| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: zimuse wormWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.04.2013, 13:10
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  zimuse worm Arbeitet dein Freund als Sysadmin oder so in einer Firma?  Enterprise-Editionen bekommt man normalerweise nur als Volumenlizenz, das ist kein Lizenzierungsmodell für Privatleute... Enterprise ist die Volumenlizenz-Variante der Ultimate-Edition... aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.04.2013, 16:06
| #17 |
 | zimuse worm er arbeitet in keiner firma sondern ist sozusagen der pc reperateur in unserem dorf.
__________________enterprise testversion war drauf und er hat (weiß auch nicht wieso) ultimate drauf gemacht. aswmbr sürtzte ab und es kam die meldung von windows "aswmbr funktioniert nicht mehr" daraufhin hab ich es beendet. kaspersky fand eine bedrohung: Code:
ATTFilter 17:00:29.0848 5960 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:00:30.0160 5960 ============================================================
17:00:30.0160 5960 Current date / time: 2013/04/13 17:00:30.0160
17:00:30.0160 5960 SystemInfo:
17:00:30.0160 5960
17:00:30.0160 5960 OS Version: 6.1.7601 ServicePack: 1.0
17:00:30.0160 5960 Product type: Workstation
17:00:30.0160 5960 ComputerName: ALEXANDER-HP630
17:00:30.0161 5960 UserName: Info
17:00:30.0161 5960 Windows directory: C:\Windows
17:00:30.0161 5960 System windows directory: C:\Windows
17:00:30.0161 5960 Processor architecture: Intel x86
17:00:30.0161 5960 Number of processors: 2
17:00:30.0161 5960 Page size: 0x1000
17:00:30.0161 5960 Boot type: Normal boot
17:00:30.0161 5960 ============================================================
17:00:31.0600 5960 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:00:31.0602 5960 ============================================================
17:00:31.0602 5960 \Device\Harddisk0\DR0:
17:00:31.0602 5960 MBR partitions:
17:00:31.0602 5960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:00:31.0602 5960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A824A22
17:00:31.0602 5960 ============================================================
17:00:31.0630 5960 C: <-> \Device\Harddisk0\DR0\Partition2
17:00:31.0630 5960 ============================================================
17:00:31.0630 5960 Initialize success
17:00:31.0630 5960 ============================================================
17:00:36.0124 4996 ============================================================
17:00:36.0124 4996 Scan started
17:00:36.0124 4996 Mode: Manual; SigCheck; TDLFS;
17:00:36.0124 4996 ============================================================
17:00:36.0951 4996 ================ Scan system memory ========================
17:00:36.0951 4996 System memory - ok
17:00:36.0955 4996 ================ Scan services =============================
17:00:37.0061 4996 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:00:37.0203 4996 !SASCORE - ok
17:00:37.0586 4996 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:00:37.0640 4996 1394ohci - ok
17:00:37.0807 4996 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:00:37.0869 4996 ACDaemon - ok
17:00:37.0928 4996 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:00:37.0960 4996 ACPI - ok
17:00:37.0992 4996 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:00:38.0065 4996 AcpiPmi - ok
17:00:38.0158 4996 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:00:38.0248 4996 AdobeARMservice - ok
17:00:38.0340 4996 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:00:38.0381 4996 adp94xx - ok
17:00:38.0427 4996 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:00:38.0462 4996 adpahci - ok
17:00:38.0498 4996 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:00:38.0555 4996 adpu320 - ok
17:00:38.0577 4996 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:00:38.0606 4996 AeLookupSvc - ok
17:00:38.0813 4996 [ A6CE73469591554279DA63BE715DBC93 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
17:00:38.0892 4996 AERTFilters - ok
17:00:38.0950 4996 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
17:00:38.0998 4996 AFD - ok
17:00:39.0049 4996 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:00:39.0086 4996 agp440 - ok
17:00:39.0169 4996 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:00:39.0200 4996 aic78xx - ok
17:00:39.0222 4996 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:00:39.0254 4996 ALG - ok
17:00:39.0289 4996 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:00:39.0325 4996 aliide - ok
17:00:39.0386 4996 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:00:39.0440 4996 amdagp - ok
17:00:39.0458 4996 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:00:39.0482 4996 amdide - ok
17:00:39.0512 4996 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:00:39.0563 4996 AmdK8 - ok
17:00:39.0585 4996 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:00:39.0616 4996 AmdPPM - ok
17:00:39.0661 4996 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:00:39.0686 4996 amdsata - ok
17:00:39.0729 4996 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:00:39.0799 4996 amdsbs - ok
17:00:39.0831 4996 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:00:39.0851 4996 amdxata - ok
17:00:39.0905 4996 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:00:40.0031 4996 AppID - ok
17:00:40.0052 4996 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:00:40.0170 4996 AppIDSvc - ok
17:00:40.0211 4996 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
17:00:40.0306 4996 Appinfo - ok
17:00:40.0382 4996 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
17:00:40.0424 4996 AppMgmt - ok
17:00:40.0472 4996 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:00:40.0548 4996 arc - ok
17:00:40.0571 4996 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:00:40.0602 4996 arcsas - ok
17:00:40.0627 4996 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:00:40.0695 4996 AsyncMac - ok
17:00:40.0731 4996 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:00:40.0776 4996 atapi - ok
17:00:41.0035 4996 [ 03FA92CA4CDD1340D9070F7D42DAFD2E ] athr C:\Windows\system32\DRIVERS\athr.sys
17:00:41.0225 4996 athr - ok
17:00:41.0260 4996 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:00:41.0342 4996 AudioEndpointBuilder - ok
17:00:41.0359 4996 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:00:41.0443 4996 Audiosrv - ok
17:00:41.0503 4996 [ F3D3B0AFFD227AA2BFC80C1A4536BAA0 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
17:00:41.0592 4996 avc3 - ok
17:00:41.0652 4996 [ 7F9B99B564E7C9FBB6729ED95B5BBB24 ] avchv C:\Windows\system32\DRIVERS\avchv.sys
17:00:41.0709 4996 avchv - ok
17:00:41.0750 4996 [ C7BE750843A8A39167187FD28634A25E ] avckf C:\Windows\system32\DRIVERS\avckf.sys
17:00:41.0821 4996 avckf - ok
17:00:41.0852 4996 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:00:41.0907 4996 AxInstSV - ok
17:00:41.0969 4996 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:00:42.0009 4996 b06bdrv - ok
17:00:42.0032 4996 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:00:42.0065 4996 b57nd60x - ok
17:00:42.0202 4996 [ A624841BECEE1B0FCAB28BF2E4CB317A ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
17:00:42.0273 4996 BdDesktopParental - ok
17:00:42.0318 4996 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:00:42.0419 4996 BDESVC - ok
17:00:42.0543 4996 [ 2C8F82DC54215B2FE064EFF996F39D9B ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
17:00:42.0676 4996 BdfNdisf - ok
17:00:42.0695 4996 [ 2F66C9DF34134419928BAC00E21E2679 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
17:00:42.0783 4996 bdfwfpf - ok
17:00:42.0833 4996 [ B6CBFC9D825BB2D955620CD4D8EF07F9 ] BDSandBox C:\Windows\system32\drivers\bdsandbox.sys
17:00:42.0936 4996 BDSandBox - ok
17:00:42.0963 4996 [ A7478F77584F8DB6AD74B2BBE1144886 ] bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys
17:00:43.0050 4996 bdselfpr - ok
17:00:43.0105 4996 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\Drivers\beep.sys
17:00:43.0239 4996 Beep - ok
17:00:43.0337 4996 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
17:00:43.0482 4996 BFE - ok
17:00:43.0537 4996 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
17:00:43.0757 4996 BITS - ok
17:00:43.0771 4996 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:00:43.0965 4996 blbdrive - ok
17:00:44.0018 4996 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:00:44.0085 4996 Bonjour Service - ok
17:00:44.0125 4996 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:00:44.0147 4996 bowser - ok
17:00:44.0167 4996 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:00:44.0194 4996 BrFiltLo - ok
17:00:44.0215 4996 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:00:44.0270 4996 BrFiltUp - ok
17:00:44.0306 4996 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:00:44.0351 4996 BridgeMP - ok
17:00:44.0397 4996 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
17:00:44.0454 4996 Browser - ok
17:00:44.0493 4996 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:00:44.0524 4996 Brserid - ok
17:00:44.0539 4996 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:00:44.0566 4996 BrSerWdm - ok
17:00:44.0585 4996 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:00:44.0615 4996 BrUsbMdm - ok
17:00:44.0627 4996 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:00:44.0652 4996 BrUsbSer - ok
17:00:44.0710 4996 [ C840DFF077AA30FF64DEF169CBB49164 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
17:00:44.0755 4996 BtFilter - ok
17:00:44.0805 4996 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:00:44.0873 4996 BthEnum - ok
17:00:44.0893 4996 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:00:44.0922 4996 BTHMODEM - ok
17:00:44.0972 4996 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:00:45.0000 4996 BthPan - ok
17:00:45.0043 4996 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:00:45.0079 4996 BTHPORT - ok
17:00:45.0121 4996 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:00:45.0163 4996 bthserv - ok
17:00:45.0171 4996 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:00:45.0199 4996 BTHUSB - ok
17:00:45.0219 4996 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:00:45.0263 4996 cdfs - ok
17:00:45.0300 4996 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:00:45.0326 4996 cdrom - ok
17:00:45.0364 4996 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:00:45.0405 4996 CertPropSvc - ok
17:00:45.0443 4996 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:00:45.0469 4996 circlass - ok
17:00:45.0547 4996 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:00:45.0573 4996 CLFS - ok
17:00:45.0719 4996 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:00:45.0740 4996 clr_optimization_v2.0.50727_32 - ok
17:00:45.0861 4996 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:00:45.0882 4996 clr_optimization_v4.0.30319_32 - ok
17:00:45.0906 4996 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:00:45.0929 4996 CmBatt - ok
17:00:45.0984 4996 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:00:46.0005 4996 cmdide - ok
17:00:46.0043 4996 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
17:00:46.0078 4996 CNG - ok
17:00:46.0109 4996 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:00:46.0129 4996 Compbatt - ok
17:00:46.0150 4996 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:00:46.0176 4996 CompositeBus - ok
17:00:46.0180 4996 COMSysApp - ok
17:00:46.0220 4996 [ 06D5A4665F00190D12797956533749E8 ] cphs C:\Windows\system32\IntelCpHeciSvc.exe
17:00:46.0284 4996 cphs - ok
17:00:46.0311 4996 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:00:46.0333 4996 crcdisk - ok
17:00:46.0382 4996 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:00:46.0429 4996 CryptSvc - ok
17:00:46.0506 4996 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
17:00:46.0534 4996 CSC - ok
17:00:46.0587 4996 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
17:00:46.0618 4996 CscService - ok
17:00:46.0724 4996 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:00:46.0773 4996 DcomLaunch - ok
17:00:46.0829 4996 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:00:46.0878 4996 defragsvc - ok
17:00:46.0918 4996 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:00:46.0960 4996 DfsC - ok
17:00:47.0008 4996 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:00:47.0051 4996 Dhcp - ok
17:00:47.0089 4996 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:00:47.0135 4996 discache - ok
17:00:47.0140 4996 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:00:47.0163 4996 Disk - ok
17:00:47.0249 4996 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:00:47.0289 4996 Dnscache - ok
17:00:47.0340 4996 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:00:47.0386 4996 dot3svc - ok
17:00:47.0475 4996 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:00:47.0530 4996 DPS - ok
17:00:47.0553 4996 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:00:47.0578 4996 drmkaud - ok
17:00:47.0787 4996 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:00:47.0822 4996 DXGKrnl - ok
17:00:47.0861 4996 [ 22EF8965101685ADD128F03A2B03CE16 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:00:47.0923 4996 E1G60 - ok
17:00:47.0978 4996 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:00:48.0022 4996 EapHost - ok
17:00:48.0460 4996 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:00:48.0575 4996 ebdrv - ok
17:00:48.0612 4996 [ A00B61CBF4015C1F04D2D66BCF1A6450 ] ebinfiltr C:\Windows\system32\DRIVERS\ebinfiltr.sys
17:00:48.0659 4996 ebinfiltr - ok
17:00:48.0701 4996 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:00:48.0724 4996 EFS - ok
17:00:48.0846 4996 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:00:48.0879 4996 ehRecvr - ok
17:00:48.0906 4996 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:00:48.0930 4996 ehSched - ok
17:00:48.0994 4996 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:00:49.0027 4996 elxstor - ok
17:00:49.0074 4996 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:00:49.0098 4996 ErrDev - ok
