285 3676 \Device\Harddisk1\DR9\Partition1 - ok
20:40:40.0285 3676 ============================================================
20:40:40.0285 3676 Scan finished
20:40:40.0285 3676 ============================================================
20:40:40.0347 3636 Detected object count: 0
20:40:40.0347 3636 Actual detected object count: 0
20:44:41.0458 4064 Deinitialize success
DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16470
Run by Manu´s at 20:45:35 on 2013-03-26
#Option MBR scan is disabled.
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3001.1921 [GMT 1:00]
.
AV: G Data InternetSecurity 2013 *Enabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
SP: G Data InternetSecurity 2013 *Enabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall *Enabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
C:\Program Files\Join Air\AssistantServices.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Join Air\UIExec.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.ask.com/?l=dis&o=APN10012&gct=hp
uSearch Bar = Preserve
mStart Page = hxxp://home.sweetim.com
mSearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: G Data BankGuard: {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - c:\program files\common files\g data\avkproxy\BanksafeBHO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: ICQ Sparberater: {EC136321-1AE5-4A7F-B01C-5380D666175B} - c:\program files\icq\internet explorer\icq.dll
mRun: [ApplyEsf-eDocPrintPro] "c:\program files\common files\maycomputer\edocprintpro\\ApplyEsf.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [UIExec] "c:\program files\join air\UIExec.exe"
mRun: [HFALoader] c:\program files\hamster soft\hamster free zip archiver\HamsterArc.exe -loader
mRun: [Windows Mobile Device Center] c:\windows\windowsmobile\wmdc.exe
mRun: [G Data AntiVirus Tray Application] c:\program files\g data\internetsecurity\avktray\AVKTray.exe
mRun: [GDFirewallTray] c:\program files\g data\internetsecurity\firewall\GDFirewallTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} - c:\program files\soundtaxi\YouTubeRipper.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{5C84A606-9489-4BEA-94AF-43CBFC4639B4} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5C84A606-9489-4BEA-94AF-43CBFC4639B4}\5416379724F687D2144393133303 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5C84A606-9489-4BEA-94AF-43CBFC4639B4}\5416379724F687D2635424244363 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5C84A606-9489-4BEA-94AF-43CBFC4639B4}\5416379724F687D2640334234303 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5C84A606-9489-4BEA-94AF-43CBFC4639B4}\64259445A51224F6870264F6E60275C414E40273137303 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{5C84A606-9489-4BEA-94AF-43CBFC4639B4}\64259445A51224F6870264F6E60275C414E40273237303 : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{5C84A606-9489-4BEA-94AF-43CBFC4639B4}\E4144494E454D20534F5E45647A7775627B6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F95EE057-7B4B-4903-9FBD-E259EBD05DBF} : DHCPNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\manu´s\appdata\roaming\mozilla\firefox\profiles\7o2x3kmr.default\
.
============= SERVICES / DRIVERS ===============
.
R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2013-3-24 42016]
R1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2013-3-24 93600]
R1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [2013-3-24 54256]
R1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2013-3-24 50080]
R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\common files\g data\avkproxy\AVKProxy.exe [2013-3-24 1548312]
R2 AVKService;G Data Scheduler;c:\program files\g data\internetsecurity\avk\AVKService.exe [2013-3-24 469016]
R2 AVKWCtl;G Data Dateisystem Wächter;c:\program files\g data\internetsecurity\avk\AVKWCtl.exe [2013-3-24 1584624]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-3-22 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-3-22 682344]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\nitro pdf\reader 2\NitroPDFReaderDriverService2.exe [2012-7-18 184848]
R2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files\o2\mobile connection manager\ImpWiFiSvc.exe [2010-9-29 200624]
R2 UI Assistant Service;UI Assistant Service;c:\program files\join air\AssistantServices.exe [2012-4-23 241664]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2012-1-18 450848]
R3 GDFwSvc;G Data Personal Firewall;c:\program files\g data\internetsecurity\firewall\GDFwSvc.exe [2013-3-24 1914760]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2013-3-24 51616]
R3 GDScan;G Data Scanner;c:\program files\common files\g data\gdscan\GDScan.exe [2013-3-24 470008]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2013-3-19 72576]
R3 k57nd60x;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-13 229888]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-22 21104]
R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [2011-1-2 23608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files\bcl technologies\easyconverter sdk 3\common\becldr.exe [2011-4-19 176128]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2013-3-19 102784]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2013-3-19 208896]
S3 GSService;GSService;c:\windows\system32\GSService.exe [2011-1-2 385024]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-4-23 9728]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-3-17 14848]
S3 SMServer;SMServer;c:\windows\system32\snmvtsvc.exe [2011-1-2 245760]
S3 StorSvc;Speicherdienst;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 STSService;STSService;c:\program files\soundtaxi media suite\STSService.exe [2010-12-23 385024]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-3-17 49664]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\wat\WatAdminSvc.exe [2011-1-30 1343400]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-12-29 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2010-12-29 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2010-12-29 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2010-12-29 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2010-12-29 25704]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
ShellExec: switch.exe: open="c:\program files\nch software\switch\switch" "%L"
.
