| |
| |||||||
Log-Analyse und Auswertung: Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.04.2013, 20:25
| #1 |
 |  Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) OTL; Code:
ATTFilter OTL logfile created on: 04.04.2013 14:49:14 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\**** ****\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,73 Gb Available Physical Memory | 57,54% Memory free 6,20 Gb Paging File | 4,96 Gb Available in Paging File | 80,04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 116,44 Gb Total Space | 15,44 Gb Free Space | 13,26% Space Free | Partition Type: NTFS Drive D: | 106,68 Gb Total Space | 9,49 Gb Free Space | 8,89% Space Free | Partition Type: NTFS Drive F: | 463,50 Mb Total Space | 19,38 Mb Free Space | 4,18% Space Free | Partition Type: FAT Computer Name: J********-PC | User Name: ********* | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Users\****\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) PRC - C:\Program Files\FRITZ!DSL\StCenter.exe (AVM Berlin) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Program Files\FRITZ!DSL\FwebProt.exe (AVM Berlin) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS) PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe () PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK) PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100) PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe () PRC - C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe () PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\P4G\BatteryLife.exe (ATK) PRC - C:\Program Files\ATK Hotkey\WDC.exe () PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe () PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe () PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe () PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe () PRC - C:\Program Files\Wireless Console 2\wcourier.exe () PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe () PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\75b362975753a31559874bea5609e59c\System.Deployment.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\dfsvc\46477be438c431f09e4d23ec47604f8e\dfsvc.ni.exe () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll () MOD - C:\Program Files\preispilot\Internet Explorer\preispilot.dll () MOD - C:\Program Files\WinRAR\rarext.dll () MOD - C:\Windows\System32\CmdLineExt03.dll () MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe () MOD - C:\Program Files\ASUS\ASUS Data Security Manager\AdsmendecExt.dll () MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll () MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll () ========== Services (SafeList) ========== SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (IGDCTRL) -- C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe () SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe () SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe () SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe () ========== Driver Services (SafeList) ========== DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (massfilter) -- system32\drivers\massfilter.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (clwvd) -- system32\DRIVERS\clwvd.sys File not found DRV - (ALSysIO) -- C:\Users\****~1\AppData\Local\Temp\ALSysIO.sys File not found DRV - (aclphwmt) -- File not found DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys () DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (teamviewervpn) -- C:\Windows\System32\drivers\teamviewervpn.sys (TeamViewer GmbH) DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV - (ElRawDisk) -- C:\Windows\System32\drivers\rsdrv.sys (EldoS Corporation) DRV - (irsir) -- C:\Windows\System32\drivers\irsir.sys (Microsoft Corporation) DRV - (NETw3v32) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (AtcL001) -- C:\Windows\System32\drivers\l160x86.sys (Atheros Communications, Inc.) DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (lullaby) -- C:\Windows\System32\drivers\lullaby.sys (Windows (R) Codename Longhorn DDK provider) DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys () DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys () DRV - (s117obex) -- C:\Windows\System32\drivers\s117obex.sys (MCCI Corporation) DRV - (s117mgmt) -- C:\Windows\System32\drivers\s117mgmt.sys (MCCI Corporation) DRV - (s117unic) -- C:\Windows\System32\drivers\s117unic.sys (MCCI Corporation) DRV - (s117bus) -- C:\Windows\System32\drivers\s117bus.sys (MCCI Corporation) DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) DRV - (AVMUNET) -- C:\Windows\System32\drivers\avmunet.sys (AVM GmbH) DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys () DRV - (sscdbus) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI) DRV - (k750bus) -- C:\Windows\System32\drivers\k750bus.sys (MCCI) DRV - (SPOTIGOSp50) -- C:\Windows\System32\drivers\SPOTIGOSp50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.) DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = hxxp://www.google.com IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E D2 53 D4 42 E9 CA 01 [binary data] IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0 FF - prefs.js..extensions.enabledItems: firefox@bandoo.com:5.0 FF - prefs.js..extensions.enabledItems: {6226BA26-C017-4007-928C-DE9715C6FA67}:1.0.0 FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:2.0 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.9 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {e5a1e26f-0d1d-4307-868f-fbd9a374ab54}:2.4.0.4 FF - prefs.js..extensions.enabledItems: {7FF99715-3016-4381-84CE-E4E4C9673020}:1.0 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220 FF - prefs.js..extensions.enabledItems: ciuvo-extension@icq.de:1.0.601 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.3146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.08 03:18:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.04 14:35:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.03 06:49:28 | 000,000,000 | ---D | M] [2010.12.23 21:54:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions [2013.04.03 05:52:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\xqormi53.default\extensions [2010.05.24 13:00:24 | 000,000,000 | ---D | M] (Blingee Toolbar) -- C:\Users\**** **** \AppData\Roaming\mozilla\Firefox\Profiles\xqormi53.default\extensions\{6226BA26-C017-4007-928C-DE9715C6FA67} [2013.04.03 05:52:41 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\xqormi53.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012.08.31 19:36:51 | 000,101,863 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\extensions\ciuvo-extension@icq.de.xpi [2012.06.11 12:48:32 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2013.02.15 17:05:42 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2010.03.14 14:26:25 | 000,001,819 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\bing.xml [2013.04.03 05:48:34 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-10.xml [2009.04.30 21:58:23 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-11.xml [2009.04.30 22:58:22 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-12.xml [2009.06.13 14:35:42 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-13.xml [2009.08.08 11:15:25 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-14.xml [2009.09.11 22:36:13 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-15.xml [2009.11.01 23:11:44 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-16.xml [2009.12.19 22:28:48 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-17.xml [2010.01.06 20:01:36 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-18.xml [2010.02.18 20:51:07 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-19.xml [2010.03.31 19:34:28 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-20.xml [2008.11.21 19:54:13 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-4.xml [2008.12.22 16:34:51 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-5.xml [2009.03.09 18:10:47 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-6.xml [2009.04.10 22:17:13 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-7.xml [2009.04.25 01:47:47 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-8.xml [2009.04.28 23:30:46 | 000,000,950 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\icqplugin-9.xml [2013.04.03 05:48:34 | 000,005,401 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\mozilla\firefox\profiles\xqormi53.default\searchplugins\searchcanvas.xml [2013.04.03 06:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2013.04.03 06:49:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013.03.27 04:17:36 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013.03.27 05:32:09 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.03.27 05:32:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013.03.27 05:32:09 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2013.03.27 05:32:09 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.03.27 05:32:09 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2013.03.27 05:32:09 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - Extension: Docs = C:\Users\**** ****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Preispilot) - {C4415769-1588-4AD6-9624-B2E69DB78D1A} - C:\Program Files\preispilot\Internet Explorer\preispilot.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\.DEFAULT..\RunOnce: [] File not found O4 - HKU\S-1-5-18..\RunOnce: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [] File not found O4 - HKU\S-1-5-20..\RunOnce: [] File not found O4 - Startup: C:\Users\**** ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Program Files\FRITZ!DSL\FritzDsl.exe (AVM Berlin) O4 - Startup: C:\Users\**** ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Program Files\FRITZ!DSL\FwebProt.exe (AVM Berlin) O4 - Startup: C:\Users\**** ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk = C:\Program Files\FRITZ!DSL\StCenter.exe (AVM Berlin) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\FRITZ!DSL\\sarah.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\..Trusted Domains: fritz.box ([]* in Local intranet) O15 - HKU\S-1-5-21-841732120-1791181681-1593089396-1000\..Trusted Ranges: Range1 ([*] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53167639-3EBD-4553-A076-158CFB227430}: DhcpNameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E59C5E5-BD3B-4A52-BE31-0B410FEEC29F}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8182A16A-A498-41F0-AA6B-DA509E37C0E3}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97174844-82CD-4FB6-A989-478DE51F1687}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A692C005-E9EC-4B89-8715-6EFB6E0D6A50}: DhcpNameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8B0368-6F10-4F09-B564-952AA6AA7519}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C56F70D9-5EF3-41D5-BA3C-0957AC606511}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~2\browse~1\25976~1.107\{c16c1~1\mngr.dll) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\**** ****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\**** ****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{01b3c378-1ee2-11df-b535-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{01b3c378-1ee2-11df-b535-0022157fe0e9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{01b3c38c-1ee2-11df-b535-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{01b3c38c-1ee2-11df-b535-0022157fe0e9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{034fd10c-882d-11df-8917-001e101f79c9}\Shell - "" = AutoRun O33 - MountPoints2\{034fd10c-882d-11df-8917-001e101f79c9}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{0c00bbc0-7d8a-11dd-9176-0022157fe0e9}\Shell\1\Command - "" = F:\.\recycled\info.exe O33 - MountPoints2\{0c00bbc0-7d8a-11dd-9176-0022157fe0e9}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\.\recycled\info.exe O33 - MountPoints2\{25ae2f23-c548-11dd-b581-00040ebe25db}\Shell\1\Command - "" = F:\.\recycled\info.exe O33 - MountPoints2\{25ae2f23-c548-11dd-b581-00040ebe25db}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\.\recycled\info.exe O33 - MountPoints2\{3a61479f-8a6e-11dd-8b39-00040ebe25db}\Shell\1\Command - "" = F:\.\recycled\info.exe O33 - MountPoints2\{3a61479f-8a6e-11dd-8b39-00040ebe25db}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\.