17:00:49.0190 4996 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:00:49.0238 4996 EventSystem - ok
17:00:49.0257 4996 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:00:49.0305 4996 exfat - ok
17:00:49.0342 4996 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:00:49.0388 4996 fastfat - ok
17:00:49.0450 4996 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:00:49.0484 4996 Fax - ok
17:00:49.0500 4996 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:00:49.0524 4996 fdc - ok
17:00:49.0552 4996 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:00:49.0596 4996 fdPHost - ok
17:00:49.0619 4996 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:00:49.0661 4996 FDResPub - ok
17:00:49.0701 4996 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:00:49.0721 4996 FileInfo - ok
17:00:49.0727 4996 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:00:49.0775 4996 Filetrace - ok
17:00:49.0780 4996 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:00:49.0809 4996 flpydisk - ok
17:00:49.0855 4996 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:00:49.0882 4996 FltMgr - ok
17:00:49.0999 4996 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
17:00:50.0043 4996 FontCache - ok
17:00:50.0106 4996 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:00:50.0124 4996 FontCache3.0.0.0 - ok
17:00:50.0150 4996 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:00:50.0191 4996 FsDepends - ok
17:00:50.0231 4996 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:00:50.0252 4996 Fs_Rec - ok
17:00:50.0294 4996 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:00:50.0321 4996 fvevol - ok
17:00:50.0345 4996 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:00:50.0366 4996 gagp30kx - ok
17:00:50.0404 4996 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:00:50.0431 4996 GEARAspiWDM - ok
17:00:50.0483 4996 [ 34F8E8CCE094942282425ED937A9ECF1 ] GeneStor C:\Windows\system32\DRIVERS\GeneStor.sys
17:00:50.0523 4996 GeneStor - ok
17:00:50.0528 4996 gfiark - ok
17:00:50.0559 4996 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\Windows\system32\drivers\gfibto.sys
17:00:50.0586 4996 gfibto - ok
17:00:50.0631 4996 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:00:50.0682 4996 gpsvc - ok
17:00:50.0827 4996 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:00:50.0870 4996 gupdate - ok
17:00:50.0941 4996 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:00:50.0981 4996 gupdatem - ok
17:00:51.0088 4996 [ 9C1E3F5A672EDB0831AAF3E36B6876A6 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
17:00:51.0153 4996 gzflt - ok
17:00:51.0204 4996 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:00:51.0228 4996 hcw85cir - ok
17:00:51.0301 4996 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:00:51.0333 4996 HdAudAddService - ok
17:00:51.0358 4996 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:00:51.0387 4996 HDAudBus - ok
17:00:51.0406 4996 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:00:51.0442 4996 HidBatt - ok
17:00:51.0501 4996 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:00:51.0529 4996 HidBth - ok
17:00:51.0593 4996 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:00:51.0622 4996 HidIr - ok
17:00:51.0656 4996 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
17:00:51.0701 4996 hidserv - ok
17:00:51.0741 4996 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:00:51.0764 4996 HidUsb - ok
17:00:52.0160 4996 [ 68FE10B65AD73057A0BB49FD087A6DE0 ] HitmanPro37Crusader C:\Program Files\HitmanPro\HitmanPro.exe
17:00:52.0650 4996 HitmanPro37Crusader ( UnsignedFile.Multi.Generic ) - warning
17:00:52.0650 4996 HitmanPro37Crusader - detected UnsignedFile.Multi.Generic (1)
17:00:52.0706 4996 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:00:52.0756 4996 hkmsvc - ok
17:00:52.0817 4996 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:00:52.0852 4996 HomeGroupListener - ok
17:00:52.0902 4996 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:00:52.0927 4996 HomeGroupProvider - ok
17:00:52.0950 4996 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:00:52.0973 4996 HpSAMD - ok
17:00:53.0036 4996 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:00:53.0064 4996 HPWMISVC - ok
17:00:53.0154 4996 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:00:53.0206 4996 HTTP - ok
17:00:53.0261 4996 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:00:53.0280 4996 hwpolicy - ok
17:00:53.0311 4996 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:00:53.0335 4996 i8042prt - ok
17:00:53.0385 4996 [ DB81F413FA4E3F328CAD7B5D59EF3F21 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:00:53.0425 4996 iaStor - ok
17:00:53.0514 4996 [ 902F9086295B54B516B9664327079739 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
17:00:53.0558 4996 iaStorA - ok
17:00:53.0674 4996 [ 777788D9B63CCEEEF2DB353BA4EDD454 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:00:53.0718 4996 IAStorDataMgrSvc - ok
17:00:53.0762 4996 [ 13F98AAE8E9030C38A9DA7DADE6325A9 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
17:00:53.0791 4996 iaStorF - ok
17:00:53.0861 4996 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:00:53.0890 4996 iaStorV - ok
17:00:53.0961 4996 [ 83FF82FE209E7997067B375DAD6CF23D ] ICCS C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
17:00:54.0009 4996 ICCS - ok
17:00:54.0197 4996 [ 2B0EBB2199D71D79938998252BE8144E ] IconMan_R C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:00:54.0328 4996 IconMan_R - ok
17:00:54.0428 4996 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:00:54.0471 4996 idsvc - ok
17:00:54.0735 4996 [ D298B9BA074B5F96383E033EE3E82C3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
17:00:54.0832 4996 igfx - ok
17:00:54.0871 4996 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:00:54.0892 4996 iirsp - ok
17:00:55.0016 4996 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:00:55.0073 4996 IKEEXT - ok
17:00:55.0312 4996 [ 597CAEBDEB89D966CF7077BDD07479D4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:00:55.0403 4996 IntcAzAudAddService - ok
17:00:55.0503 4996 [ 3DA0D2BB20A60E1438070257BE911A06 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:00:55.0564 4996 IntcDAud - ok
17:00:55.0678 4996 [ AE2B75CD6C71F5706AD485FD6693CFF7 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:00:55.0770 4996 Intel(R) Capability Licensing Service Interface - ok
17:00:55.0794 4996 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:00:55.0813 4996 intelide - ok
17:00:55.0838 4996 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:00:55.0861 4996 intelppm - ok
17:00:55.0907 4996 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:00:55.0953 4996 IPBusEnum - ok
17:00:55.0980 4996 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:00:56.0033 4996 IpFilterDriver - ok
17:00:56.0081 4996 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:00:56.0130 4996 iphlpsvc - ok
17:00:56.0172 4996 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:00:56.0235 4996 IPMIDRV - ok
17:00:56.0269 4996 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:00:56.0336 4996 IPNAT - ok
17:00:56.0361 4996 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:00:56.0395 4996 IRENUM - ok
17:00:56.0405 4996 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:00:56.0425 4996 isapnp - ok
17:00:56.0454 4996 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:00:56.0485 4996 iScsiPrt - ok
17:00:56.0575 4996 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:00:56.0610 4996 jhi_service - ok
17:00:56.0645 4996 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:00:56.0670 4996 kbdclass - ok
17:00:56.0698 4996 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:00:56.0727 4996 kbdhid - ok
17:00:56.0744 4996 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:00:56.0768 4996 KeyIso - ok
17:00:56.0847 4996 [ EA26CB00F83686856F2C79673C00C686 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
17:00:56.0880 4996 kl1 - ok
17:00:56.0996 4996 [ 654BDF113971B6DFAEA21D5554EBF5F6 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
17:00:57.0043 4996 KLIF - ok
17:00:57.0089 4996 [ 24AEBAD59D1DE8A7CC36E8F09F999362 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
17:00:57.0118 4996 klkbdflt - ok
17:00:57.0468 4996 [ A58507C2827C3AE1D4CCB2746AAB349F ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
17:00:57.0497 4996 klmouflt - ok
17:00:57.0587 4996 [ B20DB17BC4E54B78EAB16D15B058E75B ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
17:00:57.0622 4996 kltdi - ok
17:00:57.0740 4996 [ 71A38C123600172511C26BFABD0EF579 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
17:00:57.0772 4996 kneps - ok
17:00:58.0196 4996 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:00:58.0219 4996 KSecDD - ok
17:00:58.0262 4996 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:00:58.0285 4996 KSecPkg - ok
17:00:58.0382 4996 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:00:58.0464 4996 KtmRm - ok
17:00:58.0640 4996 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
17:00:58.0705 4996 LanmanServer - ok
17:00:58.0768 4996 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:00:58.0826 4996 LanmanWorkstation - ok
17:00:58.0990 4996 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:00:59.0428 4996 lltdio - ok
17:00:59.0580 4996 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:00:59.0628 4996 lltdsvc - ok
17:00:59.0702 4996 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
17:00:59.0745 4996 lmhosts - ok
17:00:59.0916 4996 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:00:59.0966 4996 LMS - ok
17:01:00.0017 4996 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:01:00.0049 4996 LSI_FC - ok
17:01:00.0123 4996 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:01:00.0156 4996 LSI_SAS - ok
17:01:00.0208 4996 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:01:00.0231 4996 LSI_SAS2 - ok
17:01:00.0295 4996 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:01:00.0317 4996 LSI_SCSI - ok
17:01:00.0342 4996 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:01:00.0388 4996 luafv - ok
17:01:00.0450 4996 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:01:00.0477 4996 Mcx2Svc - ok
17:01:00.0539 4996 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:01:00.0561 4996 megasas - ok
17:01:00.0605 4996 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:01:00.0631 4996 MegaSR - ok
17:01:00.0713 4996 [ F053F1D48C8A92BDFA72654D0DCDF5AB ] MEI C:\Windows\system32\DRIVERS\HECI.sys
17:01:00.0749 4996 MEI - ok
17:01:00.0808 4996 MEMSWEEP2 - ok
17:01:00.0876 4996 [ BA3004F4C0A0CD19DB9C2C0AB3A84EFE ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
17:01:00.0909 4996 mfeapfk - ok
17:01:00.0994 4996 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:01:01.0038 4996 MMCSS - ok
17:01:01.0106 4996 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:01:01.0151 4996 Modem - ok
17:01:01.0297 4996 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:01:01.0321 4996 monitor - ok
17:01:01.0370 4996 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:01:01.0389 4996 mouclass - ok
17:01:01.0477 4996 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:01:01.0501 4996 mouhid - ok
17:01:01.0647 4996 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:01:01.0668 4996 mountmgr - ok
17:01:01.0779 4996 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:01:01.0819 4996 MozillaMaintenance - ok
17:01:01.0841 4996 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:01:01.0869 4996 mpio - ok
17:01:01.0957 4996 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:01:01.0998 4996 mpsdrv - ok
17:01:02.0127 4996 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:01:02.0193 4996 MpsSvc - ok
17:01:02.0238 4996 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:01:02.0283 4996 MRxDAV - ok
17:01:02.0338 4996 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:01:02.0361 4996 mrxsmb - ok
17:01:02.0389 4996 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:01:02.0413 4996 mrxsmb10 - ok
17:01:02.0425 4996 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:01:02.0457 4996 mrxsmb20 - ok
17:01:02.0503 4996 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:01:02.0522 4996 msahci - ok
17:01:02.0558 4996 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:01:02.0581 4996 msdsm - ok
17:01:02.0599 4996 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:01:02.0627 4996 MSDTC - ok
17:01:02.0660 4996 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:01:02.0708 4996 Msfs - ok
17:01:02.0728 4996 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:01:02.0769 4996 mshidkmdf - ok
17:01:02.0798 4996 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:01:02.0817 4996 msisadrv - ok
17:01:02.0861 4996 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:01:02.0906 4996 MSiSCSI - ok
17:01:02.0919 4996 msiserver - ok
17:01:02.0970 4996 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:01:03.0013 4996 MSKSSRV - ok
17:01:03.0046 4996 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:01:03.0086 4996 MSPCLOCK - ok
17:01:03.0100 4996 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:01:03.0141 4996 MSPQM - ok
17:01:03.0185 4996 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:01:03.0208 4996 MsRPC - ok
17:01:03.0253 4996 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:01:03.0282 4996 mssmbios - ok
17:01:03.0289 4996 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:01:03.0332 4996 MSTEE - ok
17:01:03.0362 4996 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:01:03.0387 4996 MTConfig - ok
17:01:03.0407 4996 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:01:03.0426 4996 Mup - ok
17:01:03.0473 4996 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:01:03.0521 4996 napagent - ok
17:01:03.0566 4996 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:01:03.0595 4996 NativeWifiP - ok
17:01:03.0639 4996 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:01:03.0675 4996 NDIS - ok
17:01:03.0693 4996 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:01:03.0737 4996 NdisCap - ok