=============== Created Last 30 ================
.
2013-03-26 19:45:37 -------- d-----w- c:\users\manu?s\appdata\local\Microsoft
2013-03-26 19:13:50 1018768 ----a-w- c:\windows\system32\sig.bin
2013-03-24 13:00:18 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1a88abb2-2c54-4087-8db4-6ef6e33907fa}\offreg.dll
2013-03-24 12:15:42 11240 ----a-w- c:\windows\system32\GdScrSv.de.dll
2013-03-24 08:44:51 52176 ----a-w- c:\program files\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}\components\BanksafeXPCOM.dll
2013-03-24 08:44:51 51616 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2013-03-24 08:44:29 50080 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2013-03-24 08:44:28 93600 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2013-03-24 08:44:28 42016 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2013-03-24 08:44:26 54256 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2013-03-24 08:43:35 -------- d-----w- c:\programdata\G DATA
2013-03-24 08:43:35 -------- d-----w- c:\program files\G Data
2013-03-24 08:43:35 -------- d-----w- c:\program files\common files\G Data
2013-03-23 08:35:05 7108640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1a88abb2-2c54-4087-8db4-6ef6e33907fa}\mpengine.dll
2013-03-22 19:07:03 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-19 19:30:42 85248 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2013-03-19 19:30:42 72576 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2013-03-19 19:30:42 51456 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2013-03-19 19:30:42 26496 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2013-03-19 19:30:42 168960 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2013-03-19 19:30:23 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2013-03-19 19:30:23 27136 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2013-03-19 19:30:23 208896 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2013-03-19 19:30:23 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2013-03-19 19:30:23 106880 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2013-03-19 19:29:37 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2013-03-19 19:29:20 -------- d-----w- c:\program files\HUAWEI Modem Driver
2013-03-19 19:29:15 -------- d-----w- c:\program files\o2
2013-03-17 02:10:14 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-03-17 02:08:21 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-03-17 02:08:21 247808 ----a-w- c:\windows\system32\schannel.dll
2013-03-17 02:08:21 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-03-17 02:08:21 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-03-17 00:30:06 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
==================== Find3M ====================
.
2013-03-17 16:29:26 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-17 16:29:25 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-12 04:48:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-02 03:38:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-02 03:30:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-02 03:30:21 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-02 03:26:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-02 03:26:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-02 03:23:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-13 21:17:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 20:30:34 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 20:22:22 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:54:01 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:48:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:37:57 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-05 05:00:15 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 06:11:21 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-01-04 04:50:52 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 03:00:29 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-01-03 05:05:20 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 05:04:43 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
============= FINISH: 20:46:46,69 ===============
attach Code:
ATTFilter . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 28.12.2010 17:03:38 System Uptime: 26.03.2013 12:27:38 (8 hours ago) . Motherboard: Acer | | JV50 Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz | U2E1 | 2000/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 185 GiB total, 75,934 GiB free. D: is CDROM () E: is Removable O: is FIXED (NTFS) - 262 GiB total, 117,522 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP364: 28.02.2013 22:28:35 - Windows Update RP365: 08.03.2013 16:26:33 - Geplanter Prüfpunkt RP366: 16.03.2013 19:33:48 - Windows Update RP367: 16.03.2013 19:48:34 - Windows Update RP368: 16.03.2013 19:54:46 - Wiederherstellungsvorgang RP369: 16.03.2013 20:03:31 - Windows Update RP370: 16.03.2013 21:00:16 - Windows Update RP371: 17.03.2013 02:13:27 - Windows Update RP372: 17.03.2013 03:09:38 - Windows Update RP373: 17.03.2013 17:32:06 - Windows Update RP374: 19.03.2013 20:38:54 - Windows Update RP375: 19.03.2013 21:00:27 - Windows Update RP376: 19.03.2013 21:04:56 - OTL Restore Point - 19.03.2013 21:04:56 RP377: 19.03.2013 22:34:29 - Windows Update RP378: 19.03.2013 22:44:12 - Windows Update RP379: 20.03.2013 20:19:26 - Windows Update RP380: 22.03.2013 21:00:27 - Windows Update RP381: 22.03.2013 22:08:18 - TuneUp Utilities 2013 wird installiert RP382: 22.03.2013 22:38:07 - TuneUp Utilities 2013 wird entfernt RP383: 22.03.2013 22:38:56 - TuneUp Utilities Language Pack (de-DE) wird entfernt RP384: 22.03.2013 23:10:30 - Removed Softi FreeOCR RP385: 22.03.2013 23:23:43 - Windows Update RP386: 24.03.2013 09:41:56 - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 7-Zip 9.20 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.6) - Deutsch AnyDVD Apple Application Support Apple Mobile Device Support Apple Software Update Audible Download Manager AudibleManager BCL easyConverter 3.0 Licensing Module (BCL License) BCL easyConverter 3.0 Loader SDK Module BCL easyConverter 3.0 Module (Loader, BCL License) BCL easyConverter 3.0 Module (RTF, BCL License) BCL easyConverter 3.0 RTF SDK Module BCL easyConverter 3.0 SDK Module Bonjour Brother MFL-Pro Suite MFC-5490CN calibre CameraHelperMsi CCleaner CloneCD CloneDVD2 Compatibility Pack für 2007 Office System Content Manager 2 D3DX10 Duden Korrektor Standard eDocPrintPro v3.16.0 erLT FormatFactory 3.0.1 Fuse Drivers G Data InternetSecurity 2013 gs_x86 Hamster Free Video Converter Hamster Lite Archiver 2.0.1.2 HUAWEI DataCard Driver 4.20.12.00 Intel(R) Graphics Media Accelerator Driver Intel(R) TV Wizard iTunes Java Auto Updater Java(TM) 6 Update 24 JDownloader 0.9 Join Air Junk Mail filter update Logitech Webcam Software LWS Facebook LWS Gallery LWS Help_main LWS Launcher LWS Motion Detection LWS Pictures And Video LWS Twitter LWS Video Mask Maker LWS VideoEffects LWS Webcam Software LWS WLM Plugin LWS YouTube Plugin Malwarebytes Anti-Malware Version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (German) 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (German) 2007 Microsoft Office Outlook MUI (German) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (German) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Word MUI (German) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC100_CRT_SP1_x86 Mobile Connection Manager Mozilla Firefox 19.0.2 (x86 de) Mozilla Maintenance Service Mozilla Thunderbird 16.0.2 (x86 de) MSVC80_x86 MSVC80_x86_v2 MSVC90_x86 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Napster 5 Beta Napster Burn Engine Napster Rienf Repair Naviextras Toolbox Prerequesities Nitro Reader 2 Nokia Connectivity Cable Driver Nokia PC Suite PC Connectivity Solution PDF2Word Converter Version 1.0.8 (Build 164, 7-PDF) PhotoScape PL-2303 USB-to-Serial QuickTime Realtek High Definition Audio Driver Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Skype Click to Call Skype™ 6.1 SoundTaxi 4.1.5 SoundTaxi Media Suite 4.1.5 Switch Sound File Converter System Requirements Lab for Intel Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition VLC media player 1.1.5 WavePad Sound Editor Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4) Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2) Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) Windows Installer Clean Up Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile-Gerätecenter WinRAR 4.01 (32-Bit) XMedia Recode Version 3.1.0.0 . ==== End Of File =========================== |
|
26.03.2013, 21:02
| #6 |
| /// TB-Ausbilder | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Da läuft eine Menge Zeug. Scan mit Combofix
__________________ --> PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg |
|
27.03.2013, 20:10
| #7 |
| | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Hi Ryder, ich weis, auf dem Läpi hat sich einiges angesammelt - allerdings bin ich mir eben auch nicht mehr sicher, was davon zum System gehört und was nicht - hab immer etwas Respekt mal das falsche zu löschen. Neu aufspielen doch einfacher ??? Hier aber mal das Logfile von Combofix: Code:
ATTFilter ComboFix 13-03-26.01 - Manu´s 27.03.2013 17:53:55.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3001.1963 [GMT 1:00]
ausgeführt von:: c:\users\Manu¦s\Desktop\5-ComboFix.exe
AV: G Data InternetSecurity 2013 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2013 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\XSxS
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-27 bis 2013-03-27 ))))))))))))))))))))))))))))))
.
.
