| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google Chrome und alle anderen Browser funktionieren nicht mehr!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.07.2013, 12:29
| #1 |
| |  Google Chrome und alle anderen Browser funktionieren nicht mehr! Hallo das ist mein erster Post in diesem Forum! Fals ich was falsch gemacht habe bitte belehren. Zu meinem Problem: Seit gestern abends hat mein Chrome eine Makke will einfach nichts mehr laden. Wenn ich starte kommt einfache eine weiße Seite und sonst tut sich da nichts. Dachte mir kann ja am inet liegen hab es mit Opera getestet und der broweser stürtz immer ab wenn ich versuche den zu starten. Chrome deinstalliert und neu installier hat nichts gebracht. Hab dann meine Antivirensoftware drüberlaufen lassen und Malwarebytes beide nichts gefunden. Hatte den PC die ganze Nacht an als ich dann am Morgen Chrome gestarte hab hat alles wieder funktioniert hab mich dann mit meinem Google-Konto angemeldet, Lesezeichen und Erweiterungen wurden geladen und dann war das Problem wieder da. Hab dann eienn Neustart versucht und hat nichts gebracht. Leider meke ich dass der PC zunehmend langsamer wird und hab wirklich keine Ahnung was ich machen soll deshalb suche ich hier Hilfe. |
|
11.07.2013, 12:43
| #2 |
| /// Malware-holic   | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
11.07.2013, 12:50
| #3 |
| | Google Chrome und alle anderen Browser funktionieren nicht mehr! Krass vielen Dank für die schnelle Hilfe
__________________hier der LOG : Code:
ATTFilter 13:46:04.0448 5428 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:46:06.0461 5428 ============================================================
13:46:06.0461 5428 Current date / time: 2013/07/11 13:46:06.0461
13:46:06.0461 5428 SystemInfo:
13:46:06.0461 5428
13:46:06.0461 5428 OS Version: 6.1.7601 ServicePack: 1.0
13:46:06.0461 5428 Product type: Workstation
13:46:06.0461 5428 ComputerName: ***-PC
13:46:06.0461 5428 UserName: ***
13:46:06.0461 5428 Windows directory: C:\Windows
13:46:06.0461 5428 System windows directory: C:\Windows
13:46:06.0461 5428 Running under WOW64
13:46:06.0461 5428 Processor architecture: Intel x64
13:46:06.0461 5428 Number of processors: 4
13:46:06.0461 5428 Page size: 0x1000
13:46:06.0461 5428 Boot type: Normal boot
13:46:06.0461 5428 ============================================================
13:46:07.0833 5428 Drive \Device\Harddisk0\DR0 - Size: 0x2EC3DCEA00 (187.06 Gb), SectorSize: 0x200, Cylinders: 0x5F63, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:46:07.0849 5428 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:46:07.0943 5428 Drive \Device\Harddisk3\DR3 - Size: 0x1DCD80000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:46:07.0943 5428 ============================================================
13:46:07.0943 5428 \Device\Harddisk0\DR0:
13:46:07.0943 5428 MBR partitions:
13:46:07.0943 5428 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:46:07.0943 5428 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x175EB800
13:46:07.0943 5428 \Device\Harddisk1\DR1:
13:46:07.0943 5428 MBR partitions:
13:46:07.0943 5428 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7A320000
13:46:07.0943 5428 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x7A320800, BlocksNum 0x6EAE7800
13:46:07.0943 5428 \Device\Harddisk3\DR3:
13:46:07.0943 5428 MBR partitions:
13:46:07.0943 5428 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xEE6BE0
13:46:07.0943 5428 ============================================================
13:46:07.0958 5428 C: <-> \Device\Harddisk0\DR0\Partition2
13:46:07.0974 5428 D: <-> \Device\Harddisk1\DR1\Partition1
13:46:08.0021 5428 E: <-> \Device\Harddisk1\DR1\Partition2
13:46:08.0021 5428 ============================================================
13:46:08.0021 5428 Initialize success
13:46:08.0021 5428 ============================================================
13:46:26.0070 3216 ============================================================
13:46:26.0070 3216 Scan started
13:46:26.0070 3216 Mode: Manual; SigCheck; TDLFS;
13:46:26.0070 3216 ============================================================
13:46:26.0787 3216 ================ Scan system memory ========================
13:46:26.0787 3216 System memory - ok
13:46:26.0787 3216 ================ Scan services =============================
13:46:26.0850 3216 1394hub - ok
13:46:26.0897 3216 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:46:26.0943 3216 1394ohci - ok