17:01:03.0762 4996 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:01:03.0803 4996 NdisTapi - ok
17:01:03.0863 4996 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:01:03.0904 4996 Ndisuio - ok
17:01:03.0932 4996 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:01:03.0974 4996 NdisWan - ok
17:01:04.0007 4996 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:01:04.0048 4996 NDProxy - ok
17:01:04.0102 4996 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:01:04.0146 4996 NetBIOS - ok
17:01:04.0186 4996 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:01:04.0229 4996 NetBT - ok
17:01:04.0278 4996 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:01:04.0331 4996 Netlogon - ok
17:01:04.0372 4996 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:01:04.0421 4996 Netman - ok
17:01:04.0461 4996 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:01:04.0530 4996 netprofm - ok
17:01:04.0580 4996 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:01:04.0601 4996 NetTcpPortSharing - ok
17:01:04.0640 4996 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:01:04.0662 4996 nfrd960 - ok
17:01:04.0683 4996 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:01:04.0735 4996 NlaSvc - ok
17:01:04.0757 4996 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:01:04.0809 4996 Npfs - ok
17:01:04.0826 4996 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:01:04.0916 4996 nsi - ok
17:01:04.0931 4996 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:01:04.0977 4996 nsiproxy - ok
17:01:05.0029 4996 [ 9CDAEBE5160B9AF02AE17C62BDB6C4B5 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:01:05.0095 4996 Ntfs - ok
17:01:05.0126 4996 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:01:05.0171 4996 Null - ok
17:01:05.0195 4996 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:01:05.0217 4996 nvraid - ok
17:01:05.0255 4996 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:01:05.0276 4996 nvstor - ok
17:01:05.0344 4996 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:01:05.0364 4996 nv_agp - ok
17:01:05.0407 4996 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:01:05.0431 4996 ohci1394 - ok
17:01:05.0467 4996 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:01:05.0495 4996 p2pimsvc - ok
17:01:05.0558 4996 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
17:01:05.0588 4996 p2psvc - ok
17:01:05.0640 4996 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:01:05.0667 4996 Parport - ok
17:01:05.0715 4996 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:01:05.0737 4996 partmgr - ok
17:01:05.0754 4996 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:01:05.0777 4996 Parvdm - ok
17:01:05.0837 4996 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:01:05.0871 4996 PcaSvc - ok
17:01:05.0909 4996 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
17:01:05.0936 4996 pci - ok
17:01:05.0975 4996 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
17:01:05.0996 4996 pciide - ok
17:01:06.0049 4996 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:01:06.0075 4996 pcmcia - ok
17:01:06.0082 4996 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
17:01:06.0103 4996 pcw - ok
17:01:06.0160 4996 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:01:06.0216 4996 PEAUTH - ok
17:01:06.0322 4996 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:01:06.0369 4996 PeerDistSvc - ok
17:01:06.0624 4996 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
17:01:06.0717 4996 pla - ok
17:01:06.0762 4996 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:01:06.0791 4996 PlugPlay - ok
17:01:06.0820 4996 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:01:06.0844 4996 PNRPAutoReg - ok
17:01:06.0867 4996 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:01:06.0895 4996 PNRPsvc - ok
17:01:06.0934 4996 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:01:06.0981 4996 PolicyAgent - ok
17:01:07.0021 4996 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
17:01:07.0067 4996 Power - ok
17:01:07.0098 4996 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:01:07.0141 4996 PptpMiniport - ok
17:01:07.0165 4996 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:01:07.0188 4996 Processor - ok
17:01:07.0212 4996 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
17:01:07.0257 4996 ProfSvc - ok
17:01:07.0278 4996 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:01:07.0301 4996 ProtectedStorage - ok
17:01:07.0316 4996 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:01:07.0358 4996 Psched - ok
17:01:07.0421 4996 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:01:07.0489 4996 ql2300 - ok
17:01:07.0513 4996 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:01:07.0534 4996 ql40xx - ok
17:01:07.0573 4996 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
17:01:07.0606 4996 QWAVE - ok
17:01:07.0621 4996 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:01:07.0649 4996 QWAVEdrv - ok
17:01:07.0666 4996 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:01:07.0707 4996 RasAcd - ok
17:01:07.0738 4996 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:01:07.0780 4996 RasAgileVpn - ok
17:01:07.0797 4996 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
17:01:07.0843 4996 RasAuto - ok
17:01:07.0852 4996 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:01:07.0895 4996 Rasl2tp - ok
17:01:07.0933 4996 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
17:01:07.0980 4996 RasMan - ok
17:01:07.0990 4996 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:01:08.0035 4996 RasPppoe - ok
17:01:08.0048 4996 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:01:08.0090 4996 RasSstp - ok
17:01:08.0131 4996 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:01:08.0174 4996 rdbss - ok
17:01:08.0182 4996 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:01:08.0208 4996 rdpbus - ok
17:01:08.0240 4996 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:01:08.0278 4996 RDPCDD - ok
17:01:08.0304 4996 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:01:08.0328 4996 RDPDR - ok
17:01:08.0336 4996 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:01:08.0378 4996 RDPENCDD - ok
17:01:08.0391 4996 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:01:08.0430 4996 RDPREFMP - ok
17:01:08.0467 4996 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:01:08.0491 4996 RdpVideoMiniport - ok
17:01:08.0526 4996 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:01:08.0553 4996 RDPWD - ok
17:01:08.0585 4996 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:01:08.0607 4996 rdyboost - ok
17:01:08.0650 4996 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
17:01:08.0693 4996 RemoteAccess - ok
17:01:08.0726 4996 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:01:08.0774 4996 RemoteRegistry - ok
17:01:08.0796 4996 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:01:08.0822 4996 RFCOMM - ok
17:01:08.0836 4996 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:01:08.0882 4996 RpcEptMapper - ok
17:01:08.0908 4996 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
17:01:08.0931 4996 RpcLocator - ok
17:01:08.0955 4996 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
17:01:09.0003 4996 RpcSs - ok
17:01:09.0033 4996 [ D600D0C37E77CBAF0FDC409FAD6FFDCB ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
17:01:09.0127 4996 RSPCIESTOR - ok
17:01:09.0152 4996 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:01:09.0195 4996 rspndr - ok
17:01:09.0286 4996 [ 2DBCAFEAB41A6BCA71FF80DD3249DF6D ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
17:01:09.0328 4996 RtkAudioService - ok
17:01:09.0368 4996 [ 0085ADFE591291B219BADF2D3EBD0BEB ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
17:01:09.0400 4996 RTL2832UBDA - ok
17:01:09.0429 4996 [ 653347DBF9CE61B104F237D7B2B33CCF ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
17:01:09.0457 4996 RTL2832UUSB - ok
17:01:09.0472 4996 [ 13AB7EC17C94ACFE93F96EC96BD6B05D ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys
17:01:09.0500 4996 RTL2832U_IRHID - ok
17:01:09.0546 4996 [ 9AA3A8EBB12201D24211AB003612BA04 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
17:01:09.0589 4996 RTL8167 - ok
17:01:09.0619 4996 [ 9EA88492B1DAB90DCE43A6F2C0E133BD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
17:01:09.0650 4996 RTSTOR - ok
17:01:09.0686 4996 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:01:09.0708 4996 s3cap - ok
17:01:09.0722 4996 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
17:01:09.0745 4996 SamSs - ok
17:01:09.0785 4996 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:01:09.0813 4996 SASDIFSV - ok
17:01:09.0830 4996 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:01:09.0860 4996 SASKUTIL - ok
17:01:09.0885 4996 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:01:09.0906 4996 sbp2port - ok
17:01:09.0939 4996 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:01:09.0983 4996 SCardSvr - ok
17:01:10.0015 4996 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:01:10.0057 4996 scfilter - ok
17:01:10.0144 4996 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
17:01:10.0198 4996 Schedule - ok
17:01:10.0239 4996 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:01:10.0279 4996 SCPolicySvc - ok
17:01:10.0300 4996 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:01:10.0325 4996 SDRSVC - ok
17:01:10.0359 4996 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:01:10.0401 4996 secdrv - ok
17:01:10.0430 4996 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
17:01:10.0474 4996 seclogon - ok
17:01:10.0483 4996 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
17:01:10.0528 4996 SENS - ok
17:01:10.0544 4996 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:01:10.0569 4996 SensrSvc - ok
17:01:10.0596 4996 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:01:10.0618 4996 Serenum - ok
17:01:10.0643 4996 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:01:10.0666 4996 Serial - ok
17:01:10.0696 4996 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:01:10.0719 4996 sermouse - ok
17:01:10.0774 4996 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
17:01:10.0820 4996 SessionEnv - ok
17:01:10.0852 4996 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:01:10.0877 4996 sffdisk - ok
17:01:10.0896 4996 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:01:10.0919 4996 sffp_mmc - ok
17:01:10.0940 4996 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:01:10.0965 4996 sffp_sd - ok
17:01:10.0988 4996 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:01:11.0010 4996 sfloppy - ok
17:01:11.0075 4996 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:01:11.0126 4996 SharedAccess - ok
17:01:11.0155 4996 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:01:11.0201 4996 ShellHWDetection - ok
17:01:11.0231 4996 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:01:11.0253 4996 sisagp - ok
17:01:11.0276 4996 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:01:11.0298 4996 SiSRaid2 - ok
17:01:11.0315 4996 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:01:11.0337 4996 SiSRaid4 - ok
17:01:11.0371 4996 [ 0A0A0183711EFB04F9BCC32BB44471F2 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:01:11.0437 4996 SkypeUpdate - ok
17:01:11.0461 4996 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:01:11.0505 4996 Smb - ok
17:01:11.0513 4996 SmbDrv - ok
17:01:11.0560 4996 [ 167D5D7AA049FA210E0B3184F55261AD ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
17:01:11.0589 4996 SmbDrvI - ok
17:01:11.0633 4996 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:01:11.0658 4996 SNMPTRAP - ok
17:01:11.0695 4996 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
17:01:11.0733 4996 spldr - ok
17:01:11.0773 4996 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
17:01:11.0819 4996 Spooler - ok
17:01:11.0916 4996 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
17:01:12.0050 4996 sppsvc - ok
17:01:12.0124 4996 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:01:12.0166 4996 sppuinotify - ok
17:01:12.0201 4996 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:01:12.0228 4996 srv - ok
17:01:12.0254 4996 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:01:12.0280 4996 srv2 - ok
17:01:12.0290 4996 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:01:12.0313 4996 srvnet - ok
17:01:12.0351 4996 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:01:12.0397 4996 SSDPSRV - ok
17:01:12.0420 4996 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:01:12.0463 4996 SstpSvc - ok
17:01:12.0492 4996 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:01:12.0511 4996 stexstor - ok
17:01:12.0545 4996 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
17:01:12.0581 4996 StiSvc - ok
17:01:12.0590 4996 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:01:12.0614 4996 storflt - ok
17:01:12.0670 4996 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:01:12.0689 4996 storvsc - ok
17:01:12.0710 4996 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
17:01:12.0729 4996 swenum - ok
17:01:12.0753 4996 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
17:01:12.0804 4996 swprv - ok
17:01:12.0905 4996 [ E515DFCF3BC3704A9BE2357B97C0E359 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:01:12.0941 4996 SynTP - ok
17:01:13.0008 4996 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
17:01:13.0078 4996 SysMain - ok
17:01:13.0103 4996 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:01:13.0134 4996 TabletInputService - ok
17:01:13.0168 4996 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
17:01:13.0215 4996 TapiSrv - ok
17:01:13.0250 4996 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
17:01:13.0294 4996 TBS - ok
17:01:13.0348 4996 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:01:13.0396 4996 Tcpip - ok
17:01:13.0438 4996 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:01:13.0486 4996 TCPIP6 - ok
17:01:13.0526 4996 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:01:13.0566 4996 tcpipreg - ok
17:01:13.0605 4996 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:01:13.0640 4996 TDPIPE - ok