2013-03-27 18:38 . 2013-03-27 18:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-27 16:56 . 2013-03-27 16:56 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D280519E-D50E-431E-BA8C-791BFA190A2C}\offreg.dll
2013-03-27 15:59 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D280519E-D50E-431E-BA8C-791BFA190A2C}\mpengine.dll
2013-03-26 19:45 . 2013-03-26 19:45 -------- d-----w- c:\users\MANUS~3
2013-03-26 19:13 . 2013-03-27 16:00 1024350 ----a-w- c:\windows\system32\sig.bin
2013-03-24 12:15 . 2013-01-10 13:35 11240 ----a-w- c:\windows\system32\GdScrSv.de.dll
2013-03-24 08:44 . 2013-03-24 12:18 51616 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2013-03-24 08:44 . 2013-03-24 12:15 50080 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2013-03-24 08:44 . 2013-03-24 12:15 93600 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2013-03-24 08:44 . 2013-03-24 12:15 42016 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2013-03-24 08:44 . 2013-03-24 12:15 54256 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2013-03-24 08:43 . 2013-03-24 12:16 -------- d-----w- c:\program files\Common Files\G Data
2013-03-24 08:43 . 2013-03-24 11:57 -------- d-----w- c:\programdata\G DATA
2013-03-24 08:43 . 2013-03-24 08:43 -------- d-----w- c:\program files\G Data
2013-03-19 19:30 . 2010-11-04 09:51 85248 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2013-03-19 19:30 . 2010-10-09 06:48 72576 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2013-03-19 19:30 . 2010-09-26 10:00 51456 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2013-03-19 19:30 . 2010-09-26 10:00 26496 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2013-03-19 19:30 . 2010-09-03 09:35 168960 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2013-03-19 19:30 . 2010-08-31 10:09 208896 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2013-03-19 19:30 . 2010-08-07 09:48 106880 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2013-03-19 19:30 . 2010-05-10 06:18 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2013-03-19 19:30 . 2010-03-20 04:06 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2013-03-19 19:30 . 2010-01-18 10:48 27136 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2013-03-19 19:29 . 2010-07-27 01:52 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2013-03-19 19:29 . 2013-03-19 19:30 -------- d-----w- c:\program files\HUAWEI Modem Driver
2013-03-19 19:29 . 2013-03-19 19:29 -------- d-----w- c:\program files\o2
2013-03-17 02:10 . 2013-01-13 19:53 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-03-17 02:08 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-03-17 02:08 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-03-17 02:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-03-17 02:08 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-03-17 00:30 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-17 16:29 . 2012-04-02 15:04 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-17 16:29 . 2011-05-27 07:31 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-12 04:48 . 2013-03-16 19:33 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-16 19:33 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-29 19:00 . 2013-01-29 19:00 3584 ----a-r- c:\users\Manu´s\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2013-01-29 19:00 . 2013-01-29 19:00 3584 ----a-r- c:\users\Manu´s\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2013-01-17 00:28 . 2010-12-28 16:59 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:00 . 2013-02-13 20:22 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-13 20:22 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 04:50 . 2013-02-13 20:22 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 03:00 . 2013-02-13 20:22 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-01-03 05:05 . 2013-02-13 20:22 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 05:04 . 2013-02-13 20:22 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-03-16 19:31 . 2013-03-16 19:31 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EC136321-1AE5-4A7F-B01C-5380D666175B}]
2011-11-14 12:08 128064 ----a-w- c:\program files\icq\Internet Explorer\icq.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApplyEsf-eDocPrintPro"="c:\program files\Common Files\MAYComputer\eDocPrintPro\\ApplyEsf.exe" [2010-10-18 315392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 167424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 144384]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-05 7703072]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"UIExec"="c:\program files\Join Air\UIExec.exe" [2009-08-31 132608]
"HFALoader"="c:\program files\Hamster Soft\Hamster Free Zip Archiver\HamsterArc.exe" [2012-03-06 2260480]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"G Data AntiVirus Tray Application"="c:\program files\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2013-01-09 1035216]
"GDFirewallTray"="c:\program files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2012-11-29 1475096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2008-12-24 09:26 114688 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Badoo Desktop"=c:\programdata\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 UI Assistant Service;UI Assistant Service;c:\program files\Join Air\AssistantServices.exe [x]
R3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 GSService;GSService;c:\windows\system32\GSService.exe [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SliceDisk5;SliceDisk5;c:\program files\A-FF Find and Mount\slicedisk.sys [x]
R3 SMServer;SMServer;c:\windows\system32\snmvtsvc.exe [x]
R3 STSService;STSService;c:\program files\SoundTaxi Media Suite\STSService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [x]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [x]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [x]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [x]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files\G Data\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files\G Data\InternetSecurity\AVK\AVKWCtl.exe [x]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 k57nd60x;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 16:29]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.ask.com/?l=dis&o=APN10012&gct=hp
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Manu´s\AppData\Roaming\Mozilla\Firefox\Profiles\7o2x3kmr.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282495&SearchSource=3&q={searchTerms}&CUI=UN39637663028814283
FF - prefs.js: browser.search.selectedEngine - NCH_EN Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282495&SearchSource=2&CUI=UN39637663028814283&UM=UM_ID&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-02-27 21:22; {dc572301-7619-498c-a57d-39143191b318}; c:\users\Manu´s\AppData\Roaming\Mozilla\Firefox\Profiles\7o2x3kmr.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF - ExtSQL: 2013-03-24 09:44; {906305f7-aafc-45e9-8bbd-941950a84dad}; c:\program files\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
.
.
------- Dateityp-Verknüpfung -------
.
.txt=REG_SZ
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{B80F591E-FE9A-46CF-A13E-180377240586} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-27 20:01:27
ComboFix-quarantined-files.txt 2013-03-27 19:01
.
Vor Suchlauf: 12 Verzeichnis(se), 82.980.995.072 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 83.184.742.400 Bytes frei
.