\recycled\info.exe O33 - MountPoints2\{457272ca-7ab5-11dd-8f71-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{457272ca-7ab5-11dd-8f71-0022157fe0e9}\Shell\AutoRun\command - "" = G:\Autorun.exe O33 - MountPoints2\{53a3393c-ed6b-11dd-900c-00040ebe25db}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn O33 - MountPoints2\{5a0c34ff-1df8-11df-a561-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{5a0c34ff-1df8-11df-a561-0022157fe0e9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{5a0c350d-1df8-11df-a561-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{5a0c350d-1df8-11df-a561-0022157fe0e9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{5a0c3560-1df8-11df-a561-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{5a0c3560-1df8-11df-a561-0022157fe0e9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{717aac6e-2c5f-11df-a7d9-001f3c64b8f1}\Shell - "" = AutoRun O33 - MountPoints2\{717aac6e-2c5f-11df-a7d9-001f3c64b8f1}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{740eae80-1eb6-11df-b5bc-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{740eae80-1eb6-11df-b5bc-0022157fe0e9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7e496835-c53a-11e1-8ffa-001e101f82a0}\Shell - "" = AutoRun O33 - MountPoints2\{7e496835-c53a-11e1-8ffa-001e101f82a0}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{7e496847-c53a-11e1-8ffa-001e101fb4df}\Shell - "" = AutoRun O33 - MountPoints2\{7e496847-c53a-11e1-8ffa-001e101fb4df}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{85630641-874b-11df-ac47-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{85630641-874b-11df-ac47-0022157fe0e9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{8563064e-874b-11df-ac47-001e101faa49}\Shell - "" = AutoRun O33 - MountPoints2\{8563064e-874b-11df-ac47-001e101faa49}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{9acf79ad-86ec-11df-92c4-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{9acf79ad-86ec-11df-92c4-0022157fe0e9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9acf79bc-86ec-11df-92c4-001e101fb45e}\Shell - "" = AutoRun O33 - MountPoints2\{9acf79bc-86ec-11df-92c4-001e101fb45e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{a1a6968f-86f3-11df-bb90-001e101f2c0e}\Shell - "" = AutoRun O33 - MountPoints2\{a1a6968f-86f3-11df-bb90-001e101f2c0e}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{b6b4c83c-85cb-11df-acaf-0022157fe0e9}\Shell\AutoRun\command - "" = F:\Toshiba\Launcher\start.exe O33 - MountPoints2\{c7203d3b-76d1-11dd-8124-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{c7203d3b-76d1-11dd-8124-0022157fe0e9}\Shell\AutoRun\command - "" = F:\preinst.exe O33 - MountPoints2\{cf7412f1-7532-11dd-ac19-001f3c64b8f1}\Shell - "" = AutoRun O33 - MountPoints2\{cf7412f1-7532-11dd-ac19-001f3c64b8f1}\Shell\AutoRun\command - "" = F:\preinst.exe O33 - MountPoints2\{d79bebff-2388-11df-b9aa-0022157fe0e9}\Shell\AutoRun\command - "" = F:\Toshiba\more4you.exe O33 - MountPoints2\{db9bc205-6c70-11de-9a9b-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{db9bc205-6c70-11de-9a9b-0022157fe0e9}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{f4482aba-61b6-11df-844b-0022157fe0e9}\Shell - "" = AutoRun O33 - MountPoints2\{f4482aba-61b6-11df-844b-0022157fe0e9}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{fd0ed029-88cc-11df-a926-001e101f8924}\Shell - "" = AutoRun O33 - MountPoints2\{fd0ed029-88cc-11df-a926-001e101f8924}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.04.04 14:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.04.04 14:37:19 | 000,000,000 | ---D | C] -- C:\Users\**** ****\AppData\Local\Apps [2013.04.04 14:37:18 | 000,000,000 | ---D | C] -- C:\Users\**** ****\AppData\Local\Deployment [2013.04.03 06:49:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2008.09.19 16:14:21 | 001,180,936 | ---- | C] (Microsoft Corporation) -- C:\Users\**** ****\msvcr80d.dll [2008.09.19 16:14:21 | 001,041,672 | ---- | C] (Microsoft Corporation) -- C:\Users\**** ****\msvcp80d.dll [2008.09.19 16:14:21 | 001,021,192 | ---- | C] (Microsoft Corporation) -- C:\Users\**** ****\msvcm80d.dll [2008.09.19 16:14:21 | 000,632,072 | ---- | C] (Microsoft Corporation) -- C:\Users\**** ****\msvcr80.dll [2008.09.19 16:14:21 | 000,554,248 | ---- | C] (Microsoft Corporation) -- C:\Users\**** ****\msvcp80.dll [2008.09.19 16:14:21 | 000,505,096 | ---- | C] (Microsoft Corporation) -- C:\Users\**** ****\msvcp71.dll [2008.09.19 16:14:21 | 000,484,616 | ---- | C] (Microsoft Corporation) -- C:\Users\**** ****\msvcm80.dll [2008.09.19 16:14:21 | 000,353,544 | ---- | C] (Microsoft Corporation) -- C:\Users\**** ****\msvcr71.dll [2008.09.19 16:13:22 | 000,386,312 | ---- | C] (Electronic Arts) -- C:\Users\**** ****\EASetup.exe [1 C:\Users\**** ****\AppData\Local\*.tmp files -> C:\Users\**** ****\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.04 14:42:59 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.04 14:42:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.04 14:39:38 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.04.04 14:36:00 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.04.04 14:25:33 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.04.04 14:17:37 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.04 14:17:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.04 07:40:43 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.04.04 07:40:43 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.04.04 07:40:43 | 000,127,464 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.04.04 07:40:43 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.04.04 07:33:03 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.04 07:33:03 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.03 16:14:17 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2013.04.02 14:52:56 | 000,028,504 | ---- | M] () -- C:\Users\**** ****\AppData\Roaming\nvModes.001 [2013.04.01 21:33:55 | 003,932,184 | ---- | M] () -- C:\snp2uvc-001.raw [1 C:\Users\**** ****\AppData\Local\*.tmp files -> C:\Users\**** ****\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.04 14:39:38 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.04.04 14:37:51 | 000,001,110 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.04 14:37:50 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.12.07 22:11:16 | 000,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll [2012.11.30 03:19:06 | 000,389,320 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.22 22:04:36 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2012.10.22 21:49:18 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2009.07.10 14:12:46 | 000,000,084 | -H-- | C] () -- C:\ProgramData\aspg.dat [2009.01.27 20:37:23 | 004,968,322 | ---- | C] () -- C:\Users\**** ****\AppData\Roaming\Kevin_Rudolf_Let_It_Rock_(Feat._Lil_Wayne).mp3 [2009.01.27 20:37:23 | 001,002,594 | ---- | C] () -- C:\Users\**** ****\AppData\Roaming\--.mp3 [2009.01.09 12:49:31 | 000,007,592 | ---- | C] () -- C:\Users\**** ****\AppData\Local\d3d9caps.dat [2008.09.19 16:14:22 | 000,386,312 | ---- | C] () -- C:\Users\**** ****\server.dll [2008.09.19 16:14:22 | 000,001,462 | ---- | C] () -- C:\Users\**** ****\server.cfg [2008.09.19 16:14:21 | 002,741,922 | ---- | C] () -- C:\Users\**** ****\Group7.cab [2008.09.19 16:14:21 | 000,024,202 | ---- | C] () -- C:\Users\**** ****\Group9.cab [2008.09.19 16:14:21 | 000,005,093 | ---- | C] () -- C:\Users\**** ****\Group8.cab [2008.09.19 16:14:18 | 030,187,042 | ---- | C] () -- C:\Users\**** ****\Group6.cab [2008.09.19 16:14:18 | 003,526,886 | ---- | C] () -- C:\Users\**** ****\Group5.cab [2008.09.19 16:14:18 | 000,002,767 | ---- | C] () -- C:\Users\**** ****\Group4.cab [2008.09.19 16:14:15 | 036,466,538 | ---- | C] () -- C:\Users\**** ****\Group3.cab [2008.09.19 16:14:15 | 000,000,036 | ---- | C] () -- C:\Users\**** ****\Group21.cab [2008.09.19 16:14:00 | 201,398,784 | ---- | C] () -- C:\Users\**** ****\Group20.cab [2008.09.19 16:13:52 | 093,422,941 | ---- | C] () -- C:\Users\**** ****\Group2.cab [2008.09.19 16:13:52 | 000,000,036 | ---- | C] () -- C:\Users\**** ****\Group19.cab [2008.09.19 16:13:39 | 140,458,424 | ---- | C] () -- C:\Users\**** ****\Group18.cab [2008.09.19 16:13:39 | 000,566,461 | ---- | C] () -- C:\Users\**** ****\Group17.cab [2008.09.19 16:13:39 | 000,019,665 | ---- | C] () -- C:\Users\**** ****\Group16.cab [2008.09.19 16:13:38 | 035,899,970 | ---- | C] () -- C:\Users\**** ****\Group153.cab [2008.09.19 16:13:37 | 003,678,484 | ---- | C] () -- C:\Users\**** ****\Group152.cab [2008.09.19 16:13:36 | 006,844,737 | ---- | C] () -- C:\Users\**** ****\Group151.cab [2008.09.19 16:13:36 | 002,351,637 | ---- | C] () -- C:\Users\**** ****\Group15.cab [2008.09.19 16:13:35 | 033,546,010 | ---- | C] () -- C:\Users\**** ****\Group14.cab [2008.09.19 16:13:35 | 010,776,597 | ---- | C] () -- C:\Users\**** ****\Group136.cab [2008.09.19 16:13:35 | 006,940,334 | ---- | C] () -- C:\Users\**** ****\Group135.cab [2008.09.19 16:13:35 | 000,351,200 | ---- | C] () -- C:\Users\**** ****\Group137.cab [2008.09.19 16:13:35 | 000,014,750 | ---- | C] () -- C:\Users\**** ****\Group134.cab [2008.09.19 16:13:35 | 000,001,602 | ---- | C] () -- C:\Users\**** ****\Group139.cab [2008.09.19 16:13:35 | 000,000,036 | ---- | C] () -- C:\Users\**** ****\Group138.cab [2008.09.19 16:13:34 | 004,353,168 | ---- | C] () -- C:\Users\**** ****\Group111.cab [2008.09.19 16:13:34 | 002,757,228 | ---- | C] () -- C:\Users\**** ****\Group13.cab [2008.09.19 16:13:34 | 000,944,116 | ---- | C] () -- C:\Users\**** ****\Group114.cab [2008.09.19 16:13:34 | 000,536,982 | ---- | C] () -- C:\Users\**** ****\Group112.cab [2008.09.19 16:13:34 | 000,001,295 | ---- | C] () -- C:\Users\**** ****\Group113.cab [2008.09.19 16:13:34 | 000,000,676 | ---- | C] () -- C:\Users\**** ****\Group12.cab [2008.09.19 16:13:25 | 111,469,457 | ---- | C] () -- C:\Users\**** ****\Group110.cab [2008.09.19 16:13:24 | 006,458,669 | ---- | C] () -- C:\Users\**** ****\Group11.cab [2008.09.19 16:13:22 | 075,464,468 | ---- | C] () -- C:\Users\**** ****\Group10.cab [2008.09.19 16:13:22 | 000,695,735 | ---- | C] () -- C:\Users\**** ****\Group0.cab [2008.09.19 16:13:22 | 000,000,036 | ---- | C] () -- C:\Users\**** ****\Group1.cab [2008.09.19 16:13:19 | 000,870,400 | ---- | C] () -- C:\Users\**** ****\autorun.dat [2008.09.19 16:13:19 | 000,000,258 | ---- | C] () -- C:\Users\**** ****\dat.bin [2008.09.19 16:13:19 | 000,000,160 | ---- | C] () -- C:\Users\**** ****\autorun.inf [2008.09.09 23:57:16 | 000,024,206 | ---- | C] () -- C:\Users\**** ****\AppData\Roaming\UserTile.png [2008.08.28 22:54:21 | 000,028,504 | ---- | C] () -- C:\Users\**** ****\AppData\Roaming\nvModes.001 [2008.08.28 22:32:36 | 000,028,504 | ---- | C] () -- C:\Users\**** ****\AppData\Roaming\nvModes.dat [2008.08.28 20:59:07 | 000,241,152 | ---- | C] () -- C:\Users\**** ****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.08.28 19:59:48 | 000,000,323 | ---- | C] () -- C:\Users\**** ****\Public.lnk ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2009.01.15 00:44:23 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\concept design [2009.01.09 13:25:54 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\CPUControl [2009.09.28 22:11:34 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\DAEMON Tools [2012.11.06 03:07:34 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\DAEMON Tools Lite [2011.01.05 12:04:11 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\elsterformular [2010.02.06 13:15:48 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\Epson [2013.04.02 21:52:08 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\FRITZ! [2008.10.18 13:48:46 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\GetRightToGo [2013.03.15 15:24:10 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\ICQ [2008.08.29 12:55:02 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\ICQ Toolbar [2008.08.28 21:32:56 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\ICQLite [2012.07.17 22:38:52 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\LolClient [2012.06.11 21:34:36 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\LolClient2 [2010.01.07 17:56:34 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\ooVoo Details [2008.11.24 21:08:59 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\OpenOffice.org [2008.09.09 23:57:14 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\PeerNetworking [2012.10.22 22:17:06 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\Samsung [2010.01.06 21:36:49 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\TeamViewer [2013.03.30 13:59:00 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\TS3Client [2012.11.30 02:34:57 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\TuneUp Software [2009.09.26 15:49:10 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\Uniblue [2010.02.25 20:12:23 | 000,000,000 | ---D | M] -- C:\Users\**** ****\AppData\Roaming\VoipCheapCom ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:EC2E1DEC < End of report > Code:
ATTFilter Scant nun schon seit 13 Uhr und findet kein Ende.