17:01:13.0649 4996 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:01:13.0672 4996 TDTCP - ok
17:01:13.0697 4996 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:01:13.0737 4996 tdx - ok
17:01:13.0747 4996 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:01:13.0767 4996 TermDD - ok
17:01:13.0806 4996 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
17:01:13.0858 4996 TermService - ok
17:01:13.0890 4996 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
17:01:13.0918 4996 Themes - ok
17:01:13.0937 4996 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
17:01:13.0981 4996 THREADORDER - ok
17:01:14.0046 4996 [ 0765EE4A7A0D6609BF91CA2E4700E885 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
17:01:14.0108 4996 TomTomHOMEService - ok
17:01:14.0137 4996 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
17:01:14.0182 4996 TrkWks - ok
17:01:14.0225 4996 [ F2AEE22231046CAD8D2F94D2C0F9BEFB ] trufos C:\Windows\system32\DRIVERS\trufos.sys
17:01:14.0299 4996 trufos - ok
17:01:14.0389 4996 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:01:14.0523 4996 TrustedInstaller - ok
17:01:14.0637 4996 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:01:14.0748 4996 tssecsrv - ok
17:01:14.0783 4996 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:01:14.0810 4996 TsUsbFlt - ok
17:01:14.0909 4996 [ FC740E4FF236B72CA59B8F762D30C7F3 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
17:01:15.0037 4996 TuneUp.UtilitiesSvc - ok
17:01:15.0060 4996 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
17:01:15.0089 4996 TuneUpUtilitiesDrv - ok
17:01:15.0159 4996 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:01:15.0210 4996 tunnel - ok
17:01:15.0256 4996 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:01:15.0323 4996 uagp35 - ok
17:01:15.0350 4996 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:01:15.0398 4996 udfs - ok
17:01:15.0443 4996 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:01:15.0504 4996 UI0Detect - ok
17:01:15.0562 4996 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:01:15.0589 4996 uliagpkx - ok
17:01:15.0614 4996 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:01:15.0638 4996 umbus - ok
17:01:15.0657 4996 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:01:15.0688 4996 UmPass - ok
17:01:15.0733 4996 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
17:01:15.0763 4996 UmRdpService - ok
17:01:15.0809 4996 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:01:15.0876 4996 UNS - ok
17:01:15.0954 4996 [ 1C5835420F2A8F6D683FD6BDFFA2FFDD ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
17:01:15.0987 4996 UPDATESRV - ok
17:01:16.0030 4996 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
17:01:16.0089 4996 upnphost - ok
17:01:16.0129 4996 [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:01:16.0156 4996 usbccgp - ok
17:01:16.0185 4996 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:01:16.0393 4996 usbcir - ok
17:01:16.0419 4996 [ CFBCE999C057D78979A181C9C60F208E ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:01:16.0460 4996 usbehci - ok
17:01:16.0485 4996 [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub C:\Windows\system32\drivers\usbhub.sys
17:01:16.0516 4996 usbhub - ok
17:01:16.0541 4996 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:01:16.0570 4996 usbohci - ok
17:01:16.0609 4996 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:01:16.0643 4996 usbprint - ok
17:01:16.0684 4996 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:01:16.0765 4996 usbscan - ok
17:01:16.0793 4996 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:01:16.0819 4996 USBSTOR - ok
17:01:16.0838 4996 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:01:16.0881 4996 usbuhci - ok
17:01:16.0899 4996 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:01:16.0929 4996 usbvideo - ok
17:01:16.0961 4996 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
17:01:17.0008 4996 UxSms - ok
17:01:17.0036 4996 [ 57324E62405EC114C6C1A6F1C9704E8F ] UxTuneUp C:\Windows\System32\uxtuneup.dll
17:01:17.0074 4996 UxTuneUp - ok
17:01:17.0099 4996 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
17:01:17.0124 4996 VaultSvc - ok
17:01:17.0156 4996 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:01:17.0201 4996 vdrvroot - ok
17:01:17.0233 4996 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
17:01:17.0297 4996 vds - ok
17:01:17.0325 4996 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:01:17.0354 4996 vga - ok
17:01:17.0380 4996 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:01:17.0442 4996 VgaSave - ok
17:01:17.0459 4996 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:01:17.0486 4996 vhdmp - ok
17:01:17.0507 4996 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:01:17.0529 4996 viaagp - ok
17:01:17.0554 4996 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:01:17.0584 4996 ViaC7 - ok
17:01:17.0617 4996 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
17:01:17.0640 4996 viaide - ok
17:01:17.0660 4996 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:01:17.0686 4996 vmbus - ok
17:01:17.0701 4996 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:01:17.0726 4996 VMBusHID - ok
17:01:17.0736 4996 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:01:17.0761 4996 volmgr - ok
17:01:17.0797 4996 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:01:17.0824 4996 volmgrx - ok
17:01:17.0838 4996 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:01:17.0867 4996 volsnap - ok
17:01:17.0894 4996 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:01:17.0926 4996 vsmraid - ok
17:01:17.0970 4996 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
17:01:18.0060 4996 VSS - ok
17:01:18.0118 4996 [ 199F40FD6788B479B7458A27E6DD26C6 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
17:01:18.0205 4996 VSSERV - ok
17:01:18.0238 4996 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:01:18.0266 4996 vwifibus - ok
17:01:18.0281 4996 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:01:18.0311 4996 vwififlt - ok
17:01:18.0332 4996 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:01:18.0368 4996 vwifimp - ok
17:01:18.0415 4996 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
17:01:18.0470 4996 W32Time - ok
17:01:18.0497 4996 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:01:18.0524 4996 WacomPen - ok
17:01:18.0549 4996 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:01:18.0597 4996 WANARP - ok
17:01:18.0606 4996 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:01:18.0652 4996 Wanarpv6 - ok
17:01:18.0696 4996 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
17:01:18.0849 4996 wbengine - ok
17:01:18.0889 4996 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:01:18.0924 4996 WbioSrvc - ok
17:01:18.0944 4996 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:01:18.0983 4996 wcncsvc - ok
17:01:19.0004 4996 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:01:19.0033 4996 WcsPlugInService - ok
17:01:19.0067 4996 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:01:19.0090 4996 Wd - ok
17:01:19.0116 4996 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:01:19.0149 4996 Wdf01000 - ok
17:01:19.0174 4996 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:01:19.0227 4996 WdiServiceHost - ok
17:01:19.0242 4996 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:01:19.0285 4996 WdiSystemHost - ok
17:01:19.0345 4996 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
17:01:19.0407 4996 WebClient - ok
17:01:19.0495 4996 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:01:19.0554 4996 Wecsvc - ok
17:01:19.0654 4996 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:01:19.0701 4996 wercplsupport - ok
17:01:19.0736 4996 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
17:01:19.0790 4996 WerSvc - ok
17:01:19.0803 4996 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:01:19.0848 4996 WfpLwf - ok
17:01:19.0882 4996 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:01:19.0911 4996 WIMMount - ok
17:01:19.0973 4996 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:01:20.0014 4996 WinDefend - ok
17:01:20.0031 4996 WinHttpAutoProxySvc - ok
17:01:20.0192 4996 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:01:20.0249 4996 Winmgmt - ok
17:01:20.0403 4996 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
17:01:20.0499 4996 WinRM - ok
17:01:20.0607 4996 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:01:20.0633 4996 WinUsb - ok
17:01:20.0828 4996 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:01:20.0922 4996 Wlansvc - ok
17:01:21.0157 4996 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:01:21.0342 4996 wlidsvc - ok
17:01:21.0425 4996 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:01:21.0449 4996 WmiAcpi - ok
17:01:21.0516 4996 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:01:21.0551 4996 wmiApSrv - ok
17:01:21.0873 4996 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:01:21.0939 4996 WMPNetworkSvc - ok
17:01:21.0981 4996 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:01:22.0006 4996 WPCSvc - ok
17:01:22.0038 4996 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:01:22.0067 4996 WPDBusEnum - ok
17:01:22.0091 4996 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:01:22.0135 4996 ws2ifsl - ok
17:01:22.0158 4996 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
17:01:22.0188 4996 wscsvc - ok
17:01:22.0198 4996 WSearch - ok
17:01:22.0285 4996 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
17:01:22.0398 4996 wuauserv - ok
17:01:22.0428 4996 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:01:22.0470 4996 WudfPf - ok
17:01:22.0493 4996 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:01:22.0536 4996 WUDFRd - ok
17:01:22.0558 4996 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:01:22.0602 4996 wudfsvc - ok
17:01:22.0634 4996 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:01:22.0668 4996 WwanSvc - ok
17:01:22.0717 4996 ================ Scan global ===============================
17:01:22.0794 4996 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:01:22.0824 4996 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:01:22.0836 4996 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:01:22.0884 4996 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:01:22.0904 4996 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:01:22.0949 4996 [Global] - ok
17:01:22.0950 4996 ================ Scan MBR ==================================
17:01:22.0977 4996 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:01:23.0331 4996 \Device\Harddisk0\DR0 - ok
17:01:23.0331 4996 ================ Scan VBR ==================================
17:01:23.0334 4996 [ 54BA4C37D203C2B279E01A9F91269268 ] \Device\Harddisk0\DR0\Partition1
17:01:23.0336 4996 \Device\Harddisk0\DR0\Partition1 - ok
17:01:23.0364 4996 [ 70CDE5FD0EA39B0F0F3DB7729E33957A ] \Device\Harddisk0\DR0\Partition2
17:01:23.0366 4996 \Device\Harddisk0\DR0\Partition2 - ok
17:01:23.0367 4996 ============================================================
17:01:23.0367 4996 Scan finished
17:01:23.0367 4996 ============================================================
17:01:23.0381 5508 Detected object count: 1
17:01:23.0381 5508 Actual detected object count: 1
17:01:29.0142 5508 HitmanPro37Crusader ( UnsignedFile.Multi.Generic ) - skipped by user
17:01:29.0142 5508 HitmanPro37Crusader ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:01:59.0710 1608 Deinitialize success
|
|
13.04.2013, 16:16
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | zimuse worm Bitte die Anleitungen vollständig lesen, es gibt einen Hinweis zu aswMBR wenn es abstürzen sollte.
__________________
__________________ |
|
13.04.2013, 16:26
| #19 |
| | zimuse worm sorry habs übersehen. Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-13 17:20:41
-----------------------------
17:20:41.506 OS Version: Windows 6.1.7601 Service Pack 1
17:20:41.506 Number of processors: 2 586 0x2A07
17:20:41.509 ComputerName: ALEXANDER-HP630 UserName: Info
17:20:43.182 Initialize success
17:20:58.448 AVAST engine defs: 13041300
17:21:04.615 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000070
17:21:04.618 Disk 0 Vendor: ATA_____ 1A01 Size: 610480MB BusType: 11
17:21:05.035 Disk 0 MBR read successfully
17:21:05.038 Disk 0 MBR scan
17:21:05.153 Disk 0 Windows 7 default MBR code
17:21:05.157 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:21:05.182 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 610377 MB offset 206848
17:21:05.208 Disk 0 scanning sectors +1250259490
17:21:05.483 Disk 0 scanning C:\Windows\system32\drivers
17:21:43.579 Service scanning
17:21:47.121 Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
17:21:47.174 Service bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
17:21:47.294 Service bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys **LOCKED** 5
17:22:16.465 Modules scanning
17:22:31.417 Disk 0 trace - called modules:
17:22:31.437 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys halmacpi.dll iaStorA.sys dxgkrnl.sys igdkmd32.sys dxgmms1.sys HDAudBus.sys
17:22:31.444 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x88f5dac8]
17:22:31.450 3 CLASSPNP.SYS[8c99e59e] -> nt!IofCallDriver -> [0x88f5d020]
17:22:31.457 5 iaStorF.sys[8c9477ee] -> nt!IofCallDriver -> \Device\00000070[0x872175f8]
17:22:31.463 Scan finished successfully
17:25:50.755 Disk 0 MBR has been saved successfully to "C:\Users\Info\Desktop\MBR.dat"
17:25:50.922 The log file has been saved successfully to "C:\Users\Info\Desktop\aswMBR.txt"
|
|
13.04.2013, 16:42
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | zimuse worm Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.04.2013, 18:10
| #21 |
| | zimuse wormCode:
ATTFilter ComboFix 13-04-12.02 - Info 13.04.2013 18:05:37.2.2 - x86
ausgeführt von:: c:\users\Info\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\logboot_07.04.2013.tureg.log
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-03-13 bis 2013-04-13 ))))))))))))))))))))))))))))))
.
.