- - End Of File - - 15472DB41AC561DF5BEFDD703DF12C79
delphin_2002 |
|
27.03.2013, 20:20
| #8 |
| /// TB-Ausbilder | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Na wir können ein wenig Entmisten, jetzt wäre ein guter Zeitpunkt. Liste der installierten Programme (Combofix) Bitte suche und poste mir die folgende Datei: Teile bitte in Gruppen ein: 1) Brauche ich nicht mehr 2) Keine Ahnung was das überhaupt ist 3) Brauche ich auf jeden Fall noch.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
28.03.2013, 19:22
| #9 |
| | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Hi, hier die gewünschte Datei mit der Einteilung in Gruppen: Code:
ATTFilter Update for Microsoft Office 2007 (KB2508958) = 2
7-Zip 9.20 = 1
Adobe AIR = 2
Adobe Flash Player 11 ActiveX = 2
Adobe Flash Player 11 Plugin = 2
Adobe Reader X (10.1.6) - Deutsch = 2
AnyDVD = 3
Apple Application Support = 2
Apple Mobile Device Support = 2
Apple Software Update = 2
Audible Download Manager = 1
AudibleManager = 1
BCL easyConverter 3.0 Licensing Module (BCL License) = 2
BCL easyConverter 3.0 Loader SDK Module = 2
BCL easyConverter 3.0 Module (Loader, BCL License) = 2
BCL easyConverter 3.0 Module (RTF, BCL License) = 2
BCL easyConverter 3.0 RTF SDK Module = 2
BCL easyConverter 3.0 SDK Module = 2
Bonjour = 2
Brother MFL-Pro Suite MFC-5490CN = 3
calibre = 3
CameraHelperMsi = 2
CCleaner = 3
CloneCD = 3
CloneDVD2 = 3
Compatibility Pack für 2007 Office System = 2
Content Manager 2 = 3
D3DX10 = 2
Duden Korrektor Standard = 3
eDocPrintPro v3.16.0 = 3
erLT = 2
FormatFactory 3.0.1 = 3
Fuse Drivers = 2
G Data InternetSecurity 2013 = 3
gs_x86 = 2
Hamster Free Video Converter = 1
Hamster Lite Archiver 2.0.1.2 = 1
HUAWEI DataCard Driver 4.20.12.00 = 3
Intel(R) Graphics Media Accelerator Driver = 2
Intel(R) TV Wizard = 2
iTunes = 3
Java Auto Updater = 2
Java(TM) 6 Update 24 = 2
JDownloader 0.9 = 3
Join Air = 3
Junk Mail filter update = 2
Logitech Webcam Software = 3
LWS Facebook = 2
LWS Gallery = 2
LWS Help_main = 2
LWS Launcher = 2
LWS Motion Detection = 2
LWS Pictures And Video = 2
LWS Twitter = 2
LWS Video Mask Maker = 2
LWS VideoEffects = 2
LWS Webcam Software = 2
LWS WLM Plugin = 2
LWS YouTube Plugin = 2
Mesh Runtime = 2
Microsoft .NET Framework 4 Client Profile = 2
Microsoft .NET Framework 4 Client Profile DEU Language Pack = 2
Microsoft Application Error Reporting = 2
Microsoft Office 2007 Service Pack 2 (SP2) = 2
Microsoft Office 2007 Service Pack 3 (SP3) = 2
Microsoft Office Access MUI (German) 2007 = 2
Microsoft Office Excel MUI (German) 2007 = 2
Microsoft Office File Validation Add-In = 2
Microsoft Office Home and Student 2007 = 2
Microsoft Office OneNote MUI (German) 2007 = 2
Microsoft Office Outlook MUI (German) 2007 = 2
Microsoft Office PowerPoint MUI (German) 2007 = 2
Microsoft Office Professional 2007 = 2
Microsoft Office Proof (English) 2007 = 2
Microsoft Office Proof (French) 2007 = 2
Microsoft Office Proof (German) 2007 = 2
Microsoft Office Proof (Italian) 2007 = 2
Microsoft Office Proofing (German) 2007 = 2
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) = 2
Microsoft Office Publisher MUI (German) 2007 = 2
Microsoft Office Shared MUI (German) 2007 = 2
Microsoft Office Word MUI (German) 2007 = 2
Microsoft Silverlight = 2
Microsoft SQL Server 2005 Compact Edition [ENU] = 2
Microsoft Visual C++ 2005 Redistributable = 2
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 = 2
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 = 2
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 = 2
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 = 2
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 = 2
Microsoft_VC100_CRT_SP1_x86 = 2
Mobile Connection Manager = 2
Mozilla Firefox 19.0.2 (x86 de) = 3
Mozilla Maintenance Service = 2
Mozilla Thunderbird 16.0.2 (x86 de) = 3
MSVC80_x86 = 2
MSVC80_x86_v2 = 2
MSVC90_x86 = 2
MSVCRT = 2
MSXML 4.0 SP2 (KB954430) = 2
MSXML 4.0 SP2 (KB973688) = 2
Napster 5 Beta = 3
Napster Burn Engine = 2
Napster Rienf Repair = 3
Naviextras Toolbox Prerequesities = 2
Nitro Reader 2 = 3
Nokia Connectivity Cable Driver = 2
Nokia PC Suite = 2
PC Connectivity Solution = 2
PDF2Word Converter Version 1.0.8 (Build 164, 7-PDF) = 2
PhotoScape = 3
PL-2303 USB-to-Serial = 2
QuickTime = 2
Realtek High Definition Audio Driver = 2
Security Update for 2007 Microsoft Office System (KB2288621) = 2
Security Update for 2007 Microsoft Office System (KB2288931) = 2
Security Update for 2007 Microsoft Office System (KB2553089) = 2
Security Update for 2007 Microsoft Office System (KB969559) = 2
Security Update for 2007 Microsoft Office System (KB976321) = 2
Security Update for CAPICOM (KB931906) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) = 2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) = 2
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack = 2(KB2518870)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition = 2
Security Update for Microsoft Office Access 2007 (KB979440) = 2
Security Update for Microsoft Office InfoPath 2007 (KB979441) = 2
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition = 2