Wird nachgereicht sobald vollständig.
zur Zeit habe ich das Problem, dass sich bei Google Chrome und FireFox sich keine Seiten mehr öffnen lassen bzw. es dauerhaft nur lädt. Mit dem IE auf dem selben Laptop funktioniert hingegen alles einwandfrei. Vor einer Woche als die Browser noch funktionierten, haben sich immer zwei zusätzliche Tabs geöffnet, die diesen Namen websearch.mocaflix.com trugen. Habe über Google herausgefunden was das ungefähr ist, es dennoch auf eigene Faust nicht gelöst bekommen. Nun ja, habe die Browser neu installiert, die Tabs werden nicht meh geöffnet, aber wie schon gesagt, es werden komischerweiße keinerlei Seiten mehr geladen. mfg |
|
04.04.2013, 21:40
| #2 |
| /// TB-Ausbilder  | Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com)!! Hinweis an Mitlesende !! Dieses Thema und die Anweisungen sind nur für diesen speziellen Fall gedacht. Sie könnten andere Computer schwer beschädigen. Öffnet bitte euer eigenes Thema.  Ich werde dir bei deinem Problem helfen. Die Bereinigung funktioniert nur, wenn du dich an die folgenden Regeln hälst:  Bitte lesen:Regeln für die Bereinigung
Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es:Schritt 2: Scan mit aswMBR
Schritt 3: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.
Schritt 4: Scan mit DDS+ (mit attach) Downloade dir bitte DDS (von sUBs) und speichere die Datei auf deinem Desktop.
__________________ |
|
05.04.2013, 18:17
| #3 |
| | Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) defogger
__________________Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:28 on 05/04/2013 (****)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
aswMBR Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-05 18:38:40
-----------------------------
18:38:40.664 OS Version: Windows 6.0.6002 Service Pack 2
18:38:40.664 Number of processors: 2 586 0xF0D
18:38:40.664 ComputerName: ********-PC UserName: **** ****
18:38:41.865 Initialize success
18:38:41.974 AVAST engine defs: 13040500
18:38:57.138 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
18:38:57.153 Disk 0 Vendor: Hitachi_ BBFO Size: 238475MB BusType: 3
18:38:57.153 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006e
18:38:57.153 Disk 1 Vendor: RICOH 02 Size: 477MB BusType: 0
18:38:57.387 Disk 0 MBR read successfully
18:38:57.387 Disk 0 MBR scan
18:38:57.918 Disk 0 unknown MBR code
18:38:57.933 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 10000 MB offset 2048
18:38:58.386 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119237 MB offset 20482048
18:38:58.994 Disk 0 Partition - 00 0F Extended LBA 109237 MB offset 264679424
18:38:59.025 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 109236 MB offset 264681472
18:38:59.150 Disk 0 scanning sectors +488396800
18:39:00.008 Disk 0 scanning C:\Windows\system32\drivers
18:39:20.881 Service scanning
18:39:47.229 Modules scanning
18:39:57.931 Disk 0 trace - called modules:
18:39:57.946 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
18:39:57.962 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87a98ac8]
18:39:57.962 3 CLASSPNP.SYS[8bba58b3] -> nt!IofCallDriver -> [0x8696c900]
18:39:57.962 5 acpi.sys[8069e6bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86971028]
18:39:58.711 AVAST engine scan C:\Windows
18:40:01.347 AVAST engine scan C:\Windows\system32
18:43:06.855 AVAST engine scan C:\Windows\system32\drivers
18:44:04.674 AVAST engine scan C:\Users\**** ****
18:57:55.020 AVAST engine scan C:\ProgramData
18:58:35.396 Scan finished successfully
19:00:31.278 Disk 0 MBR has been saved successfully to "C:\Users\**** ****\Desktop\MBR.dat"
19:00:31.284 The log file has been saved successfully to "C:\Users\**** ****\Desktop\aswMBR.txt"
Code:
ATTFilter 19:00:58.0052 6008 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:01:00.0055 6008 ============================================================
19:01:00.0055 6008 Current date / time: 2013/04/05 19:01:00.0055
19:01:00.0055 6008 SystemInfo:
19:01:00.0055 6008
19:01:00.0055 6008 OS Version: 6.0.6002 ServicePack: 2.0
19:01:00.0055 6008 Product type: Workstation
19:01:00.0055 6008 ComputerName: *****-PC
19:01:00.0056 6008 UserName: *******
19:01:00.0056 6008 Windows directory: C:\Windows
19:01:00.0056 6008 System windows directory: C:\Windows
19:01:00.0056 6008 Processor architecture: Intel x86
19:01:00.0056 6008 Number of processors: 2
19:01:00.0056 6008 Page size: 0x1000
19:01:00.0056 6008 Boot type: Normal boot
19:01:00.0056 6008 ============================================================
19:01:01.0092 6008 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x764A9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050
19:01:01.0312 6008 Drive \Device\Harddisk1\DR1 - Size: 0x1DDC3200 (0.47 Gb), SectorSize: 0x200, Cylinders: 0x777, SectorsPerTrack: 0x20, TracksPerCylinder: 0x10, Type 'W'
19:01:01.0317 6008 ============================================================
19:01:01.0317 6008 \Device\Harddisk0\DR0:
19:01:01.0317 6008 MBR partitions:
19:01:01.0317 6008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0xE8E2800
19:01:01.0329 6008 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFC6B800, BlocksNum 0xD55A000
19:01:01.0329 6008 \Device\Harddisk1\DR1:
19:01:01.0341 6008 MBR partitions:
19:01:01.0341 6008 ============================================================
19:01:01.0443 6008 C: <-> \Device\Harddisk0\DR0\Partition1
19:01:01.0481 6008 D: <-> \Device\Harddisk0\DR0\Partition2
19:01:01.0482 6008 ============================================================
19:01:01.0482 6008 Initialize success
19:01:01.0482 6008 ============================================================
19:01:21.0923 4608 ============================================================
19:01:21.0923 4608 Scan started
19:01:21.0923 4608 Mode: Manual; TDLFS;
19:01:21.0923 4608 ============================================================
19:01:22.0810 4608 ================ Scan system memory ========================
19:01:22.0810 4608 System memory - ok
19:01:22.0811 4608 ================ Scan services =============================
19:01:23.0022 4608 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:01:23.0027 4608 ACPI - ok
19:01:23.0166 4608 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:01:23.0169 4608 AdobeARMservice - ok
19:01:23.0250 4608 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:01:23.0253 4608 AdobeFlashPlayerUpdateSvc - ok
19:01:23.0325 4608 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:01:23.0337 4608 adp94xx - ok
19:01:23.0374 4608 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:01:23.0379 4608 adpahci - ok
19:01:23.0424 4608 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:01:23.0427 4608 adpu160m - ok
19:01:23.0463 4608 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:01:23.0467 4608 adpu320 - ok
19:01:23.0545 4608 [ 609A6F49B6AF0F25837F8A0EDDDB0745 ] ADSMService C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
19:01:23.0548 4608 ADSMService - ok
19:01:23.0570 4608 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:01:23.0574 4608 AeLookupSvc - ok
19:01:23.0635 4608 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
19:01:23.0641 4608 AFD - ok
19:01:23.0697 4608 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:01:23.0700 4608 agp440 - ok
19:01:23.0733 4608 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:01:23.0737 4608 aic78xx - ok
19:01:23.0785 4608 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:01:23.0791 4608 ALG - ok
19:01:23.0825 4608 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:01:23.0827 4608 aliide - ok
19:01:23.0886 4608 ALSysIO - ok
19:01:23.0950 4608 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:01:23.0953 4608 amdagp - ok
19:01:23.0990 4608 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
19:01:23.0993 4608 amdide - ok
19:01:24.0019 4608 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:01:24.0021 4608 AmdK7 - ok
19:01:24.0058 4608 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:01:24.0061 4608 AmdK8 - ok
19:01:24.0115 4608 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:01:24.0148 4608 Appinfo - ok
19:01:24.0236 4608 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:01:24.0313 4608 Apple Mobile Device - ok
19:01:24.0356 4608 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:01:24.0359 4608 arc - ok
19:01:24.0396 4608 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:01:24.0399 4608 arcsas - ok
19:01:24.0449 4608 [ 4385E371C25C94C804E9D3152BD9E1F7 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
19:01:24.0451 4608 AsDsm - ok
19:01:24.0485 4608 [ 5A055A4777CBBC8845DD598CB2EEBF69 ] ASLDRService C:\Program Files\ATK Hotkey\ASLDRSrv.exe
19:01:24.0488 4608 ASLDRService - ok
19:01:24.0528 4608 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys
19:01:24.0531 4608 ASMMAP - ok
19:01:24.0575 4608 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:01:24.0577 4608 aswFsBlk - ok
19:01:24.0624 4608 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:01:24.0626 4608 aswMonFlt - ok
19:01:24.0643 4608 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
19:01:24.0646 4608 AswRdr - ok
19:01:24.0718 4608 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:01:24.0725 4608 aswSnx - ok
19:01:24.0758 4608 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:01:24.0763 4608 aswSP - ok
19:01:24.0795 4608 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:01:24.0797 4608 aswTdi - ok
19:01:24.0849 4608 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:01:24.0852 4608 AsyncMac - ok
19:01:24.0903 4608 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:01:24.0905 4608 atapi - ok
19:01:24.0946 4608 [ B536BE46C769C97CCB736ED8FDD4393C ] AtcL001 C:\Windows\system32\DRIVERS\l160x86.sys
19:01:24.0952 4608 AtcL001 - ok
19:01:25.0005 4608 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
19:01:25.0008 4608 ATKGFNEXSrv - ok
19:01:25.0189 4608 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:01:25.0200 4608 AudioEndpointBuilder - ok
19:01:25.0211 4608 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:01:25.0219 4608 Audiosrv - ok
19:01:25.0278 4608 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:01:25.0281 4608 avast! Antivirus - ok
19:01:25.0350 4608 [ 980F4C96C73C61CC6FCF657A721B35D3 ] AVMUNET C:\Windows\system32\DRIVERS\avmunet.sys
19:01:25.0351 4608 AVMUNET - ok
19:01:25.0397 4608 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:01:25.0399 4608 Beep - ok
19:01:25.0446 4608 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:01:25.0457 4608 BFE - ok
19:01:25.0514 4608 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
19:01:25.0596 4608 BITS - ok
19:01:25.0628 4608 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:01:25.0631 4608 blbdrive - ok
19:01:25.0659 4608 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:01:25.0663 4608 bowser - ok
19:01:25.0715 4608 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:01:25.0718 4608 BrFiltLo - ok
19:01:25.0738 4608 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:01:25.0743 4608 BrFiltUp - ok
19:01:25.0784 4608 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:01:25.0792 4608 Browser - ok
19:01:25.0814 4608 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:01:25.0818 4608 Brserid - ok
19:01:25.0840 4608 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:01:25.0845 4608 BrSerWdm - ok
19:01:25.0867 4608 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:01:25.0870 4608 BrUsbMdm - ok
19:01:25.0892 4608 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:01:25.0895 4608 BrUsbSer - ok
19:01:25.0958 4608 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:01:25.0961 4608 BTHMODEM - ok
19:01:26.0014 4608 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:01:26.0017 4608 cdfs - ok
19:01:26.0052 4608 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:01:26.0056 4608 cdrom - ok
19:01:26.0108 4608 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:01:26.0119 4608 CertPropSvc - ok
19:01:26.0138 4608 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:01:26.0144 4608 circlass - ok
19:01:26.0194 4608 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:01:26.0208 4608 CLFS - ok
19:01:26.0275 4608 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:01:26.0379 4608 clr_optimization_v2.0.50727_32 - ok
19:01:26.0463 4608 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:01:26.0565 4608 clr_optimization_v4.0.30319_32 - ok
19:01:26.0593 4608 clwvd - ok
19:01:26.0646 4608 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:01:26.0650 4608 CmBatt - ok
19:01:26.0679 4608 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:01:26.0683 4608 cmdide - ok
19:01:26.0705 4608 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:01:26.0709 4608 Compbatt - ok
19:01:26.0725 4608 COMSysApp - ok
19:01:26.0746 4608 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:01:26.0749 4608 crcdisk - ok