2013-04-13 17:05 . 2013-04-13 17:06 -------- d-----w- c:\users\Info\AppData\Local\temp
2013-04-13 17:05 . 2013-04-13 17:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-13 17:05 . 2013-04-13 17:05 -------- d-----w- c:\users\Malisa\AppData\Local\temp
2013-04-13 17:05 . 2013-04-13 17:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-12 19:03 . 2013-04-12 19:03 -------- d-----w- c:\programdata\Synaptics
2013-04-12 18:47 . 2012-06-20 22:26 90624 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-04-12 18:43 . 2013-04-12 18:43 -------- d-sh--we c:\windows\system32\config\systemprofile\Vorlagen
2013-04-12 18:43 . 2013-04-12 18:43 -------- d-sh--we c:\windows\system32\config\systemprofile\Netzwerkumgebung
2013-04-12 18:43 . 2013-04-12 18:43 -------- d-sh--we c:\windows\system32\config\systemprofile\Eigene Dateien
2013-04-12 18:43 . 2013-04-12 18:43 -------- d-sh--we c:\windows\system32\config\systemprofile\Druckumgebung
2013-04-12 14:04 . 2012-11-19 11:10 526392 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2013-04-12 14:03 . 2013-04-12 18:48 -------- d-----w- c:\windows\system32\RTCOM
2013-04-10 18:29 . 2013-04-10 18:29 12872 ----a-w- c:\windows\system32\bootdelete.exe
2013-04-10 13:28 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 13:28 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 13:28 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 13:28 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 13:28 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 13:28 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 13:28 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 13:28 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 13:27 . 2013-03-02 05:07 1212264 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-07 10:30 . 2013-04-07 10:42 -------- d-----w- C:\Stinger_Quarantine
2013-04-07 10:28 . 2013-04-07 12:36 -------- d-----w- c:\program files\stinger
2013-04-05 08:41 . 2013-04-05 08:41 103 ----a-w- c:\users\Public\sdelevURL.tmp
2013-04-04 14:11 . 2013-04-04 14:11 -------- d-----w- c:\programdata\McAfee
2013-04-04 07:56 . 2013-04-04 07:56 -------- d-----w- c:\program files\Sophos
2013-04-03 19:49 . 2013-04-03 22:06 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-04-03 19:49 . 2013-04-03 19:49 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-04-03 16:10 . 2013-04-03 16:10 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys
2013-03-27 20:24 . 2013-03-27 20:24 -------- d-----w- c:\users\Info\AppData\Roaming\Canneverbe Limited
2013-03-27 20:24 . 2013-03-27 20:24 -------- d-----w- c:\programdata\Canneverbe Limited
2013-03-27 20:23 . 2013-03-27 20:23 -------- d-----w- c:\program files\CDBurnerXP
2013-03-25 11:56 . 2013-03-25 11:56 -------- d-----w- c:\windows\PCHEALTH
2013-03-25 11:53 . 2013-03-25 11:50 5659096 -c--a-w- c:\program files\Common Files\Windows Live\.cache\e388ac761ce294e02\skydrivesetup.exe
2013-03-25 11:52 . 2013-03-25 12:38 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-03-24 21:31 . 2013-03-24 21:31 -------- d-----w- c:\windows\system32\jmdp
2013-03-24 21:31 . 2013-03-24 21:31 -------- d-----w- c:\windows\system32\ARFC
2013-03-24 21:31 . 2011-05-13 23:17 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-03-24 21:31 . 2011-05-13 23:17 479232 ----a-w- c:\windows\system32\msvcm80.dll
2013-03-24 21:31 . 2011-05-13 23:17 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-03-24 21:13 . 2013-03-24 21:15 -------- d-----w- c:\users\Info\AppData\Roaming\Notepad++
2013-03-24 21:13 . 2013-03-24 21:13 -------- d-----w- c:\program files\Notepad++
2013-03-24 20:59 . 2013-03-24 20:59 -------- d-----w- c:\users\Info\AppData\Roaming\Thunderbird
2013-03-24 20:59 . 2013-03-24 20:59 -------- d-----w- c:\users\Info\AppData\Local\Thunderbird
2013-03-23 20:22 . 2013-03-23 20:22 -------- d-----w- c:\users\Info\AppData\Local\F-Secure
2013-03-23 18:58 . 2013-03-23 18:58 -------- d-----w- c:\users\Default\AppData\Local\Google
2013-03-20 17:04 . 2013-03-20 17:04 -------- d-----w- c:\program files\MSXML 4.0
2013-03-20 16:37 . 2013-03-20 16:37 -------- d-----w- c:\program files\MSSOAP
2013-03-19 16:24 . 2013-03-20 20:23 -------- d-----w- c:\program files\EasyBox Key Decrypter
2013-03-18 16:19 . 2013-03-24 18:04 -------- d-----w- c:\program files\F-Secure
2013-03-18 15:57 . 2013-03-18 15:57 -------- d-----w- c:\users\Info\AppData\Roaming\Salfeld
2013-03-18 15:57 . 2009-07-13 23:15 41 ----a-w- c:\windows\system32\SWCTL.DLL
2013-03-18 15:57 . 2013-03-18 16:07 -------- d--h--w- c:\programdata\Device
2013-03-18 15:57 . 2013-03-18 16:07 -------- d--h--w- c:\program files\Common Files\System Shared
2013-03-16 19:02 . 2013-04-08 18:45 -------- d-----w- c:\users\Gast
2013-03-16 08:54 . 2013-03-16 08:55 -------- d-----w- c:\users\Info\AppData\Roaming\Desktop Sidebar
2013-03-14 18:45 . 2013-03-14 18:45 -------- d-----w- c:\users\Info\AppData\Roaming\SUPERAntiSpyware.com
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-12 18:16 . 2012-10-03 16:01 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-12 18:16 . 2012-10-03 16:01 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-12 21:06 . 2013-03-12 21:06 15859416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-03-06 19:12 . 2013-03-06 19:12 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-06 19:12 . 2012-12-01 12:59 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-06 19:12 . 2012-12-01 12:59 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-28 17:38 . 2013-02-28 17:38 72704 ----a-w- c:\windows\system32\drivers\bdvedisk.sys
2013-02-27 14:36 . 2012-12-12 15:38 3121152 ----a-w- c:\windows\system32\igfxcmjit32.dll
2013-02-26 18:47 . 2013-02-26 18:47 9728 ------w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-26 18:47 . 2013-02-26 18:47 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-02-26 18:47 . 2013-02-26 18:47 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-02-26 18:47 . 2013-02-26 18:47 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-26 18:47 . 2013-02-26 18:47 5632 ------w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-26 18:47 . 2013-02-26 18:47 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-02-26 18:47 . 2013-02-26 18:47 4096 ------w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-26 18:47 . 2013-02-26 18:47 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-02-26 18:47 . 2013-02-26 18:47 3584 ------w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-26 18:47 . 2013-02-26 18:47 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-02-26 18:47 . 2013-02-26 18:47 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-26 18:47 . 2013-02-26 18:47 3072 ------w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-26 18:47 . 2013-02-26 18:47 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-02-26 18:47 . 2013-02-26 18:47 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-26 18:47 . 2013-02-26 18:47 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-02-26 18:47 . 2013-02-26 18:47 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-02-26 18:47 . 2013-02-26 18:47 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-02-26 18:47 . 2013-02-26 18:47 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-02-26 18:47 . 2013-02-26 18:47 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-02-26 18:47 . 2013-02-26 18:47 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-02-26 18:47 . 2013-02-26 18:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-02-26 18:47 . 2013-02-26 18:47 1504768 ----a-w- c:\windows\system32\d3d11.dll
2013-02-26 18:47 . 2013-02-26 18:47 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-02-26 18:47 . 2013-02-26 18:47 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-02-26 18:47 . 2013-02-26 18:47 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-02-26 18:47 . 2013-02-26 18:47 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-02-26 18:47 . 2013-02-26 18:47 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-26 12:50 . 2013-02-26 12:50 53248 ----a-r- c:\users\Info\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-02-21 14:33 . 2013-02-21 14:33 189 ----a-w- c:\windows\DeleteOnReboot.bat
2013-02-19 05:17 . 2013-02-19 05:17 3109888 ----a-w- c:\windows\system32\drivers\athr.sys
2013-02-12 03:32 . 2013-03-13 15:20 15872 ------w- c:\windows\system32\drivers\usb8023.sys
2013-02-10 16:44 . 2013-02-10 16:44 13560 ------w- c:\windows\system32\drivers\gfibto.sys
2013-02-08 04:08 . 2013-02-08 04:08 359936 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2013-02-08 04:08 . 2013-02-08 04:08 13824 ----a-w- c:\windows\system32\IntcDAuC.dll
2013-01-28 13:19 . 2013-02-05 13:13 32032 ----a-w- c:\windows\system32\TURegOpt.exe
2013-01-28 13:19 . 2013-02-05 13:27 29984 ------w- c:\windows\system32\uxtuneup.dll
2013-01-28 13:19 . 2013-02-05 13:13 21792 ----a-w- c:\windows\system32\authuitu.dll
2013-01-25 17:25 . 2013-01-25 17:25 277488 ----a-w- c:\windows\system32\IntelCpHeciSvc.exe
2013-01-25 17:25 . 2013-01-25 17:25 271856 ----a-w- c:\windows\system32\igfxsrvc.exe
2013-01-25 17:25 . 2013-01-25 17:25 145904 ----a-w- c:\windows\system32\igfxtray.exe
2013-01-25 17:25 . 2013-01-25 17:25 199152 ----a-w- c:\windows\system32\igfxext.exe
2013-01-25 17:25 . 2013-01-25 17:25 189936 ----a-w- c:\windows\system32\igfxpers.exe
2013-01-25 17:25 . 2013-01-25 17:25 181232 ----a-w- c:\windows\system32\hkcmd.exe
2013-01-25 17:25 . 2013-01-25 17:25 6232048 ----a-w- c:\windows\system32\GfxUI.exe
2013-01-23 20:57 . 2013-01-23 20:57 56432 ----a-w- c:\windows\system32\drivers\HECI.sys
2013-01-23 08:21 . 2013-01-23 08:21 102400 ----a-w- c:\windows\system32\igfxCoIn_v2963.dll
2013-01-16 10:32 . 2012-01-10 12:55 11175424 ----a-w- c:\windows\system32\igd10umd32.dll
2013-01-16 10:29 . 2013-01-16 10:29 435712 ----a-w- c:\windows\system32\igfxrtrk.lrc
2013-01-16 10:29 . 2013-01-16 10:29 435712 ----a-w- c:\windows\system32\igfxrsve.lrc
2013-01-16 10:29 . 2013-01-16 10:29 435200 ----a-w- c:\windows\system32\igfxrtha.lrc
2013-01-16 10:29 . 2013-01-16 10:29 437248 ----a-w- c:\windows\system32\igfxrrus.lrc
2013-01-16 10:29 . 2013-01-16 10:29 437248 ----a-w- c:\windows\system32\igfxrrom.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436736 ----a-w- c:\windows\system32\igfxrsky.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436736 ----a-w- c:\windows\system32\igfxrptg.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436736 ----a-w- c:\windows\system32\igfxrplk.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436736 ----a-w- c:\windows\system32\igfxrnld.lrc
2013-01-16 10:29 . 2013-01-16 10:29 435712 ----a-w- c:\windows\system32\igfxrslv.lrc
2013-01-16 10:29 . 2013-01-16 10:29 435712 ----a-w- c:\windows\system32\igfxrptb.lrc
2013-01-16 10:29 . 2013-01-16 10:29 435712 ----a-w- c:\windows\system32\igfxrnor.lrc
2013-01-16 10:29 . 2013-01-16 10:29 429056 ----a-w- c:\windows\system32\igfxrkor.lrc
2013-01-16 10:29 . 2013-01-16 10:29 3763200 ----a-w- c:\windows\system32\drivers\igdkmd32.sys
2013-01-16 10:29 . 2013-01-16 10:29 64512 ----a-w- c:\windows\system32\igdde32.dll
2013-01-16 10:29 . 2013-01-16 10:29 438272 ----a-w- c:\windows\system32\igfxrell.lrc
2013-01-16 10:29 . 2013-01-16 10:29 437760 ----a-w- c:\windows\system32\igfxrfra.lrc
2013-01-16 10:29 . 2013-01-16 10:29 437760 ----a-w- c:\windows\system32\igfxresn.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436736 ----a-w- c:\windows\system32\igfxrita.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436736 ----a-w- c:\windows\system32\igfxrhrv.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436736 ----a-w- c:\windows\system32\igfxrdeu.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436224 ----a-w- c:\windows\system32\igfxrhun.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436224 ----a-w- c:\windows\system32\igfxrfin.lrc
2013-01-16 10:29 . 2013-01-16 10:29 435200 ----a-w- c:\windows\system32\igfxrdan.lrc
2013-01-16 10:29 . 2013-01-16 10:29 433664 ----a-w- c:\windows\system32\igfxrheb.lrc
2013-01-16 10:29 . 2013-01-16 10:29 430080 ----a-w- c:\windows\system32\igfxrjpn.lrc
2013-01-16 10:29 . 2013-01-16 10:29 436224 ----a-w- c:\windows\system32\igfxrcsy.lrc
2013-01-16 10:29 . 2013-01-16 10:29 433664 ----a-w- c:\windows\system32\igfxrara.lrc
2013-01-16 10:29 . 2013-01-16 10:29 427008 ----a-w- c:\windows\system32\igfxrcht.lrc
2013-01-16 10:29 . 2013-01-16 10:29 426496 ----a-w- c:\windows\system32\igfxrchs.lrc
2013-01-16 10:29 . 2012-01-10 13:18 11049472 ----a-w- c:\windows\system32\igdumd32.dll
2013-01-16 10:29 . 2013-01-16 10:29 313344 ----a-w- c:\windows\system32\igfxpph.dll
2013-01-16 10:29 . 2013-01-16 10:29 286720 ----a-w- c:\windows\system32\igfxTMM.dll
2013-01-16 10:29 . 2013-01-16 10:29 25088 ----a-w- c:\windows\system32\igfxexps.dll