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition = 2
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition = 2
Security Update for Microsoft Office system 2007 (KB974234) = 2
Security Update for Microsoft Office Visio Viewer 2007 (KB973709) = 2
Security Update for Microsoft Office Word 2007 (KB2344993) = 2
Skype Click to Call = 2
Skype™ 6.1 = 3
SoundTaxi 4.1.5 = 3
SoundTaxi Media Suite 4.1.5 = 2
Switch Sound File Converter = 3
System Requirements Lab for Intel = 2
Update für Microsoft Office Excel 2007 Help (KB963678) = 2
Update für Microsoft Office Outlook 2007 Help (KB963677) = 2
Update für Microsoft Office Powerpoint 2007 Help (KB963669) = 2
Update für Microsoft Office Word 2007 Help (KB963665) = 2
Update for 2007 Microsoft Office System (KB967642) = 2
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) = 2
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition = 2
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition = 2
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition = 2
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition = 2
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition = 2
VLC media player 1.1.5 = 3
WavePad Sound Editor = 2
Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4) = 2
Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2) = 2
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) = 2
Windows Installer Clean Up = 3
Windows Live Communications Platform = 2
Windows Live Essentials = 2
Windows Live Fotogalerie = 2
Windows Live ID Sign-in Assistant = 2
Windows Live Installer = 2
Windows Live Mail = 2
Windows Live Mesh = 2
Windows Live Mesh ActiveX control for remote connections = 2
Windows Live Messenger = 2
Windows Live MIME IFilter = 2
Windows Live Movie Maker = 2
Windows Live Photo Common = 2
Windows Live Photo Gallery = 2
Windows Live PIMT Platform = 2
Windows Live Remote Client = 2
Windows Live Remote Client Resources = 2
Windows Live Remote Service = 2
Windows Live Remote Service Resources = 2
Windows Live SOXE = 2
Windows Live SOXE Definitions = 2
Windows Live UX Platform = 2
Windows Live UX Platform Language Pack = 2
Windows Live Writer = 2
Windows Live Writer Resources = 2
Windows Mobile-Gerätecenter = 2
WinRAR 4.01 (32-Bit) = 3
XMedia Recode Version 3.1.0.0 = 1
So, wie du siehst echt viele 2 vorhanden. Vllt. hilft es dir noch - ich könnte Office 2010 aufspielen, wir haben es jetzt relativ neu gekauft. Ich habe einen Ipod von Apple. Ein Nokia-Telefon habe ich nicht mehr, wenn ich da aber deinstallieren wollte, dann kam immer die Frage ob ich sicher bin es könnte sein, das dann andere Programme (die die gleiche Datei verwenden - ja welche der vielen denn ;-) ) nicht mehr richtig funktionieren. Also hab ich die Finger davon gelassen. Adobe Reader könnte runter - habe gehört Foxit, Nitro usw. laufen "leichter" Viele Grüüüüüüüüüüüüßßßßßßßeeeee delphin_2002 |
|
28.03.2013, 21:53
| #10 |
| /// TB-Ausbilder | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Also das Nokiazeug kann auf jeden Fall weg, alles mit 1 ausser 7zip, und das Windows Live zeugs. Schau mal ob es danach besser ist.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
29.03.2013, 07:47
| #11 |
| | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Guten Morgen Ryder, also ich habe jetzt soweit es ging gelöscht bzw. deinstalliert. Bei Fuse Drivers von Nokia komme ich an meine Grenze - er lässt es mich nicht entfernen - hab die Fehlermeldung mal in eine Worddatei gepackt und beigefügt. dann bin ich jetzt auf noch etwas gestoßen - ich weiss ja das alle Programme immer diverse Ordner anlegen - so wollte ich alle zu Nokia gehörigen Ordner manuell löschen - allerdings lässt mich mein eigenes System nicht in den Programmordner. Es gibt nicht mehrere Benutzer - ich bin auch Admin und trotzdem darf ich nicht ??? einige Ordner haben auch "Schlösser" mit angezeigt, in all diese Ordner wird mir der Zugriff verweigert. Bild auch dabei. Avira Free hatte ich schon kurz nach meinem ersten Beitrag runter geschmissen (ging mir voll auf die Nerven - hab auch im Inet gelesen dass das letzte Update wohl Fehler hatte und sich deshalb ständig alleine ausschaltet. Dafür hab ich jetzt GData drauf - hoffe das ist besser. Ich wünsche auf jeden Fall ein schönes Osterfest ;-) |
|
29.03.2013, 11:30
| #12 |
| /// TB-Ausbilder | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Also von Nokiatreibern sieht man in deinem Logfile erstmal nicht mehr viel. Evtl kann Combofix und hier helfen. Mache bitte nochmal ein frisches Logfile und dann schaun wir was wir da rauswerfen können.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
30.03.2013, 09:17
| #13 |
| | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Hi Ryder, hier beide Dateien von Combofix: Code:
ATTFilter ComboFix 13-03-26.01 - Manu´s 29.03.2013 22:45:32.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3001.1791 [GMT 1:00]
ausgeführt von:: c:\users\Manu´s\Desktop\5-ComboFix.exe
AV: G Data InternetSecurity 2013 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2013 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-28 bis 2013-03-29 ))))))))))))))))))))))))))))))
.