19:01:26.0781 4608 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:01:26.0784 4608 Crusoe - ok
19:01:26.0835 4608 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:01:26.0849 4608 CryptSvc - ok
19:01:26.0920 4608 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:01:27.0026 4608 DcomLaunch - ok
19:01:27.0049 4608 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:01:27.0053 4608 DfsC - ok
19:01:27.0170 4608 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:01:27.0269 4608 DFSR - ok
19:01:27.0383 4608 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:01:27.0409 4608 Dhcp - ok
19:01:27.0468 4608 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:01:27.0471 4608 disk - ok
19:01:27.0530 4608 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:01:27.0563 4608 Dnscache - ok
19:01:27.0600 4608 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:01:27.0624 4608 dot3svc - ok
19:01:27.0697 4608 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:01:27.0701 4608 Dot4 - ok
19:01:27.0715 4608 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:01:27.0718 4608 dot4usb - ok
19:01:27.0769 4608 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:01:27.0792 4608 DPS - ok
19:01:27.0841 4608 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:01:27.0844 4608 drmkaud - ok
19:01:27.0884 4608 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:01:27.0893 4608 DXGKrnl - ok
19:01:27.0917 4608 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:01:27.0922 4608 E1G60 - ok
19:01:27.0970 4608 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:01:27.0993 4608 EapHost - ok
19:01:28.0052 4608 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:01:28.0057 4608 Ecache - ok
19:01:28.0118 4608 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:01:28.0175 4608 ehRecvr - ok
19:01:28.0207 4608 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:01:28.0213 4608 ehSched - ok
19:01:28.0249 4608 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:01:28.0253 4608 ehstart - ok
19:01:28.0310 4608 [ B8EAC99B14772BDC36CA963AED109FA2 ] ElRawDisk C:\Windows\system32\drivers\rsdrv.sys
19:01:28.0317 4608 ElRawDisk - ok
19:01:28.0381 4608 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:01:28.0389 4608 elxstor - ok
19:01:28.0447 4608 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:01:28.0487 4608 EMDMgmt - ok
19:01:28.0530 4608 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:01:28.0534 4608 ErrDev - ok
19:01:28.0577 4608 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:01:28.0608 4608 EventSystem - ok
19:01:28.0674 4608 [ 4B36D96340200512C7974307D0F7D8B3 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
19:01:28.0679 4608 ewusbnet - ok
19:01:28.0738 4608 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:01:28.0745 4608 exfat - ok
19:01:28.0776 4608 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:01:28.0783 4608 fastfat - ok
19:01:28.0853 4608 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:01:28.0857 4608 fdc - ok
19:01:28.0880 4608 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:01:28.0910 4608 fdPHost - ok
19:01:28.0937 4608 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:01:28.0986 4608 FDResPub - ok
19:01:29.0009 4608 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:01:29.0014 4608 FileInfo - ok
19:01:29.0037 4608 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:01:29.0042 4608 Filetrace - ok
19:01:29.0076 4608 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:01:29.0080 4608 flpydisk - ok
19:01:29.0126 4608 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:01:29.0134 4608 FltMgr - ok
19:01:29.0229 4608 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
19:01:29.0282 4608 FontCache - ok
19:01:29.0368 4608 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:01:29.0383 4608 FontCache3.0.0.0 - ok
19:01:29.0429 4608 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:01:29.0432 4608 Fs_Rec - ok
19:01:29.0480 4608 [ F5475F8A28C2D67CDFE927DB40C843FA ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
19:01:29.0484 4608 FTDIBUS - ok
19:01:29.0504 4608 [ F415747E671198B4A39BDB2634F47917 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
19:01:29.0512 4608 FTSER2K - ok
19:01:29.0551 4608 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:01:29.0556 4608 gagp30kx - ok
19:01:29.0587 4608 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:01:29.0592 4608 GEARAspiWDM - ok
19:01:29.0657 4608 [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
19:01:29.0660 4608 ghaio - ok
19:01:29.0702 4608 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:01:29.0742 4608 gpsvc - ok
19:01:29.0851 4608 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:01:29.0854 4608 gupdate - ok
19:01:29.0860 4608 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:01:29.0862 4608 gupdatem - ok
19:01:29.0923 4608 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:01:29.0931 4608 HdAudAddService - ok
19:01:29.0971 4608 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:01:29.0984 4608 HDAudBus - ok
19:01:30.0010 4608 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:01:30.0014 4608 HidBth - ok
19:01:30.0052 4608 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:01:30.0075 4608 HidIr - ok
19:01:30.0116 4608 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
19:01:30.0146 4608 hidserv - ok
19:01:30.0176 4608 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:01:30.0180 4608 HidUsb - ok
19:01:30.0219 4608 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:01:30.0261 4608 hkmsvc - ok
19:01:30.0297 4608 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:01:30.0302 4608 HpCISSs - ok
19:01:30.0347 4608 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:01:30.0358 4608 HTTP - ok
19:01:30.0426 4608 [ 1FC7A63148E4F2BD831DAB0DC732026D ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:01:30.0432 4608 hwdatacard - ok
19:01:30.0477 4608 [ A259D3619AA23D4562581067F85E2006 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
19:01:30.0482 4608 hwusbdev - ok
19:01:30.0528 4608 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:01:30.0533 4608 i2omp - ok
19:01:30.0577 4608 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:01:30.0582 4608 i8042prt - ok
19:01:30.0625 4608 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:01:30.0633 4608 iaStor - ok
19:01:30.0656 4608 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:01:30.0666 4608 iaStorV - ok
19:01:30.0727 4608 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:01:30.0839 4608 idsvc - ok
19:01:30.0926 4608 [ 506801C7D47BE8CD1CF342BF28EB17EC ] IGDCTRL C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
19:01:30.0940 4608 IGDCTRL - ok
19:01:30.0978 4608 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:01:30.0983 4608 iirsp - ok
19:01:31.0030 4608 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:01:31.0068 4608 IKEEXT - ok
19:01:31.0193 4608 [ 0F16D98C3AF2138FABFA20ADDE4E01FE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:01:31.0217 4608 IntcAzAudAddService - ok
19:01:31.0248 4608 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:01:31.0253 4608 intelide - ok
19:01:31.0272 4608 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:01:31.0277 4608 intelppm - ok
19:01:31.0315 4608 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:01:31.0349 4608 IPBusEnum - ok
19:01:31.0383 4608 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:01:31.0389 4608 IpFilterDriver - ok
19:01:31.0425 4608 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:01:31.0466 4608 iphlpsvc - ok
19:01:31.0478 4608 IpInIp - ok
19:01:31.0509 4608 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:01:31.0515 4608 IPMIDRV - ok
19:01:31.0535 4608 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:01:31.0545 4608 IPNAT - ok
19:01:31.0596 4608 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:01:31.0619 4608 iPod Service - ok
19:01:31.0667 4608 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
19:01:31.0672 4608 irda - ok
19:01:31.0691 4608 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:01:31.0696 4608 IRENUM - ok
19:01:31.0739 4608 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
19:01:31.0773 4608 Irmon - ok
19:01:31.0810 4608 [ 5896B5FF6332AB2BE1582523E9656A67 ] irsir C:\Windows\system32\DRIVERS\irsir.sys
19:01:31.0815 4608 irsir - ok
19:01:31.0846 4608 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:01:31.0854 4608 isapnp - ok
19:01:31.0900 4608 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:01:31.0907 4608 iScsiPrt - ok
19:01:31.0929 4608 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:01:31.0936 4608 iteatapi - ok
19:01:31.0965 4608 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:01:31.0969 4608 iteraid - ok
19:01:32.0029 4608 [ FE8300320281D658A7854D5CFC02A63F ] k750bus C:\Windows\system32\DRIVERS\k750bus.sys
19:01:32.0034 4608 k750bus - ok
19:01:32.0068 4608 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:01:32.0072 4608 kbdclass - ok
19:01:32.0103 4608 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:01:32.0108 4608 kbdhid - ok
19:01:32.0138 4608 [ CC2A86D7BBF14977340DCA61BBCBA771 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
19:01:32.0143 4608 kbfiltr - ok
19:01:32.0188 4608 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
19:01:32.0234 4608 KeyIso - ok
19:01:32.0270 4608 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:01:32.0278 4608 KSecDD - ok
19:01:32.0337 4608 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:01:32.0406 4608 KtmRm - ok
19:01:32.0469 4608 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
19:01:32.0557 4608 LanmanServer - ok
19:01:32.0580 4608 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:01:32.0678 4608 LanmanWorkstation - ok
19:01:32.0699 4608 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:01:32.0705 4608 lltdio - ok
19:01:32.0754 4608 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:01:32.0801 4608 lltdsvc - ok
19:01:32.0821 4608 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:01:32.0863 4608 lmhosts - ok
19:01:32.0890 4608 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:01:32.0897 4608 LSI_FC - ok
19:01:32.0919 4608 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:01:32.0925 4608 LSI_SAS - ok
19:01:32.0943 4608 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:01:32.0949 4608 LSI_SCSI - ok
19:01:33.0053 4608 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:01:33.0058 4608 luafv - ok
19:01:33.0097 4608 [ 0A8BAF658DC7D4399971E995F3CA500C ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
19:01:33.0101 4608 lullaby - ok
19:01:33.0134 4608 massfilter - ok
19:01:33.0181 4608 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:01:33.0229 4608 Mcx2Svc - ok
19:01:33.0276 4608 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:01:33.0281 4608 megasas - ok
19:01:33.0309 4608 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:01:33.0322 4608 MegaSR - ok
19:01:33.0417 4608 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:01:33.0424 4608 Microsoft Office Groove Audit Service - ok
19:01:33.0454 4608 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:01:33.0501 4608 MMCSS - ok
19:01:33.0511 4608 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:01:33.0516 4608 Modem - ok
19:01:33.0559 4608 [ CBB59C41F19EFEA1A000793E08070A62 ] MODEMCSA C:\Windows\system32\drivers\MODEMCSA.sys
19:01:33.0564 4608 MODEMCSA - ok
19:01:33.0581 4608 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:01:33.0587 4608 monitor - ok
19:01:33.0595 4608 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:01:33.0601 4608 mouclass - ok
19:01:33.0628 4608 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:01:33.0635 4608 mouhid - ok
19:01:33.0660 4608 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:01:33.0666 4608 MountMgr - ok
19:01:33.0700 4608 [ 1C9B83F6A2D1F414F0ACD28D75605607 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:01:33.0704 4608 MozillaMaintenance - ok
19:01:33.0725 4608 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
19:01:33.0732 4608 mpio - ok
19:01:33.0753 4608 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:01:33.0763 4608 mpsdrv - ok
19:01:33.0810 4608 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:01:33.0872 4608 MpsSvc - ok
19:01:33.0950 4608 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:01:33.0958 4608 Mraid35x - ok
19:01:34.0002 4608 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:01:34.0010 4608 MRxDAV - ok
19:01:34.0052 4608 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:01:34.0067 4608 mrxsmb - ok
19:01:34.0106 4608 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:01:34.0119 4608 mrxsmb10 - ok
19:01:34.0158 4608 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:01:34.0175 4608 mrxsmb20 - ok