13:46:26.0959 3216 [ CEDDA5E0599A595911BE1210E16C0D2E ] A38CCID C:\Windows\system32\DRIVERS\a38ccid.sys
13:46:26.0990 3216 A38CCID - ok
13:46:27.0053 3216 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:46:27.0084 3216 ACDaemon - ok
13:46:27.0115 3216 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:46:27.0162 3216 ACPI - ok
13:46:27.0193 3216 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:46:27.0224 3216 AcpiPmi - ok
13:46:27.0287 3216 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:46:27.0287 3216 AdobeARMservice - ok
13:46:27.0349 3216 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:46:27.0365 3216 AdobeFlashPlayerUpdateSvc - ok
13:46:27.0396 3216 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:46:27.0411 3216 adp94xx - ok
13:46:27.0427 3216 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:46:27.0443 3216 adpahci - ok
13:46:27.0458 3216 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:46:27.0474 3216 adpu320 - ok
13:46:27.0489 3216 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:46:27.0521 3216 AeLookupSvc - ok
13:46:27.0552 3216 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:46:27.0583 3216 AFD - ok
13:46:27.0614 3216 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:46:27.0630 3216 agp440 - ok
13:46:27.0677 3216 [ 44F360B65C37A42EB5B71C2E5179FDD5 ] aksdf C:\Windows\system32\drivers\aksdf.sys
13:46:27.0708 3216 aksdf - ok
13:46:27.0755 3216 [ BC61697103C9EFC3DBA83777CEA8E76B ] aksfridge C:\Windows\system32\drivers\aksfridge.sys
13:46:27.0755 3216 aksfridge - ok
13:46:27.0786 3216 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:46:27.0801 3216 ALG - ok
13:46:27.0817 3216 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:46:27.0817 3216 aliide - ok
13:46:27.0879 3216 [ 99E061822198323D427901FDA293825C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:46:27.0895 3216 AMD External Events Utility - ok
13:46:27.0973 3216 AMD FUEL Service - ok
13:46:28.0004 3216 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:46:28.0020 3216 amdide - ok
13:46:28.0035 3216 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
13:46:28.0051 3216 amdiox64 - ok
13:46:28.0067 3216 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:46:28.0098 3216 AmdK8 - ok
13:46:28.0363 3216 [ 454451A6A699C07040F406E44C457A50 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:46:28.0659 3216 amdkmdag - ok
13:46:28.0691 3216 [ 61FBDA851233587CE9C9B7020146359E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:46:28.0722 3216 amdkmdap - ok
13:46:28.0722 3216 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:46:28.0753 3216 AmdPPM - ok
13:46:28.0784 3216 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:46:28.0800 3216 amdsata - ok
13:46:28.0831 3216 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:46:28.0847 3216 amdsbs - ok
13:46:28.0862 3216 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:46:28.0862 3216 amdxata - ok
13:46:28.0940 3216 [ 165D721B48D5A712C4AC370C1906FC0A ] AntiVirFirewallService C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
13:46:28.0956 3216 AntiVirFirewallService - ok
13:46:28.0971 3216 [ 1ADD310A86EC52EBBB5F7F81224692C7 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
13:46:28.0971 3216 AntiVirMailService - ok
13:46:29.0018 3216 [ 8F272AB3B03454DE259BD370E71BA954 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:46:29.0018 3216 AntiVirSchedulerService - ok
13:46:29.0065 3216 [ A80B5696C0A4BE484C4BCDA19B5533B0 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:46:29.0065 3216 AntiVirService - ok
13:46:29.0112 3216 [ 6EEA7A324065C2233FC3C5E774C54103 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:46:29.0127 3216 AntiVirWebService - ok
13:46:29.0174 3216 AODDriver4.0 - ok
13:46:29.0221 3216 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:46:29.0221 3216 AODDriver4.01 - ok
13:46:29.0252 3216 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:46:29.0268 3216 AODDriver4.2 - ok
13:46:29.0299 3216 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:46:29.0330 3216 AppID - ok
13:46:29.0361 3216 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:46:29.0393 3216 AppIDSvc - ok
13:46:29.0439 3216 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
13:46:29.0455 3216 Appinfo - ok
13:46:29.0533 3216 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:46:29.0549 3216 Apple Mobile Device - ok
13:46:29.0580 3216 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:46:29.0611 3216 AppMgmt - ok