.
2013-03-29 23:19 . 2013-03-29 23:19 -------- d-----w- c:\users\MANUS~2\AppData\Local\temp
2013-03-29 23:19 . 2013-03-29 23:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-29 15:11 . 2013-03-29 15:11 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CFA4E4A-2F0F-4CA9-98E3-A3425EB51841}\offreg.dll
2013-03-29 13:50 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CFA4E4A-2F0F-4CA9-98E3-A3425EB51841}\mpengine.dll
2013-03-29 13:21 . 2013-03-29 13:22 -------- d-----w- c:\program files\Audible
2013-03-26 19:45 . 2013-03-26 19:45 -------- d-----w- c:\users\MANUS~3
2013-03-26 19:13 . 2013-03-29 12:28 1026554 ----a-w- c:\windows\system32\sig.bin
2013-03-24 12:15 . 2013-01-10 13:35 11240 ----a-w- c:\windows\system32\GdScrSv.de.dll
2013-03-24 08:44 . 2013-03-24 12:18 51616 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2013-03-24 08:44 . 2013-03-24 12:15 50080 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2013-03-24 08:44 . 2013-03-24 12:15 93600 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2013-03-24 08:44 . 2013-03-24 12:15 42016 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2013-03-24 08:44 . 2013-03-24 12:15 54256 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2013-03-24 08:43 . 2013-03-24 12:16 -------- d-----w- c:\program files\Common Files\G Data
2013-03-24 08:43 . 2013-03-24 11:57 -------- d-----w- c:\programdata\G DATA
2013-03-24 08:43 . 2013-03-24 08:43 -------- d-----w- c:\program files\G Data
2013-03-19 19:30 . 2010-11-04 09:51 85248 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2013-03-19 19:30 . 2010-10-09 06:48 72576 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2013-03-19 19:30 . 2010-09-26 10:00 51456 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2013-03-19 19:30 . 2010-09-26 10:00 26496 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2013-03-19 19:30 . 2010-09-03 09:35 168960 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2013-03-19 19:30 . 2010-08-31 10:09 208896 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2013-03-19 19:30 . 2010-08-07 09:48 106880 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2013-03-19 19:30 . 2010-05-10 06:18 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2013-03-19 19:30 . 2010-03-20 04:06 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2013-03-19 19:30 . 2010-01-18 10:48 27136 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2013-03-19 19:29 . 2010-07-27 01:52 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2013-03-19 19:29 . 2013-03-19 19:30 -------- d-----w- c:\program files\HUAWEI Modem Driver
2013-03-19 19:29 . 2013-03-19 19:29 -------- d-----w- c:\program files\o2
2013-03-17 02:10 . 2013-01-13 19:53 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-03-17 02:08 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-03-17 02:08 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-03-17 02:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-03-17 02:08 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-03-17 00:30 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-17 16:29 . 2012-04-02 15:04 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-17 16:29 . 2011-05-27 07:31 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-12 04:48 . 2013-03-16 19:33 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-16 19:33 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-29 19:00 . 2013-01-29 19:00 3584 ----a-r- c:\users\Manu´s\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2013-01-29 19:00 . 2013-01-29 19:00 3584 ----a-r- c:\users\Manu´s\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2013-01-17 00:28 . 2010-12-28 16:59 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:00 . 2013-02-13 20:22 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-13 20:22 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 04:50 . 2013-02-13 20:22 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 03:00 . 2013-02-13 20:22 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-01-03 05:05 . 2013-02-13 20:22 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 05:04 . 2013-02-13 20:22 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-03-16 19:31 . 2013-03-16 19:31 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApplyEsf-eDocPrintPro"="c:\program files\Common Files\MAYComputer\eDocPrintPro\\ApplyEsf.exe" [2010-10-18 315392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 167424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 144384]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-05 7703072]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"UIExec"="c:\program files\Join Air\UIExec.exe" [2009-08-31 132608]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"G Data AntiVirus Tray Application"="c:\program files\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2013-01-09 1035216]
"GDFirewallTray"="c:\program files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2012-11-29 1475096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2008-12-24 09:26 114688 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Badoo Desktop"=c:\programdata\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 UI Assistant Service;UI Assistant Service;c:\program files\Join Air\AssistantServices.exe [x]