2013-01-16 10:29 . 2013-01-16 10:29 120320 ----a-w- c:\windows\system32\igfxcpl.cpl
2013-01-16 10:29 . 2013-01-16 10:29 10811904 ----a-w- c:\windows\system32\ig4icd32.dll
2013-01-16 10:29 . 2012-01-10 12:15 59904 ----a-w- c:\windows\system32\igfxsrvc.dll
2013-01-16 10:28 . 2013-01-16 10:28 130048 ----a-w- c:\windows\system32\igfxdo.dll
2013-01-16 10:28 . 2012-01-10 12:14 96256 ----a-w- c:\windows\system32\hccutils.dll
2013-01-16 10:28 . 2013-01-16 10:28 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2013-01-16 10:28 . 2013-01-16 10:28 175616 ----a-w- c:\windows\system32\gfxSrvc.dll
2013-01-16 10:28 . 2013-01-16 10:28 330752 ----a-w- c:\windows\system32\igfxdev.dll
2013-01-16 10:28 . 2013-01-16 10:28 9023488 ----a-w- c:\windows\system32\igfxress.dll
2013-01-16 10:28 . 2013-01-16 10:28 284160 ----a-w- c:\windows\system32\igfxrenu.lrc
2013-03-16 20:58 . 2013-03-07 20:31 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-01-30 14:49 281760 ------w- c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 15:31 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MailCheck IE Broker"="c:\program files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe" [2013-02-04 1513536]
"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-04-03 1617440]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2013-01-09 6106336]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-01-25 145904]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-01-25 189936]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-01-25 181232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-03 2295080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"="c:\users\Info\Downloads\mbar-1.05.0.1001\mbar\mbar.exe" [2013-04-13 1398856]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\01103601.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\40517705.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /minimized /regrun
"Google Update"="c:\users\Info\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"UMonit"=c:\windows\system32\UMonit.exe
"IAStorIcon"=c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 GeneStor;Genesys Logic Storage Driver;c:\windows\system32\DRIVERS\GeneStor.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [x]
R3 HitmanPro37Crusader;HitmanPro 3.7 Crusader;c:\program files\HitmanPro\HitmanPro.exe [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\AAD6.tmp [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys [x]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [x]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [x]
R4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]
R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2013\updatesrv.exe [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x]
S3 ebinfiltr;SR Research Mouse Filter;c:\windows\system32\DRIVERS\ebinfiltr.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 38265105
*NewlyCreated* - 54964490
*Deregistered* - 38265105
*Deregistered* - 54964490
*Deregistered* - aswMBR
*Deregistered* - kglyauow
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-09 19:46]
.
2013-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-09 19:46]
.
2013-03-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000Core.job
- c:\users\Info\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-02 18:10]
.
2013-03-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000UA.job
- c:\users\Info\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-02 18:10]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - c:\program files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll
FF - ProfilePath - c:\users\Info\AppData\Roaming\Mozilla\Firefox\Profiles\pqp2dpcc.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-ksupmgr
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\AAD6.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.KJOE5CON4YSEURCOUTJD6SBO2M"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.KJOE5CON4YSEURCOUTJD6SBO2M"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.KJOE5CON4YSEURCOUTJD6SBO2M"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.KJOE5CON4YSEURCOUTJD6SBO2M"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML.KJOE5CON4YSEURCOUTJD6SBO2M"
.
[HKEY_USERS\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{C424171E-592A-415A-9EB1-DFD6D95D3530}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,0a,32,
de,1a,0b,3c,0d,80,b9,98,96,db,1b,75,2a
"{17166733-40EA-4432-A85C-AE672FF0E236}"=hex:51,66,7a,6c,4c,1d,3b,1b,23,7a,00,
0d,da,12,54,08,b6,54,e9,27,2d,b6,a2,2c
"{BF42D4A8-016E-4FCD-B1EB-837659FD77C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,b8,c9,54,
a5,5e,53,ab,03,af,e3,c4,36,5b,bb,37,dc
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,26,3b,
57,8e,3b,1c,0b,8e,fd,ba,9b,07,73,39,6f
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"=hex:51,66,7a,6c,4c,1d,3b,1b,c2,d2,0e,
4a,7d,d2,ff,00,81,89,62,aa,e8,61,29,c4
"{E87806B5-E908-45FD-AF5E-957D83E58E68}"=hex:51,66,7a,6c,4c,1d,3b,1b,a5,1b,6e,
f2,38,bb,9b,09,b1,56,d2,3d,81,a3,ce,72
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-04-13 19:08:59
ComboFix-quarantined-files.txt 2013-04-13 17:08
ComboFix2.txt 2013-03-05 06:13
.
Vor Suchlauf: 24 Verzeichnis(se), 530.598.711.296 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 530.690.965.504 Bytes frei
.
- - End Of File - - 55BB429F1B6375F418153573985E3D94
|
|
14.04.2013, 15:38
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | zimuse worm JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.04.2013, 16:24
| #23 |
| | zimuse wormCode:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows 7 Ultimate x86
Ran by Info on 14.04.2013 at 17:09:39,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak
Successfully deleted: [Registry Key] hkey_current_user\software\torch
Successfully deleted: [Registry Key] hkey_local_machine\software\torch
~~~ Files
Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
Successfully deleted: [File] "C:\Windows\system32\turegopt.exe"
Successfully repaired: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Finale NotePad 2012\Benutzerhandbuch.lnk
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\Info\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Info\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Info\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Users\Info\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Info\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Info\appdata\locallow\datamngr"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Info\AppData\Roaming\mozilla\firefox\profiles\pqp2dpcc.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
Successfully deleted: [Folder] C:\Users\Info\AppData\Roaming\mozilla\firefox\profiles\pqp2dpcc.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted the following from C:\Users\Info\AppData\Roaming\mozilla\firefox\profiles\pqp2dpcc.default\prefs.js
user_pref("browser.search.defaultengine", "Privitize VPN");
Emptied folder: C:\Users\Info\AppData\Roaming\mozilla\firefox\profiles\pqp2dpcc.default\minidumps [5 files]
~~~ Chrome
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\kiplfnciaokpcennlkldkdaeaaomamof
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.04.2013 at 17:16:22,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 14/04/2013 um 17:20:40 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzer : Info - ALEXANDER-HP630
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Info\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\Info\AppData\Roaming\Mozilla\Firefox\Profiles\pqp2dpcc.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v [Version kann nicht ermittelt werden]
Datei : C:\Users\Info\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S12].txt - [12465 octets] - [27/02/2013 17:03:34]
AdwCleaner[S13].txt - [336 octets] - [28/02/2013 15:50:30]
AdwCleaner[S14].txt - [1378 octets] - [28/02/2013 15:50:52]
AdwCleaner[S15].txt - [2476 octets] - [06/03/2013 21:57:40]
AdwCleaner[S16].txt - [1456 octets] - [14/03/2013 20:30:06]
AdwCleaner[S17].txt - [1617 octets] - [22/03/2013 22:27:08]
AdwCleaner[S18].txt - [10551 octets] - [26/03/2013 13:44:37]
AdwCleaner[S19].txt - [1586 octets] - [01/04/2013 18:45:34]
AdwCleaner[S20].txt - [336 octets] - [05/04/2013 11:40:37]
AdwCleaner[S21].txt - [2382 octets] - [05/04/2013 11:40:53]
AdwCleaner[S22].txt - [1768 octets] - [13/04/2013 19:19:53]
AdwCleaner[S23].txt - [1698 octets] - [14/04/2013 17:20:40]
########## EOF - C:\AdwCleaner[S23].txt - [1759 octets] ##########
otl kommt gleich Code:
ATTFilter OTL logfile created on: 14.04.2013 17:28:09 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Info\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,61 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 54,66% Memory free
5,21 Gb Paging File | 3,72 Gb Available in Paging File | 71,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 494,13 Gb Free Space | 82,90% Space Free | Partition Type: NTFS
Computer Name: ALEXANDER-HP630 | User Name: Info | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Info\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Programme\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
PRC - C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
PRC - C:\Programme\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
PRC - C:\Programme\Google\Update\1.3.21.135\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Programme\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Programme\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Programme\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
PRC - C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
PRC - C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll ()
MOD - C:\Users\Info\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll ()
MOD - C:\Programme\Bitdefender\Bitdefender 2013\txmlutil.dll ()
MOD - C:\Programme\Bitdefender\Bitdefender 2013\bdmetrics.dll ()
MOD - C:\Windows\System32\IccLibDll.dll ()
========== Services (SafeList) ==========
SRV - (HitmanPro37Crusader) -- C:\Program Files\HitmanPro\HitmanPro.exe (SurfRight B.V.)
SRV - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender)
SRV - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender)
SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (RtkAudioService) -- C:\Programme\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE (Realtek Semiconductor)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (IconMan_R) -- C:\Programme\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (UNS) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Programme\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (ICCS) -- C:\Programme\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (HPWMISVC) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (SmbDrv) -- system32\DRIVERS\Smb_driver.sys File not found
DRV - (MEMSWEEP2) -- C:\Windows\system32\AAD6.tmp File not found
DRV - (gfiark) -- system32\drivers\gfiark.sys File not found
DRV - (catchme) -- C:\Users\Info\AppData\Local\Temp\catchme.sys File not found
DRV - (gzflt) -- C:\Windows\System32\drivers\gzflt.sys (BitDefender LLC)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Qualcomm Atheros Communications, Inc.)
DRV - (gfibto) -- C:\Windows\System32\drivers\gfibto.sys (GFI Software)
DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender)
DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender)
DRV - (iaStorA) -- C:\Windows\System32\drivers\iaStorA.sys (Intel Corporation)
DRV - (iaStorF) -- C:\Windows\System32\drivers\iaStorF.sys (Intel Corporation)
DRV - (SmbDrvI) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV - (BDSandBox) -- C:\Windows\System32\drivers\bdsandbox.sys (BitDefender SRL)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (avchv) -- C:\Windows\System32\drivers\avchv.sys (BitDefender)
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klkbdflt) -- C:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab)
DRV - (bdselfpr) -- C:\Programme\Bitdefender\Bitdefender 2013\bdselfpr.sys (BitDefender LLC)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (kneps) -- C:\Windows\System32\drivers\kneps.sys (Kaspersky Lab)
DRV - (BtFilter) -- C:\Windows\System32\drivers\btfilter.sys (Atheros)
DRV - (RSPCIESTOR) -- C:\Windows\System32\drivers\RtsPStor.sys (Realtek Semiconductor Corp.)
DRV - (BdfNdisf) -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (kltdi) -- C:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab)
DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (RTL2832U_IRHID) -- C:\Windows\System32\drivers\RTL2832U_IRHID.sys (Realtek)
DRV - (GeneStor) -- C:\Windows\System32\drivers\GeneStor.sys (GenesysLogic)
DRV - (RTL2832UBDA) -- C:\Windows\System32\drivers\RTL2832UBDA.sys (REALTEK SEMICONDUCTOR Corp.)