19:01:34.0230 4608 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
19:01:34.0236 4608 msahci - ok
19:01:34.0288 4608 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:01:34.0295 4608 msdsm - ok
19:01:34.0313 4608 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:01:34.0389 4608 MSDTC - ok
19:01:34.0411 4608 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:01:34.0417 4608 Msfs - ok
19:01:34.0465 4608 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:01:34.0471 4608 msisadrv - ok
19:01:34.0513 4608 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:01:34.0563 4608 MSiSCSI - ok
19:01:34.0574 4608 msiserver - ok
19:01:34.0595 4608 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:01:34.0601 4608 MSKSSRV - ok
19:01:34.0650 4608 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:01:34.0656 4608 MSPCLOCK - ok
19:01:34.0665 4608 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:01:34.0672 4608 MSPQM - ok
19:01:34.0708 4608 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:01:34.0715 4608 MsRPC - ok
19:01:34.0730 4608 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:01:34.0737 4608 mssmbios - ok
19:01:34.0761 4608 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:01:34.0767 4608 MSTEE - ok
19:01:34.0806 4608 [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
19:01:34.0808 4608 MTsensor - ok
19:01:34.0827 4608 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:01:34.0835 4608 Mup - ok
19:01:34.0877 4608 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:01:34.0968 4608 napagent - ok
19:01:35.0030 4608 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:01:35.0039 4608 NativeWifiP - ok
19:01:35.0215 4608 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:01:35.0237 4608 NDIS - ok
19:01:35.0279 4608 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:01:35.0286 4608 NdisTapi - ok
19:01:35.0307 4608 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:01:35.0314 4608 Ndisuio - ok
19:01:35.0348 4608 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:01:35.0356 4608 NdisWan - ok
19:01:35.0369 4608 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:01:35.0377 4608 NDProxy - ok
19:01:35.0401 4608 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:01:35.0411 4608 NetBIOS - ok
19:01:35.0437 4608 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:01:35.0448 4608 netbt - ok
19:01:35.0456 4608 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
19:01:35.0502 4608 Netlogon - ok
19:01:35.0538 4608 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:01:35.0616 4608 Netman - ok
19:01:35.0640 4608 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:01:35.0697 4608 netprofm - ok
19:01:35.0730 4608 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:01:35.0734 4608 NetTcpPortSharing - ok
19:01:35.0868 4608 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
19:01:35.0960 4608 NETw3v32 - ok
19:01:36.0065 4608 [ 25ACCCFC33DD448B9D3037C5E439E830 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
19:01:36.0139 4608 NETw4v32 - ok
19:01:36.0167 4608 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:01:36.0176 4608 nfrd960 - ok
19:01:36.0207 4608 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:01:36.0267 4608 NlaSvc - ok
19:01:36.0314 4608 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:01:36.0323 4608 Npfs - ok
19:01:36.0357 4608 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:01:36.0416 4608 nsi - ok
19:01:36.0444 4608 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:01:36.0453 4608 nsiproxy - ok
19:01:36.0510 4608 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:01:36.0548 4608 Ntfs - ok
19:01:36.0588 4608 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:01:36.0596 4608 ntrigdigi - ok
19:01:36.0618 4608 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:01:36.0625 4608 Null - ok
19:01:36.0909 4608 [ 02A96700623AF401A4F6632AF04C0464 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:01:37.0154 4608 nvlddmkm - ok
19:01:37.0189 4608 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:01:37.0199 4608 nvraid - ok
19:01:37.0223 4608 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:01:37.0231 4608 nvstor - ok
19:01:37.0258 4608 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:01:37.0268 4608 nv_agp - ok
19:01:37.0275 4608 NwlnkFlt - ok
19:01:37.0292 4608 NwlnkFwd - ok
19:01:37.0392 4608 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:01:37.0474 4608 odserv - ok
19:01:37.0504 4608 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:01:37.0513 4608 ohci1394 - ok
19:01:37.0547 4608 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:01:37.0552 4608 ose - ok
19:01:37.0600 4608 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:01:37.0673 4608 p2pimsvc - ok
19:01:37.0692 4608 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:01:37.0774 4608 p2psvc - ok
19:01:37.0815 4608 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:01:37.0824 4608 Parport - ok
19:01:37.0863 4608 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:01:37.0871 4608 partmgr - ok
19:01:37.0895 4608 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:01:37.0903 4608 Parvdm - ok
19:01:37.0932 4608 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:01:37.0997 4608 PcaSvc - ok
19:01:38.0018 4608 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:01:38.0033 4608 pci - ok
19:01:38.0064 4608 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
19:01:38.0072 4608 pciide - ok
19:01:38.0094 4608 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:01:38.0103 4608 pcmcia - ok
19:01:38.0161 4608 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:01:38.0185 4608 PEAUTH - ok
19:01:38.0265 4608 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:01:38.0369 4608 pla - ok
19:01:38.0398 4608 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:01:38.0486 4608 PlugPlay - ok
19:01:38.0540 4608 [ 2B81B089D9364083F5046AD1307A65BE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:01:38.0574 4608 Pml Driver HPZ12 - ok
19:01:38.0600 4608 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:01:38.0667 4608 PNRPAutoReg - ok
19:01:38.0682 4608 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:01:38.0756 4608 PNRPsvc - ok
19:01:38.0789 4608 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:01:38.0839 4608 PolicyAgent - ok
19:01:38.0874 4608 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:01:38.0885 4608 PptpMiniport - ok
19:01:38.0906 4608 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
19:01:38.0916 4608 Processor - ok
19:01:38.0957 4608 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:01:39.0026 4608 ProfSvc - ok
19:01:39.0042 4608 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:01:39.0090 4608 ProtectedStorage - ok
19:01:39.0119 4608 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:01:39.0127 4608 PSched - ok
19:01:39.0208 4608 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:01:39.0250 4608 ql2300 - ok
19:01:39.0293 4608 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:01:39.0304 4608 ql40xx - ok
19:01:39.0339 4608 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:01:39.0417 4608 QWAVE - ok
19:01:39.0446 4608 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:01:39.0455 4608 QWAVEdrv - ok
19:01:39.0526 4608 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
19:01:39.0531 4608 RapiMgr - ok
19:01:39.0542 4608 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:01:39.0556 4608 RasAcd - ok
19:01:39.0570 4608 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:01:39.0651 4608 RasAuto - ok
19:01:39.0689 4608 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:01:39.0698 4608 Rasl2tp - ok
19:01:39.0758 4608 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:01:39.0839 4608 RasMan - ok
19:01:39.0865 4608 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:01:39.0873 4608 RasPppoe - ok
19:01:39.0888 4608 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:01:39.0898 4608 RasSstp - ok
19:01:39.0926 4608 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:01:39.0938 4608 rdbss - ok
19:01:39.0963 4608 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:01:39.0971 4608 RDPCDD - ok
19:01:40.0002 4608 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:01:40.0012 4608 rdpdr - ok
19:01:40.0022 4608 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:01:40.0032 4608 RDPENCDD - ok
19:01:40.0111 4608 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:01:40.0122 4608 RDPWD - ok
19:01:40.0171 4608 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:01:40.0216 4608 RemoteAccess - ok
19:01:40.0255 4608 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:01:40.0331 4608 RemoteRegistry - ok
19:01:40.0371 4608 [ C35CA13D3627EBD9DD12A23CE781BC3D ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
19:01:40.0381 4608 rimmptsk - ok
19:01:40.0397 4608 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
19:01:40.0406 4608 rimsptsk - ok
19:01:40.0426 4608 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
19:01:40.0439 4608 rismxdp - ok
19:01:40.0464 4608 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:01:40.0504 4608 RpcLocator - ok
19:01:40.0530 4608 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:01:40.0611 4608 RpcSs - ok
19:01:40.0651 4608 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:01:40.0664 4608 rspndr - ok
19:01:40.0692 4608 [ 1F561844318914E7EB6E54673A4CC54C ] s117bus C:\Windows\system32\DRIVERS\s117bus.sys
19:01:40.0701 4608 s117bus - ok
19:01:40.0763 4608 [ BD6483E64B1DA17E812B34BCDEFD9459 ] s117mgmt C:\Windows\system32\DRIVERS\s117mgmt.sys
19:01:40.0773 4608 s117mgmt - ok
19:01:40.0814 4608 [ E290B3A6B58FB72CA97DD48D64E4FC1C ] s117obex C:\Windows\system32\DRIVERS\s117obex.sys
19:01:40.0824 4608 s117obex - ok
19:01:40.0863 4608 [ 5C4D1BA23C7511AC880E8BA7BAA80DBA ] s117unic C:\Windows\system32\DRIVERS\s117unic.sys
19:01:40.0871 4608 s117unic - ok
19:01:40.0897 4608 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
19:01:40.0947 4608 SamSs - ok
19:01:40.0965 4608 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:01:40.0975 4608 sbp2port - ok
19:01:41.0003 4608 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:01:41.0090 4608 SCardSvr - ok
19:01:41.0132 4608 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
19:01:41.0226 4608 Schedule - ok
19:01:41.0241 4608 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:01:41.0250 4608 SCPolicySvc - ok
19:01:41.0309 4608 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:01:41.0328 4608 sdbus - ok
19:01:41.0351 4608 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:01:41.0434 4608 SDRSVC - ok
19:01:41.0462 4608 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:01:41.0472 4608 secdrv - ok
19:01:41.0493 4608 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:01:41.0567 4608 seclogon - ok
19:01:41.0589 4608 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
19:01:41.0667 4608 SENS - ok
19:01:41.0689 4608 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:01:41.0699 4608 Serenum - ok
19:01:41.0727 4608 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:01:41.0740 4608 Serial - ok
19:01:41.0767 4608 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:01:41.0778 4608 sermouse - ok
19:01:41.0829 4608 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:01:41.0936 4608 SessionEnv - ok
19:01:41.0964 4608 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:01:41.0974 4608 sffdisk - ok
19:01:42.0030 4608 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:01:42.0041 4608 sffp_mmc - ok
19:01:42.0059 4608 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:01:42.0070 4608 sffp_sd - ok
19:01:42.0081 4608 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:01:42.0091 4608 sfloppy - ok
19:01:42.0138 4608 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:01:42.0190 4608 SharedAccess - ok
19:01:42.0230 4608 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:01:42.0345 4608 ShellHWDetection - ok
19:01:42.0376 4608 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:01:42.0387 4608 sisagp - ok
19:01:42.0435 4608 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:01:42.0446 4608 SiSRaid2 - ok
19:01:42.0468 4608 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:01:42.0479 4608 SiSRaid4 - ok
19:01:42.0611 4608 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:01:42.0805 4608 slsvc - ok
19:01:42.0871 4608 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:01:42.0972 4608 SLUINotify - ok
19:01:43.0006 4608 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:01:43.0021 4608 Smb - ok
19:01:43.0116 4608 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
19:01:43.0146 4608 smserial - ok
19:01:43.0207 4608 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:01:43.0292 4608 SNMPTRAP - ok
19:01:43.0359 4608 [ 0302BC619D4A723317E7F8EB0C362BD3 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