13:46:29.0627 3216 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:46:29.0627 3216 arc - ok
13:46:29.0642 3216 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:46:29.0642 3216 arcsas - ok
13:46:29.0720 3216 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:46:29.0720 3216 aspnet_state - ok
13:46:29.0736 3216 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:46:29.0767 3216 AsyncMac - ok
13:46:29.0814 3216 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:46:29.0814 3216 atapi - ok
13:46:29.0845 3216 [ 4E5C72F003BFCB75701480DDCA5F0F09 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:46:29.0861 3216 AtiHDAudioService - ok
13:46:29.0861 3216 atillk64 - ok
13:46:29.0923 3216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:46:29.0985 3216 AudioEndpointBuilder - ok
13:46:30.0017 3216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:46:30.0032 3216 AudioSrv - ok
13:46:30.0063 3216 [ AA63DDD55F620BF96F1114F3BE3691C0 ] avfwim C:\Windows\system32\DRIVERS\avfwim.sys
13:46:30.0063 3216 avfwim - ok
13:46:30.0079 3216 [ 2427ABF5319463B9B7DF062C79967E9E ] avfwot C:\Windows\system32\DRIVERS\avfwot.sys
13:46:30.0095 3216 avfwot - ok
13:46:30.0126 3216 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:46:30.0141 3216 avgntflt - ok
13:46:30.0157 3216 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:46:30.0173 3216 avipbb - ok
13:46:30.0173 3216 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:46:30.0188 3216 avkmgr - ok
13:46:30.0219 3216 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:46:30.0282 3216 AxInstSV - ok
13:46:30.0313 3216 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:46:30.0360 3216 b06bdrv - ok
13:46:30.0375 3216 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:46:30.0407 3216 b57nd60a - ok
13:46:30.0422 3216 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:46:30.0469 3216 BDESVC - ok
13:46:30.0485 3216 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:46:30.0516 3216 Beep - ok
13:46:30.0563 3216 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:46:30.0609 3216 BFE - ok
13:46:30.0656 3216 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:46:30.0719 3216 BITS - ok
13:46:30.0734 3216 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:46:30.0750 3216 blbdrive - ok
13:46:30.0781 3216 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:46:30.0797 3216 Bonjour Service - ok
13:46:30.0828 3216 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:46:30.0859 3216 bowser - ok
13:46:30.0859 3216 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:46:30.0890 3216 BrFiltLo - ok
13:46:30.0906 3216 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:46:30.0906 3216 BrFiltUp - ok
13:46:30.0953 3216 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:46:30.0968 3216 Browser - ok
13:46:30.0999 3216 [ E5E9B1625A767CEB6F319C12D33EAB78 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
13:46:31.0015 3216 BrSerIb - ok
13:46:31.0046 3216 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:46:31.0062 3216 Brserid - ok
13:46:31.0077 3216 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:46:31.0093 3216 BrSerWdm - ok
13:46:31.0093 3216 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:46:31.0124 3216 BrUsbMdm - ok
13:46:31.0140 3216 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:46:31.0155 3216 BrUsbSer - ok
13:46:31.0187 3216 [ D9F6B30AD93CBD165EC71FADF51DF25E ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
13:46:31.0202 3216 BrUsbSIb - ok
13:46:31.0218 3216 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:46:31.0233 3216 BTHMODEM - ok
13:46:31.0265 3216 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:46:31.0296 3216 bthserv - ok
13:46:31.0327 3216 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:46:31.0358 3216 cdfs - ok
13:46:31.0389 3216 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:46:31.0405 3216 cdrom - ok
13:46:31.0452 3216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:46:31.0483 3216 CertPropSvc - ok
13:46:31.0499 3216 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:46:31.0514 3216 circlass - ok
13:46:31.0561 3216 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:46:31.0577 3216 CLFS - ok
13:46:31.0639 3216 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:46:31.0655 3216 clr_optimization_v2.0.50727_32 - ok
13:46:31.0686 3216 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:46:31.0701 3216 clr_optimization_v2.0.50727_64 - ok