R3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 GSService;GSService;c:\windows\system32\GSService.exe [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SliceDisk5;SliceDisk5;c:\program files\A-FF Find and Mount\slicedisk.sys [x]
R3 SMServer;SMServer;c:\windows\system32\snmvtsvc.exe [x]
R3 STSService;STSService;c:\program files\SoundTaxi Media Suite\STSService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files\G Data\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files\G Data\InternetSecurity\AVK\AVKWCtl.exe [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [x]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 k57nd60x;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 16:29]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.ask.com/?l=dis&o=APN10012&gct=hp
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Manu´s\AppData\Roaming\Mozilla\Firefox\Profiles\7o2x3kmr.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282495&SearchSource=3&q={searchTerms}&CUI=UN39637663028814283
FF - prefs.js: browser.search.selectedEngine - NCH_EN Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282495&SearchSource=2&CUI=UN39637663028814283&UM=UM_ID&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-02-27 21:22; {dc572301-7619-498c-a57d-39143191b318}; c:\users\Manu´s\AppData\Roaming\Mozilla\Firefox\Profiles\7o2x3kmr.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF - ExtSQL: 2013-03-24 09:44; {906305f7-aafc-45e9-8bbd-941950a84dad}; c:\program files\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{EC136321-1AE5-4A7F-B01C-5380D666175B} - c:\program files\icq\Internet Explorer\icq.dll
AddRemove-WinLiveSuite - c:\program files\Windows Live\Installer\wlarp.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-30 00:22:11
ComboFix-quarantined-files.txt 2013-03-29 23:22
ComboFix2.txt 2013-03-27 19:01
.
Vor Suchlauf: 17 Verzeichnis(se), 85.572.829.184 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 85.542.703.104 Bytes frei
.
- - End Of File - - F4733C7E0CE0C6DEC888FDE19D3507C1
Code:
ATTFilter Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BCL easyConverter 3.0 Licensing Module (BCL License)
BCL easyConverter 3.0 Loader SDK Module
BCL easyConverter 3.0 Module (Loader, BCL License)
BCL easyConverter 3.0 Module (RTF, BCL License)
BCL easyConverter 3.0 RTF SDK Module
BCL easyConverter 3.0 SDK Module
Bonjour
Brother MFL-Pro Suite MFC-5490CN
calibre
CameraHelperMsi
CCleaner
CloneCD
CloneDVD2
Compatibility Pack für 2007 Office System
Content Manager 2
Duden Korrektor Standard
eDocPrintPro v3.16.0
erLT
FormatFactory 3.0.1
Foxit Reader
Fuse Drivers
G Data InternetSecurity 2013
gs_x86
HUAWEI DataCard Driver 4.20.12.00
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
iTunes
Java Auto Updater
Java(TM) 6 Update 24
JDownloader 0.9
Join Air
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC100_CRT_SP1_x86
Mobile Connection Manager
Mozilla Firefox 19.0.2 (x86 de)
Mozilla Maintenance Service
Mozilla Thunderbird 16.0.2 (x86 de)
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Napster 5 Beta
Napster Burn Engine
Napster Rienf Repair
Naviextras Toolbox Prerequesities
PDF2Word Converter Version 1.0.8 (Build 164, 7-PDF)
PhotoScape
PL-2303 USB-to-Serial
QuickTime
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Click to Call
Skype™ 6.1
SoundTaxi 4.1.5
SoundTaxi Media Suite 4.1.5
Switch Sound File Converter
System Requirements Lab for Intel
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
VLC media player 1.1.5
WavePad Sound Editor
Windows Installer Clean Up
Windows Live Essentials
Windows Mobile-Gerätecenter
WinRAR 4.01 (32-Bit)
Schönen Tag wünsche ich :-) |
|
30.03.2013, 11:04
| #14 |
| /// TB-Ausbilder | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Also da ist noch ein klein wenig Werbung, aber mit deinem Silverlight kann ich dir nicht weiter helfen. Auch sonst ist da nichts weiter entfernbar. Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) AdwCleaner: Werbeprogramme suchen und löschen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2: Hinweis: Der Scan kann sehr lange (einige Stunden) dauern!  Schritt 3: Scan mit SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
01.04.2013, 10:30
| #15 |
| /// TB-Ausbilder | PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg Hallo, benötigst Du noch weiterhin Hilfe ? Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten. Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu PC extrem langsam, Malware 2 Funde, Avira schliesst sich ständig, Silverlight update ohne Erfolg |
| administrator, anti-malware, automatische, autostart, avira, browserschutz, code, dateien, erwischt, exe, explorer, free, langsam, malware, malwarebytes, meldung, nicht installiert, pc extrem langsam, probleme, rechner, speicher, system32, update, updates, version, windows, windows updates |
Linear-Darstellung