19:01:43.0398 4608 SNP2UVC - ok
19:01:43.0414 4608 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:01:43.0428 4608 spldr - ok
19:01:43.0478 4608 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
19:01:43.0482 4608 spmgr - ok
19:01:43.0534 4608 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
19:01:43.0629 4608 Spooler - ok
19:01:43.0672 4608 [ 00AE175B903D45ED4A62384D3315DC2A ] SPOTIGOSp50 C:\Windows\system32\Drivers\SPOTIGOSp50.sys
19:01:43.0682 4608 SPOTIGOSp50 - ok
19:01:43.0763 4608 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\System32\Drivers\sptd.sys
19:01:43.0788 4608 sptd - ok
19:01:43.0811 4608 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:01:43.0826 4608 srv - ok
19:01:43.0857 4608 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:01:43.0869 4608 srv2 - ok
19:01:43.0889 4608 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:01:43.0902 4608 srvnet - ok
19:01:43.0959 4608 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
19:01:43.0969 4608 sscdbus - ok
19:01:44.0001 4608 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:01:44.0095 4608 SSDPSRV - ok
19:01:44.0111 4608 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:01:44.0194 4608 SstpSvc - ok
19:01:44.0219 4608 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
19:01:44.0230 4608 StarOpen - ok
19:01:44.0302 4608 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:01:44.0425 4608 stisvc - ok
19:01:44.0448 4608 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:01:44.0458 4608 swenum - ok
19:01:44.0496 4608 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:01:44.0592 4608 swprv - ok
19:01:44.0611 4608 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:01:44.0622 4608 Symc8xx - ok
19:01:44.0655 4608 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:01:44.0665 4608 Sym_hi - ok
19:01:44.0687 4608 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:01:44.0698 4608 Sym_u3 - ok
19:01:44.0733 4608 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:01:44.0826 4608 SysMain - ok
19:01:44.0854 4608 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:01:44.0938 4608 TabletInputService - ok
19:01:44.0983 4608 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:01:45.0072 4608 TapiSrv - ok
19:01:45.0083 4608 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:01:45.0194 4608 TBS - ok
19:01:45.0240 4608 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:01:45.0279 4608 Tcpip - ok
19:01:45.0309 4608 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:01:45.0345 4608 Tcpip6 - ok
19:01:45.0374 4608 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:01:45.0386 4608 tcpipreg - ok
19:01:45.0416 4608 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:01:45.0427 4608 TDPIPE - ok
19:01:45.0445 4608 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:01:45.0456 4608 TDTCP - ok
19:01:45.0490 4608 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:01:45.0502 4608 tdx - ok
19:01:45.0561 4608 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
19:01:45.0573 4608 teamviewervpn - ok
19:01:45.0593 4608 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:01:45.0604 4608 TermDD - ok
19:01:45.0642 4608 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:01:45.0756 4608 TermService - ok
19:01:45.0775 4608 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
19:01:45.0856 4608 Themes - ok
19:01:45.0864 4608 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:01:45.0911 4608 THREADORDER - ok
19:01:45.0950 4608 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:01:46.0036 4608 TrkWks - ok
19:01:46.0087 4608 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:01:46.0113 4608 TrustedInstaller - ok
19:01:46.0151 4608 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:01:46.0162 4608 tssecsrv - ok
19:01:46.0188 4608 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:01:46.0199 4608 tunmp - ok
19:01:46.0246 4608 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:01:46.0256 4608 tunnel - ok
19:01:46.0282 4608 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:01:46.0294 4608 uagp35 - ok
19:01:46.0334 4608 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:01:46.0362 4608 udfs - ok
19:01:46.0404 4608 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:01:46.0506 4608 UI0Detect - ok
19:01:46.0537 4608 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:01:46.0549 4608 uliagpkx - ok
19:01:46.0574 4608 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:01:46.0592 4608 uliahci - ok
19:01:46.0616 4608 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:01:46.0628 4608 UlSata - ok
19:01:46.0655 4608 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:01:46.0666 4608 ulsata2 - ok
19:01:46.0696 4608 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:01:46.0707 4608 umbus - ok
19:01:46.0744 4608 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:01:46.0838 4608 upnphost - ok
19:01:46.0898 4608 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:01:46.0909 4608 USBAAPL - ok
19:01:46.0945 4608 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:01:46.0957 4608 usbccgp - ok
19:01:46.0978 4608 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:01:46.0991 4608 usbcir - ok
19:01:47.0034 4608 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:01:47.0047 4608 usbehci - ok
19:01:47.0088 4608 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:01:47.0103 4608 usbhub - ok
19:01:47.0123 4608 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:01:47.0138 4608 usbohci - ok
19:01:47.0172 4608 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:01:47.0186 4608 usbprint - ok
19:01:47.0247 4608 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:01:47.0259 4608 usbscan - ok
19:01:47.0288 4608 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:01:47.0300 4608 USBSTOR - ok
19:01:47.0327 4608 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:01:47.0339 4608 usbuhci - ok
19:01:47.0373 4608 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:01:47.0389 4608 usbvideo - ok
19:01:47.0428 4608 [ 228F444F9AF0D3B9ECA9FC3F4FEB12F2 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
19:01:47.0438 4608 usb_rndisx - ok
19:01:47.0496 4608 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:01:47.0583 4608 UxSms - ok
19:01:47.0620 4608 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:01:47.0720 4608 vds - ok
19:01:47.0777 4608 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:01:47.0789 4608 vga - ok
19:01:47.0810 4608 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:01:47.0821 4608 VgaSave - ok
19:01:47.0847 4608 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:01:47.0860 4608 viaagp - ok
19:01:47.0872 4608 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:01:47.0889 4608 ViaC7 - ok
19:01:47.0916 4608 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:01:47.0927 4608 viaide - ok
19:01:47.0954 4608 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:01:47.0965 4608 volmgr - ok
19:01:48.0004 4608 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:01:48.0019 4608 volmgrx - ok
19:01:48.0067 4608 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:01:48.0082 4608 volsnap - ok
19:01:48.0139 4608 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:01:48.0167 4608 vsmraid - ok
19:01:48.0220 4608 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:01:48.0325 4608 VSS - ok
19:01:48.0362 4608 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:01:48.0457 4608 W32Time - ok
19:01:48.0482 4608 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:01:48.0494 4608 WacomPen - ok
19:01:48.0529 4608 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:01:48.0542 4608 Wanarp - ok
19:01:48.0550 4608 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:01:48.0563 4608 Wanarpv6 - ok
19:01:48.0632 4608 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
19:01:48.0639 4608 WcesComm - ok
19:01:48.0732 4608 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:01:48.0852 4608 wcncsvc - ok
19:01:48.0880 4608 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:01:48.0985 4608 WcsPlugInService - ok
19:01:49.0007 4608 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:01:49.0019 4608 Wd - ok
19:01:49.0065 4608 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:01:49.0086 4608 Wdf01000 - ok
19:01:49.0104 4608 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:01:49.0211 4608 WdiServiceHost - ok
19:01:49.0225 4608 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:01:49.0318 4608 WdiSystemHost - ok
19:01:49.0349 4608 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:01:49.0461 4608 WebClient - ok
19:01:49.0493 4608 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:01:49.0587 4608 Wecsvc - ok
19:01:49.0612 4608 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:01:49.0703 4608 wercplsupport - ok
19:01:49.0764 4608 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:01:49.0883 4608 WerSvc - ok
19:01:49.0952 4608 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:01:49.0959 4608 WinDefend - ok
19:01:49.0976 4608 WinHttpAutoProxySvc - ok
19:01:50.0073 4608 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:01:50.0348 4608 Winmgmt - ok
19:01:50.0418 4608 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
19:01:50.0598 4608 WinRM - ok
19:01:50.0657 4608 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:01:50.0821 4608 Wlansvc - ok
19:01:50.0853 4608 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:01:50.0865 4608 WmiAcpi - ok
19:01:50.0909 4608 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:01:50.0957 4608 wmiApSrv - ok
19:01:51.0028 4608 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:01:51.0049 4608 WMPNetworkSvc - ok
19:01:51.0081 4608 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:01:51.0190 4608 WPCSvc - ok
19:01:51.0266 4608 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:01:51.0383 4608 WPDBusEnum - ok
19:01:51.0445 4608 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:01:51.0457 4608 WpdUsb - ok
19:01:51.0551 4608 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:01:51.0605 4608 WPFFontCache_v0400 - ok
19:01:51.0633 4608 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:01:51.0646 4608 ws2ifsl - ok
19:01:51.0675 4608 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
19:01:51.0779 4608 wscsvc - ok
19:01:51.0788 4608 WSearch - ok
19:01:51.0865 4608 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:01:52.0005 4608 wuauserv - ok
19:01:52.0050 4608 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:01:52.0063 4608 WudfPf - ok
19:01:52.0083 4608 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:01:52.0100 4608 WUDFRd - ok
19:01:52.0130 4608 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:01:52.0228 4608 wudfsvc - ok
19:01:52.0280 4608 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
19:01:52.0296 4608 yukonwlh - ok
19:01:52.0319 4608 ZTEusbmdm6k - ok
19:01:52.0329 4608 ZTEusbnmea - ok
19:01:52.0340 4608 ZTEusbser6k - ok
19:01:52.0399 4608 ================ Scan global ===============================
19:01:52.0447 4608 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:01:52.0491 4608 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:01:52.0606 4608 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
19:01:52.0740 4608 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:01:52.0829 4608 [Global] - ok
19:01:52.0833 4608 ================ Scan MBR ==================================
19:01:52.0846 4608 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
19:01:53.0626 4608 \Device\Harddisk0\DR0 - ok
19:01:53.0647 4608 [ 8E80C3F9F84FA21FCE1ADEE08920D632 ] \Device\Harddisk1\DR1
19:01:53.0715 4608 \Device\Harddisk1\DR1 - ok
19:01:53.0716 4608 ================ Scan VBR ==================================
19:01:53.0720 4608 [ E98CE13D1BFACD81C102109E84EF59EC ] \Device\Harddisk0\DR0\Partition1
19:01:53.0722 4608 \Device\Harddisk0\DR0\Partition1 - ok
19:01:53.0749 4608 [ D35B7A03F032133A01CBB8781BC26278 ] \Device\Harddisk0\DR0\Partition2
19:01:53.0751 4608 \Device\Harddisk0\DR0\Partition2 - ok
19:01:53.0751 4608 ============================================================
19:01:53.0751 4608 Scan finished
19:01:53.0751 4608 ============================================================
19:01:53.0776 4592 Detected object count: 0
19:01:53.0776 4592 Actual detected object count: 0
19:03:14.0658 3760 Deinitialize success
[CODE]. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT .DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 05.08.2008 04:50:31
System Uptime: 05.04.2013 18:33:49 (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | F3Sg
Processor: Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz | Socket 478 | 1667/167mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 116 GiB total, 15,205 GiB free.