13:46:31.0748 3216 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:46:31.0748 3216 clr_optimization_v4.0.30319_32 - ok
13:46:31.0764 3216 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:46:31.0779 3216 clr_optimization_v4.0.30319_64 - ok
13:46:31.0842 3216 [ 09D38AEC081F064FD67B8B9C49790020 ] CltMngSvc C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
13:46:31.0857 3216 CltMngSvc - ok
13:46:31.0873 3216 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:46:31.0889 3216 CmBatt - ok
13:46:31.0935 3216 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:46:31.0951 3216 cmdide - ok
13:46:31.0982 3216 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
13:46:32.0013 3216 CNG - ok
13:46:32.0123 3216 [ 1C15404EA8FC42DAB8A7B3765ED53E58 ] CodeMeter.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
13:46:32.0201 3216 CodeMeter.exe - ok
13:46:32.0216 3216 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:46:32.0232 3216 Compbatt - ok
13:46:32.0263 3216 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:46:32.0279 3216 CompositeBus - ok
13:46:32.0279 3216 COMSysApp - ok
13:46:32.0294 3216 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:46:32.0310 3216 crcdisk - ok
13:46:32.0341 3216 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:46:32.0388 3216 CryptSvc - ok
13:46:32.0435 3216 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
13:46:32.0450 3216 CSC - ok
13:46:32.0481 3216 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
13:46:32.0513 3216 CscService - ok
13:46:32.0528 3216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:46:32.0575 3216 DcomLaunch - ok
13:46:32.0606 3216 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:46:32.0653 3216 defragsvc - ok
13:46:32.0684 3216 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:46:32.0715 3216 DfsC - ok
13:46:32.0762 3216 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:46:32.0793 3216 Dhcp - ok
13:46:32.0809 3216 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:46:32.0840 3216 discache - ok
13:46:32.0840 3216 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:46:32.0856 3216 Disk - ok
13:46:32.0871 3216 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:46:32.0887 3216 Dnscache - ok
13:46:32.0934 3216 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:46:32.0965 3216 dot3svc - ok
13:46:33.0012 3216 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:46:33.0043 3216 DPS - ok
13:46:33.0059 3216 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:46:33.0074 3216 drmkaud - ok
13:46:33.0137 3216 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:46:33.0152 3216 DXGKrnl - ok
13:46:33.0152 3216 EagleX64 - ok
13:46:33.0168 3216 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:46:33.0199 3216 EapHost - ok
13:46:33.0293 3216 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:46:33.0386 3216 ebdrv - ok
13:46:33.0402 3216 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:46:33.0433 3216 EFS - ok
13:46:33.0449 3216 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
13:46:33.0464 3216 ElbyCDIO - ok
13:46:33.0480 3216 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:46:33.0511 3216 elxstor - ok
13:46:33.0527 3216 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:46:33.0542 3216 ErrDev - ok
13:46:33.0589 3216 ESEADriver2 - ok
13:46:33.0636 3216 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:46:33.0683 3216 EventSystem - ok
13:46:33.0698 3216 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:46:33.0745 3216 exfat - ok
13:46:33.0792 3216 [ BC680DC833672E54DB07F5F39D259B03 ] ezGOSvc C:\Windows\SysWOW64\ezGOSvc.dll
13:46:33.0792 3216 ezGOSvc - ok
13:46:33.0854 3216 Fabs - ok
13:46:33.0885 3216 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:46:33.0932 3216 fastfat - ok
13:46:33.0979 3216 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:46:34.0010 3216 Fax - ok
13:46:34.0026 3216 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:46:34.0041 3216 fdc - ok
13:46:34.0057 3216 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:46:34.0088 3216 fdPHost - ok
13:46:34.0104 3216 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:46:34.0135 3216 FDResPub - ok
13:46:34.0151 3216 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:46:34.0166 3216 FileInfo - ok
13:46:34.0182 3216 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:46:34.0213 3216 Filetrace - ok
13:46:34.0291 3216 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
13:46:34.0385 3216 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