DRV - (RTL2832UUSB) -- C:\Windows\System32\drivers\RTL2832UUSB.sys (REALTEK SEMICONDUCTOR Corp.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (ebinfiltr) -- C:\Windows\System32\drivers\ebinfiltr.sys (SR Research Ltd.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{442F2447-0259-4E83-A694-BB132990BBA8}: "URL" = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=724&r=2013/02/15&hid=4095452143&lg=EN&cc=DE
IE - HKLM\..\SearchScopes\{B40F2A28-1A34-4C68-85BF-A86C79D3B79D}: "URL" = ${SEARCH_URL}{searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com/
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{1C6847EC-FF67-4485-B29A-9BA0E2DA4FBB}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{372DD3D5-C31C-42F8-87A4-C8D9456A33A6}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{A78BAF76-ABE3-496C-8C37-49C8C1A2554F}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{B9E1D440-AE58-4DAD-A528-B020DFF8D0E5}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Info\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Info\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.12.18 17:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.16 22:58:23 | 000,000,000 | ---D | M]
[2012.12.29 14:41:45 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions
[2012.12.29 14:41:45 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
[2013.03.07 22:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.03.16 22:58:22 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.16 06:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.16 06:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.12.18 15:54:52 | 000,003,195 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Complitly.xml
[2013.02.16 06:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.16 06:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.16 06:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.16 06:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Google Drive = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: Google-Suche = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: WEB.DE MailCheck = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo\1.0.1_0\
CHR - Extension: Google Mail-Checker = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Privacy Palette (Adblock + Security) = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjkcflkplhgpebknipkekjggglimnone\0.2_0\
CHR - Extension: Bitdefender QuickScan = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\
CHR - Extension: Google Mail = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.04.13 19:06:00 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
O4 - Startup: C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E70BA11-C8F2-4E5A-AE19-2A1638EC9218}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.14 17:09:34 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.14 17:07:42 | 000,000,000 | ---D | C] -- C:\JRT
[2013.04.14 17:07:42 | 000,000,000 | ---D | C] -- \JRT
[2013.04.13 19:09:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.04.13 19:09:04 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN
[2013.04.13 19:09:01 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\temp
[2013.04.12 21:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2013.04.12 20:48:05 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2013.04.12 20:48:05 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2013.04.12 20:48:03 | 002,489,056 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2013.04.12 20:48:03 | 001,592,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2013.04.12 20:48:02 | 003,223,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2013.04.12 20:48:02 | 000,765,152 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2013.04.12 20:48:02 | 000,106,720 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2013.04.12 20:48:02 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll
[2013.04.12 20:48:01 | 013,975,040 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2013.04.12 20:48:01 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2013.04.12 20:48:01 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2013.04.12 20:48:01 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2013.04.12 20:48:01 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2013.04.12 20:48:01 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2013.04.12 20:48:01 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2013.04.12 20:47:45 | 000,090,624 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2013.04.12 20:47:44 | 000,176,736 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2013.04.12 20:47:44 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2013.04.12 20:45:51 | 000,024,576 | ---- | C] (Realtek Semiconductor.) -- C:\Windows\SetupAfterRebootService.exe
[2013.04.12 16:04:44 | 000,526,392 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorA.sys
[2013.04.12 16:03:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2013.04.10 20:29:00 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2013.04.10 15:38:43 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.04.10 15:38:41 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.04.10 15:38:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.04.10 15:38:40 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.04.10 15:38:39 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.04.10 15:38:38 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.04.10 15:38:38 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.04.10 15:38:38 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.04.10 15:38:38 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.04.10 15:38:38 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.04.10 15:28:18 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.04.10 15:28:12 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.04.10 15:28:12 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.04.10 15:28:10 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.04.10 15:28:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013.04.10 15:28:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013.04.07 12:30:32 | 000,000,000 | ---D | C] -- C:\Stinger_Quarantine
[2013.04.07 12:30:32 | 000,000,000 | ---D | C] -- \Stinger_Quarantine
[2013.04.07 12:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2013.04.04 16:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013.04.04 09:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2013.04.04 09:56:53 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2013.04.03 21:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013.04.03 21:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013.04.03 21:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013.04.03 18:13:00 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\firewalltest
[2013.04.03 18:10:56 | 000,162,976 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2013.03.29 11:03:29 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\USB-Stick
[2013.03.27 22:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.03.27 22:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2013.03.26 10:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
[2013.03.26 09:56:53 | 000,745,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013.03.26 09:56:52 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013.03.26 09:56:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.03.26 09:56:49 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.03.26 09:56:49 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.03.26 09:56:49 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.03.26 09:56:49 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.03.26 09:56:48 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.26 09:56:48 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.03.26 09:56:48 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.03.26 09:56:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.03.26 09:56:48 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.03.26 09:56:48 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.03.26 09:56:48 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.03.26 09:56:48 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.03.26 09:56:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.03.26 09:56:43 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.03.26 09:56:43 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.03.26 09:56:43 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.03.26 09:56:41 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.26 09:56:41 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.03.26 09:56:41 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013.03.26 09:56:41 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.03.26 09:56:41 | 000,242,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.03.26 09:56:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.26 09:56:40 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.03.25 13:56:37 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.03.25 13:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013.03.24 23:31:55 | 000,632,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2013.03.24 23:31:55 | 000,554,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2013.03.24 23:31:55 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2013.03.24 23:31:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\jmdp
[2013.03.24 23:31:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\ARFC
[2013.03.24 23:13:15 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013.03.24 23:13:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013.03.24 23:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2013.03.24 22:59:48 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Thunderbird
[2013.03.23 22:22:22 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\F-Secure
[2013.03.20 19:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013.03.20 18:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2013.03.20 18:37:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2013.03.19 18:26:46 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\EasyBox Key Decrypter Logfile
[2013.03.18 18:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\F-Secure
[2013.03.18 17:57:47 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\System Shared
[2013.03.18 17:57:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\Device
[2013.03.17 17:49:43 | 000,000,000 | -H-D | C] -- C:\Users\Info\Documents\Freemake_do_not_remove_this_folder634991357833544107
[2013.03.17 17:49:41 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\Freemake
========== Files - Modified Within 30 Days ==========
[2013.04.14 17:23:10 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.14 17:22:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.14 17:22:47 | 2099,662,848 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.14 17:18:50 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.14 17:18:50 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.14 16:56:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.13 19:06:00 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.04.13 09:57:24 | 000,663,052 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.13 09:57:24 | 000,624,894 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.13 09:57:24 | 000,134,184 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.13 09:57:24 | 000,110,566 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.12 20:45:51 | 000,024,576 | ---- | M] (Realtek Semiconductor.) -- C:\Windows\SetupAfterRebootService.exe
[2013.04.12 20:25:45 | 000,002,372 | ---- | M] () -- C:\Users\Info\Desktop\Google Chrome.lnk
[2013.04.12 20:16:23 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.04.12 20:16:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.04.11 16:19:27 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013.04.10 20:29:00 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2013.04.10 20:29:00 | 000,000,194 | ---- | M] () -- C:\Windows\System32\bootdelete.lst
[2013.04.10 19:10:17 | 344,316,018 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.04.10 19:09:08 | 000,000,382 | ---- | M] () -- C:\Windows\System32\.crusader
[2013.04.10 18:37:19 | 000,320,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.04.09 20:40:45 | 000,009,472 | ---- | M] () -- C:\Users\Info\Documents\1365525796_1_01.xml
[2013.04.08 15:39:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013.04.03 21:49:20 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013.04.03 18:10:56 | 000,162,976 | ---- | M] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2013.03.26 09:56:53 | 000,745,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2013.03.26 09:56:53 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\elshyph.dll
[2013.03.26 09:56:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.03.26 09:56:49 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.03.26 09:56:49 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.03.26 09:56:49 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.03.26 09:56:49 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.03.26 09:56:48 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.26 09:56:48 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.03.26 09:56:48 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.03.26 09:56:48 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.03.26 09:56:48 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.03.26 09:56:48 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.03.26 09:56:48 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.03.26 09:56:48 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.03.26 09:56:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.03.26 09:56:44 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.03.26 09:56:43 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.03.26 09:56:43 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.03.26 09:56:43 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.03.26 09:56:41 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.26 09:56:41 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2013.03.26 09:56:41 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.03.26 09:56:41 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.03.26 09:56:41 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.26 09:56:41 | 000,025,185 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013.03.26 09:56:40 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.03.25 13:57:59 | 000,000,020 | ---- | M] () -- C:\Windows\0õí
[2013.03.24 22:59:39 | 002,168,108 | ---- | M] () -- C:\Users\Info\Documents\userguide.pdf
[2013.03.23 21:50:00 | 000,048,612 | ---- | M] () -- C:\Windows\System32\ExampleCodeGeneratedCS.skm
[2013.03.23 21:50:00 | 000,045,705 | ---- | M] () -- C:\Windows\System32\ExampleCodeGeneratedVB.skm
[2013.03.20 18:37:05 | 000,000,164 | ---- | M] () -- C:\Windows\install.dat
[2013.03.19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.03.19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.03.19 06:48:45 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.03.18 18:25:11 | 000,019,444 | ---- | M] () -- C:\Windows\prodsett_copy.ini
[2013.03.18 18:07:34 | 000,000,025 | ---- | M] () -- C:\NET.INI
[2013.03.18 18:07:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\excltmp~.dat
========== Files Created - No Company Name ==========
[2013.04.12 20:48:01 | 000,397,485 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013.04.12 14:29:44 | 000,009,472 | ---- | C] () -- C:\Users\Info\Documents\1365525796_1_01.xml
[2013.04.10 20:29:00 | 000,000,194 | ---- | C] () -- C:\Windows\System32\bootdelete.lst
[2013.04.08 15:39:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2013.04.03 21:49:20 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013.03.27 22:23:46 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.03.26 09:56:41 | 000,025,185 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013.03.25 13:57:58 | 000,000,020 | ---- | C] () -- C:\Windows\0õí