D: is FIXED (NTFS) - 107 GiB total, 9,485 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft-ISATAP-Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft-ISATAP-Adapter #3
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
Class GUID: {6bdd1fc5-810f-11d0-bec7-08002be2092f}
Description: Serielles Kabel mit IrDA-Protokoll
Device ID: ROOT\INFRARED\0000
Manufacturer: (Standardinfrarotanschluss)
Name: Serielles Kabel mit IrDA-Protokoll
PNP Device ID: ROOT\INFRARED\0000
Service: irsir
.
==== System Restore Points ===================
.
RP841: 30.03.2013 03:16:06 - Windows Update
RP842: 03.04.2013 05:44:31 - Windows Update
RP843: 04.04.2013 14:26:55 - Removed Adblock IE 2.0
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
Activation Assistant for the 2007 Microsoft Office suites
AdblockIE
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) - Deutsch
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS CopyProtect
ASUS Data Security Manager
ASUS LifeFrame3
ASUS Live Update
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
Asus_Camera_ScreenSaver
Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
avast! Free Antivirus
AVM FRITZ!DSL
CCleaner
Core Temp 1.0 RC4
Counter-Strike 1.6
Doom 3
ElsterFormular für Privatanwender und Unternehmer
Epson Easy Photo Print 2
Epson Event Manager
EPSON Scan
Epson Stylus SX110_TX110 Handbuch
EPSON SX110 Series Printer Uninstall
FTDI USB Serial Converter Drivers
Google Chrome
Google Update Helper
GTA2
GTAIII
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ICQ7.6
ImTOO FLV Converter
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 7
Java(TM) 7 Update 5
JavaFX 2.1.1
Kill-ID 1.2.4.0 für Chrome
League of Legends
Lycos WLAN Sniffer
Max Payne 2
Max Uninstaller version 2.0
Microsoft .NET Framework 3.5 Language Pack SP1 - deu
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Dutch) 2007
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (French) 2007
Microsoft Office Access MUI (German) 2007
Microsoft Office Access MUI (Italian) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office Excel MUI (Italian) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (German) 2007
Microsoft Office InfoPath MUI (German) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)
Microsoft Office Outlook MUI (Dutch) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (French) 2007
Microsoft Office Outlook MUI (German) 2007
Microsoft Office Outlook MUI (Italian) 2007
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office PowerPoint MUI (Italian) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing (Italian) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Dutch) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (French) 2007
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Publisher MUI (Italian) 2007
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)
Microsoft Office Word MUI (Dutch) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Office Word MUI (Italian) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mise à jour Microsoft Office Excel 2007 Help (KB963678)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
Mise à jour Microsoft Office Word 2007 Help (KB963665)
Mobile Partner
Mozilla Firefox 20.0 (x86 de)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NB Probe
NVIDIA Drivers
Pando Media Booster
PC Inspector smart recovery
Power2Go
Power4Gear eXtreme
Preispilot
RealPlayer
Realtek High Definition Audio Driver
Remo Recover
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
Safari
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
Samsung PC Studio 3 USB Driver Installer
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Simple Adblock
SRWare Iron Version SRWare Iron 20.0.1150.1
Steamless Left4Dead2 Pack
SWFPlayer 2.6.2.0
TeamSpeak 3 Client
Uninstall 1.0.0.1
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
USB 2.0 1.3M UVC WebCam
VistaFeaturePack
VLC media player 0.9.4
Windows Live-Uploadtool
Windows Live Anmelde-Assistent
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Writer
Windows Media Player Firefox Plugin
WinFlash
WinRAR
Wireless Console 2
Wondershare Photo Recovery(build 2.0.3)
.
==== End Of File ===========================
Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.5.1
Run by Jose Moncayo at 19:06:28 on 2013-04-05
#Option MBR scan is disabled.
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3070.1206 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\FRITZ!DSL\FwebProt.exe
C:\Program Files\FRITZ!DSL\StCenter.exe
C:\Windows\System32\mobsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com
uSearch Page = ${URL_SEARCHPAGE}
uDefault_Page_URL = hxxp://www.asus.com
mSearch Page = ${URL_SEARCHPAGE}
mDefault_Page_URL = hxxp://www.asus.com
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Preispilot: {C4415769-1588-4AD6-9624-B2E69DB78D1A} - c:\program files\preispilot\internet explorer\preispilot.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: SimpleAdblock Class: {FFCB3198-32F3-4E8B-9539-4324694ED664} - c:\program files\common files\simple adblock\SimpleAdblock.dll
TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Windows Mobile-based device management] c:\windows\windowsmobile\wmdSync.exe
dRun: [FRITZ!protect] FwebProt.exe
StartupFolder: c:\users\josemo~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\fritz!~2.lnk - c:\program files\fritz!dsl\FritzDsl.exe
StartupFolder: c:\users\josemo~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\fritz!~1.lnk - c:\program files\fritz!dsl\FwebProt.exe
StartupFolder: c:\users\josemo~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\fritz!~3.lnk - c:\program files\fritz!dsl\StCenter.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:149
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\icq7.6\ICQ.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {B863453A-26C3-4e1f-A54D-A2CD196348E9} - c:\program files\icqlite\ICQLite.exe
LSP: c:\program files\fritz!dsl\\sarah.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://active.macromedia.com/flash2/cabs/swflash.cab
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{53167639-3EBD-4553-A076-158CFB227430} : DHCPNameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{6E59C5E5-BD3B-4A52-BE31-0B410FEEC29F} : NameServer = 192.168.0.1
TCP: Interfaces\{8182A16A-A498-41F0-AA6B-DA509E37C0E3} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{97174844-82CD-4FB6-A989-478DE51F1687} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{A692C005-E9EC-4B89-8715-6EFB6E0D6A50} : DHCPNameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{BB8B0368-6F10-4F09-B564-952AA6AA7519} : DHCPNameServer = 192.168.178.1
TCP: Interfaces\{C56F70D9-5EF3-41D5-BA3C-0957AC606511} : DHCPNameServer = 192.168.178.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
AppInit_DLLs= c:\progra~2\browse~1\25976~1.107\{c16c1~1\mngr.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.43\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jose moncayo\appdata\roaming\mozilla\firefox\profiles\xqormi53.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\users\jose moncayo\appdata\roaming\mozilla\plugins\np-mswmp.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2009-09-01 21:53; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2008-8-5 15416]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-11-8 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-11-8 361032]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrv.sys [2012-12-7 22312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-11-8 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-11-8 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-11-8 44808]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 IGDCTRL;AVM IGD CTRL Service;c:\program files\fritz!dsl\IGDCTRL.EXE [2009-7-28 73528]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x86.sys [2007-10-31 46592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AVMUNET;AVM FRITZ!Box;c:\windows\system32\drivers\avmunet.sys [2006-10-6 14976]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2012-7-3 113664]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2012-7-3 101120]
S3 SPOTIGOSp50;SPOTIGOSp50 NDIS Protocol Driver;c:\windows\system32\drivers\SPOTIGOSp50.sys [2004-10-25 17664]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2009-11-9 25088]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
FileExt: .pif: piffile="%1" %*"
FileExt: .ini: inifile=c:\windows\system32\NOTEPAD.EXE %1"
.
=============== Created Last 30 ================
.
2013-04-04 12:37:19 -------- d-----w- c:\users\jose moncayo\appdata\local\Apps
2013-04-04 12:37:18 -------- d-----w- c:\users\jose moncayo\appdata\local\Deployment
2013-04-04 12:35:58 26520 ----a-w- c:\program files\mozilla firefox\plugin-hang-ui.exe
2013-04-03 03:46:13 7108640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{6995f695-e241-4d68-b342-00ce48b11cb1}\mpengine.dll
2013-03-17 21:11:10 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys
2013-03-17 21:11:10 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
==================== Find3M ====================
.
2013-04-05 16:34:29 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-03-13 02:04:57 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-13 02:04:57 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-02 03:38:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-02-02 03:30:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-02 03:30:21 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-02-02 03:26:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-02 03:26:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-02-02 03:23:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 19:07:14,79 ===============
|
|
05.04.2013, 18:22
| #4 |
| /// TB-Ausbilder | Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) Okay, weiter: Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!) Deinstallation von Programmen
Schritt 2: AdwCleaner: Werbeprogramme suchen und löschen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3: AdwCleaner wiederholen Die vorliegende Version der Werbeprogramme ist ziemlich hartnäckig und kann von AdwCleaner erfahrungsgemäss nur bei zweimaliger Anwendung entfernt werden. Also wiederhole diesen Schritt bitte und poste auch das Logfile. Schritt 4: Scan mit Combofix
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
05.04.2013, 18:23
| #5 | |
| | Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) Der GMER Log scheint zu viele Zeichen zu haben und bin anscheinend nicht in der Lage das per Anhang hochzuladen... Entschuldige diesen Post, gar nicht bemerkt dass du schon geantwortet hast. Kann gelöscht werden Zitat:
ADW #1 Code:
ATTFilter # AdwCleaner v2.200 - Datei am 05/04/2013 um 19:38:18 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : **** **** - ********-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\**** ****\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0 (de)
Datei : C:\Users\**** ****\AppData\Roaming\Mozilla\Firefox\Profiles\xqormi53.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v26.0.1410.43
Datei : C:\Users\**** ****\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Chromium v _signature: 6n3mTfL2apwFYzWZceTik3RF4RwiU7OJ82fa2A2sa6g=
Datei : C:\Users\**** ****\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [6417 octets] - [26/02/2013 23:59:16]
AdwCleaner[R2].txt - [2254 octets] - [03/04/2013 16:11:51]
AdwCleaner[R3].txt - [1476 octets] - [05/04/2013 19:38:02]
AdwCleaner[S1].txt - [6266 octets] - [27/02/2013 00:00:48]
AdwCleaner[S2].txt - [2316 octets] - [03/04/2013 16:12:16]
AdwCleaner[S3].txt - [1409 octets] - [05/04/2013 19:38:18]
########## EOF - C:\AdwCleaner[S3].txt - [1469 octets] ##########
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 05/04/2013 um 19:42:06 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : **** **** - ********-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\**** ****\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0 (de)
Datei : C:\Users\**** ****\AppData\Roaming\Mozilla\Firefox\Profiles\xqormi53.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v26.0.1410.43
Datei : C:\Users\**** ****\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Chromium v _signature: 6n3mTfL2apwFYzWZceTik3RF4RwiU7OJ82fa2A2sa6g=
Datei : C:\Users\**** ****\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [6417 octets] - [26/02/2013 23:59:16]
AdwCleaner[R2].txt - [2254 octets] - [03/04/2013 16:11:51]
AdwCleaner[R3].txt - [1476 octets] - [05/04/2013 19:38:02]
AdwCleaner[S1].txt - [6266 octets] - [27/02/2013 00:00:48]
AdwCleaner[S2].txt - [2316 octets] - [03/04/2013 16:12:16]
AdwCleaner[S3].txt - [1538 octets] - [05/04/2013 19:38:18]
AdwCleaner[S4].txt - [1469 octets] - [05/04/2013 19:42:06]
########## EOF - C:\AdwCleaner[S4].txt - [1529 octets] ##########
Code:
ATTFilter ComboFix 13-04-05.01 - **** **** 05.04.2013 19:58:00.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3070.1838 [GMT 2:00]
ausgeführt von:: c:\users\**** ****\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\**** ****\server.dll
c:\users\Public\sdelevURL.tmp
c:\windows\IsUn0407.exe
c:\windows\system32\Packet.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-03-05 bis 2013-04-05 ))))))))))))))))))))))))))))))
.