[2013.03.24 22:59:38 | 002,168,108 | ---- | C] () -- C:\Users\Info\Documents\userguide.pdf
[2013.03.20 18:37:01 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2013.03.18 18:25:12 | 000,019,444 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2013.03.18 17:58:01 | 000,000,124 | ---- | C] () -- C:\Windows\System32\ctlsw.ini
[2013.03.18 17:57:51 | 000,000,041 | ---- | C] () -- C:\Windows\System32\SWCTL.DLL
[2013.03.18 17:57:51 | 000,000,000 | ---- | C] () -- C:\Windows\System32\excltmp~.dat
[2013.03.18 17:57:47 | 000,000,025 | ---- | C] () -- C:\NET.INI
[2013.03.18 17:57:47 | 000,000,025 | ---- | C] () -- \NET.INI
[2013.03.16 21:01:26 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2013.03.10 13:56:25 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2013.03.05 17:44:13 | 000,320,432 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.03.05 08:01:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.05 08:01:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.05 08:01:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.05 08:01:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.05 08:01:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.02.28 19:08:06 | 000,000,308 | -H-- | C] () -- \bdr-cf01
[2013.02.28 19:07:07 | 035,184,777 | -H-- | C] () -- \bdr-im01.gz
[2013.02.28 19:07:07 | 002,294,848 | -H-- | C] () -- \bdr-bz01
[2013.02.28 19:07:07 | 000,253,404 | -H-- | C] () -- \bdr-ld01
[2013.02.28 19:07:07 | 000,009,216 | -H-- | C] () -- \bdr-ld01.mbr
[2013.02.25 18:27:41 | 000,139,264 | ---- | C] () -- C:\Windows\System32\ustor.dll
[2013.02.25 18:27:41 | 000,049,152 | ---- | C] () -- C:\Windows\System32\UMonit.exe
[2013.02.25 18:27:31 | 000,172,097 | ---- | C] () -- C:\Windows\System32\NoMSGuninstall.exe
[2013.02.25 18:27:31 | 000,000,840 | ---- | C] () -- C:\Windows\System32\ProductName.ini
[2013.02.25 18:27:29 | 000,000,187 | ---- | C] () -- C:\Windows\System32\IconCfg0.ini
[2013.02.24 14:28:41 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2013.02.24 14:28:41 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2013.02.24 14:28:38 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.02.19 15:37:40 | 000,001,996 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.02.02 20:42:23 | 000,001,656 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2013.01.16 12:29:26 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2013.01.16 12:28:40 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2013.01.14 16:49:03 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2013.01.13 13:56:09 | 000,007,606 | ---- | C] () -- C:\Users\Info\AppData\Local\resmon.resmoncfg
[2013.01.01 15:37:00 | 005,746,780 | ---- | C] ( ) -- C:\Windows\System32\RTKISDBT.dll
[2012.12.29 20:05:53 | 000,000,929 | ---- | C] () -- C:\Windows\wininit.ini
[2012.12.18 15:54:52 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2012.12.18 15:54:52 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2012.10.22 18:40:04 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2012.10.22 18:39:46 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2012.10.22 18:39:44 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012.10.03 18:15:43 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.10.03 18:14:43 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.09.29 11:40:45 | 000,000,557 | ---- | C] () -- \NetworkCfg.xml
[2012.09.27 12:25:26 | 2099,662,848 | -HS- | C] () -- \hiberfil.sys
[2012.08.13 11:08:08 | 000,014,217 | ---- | C] () -- C:\Program Files\readme.html
[2012.07.27 22:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.05.08 14:15:36 | 000,000,005 | ---- | C] () -- C:\Program Files\basis-link
[2012.04.20 14:57:00 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll
[2012.01.10 15:17:06 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2011.09.15 02:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
[2011.06.26 19:49:12 | 000,218,304 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2011.06.26 19:49:08 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Code:
ATTFilter OTL Extras logfile created on: 14.04.2013 17:28:09 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Info\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,61 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 54,66% Memory free
5,21 Gb Paging File | 3,72 Gb Available in Paging File | 71,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 494,13 Gb Free Space | 82,90% Space Free | Partition Type: NTFS
Computer Name: ALEXANDER-HP630 | User Name: Info | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.KJOE5CON4YSEURCOUTJD6SBO2M] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.KJOE5CON4YSEURCOUTJD6SBO2M] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Key error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DBE142-27E9-4773-A0CD-B304003A5DF7}" = lport=137 | protocol=17 | dir=in | app=system |
"{12F58715-4624-4FD1-B010-BDBB1E7B080E}" = rport=137 | protocol=17 | dir=out | app=system |
"{1D2089B8-89D0-4BA7-A5B4-8F155E15D214}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32A2271E-7150-4DA8-8C6D-BEE0170453F2}" = lport=138 | protocol=17 | dir=in | app=system |
"{37CFFEA8-E16F-43E4-BF1A-F88551A92DE4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{39748B89-9815-4550-B841-532E2154ACF6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D59763D-1ED3-4C74-BDFA-8A8FCC9FC525}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3EB7CAEB-87BB-4EA0-B067-ACC73089BC53}" = rport=139 | protocol=6 | dir=out | app=system |
"{4361BAA7-7834-412A-9E44-1BA065BD74E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4839B456-FDA6-4BEB-8D20-3376989267D7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{49BABFCE-DC11-4F95-ACBC-9C8BE5EDC36D}" = lport=139 | protocol=6 | dir=in | app=system |
"{4DE142EE-3AC5-4683-A93D-73C964D0A799}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56A0396B-6F40-4055-A5C3-5063299FB17E}" = rport=138 | protocol=17 | dir=out | app=system |
"{66F5B08D-0A57-46B4-AA17-F10C3C22F759}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6EBD336E-E1B8-482B-AE29-B36B21BEAB4F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8C8F29E3-63A1-4816-81E5-EE4150655CFB}" = lport=445 | protocol=6 | dir=in | app=system |
"{90695147-1B32-4BF1-929C-80FA22015799}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A86F6B4F-9E54-4DB3-AA76-A0A683C3E610}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AFC82FD5-38F0-4F3E-9E7D-057741979768}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4066647-0930-4F92-AED6-7BFA6D998905}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D8117D61-1CCA-4EC3-ABAB-AC3CA63E3100}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EAB4A630-A4D2-4BD4-8678-B51E957BE3FC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EFE6FD3C-175A-4490-963E-25D99B7C8EA2}" = rport=445 | protocol=6 | dir=out | app=system |
"{F48DB664-08F0-4795-9171-196F48F7B1D2}" = lport=80 | protocol=6 | dir=in | name=www |
"{F5167275-B910-4332-8B20-73F7A0B8BBCF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FFA4C39C-5201-4494-9C67-A43E86E58075}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06D07C9B-2AD0-4369-AB48-298D5D18296B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0AF7B335-6CF4-4D3E-8667-438F4A4EADDA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1253855C-B82A-4533-A923-299F385CEE73}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{15EA55BC-0D82-4443-B1D0-D1D174C8B98A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31EF75E5-69F3-4986-A494-697A2D4B0B79}" = protocol=17 | dir=in | app=c:\users\info\appdata\roaming\bittorrent\bittorrent.exe |
"{3367344A-00FA-45DB-846E-477E214F9D96}" = protocol=17 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe |
"{36C659E4-9313-4E22-A9CA-B5B3FE55F6F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{47A7770A-CDF0-42BE-B810-BC82EC215190}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CF43D84-0084-43ED-B110-3D63EDF671BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4E9C997D-58B2-4974-9A3B-5B3FBC9FBDDD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{55224F95-277E-482D-BC14-B97F8D85E435}" = protocol=6 | dir=in | app=c:\users\info\appdata\roaming\bittorrent\bittorrent.exe |
"{5E76D313-567F-495F-8B8C-24A65DD02DA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6156A7B9-18E4-4FF5-AF53-F97D16C2D1AF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{664CA150-E671-4567-90EC-299E6D3B4035}" = protocol=6 | dir=out | app=system |
"{791C8FDF-21B4-4874-B18A-F02E0285293E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80C8EE46-FD19-483A-B00E-A9CCE3000760}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{8CC52C5F-AA3B-41D7-A1B7-203AA9B2C047}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{94D74F6B-79F1-46DB-A69A-A8B39BE3639D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB6B0AAB-C44F-418A-969C-D4712E88839F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ACE84729-F7CE-40F2-BBFE-1E21659DB267}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C95F78A8-49C0-44EC-99C4-940067C828E7}" = protocol=6 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe |
"{DAD0094F-D544-4CED-A3C4-ECC5FD4C9F36}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E72A7411-CB21-440F-B894-74A43100BFD3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E9182B6C-9065-48DF-8991-4E7BE3001FE6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{5AE05BC8-C5D2-4583-AED7-24C58FC6768E}C:\users\info\appdata\roaming\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\info\appdata\roaming\bittorrent\bittorrent.exe |
"TCP Query User{6C914251-2626-430D-84DE-5249E13427AF}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{0DF4C5BA-CE9D-4847-A7DD-9D84929383D0}C:\users\info\appdata\roaming\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\info\appdata\roaming\bittorrent\bittorrent.exe |
"UDP Query User{3669F7DB-5032-4F4F-AA0A-01C4A71BADEC}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0ABBF310-94E4-4AE8-A6BD-10345A3F6439}" = Google Drive
"{152A537F-45E9-4B15-8847-2E3E5BE61859}" = Intel® Trusted Connect Service Client
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{1B947146-366B-42CD-86D5-219993CE3EE2}" = Windows Live MIME IFilter
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2C26B97F-698E-4E04-B398-8203B147859B}_is1" = TOPP Vorlagen-Druckstudio (5156)
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{33FFD86B-569C-9E8D-6659-A1F84D07CAD0}" = AMD Catalyst Install Manager
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.1.0.0
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{5F32D89B-D3A0-4562-AC03-F6DE4614AE1A}" = DVB-T USB DEVICE
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74292F90-895A-4FC6-A692-9641532B1B63}" = ArcSoft TotalMedia 3.5
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{959B7F35-2819-40C5-A0CD-3C53B5FCC935}" = Genesys USB Mass Storage Device
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BBBA20E0-D9F3-4C6F-83AC-D66EFC0BFA93}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DDBB7C89-1A09-441E-AA0F-6AA465755C17}" = REALTEK DTV USB DEVICE
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"0AF6DBB281F4E18C13FDF9A4DA02F7176775F4D9" = Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (01/08/2013 6.0.1.6818)
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE MailCheck für Internet Explorer
"50942720768F415C139D0B5C4EFB0E58758B1495" = Windows-Treiberpaket - Intel Corporation (igfx) Display (01/16/2013 9.17.10.2963)
"623001E1C17236F33EF256F56BF0287BB855E340" = Windows-Treiberpaket - Synaptics (SynTP) Mouse (10/03/2011 15.3.26.2)
"6D0D8C013A1992A83A403358172679D9BA46DF3B" = Windows-Treiberpaket - Intel(R) Corporation (IntcDAud) MEDIA (06/19/2012 6.14.00.3097)
"6E922991EE10CAEA3ED289169AE6B390D9403F44" = Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (01/08/2013 6.0.1.6818)
"78687D16D0A71C3BDAA0468F5661543CDF26FD7C" = Windows-Treiberpaket - Intel System (10/05/2012 9.2.0.1032)
"7E9FE2A1075EF0CBC79E935D39DCE2F811618FE7" = Windows-Treiberpaket - Intel System (10/05/2012 9.2.0.1032)
"7-Zip" = 7-Zip 9.20
"AB25C12A73EF7334D5E8C882872BE30B5035BA60" = Windows-Treiberpaket - Intel (MEI) System (12/17/2012 9.0.0.1287)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"BCB5ECC2F96846B91CF0806EC07A390E1693BA93" = Windows-Treiberpaket - Synaptics (SmbDrv) System (11/15/2012 16.3.1.2)
"BEBD188D699DEE8649A9B6D18A94D552D9616614" = Windows-Treiberpaket - Intel USB (10/05/2012 9.2.0.1032)
"Bitdefender" = Bitdefender Internet Security 2013
"BitTorrent" = BitTorrent
"D86739B878B65DF1AEE5C77356C64ED892112FFF" = Windows-Treiberpaket - Intel(R) Corporation (IntcDAud) MEDIA (01/11/2013 6.16.00.3106)
"DA98CAF7C61E6CF8439BF7FFDAFE5717CFF73687" = Windows-Treiberpaket - Intel System (10/05/2012 9.2.0.1032)
"E51DE166B0BD4C4E322EC96FAE547CCC562F90FB" = Windows-Treiberpaket - Synaptics (SmbDrv) System (07/24/2012 16.2.7.2)
"FA96ED53152894D9C8F7FDE7F34193B60C6D0E0A" = Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net (02/19/2013 10.0.0.227)
"Finale NotePad 2012" = Finale NotePad 2012
"Free YouTube Download_is1" = Free YouTube Download version 3.2.0.128
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.2.0
"HitmanPro37" = HitmanPro 3.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"Revo Uninstaller" = Revo Uninstaller 1.94
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"SynTPDeinstKey" = Synaptics TouchPad Driver
"TuneUp Utilities 2013" = TuneUp Utilities 2013
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1&1 Mail & Media WEB.DE MailCheck GC" = WEB.DE MailCheck für Google Chrome
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.04.2013 11:23:16 | Computer Name = Alexander-HP630 | Source = Winlogon | ID = 4103
Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
[ System Events ]
Error - 14.04.2013 11:22:55 | Computer Name = Alexander-HP630 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 14.04.2013 11:22:58 | Computer Name = Alexander-HP630 | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 14.04.2013 11:30:10 | Computer Name = Alexander-HP630 | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
15.04.2013, 11:50
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | zimuse worm Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.04.2013, 17:23
| #25 |
| | zimuse worm von den beiden wurde auch nichts mehr entdeckt: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.15.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16540 Info :: ALEXANDER-HP630 [Administrator] 15.04.2013 14:13:02 mbam-log-2013-04-15 (14-13-02).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 239173 Laufzeit: 12 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1e4893a7b628994a8a698e1fc6842ef6
# engine=13621
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-15 03:10:42
# local_time=2013-04-15 05:10:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 4820696 117669833 0 0
# scanned=114711
# found=0
# cleaned=0
# scan_time=8828
|
|
15.04.2013, 20:14
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | zimuse worm Sieht soweit ok aus Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2013, 13:10
| #27 |
| | zimuse worm ok ich verwende eigentlich nur google chrome und mit ihm adblock plus und die einstellung, "cookies von drittanbietern zu blockieren" geht das auch? |
|
16.04.2013, 13:42
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | zimuse worm Ja, diese Einstellung ist imho recht sinnvoll Dann wären wir durch!  Falls du noch Lob oder Kritik loswerden möchtest => http://www.trojaner-board.de/lob-kritik-wuensche/ Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Combofix entfernen (nur relevant wenn es hier benutzt wurde!) : Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu zimuse worm |
| beste, besten, bitdefender, defender, entferne, entfernen, frage, hallo zusammen, tool, worm, zusammen |
WARNUNG an die MITLESER: 
Linear-Darstellung