.
2013-04-05 18:22 . 2013-04-05 18:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-04 12:37 . 2013-04-04 12:37 -------- d-----w- c:\users\**** ****\AppData\Local\Apps
2013-04-04 12:37 . 2013-04-04 12:37 -------- d-----w- c:\users\**** ****\AppData\Local\Deployment
2013-04-03 03:46 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6995F695-E241-4D68-B342-00CE48B11CB1}\mpengine.dll
2013-03-17 21:11 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys
2013-03-17 21:11 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-05 17:43 . 2008-08-28 17:54 45056 ----a-w- c:\windows\system32\acovcnt.exe
2013-03-13 02:04 . 2012-06-11 11:52 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-13 02:04 . 2012-06-11 11:52 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28 . 2009-10-03 12:56 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-03-27 02:17 . 2013-04-03 04:49 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{C4415769-1588-4AD6-9624-B2E69DB78D1A}]
2012-08-10 14:47 182056 ----a-w- c:\program files\preispilot\Internet Explorer\preispilot.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
.
c:\users\**** ****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FRITZ!DSL Internet.lnk - c:\program files\FRITZ!DSL\FritzDsl.exe [2009-7-27 987960]
FRITZ!DSL Protect.lnk - c:\program files\FRITZ!DSL\FwebProt.exe [2009-4-9 1061688]
FRITZ!DSL Startcenter.lnk - c:\program files\FRITZ!DSL\StCenter.exe [2009-7-20 760120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"EPSON SX110 Series"=c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "c:\windows\TEMP\E_S5724.tmp" /EF "HKCU"
"ICQ"="c:\program files\ICQ7.6\ICQ.exe" silent loginmode=4
"ehTray.exe"=c:\windows\ehome\ehTray.exe
"Steam"=c:\program files\Steam\Steam.exe -silent
"Protector"=wscript.exe "c:\users\**** ****\AppData\Roaming\SDIV 2.0\Prot\prot.vbs" check
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"ASUS Screen Saver Protector"=c:\windows\ASScrPro.exe
"ASUS Camera ScreenSaver"=c:\windows\ASScrProlog.exe
"EEventManager"=c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"UIExec"="c:\program files\1&1 Surf-Stick\UIExec.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Windows Mobile-based device management"=%windir%\WindowsMobile\wmdSync.exe
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"=c:\program files\ASUS\ATK Media\DMEDIA.EXE
"NvSvc"=RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"Skytel"=Skytel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-04 12:39 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-04-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 02:05]
.
2013-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-04 12:37]
.
2013-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-04 12:37]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
LSP: c:\program files\FRITZ!DSL\\sarah.dll
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{6E59C5E5-BD3B-4A52-BE31-0B410FEEC29F}: NameServer = 192.168.0.1
FF - ProfilePath - c:\users\**** ****\AppData\Roaming\Mozilla\Firefox\Profiles\xqormi53.default\
FF - ExtSQL: !HIDDEN! 2009-09-01 21:53; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- Dateityp-Verknüpfung -------
.
inifile=%SystemRoot%\System32\NOTEPAD.EXE %1"
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre7\bin\jusched.exe
HKU-Default-Run-FRITZ!protect - FwebProt.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2729449 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2737019 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2742595 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2789642 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-04-05 20:22
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
C:\ADSM_PData_0150
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-841732120-1791181681-1593089396-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-841732120-1791181681-1593089396-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-841732120-1791181681-1593089396-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-841732120-1791181681-1593089396-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-841732120-1791181681-1593089396-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-841732120-1791181681-1593089396-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2013-04-05 20:25:34
ComboFix-quarantined-files.txt 2013-04-05 18:25
.
Vor Suchlauf: 25 Verzeichnis(se), 18.304.720.896 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 18.115.059.712 Bytes frei
.
- - End Of File - - 7387D7F1D5F78751BA7933C752DB3311
Geändert von 1nca (05.04.2013 um 19:03 Uhr) |
|
06.04.2013, 11:46
| #6 |
| /// TB-Ausbilder | Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) Gut!  Soweit ich das sehe haben wir damit alles Schädliche entfernt. Um sicher sein zu können müssen jetzt noch ein paar Kontrollen machen und werden dann deinen Computer noch auf einen sicheren Stand bringen. Da diese Scans jetzt sehr lange dauern können bitte ich dich mir erst wieder zu schreiben, wenn du auch wirklich alles erledigt hast oder Probleme auftreten sollten. Schritt 1: Quick-Scan mit Malwarebytes Downloade Dir bitteSchritt 2: Hinweis: Der Scan kann sehr lange (einige Stunden) dauern!  Schritt 3: Scan mit SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ --> Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) |
|
09.04.2013, 12:56
| #7 |
| /// TB-Ausbilder | Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) Hallo, benötigst Du noch weiterhin Hilfe ? Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten. Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
09.04.2013, 16:40
| #8 |
| | Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) Ich werde die Logs noch nachreichen, bin leider noch nicht dazu gekommen. Entschuldige. bzw. die Browser funktionieren wieder einwandfrei, vielen dank dafür schon mal! mfg Quick Scan Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.04.05.09 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 * * :: **-PC [Administrator] 07.04.2013 09:19:20 mbam-log-2013-04-07 (09-19-20).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 208836 Laufzeit: 8 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=07a9289a538a4e419a5ce43b1b999e3a
# engine=13583
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-09 06:19:39
# local_time=2013-04-09 08:19:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=774 16777213 100 91 13194006 142241451 0 0
# compatibility_mode=5892 16776574 100 100 0 203064307 0 0
# scanned=221218
# found=0
# cleaned=0
# scan_time=9231
Code:
ATTFilter Results of screen317's Security Check version 0.99.61 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.70.0.1100 JavaFX 2.1.1 Java(TM) 7 Update 5 Java version out of Date! Adobe Flash Player 11.6.602.180 Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox (20.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
09.04.2013, 19:54
| #9 |
| /// TB-Ausbilder | Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) Prima! Damit wären wir fertig. Wir räumen jetzt noch ein wenig auf und dann habe ich am Ende etwas Lesestoff für dich. Schritt 1: Tools deinstallieren Die Reihenfolge ist hier entscheidend.
Schritt 2: ESET deinstallieren (Optional)
Schritt 3: Java Update (Windows XP, Vista, 7) Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können. Abschließend noch Tipps zu folgenden Themen:
Lesestoff:Systemupdates Man kann es gar nicht oft genug erwähnen, wie wichtig es ist, sein System aktuell zu halten. Dein Auto bringst du ja auch regelmässig zur Inspektion in die Werkstatt. Stelle also bitte sicher, dass die Systemupdates aktiviert sind:
Lesestoff:Softwareupdates Ebenso wichtig wie die Systemprogramme ist auch die Software, die du täglich nutzt. Die folgende Liste gibt dir einen kleinen Überblick mit Links zu den Updates, welche Programme dringend aktuell gehalten werden müssen (falls du sie überhaupt installiert hast und nutzt), weil durch deren Sicherheitslücken oft Malware auf die Computer gelangen kann:
Lesestoff:Sicherheitssoftware Würde dich jemand nackt auf dem Motorrad auf der Autobahn überholen würdest du auch den Kopf schütteln. Dein Computer braucht auch einen Schutz vor den täglichen kleinen Angriffen durch Schädlinge. Neben hervorragenden kommerziellen Anti-Viren-Lösungen gibt es auch durchaus gute Schutzprogramme, die kostenfrei mit reduziertem Funktionsumfang erhältlich sind. Aber vorsicht, hier gilt nicht "je mehr desto besser". Was du brauchst ist genau einen Virenscanner mit Hintergrundwächter. Nicht mehr und nicht weniger. Es gibt hier viele Produkte auf dem Markt, die einem gute Dienste leisten. Ich persönlich empfehle dir Avast Free Antivirus. Es bietet relativ guten Schutz, bei wenig nerviger Werbung und installiert dir ein Browserplugin, das dich vor gefährlichen Webseiten warnt.
 Lesestoff:Sicheres Surfen Zunächst muss man sagen, dass es üblicherweise immer der menschliche Faktor ist, der es Malware ermöglicht auf einen Computer zu gelangen. Kaufst du Leuten, die an deiner Haustür klingeln, auch sofort ohne nachzudenken irgendwelches Zeug ab? Gewöhne dir daher zunächst einige Verhaltensregeln beim Surfen im Internet an:
Aber selbst bei der peinlichen Einhaltung dieser Regeln kann es dennoch zu einer sogenannten Drive-By-Infektion kommen, bei der ein Schädling aus dem Schutzmechanismus des Webbrowsers ausbricht. Um die Sicherheit noch weiter zu erhöhen gibt es spezielle Schutzsoftware, die deinen Browser noch weiter absichert.
Zuletzt denke bitte über die Benutzung eines alternativen Browsers nach. Programme, die nicht so oft verwendet werden, sind auch nicht so sehr im Focus der "bösen Jungs". D.h. du bist mit einem exotischen Browser eher auf der sicheren Seite. Grundsätzlich bist du erst einmal deutlich sicherer, wenn du nicht den Internet Explorer benutzt.
Damit wünsche ich dir noch viel Spaß beim Surfen im Internet ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Eine Bitte: Gib mir eine kurze Rückmeldung, wenn alles erledigt ist und keine Fragen mehr vorhanden sind, damit ich diesen Thread aus meinen Abos löschen kann.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
11.04.2013, 08:45
| #10 |
| /// TB-Ausbilder | Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) Schön, dass wir helfen konnten  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen Falls du noch Lob oder Kritik loswerden möchtest, dann gibt es diesen Bereich hier: http://www.trojaner-board.de/lob-kritik-wuensche/
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu Chrome|Firefox lädt keine Seiten (websearch.mocaflix.com) |
| adobe, antivirus, avast, bho, defender, dsl, error, excel, firefox, flash player, format, helper, home, homepage, intranet, logfile, object, plug-in, problem, realtek, registry, rundll, scan, security, senden, software, trojaner-board, vista |
+ R Taste und kopiere folgenden Text in das Ausführen-Fenster und klicke OK.
Linear-Darstellung