13:46:34.0385 3216 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
13:46:34.0400 3216 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:46:34.0416 3216 flpydisk - ok
13:46:34.0463 3216 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:46:34.0478 3216 FltMgr - ok
13:46:34.0525 3216 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
13:46:34.0572 3216 FontCache - ok
13:46:34.0619 3216 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:46:34.0634 3216 FontCache3.0.0.0 - ok
13:46:34.0650 3216 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:46:34.0650 3216 FsDepends - ok
13:46:34.0665 3216 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:46:34.0681 3216 fssfltr - ok
13:46:34.0759 3216 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:46:34.0821 3216 fsssvc - ok
13:46:34.0837 3216 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:46:34.0853 3216 Fs_Rec - ok
13:46:34.0915 3216 [ B99C240DEA85007044E178C1C9C75659 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
13:46:34.0931 3216 Futuremark SystemInfo Service - ok
13:46:34.0962 3216 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:46:34.0977 3216 fvevol - ok
13:46:35.0009 3216 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:46:35.0009 3216 gagp30kx - ok
13:46:35.0040 3216 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:46:35.0055 3216 GEARAspiWDM - ok
13:46:35.0102 3216 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:46:35.0165 3216 gpsvc - ok
13:46:35.0211 3216 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:46:35.0211 3216 gupdate - ok
13:46:35.0227 3216 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:46:35.0227 3216 gupdatem - ok
13:46:35.0243 3216 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:46:35.0258 3216 gusvc - ok
13:46:35.0274 3216 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
13:46:35.0274 3216 hamachi - ok
13:46:35.0321 3216 [ D619BA1712B83D14149850E758B835AD ] hardlock C:\Windows\system32\drivers\hardlock.sys
13:46:35.0336 3216 hardlock - ok
13:46:35.0352 3216 hasplms - ok
13:46:35.0367 3216 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:46:35.0383 3216 hcw85cir - ok
13:46:35.0430 3216 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:46:35.0445 3216 HdAudAddService - ok
13:46:35.0461 3216 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:46:35.0477 3216 HDAudBus - ok
13:46:35.0492 3216 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:46:35.0508 3216 HidBatt - ok
13:46:35.0523 3216 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:46:35.0555 3216 HidBth - ok
13:46:35.0570 3216 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:46:35.0586 3216 HidIr - ok
13:46:35.0601 3216 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:46:35.0633 3216 hidserv - ok
13:46:35.0664 3216 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:46:35.0664 3216 HidUsb - ok
13:46:35.0711 3216 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:46:35.0742 3216 hkmsvc - ok
13:46:35.0789 3216 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:46:35.0835 3216 HomeGroupListener - ok
13:46:35.0882 3216 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:46:35.0898 3216 HomeGroupProvider - ok
13:46:35.0929 3216 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:46:35.0945 3216 HpSAMD - ok
13:46:35.0991 3216 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:46:36.0038 3216 HTTP - ok
13:46:36.0069 3216 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:46:36.0085 3216 hwpolicy - ok
13:46:36.0116 3216 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:46:36.0132 3216 i8042prt - ok
13:46:36.0147 3216 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:46:36.0179 3216 iaStorV - ok
13:46:36.0225 3216 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:46:36.0257 3216 idsvc - ok
13:46:36.0288 3216 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:46:36.0288 3216 iirsp - ok
13:46:36.0350 3216 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:46:36.0397 3216 IKEEXT - ok
13:46:36.0475 3216 [ 88798B4381FD58FAE2DA07880C177C5C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:46:36.0553 3216 IntcAzAudAddService - ok
13:46:36.0569 3216 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:46:36.0569 3216 intelide - ok
13:46:36.0584 3216 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:46:36.0600 3216 intelppm - ok
13:46:36.0615 3216 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:46:36.0662 3216 IPBusEnum - ok
13:46:36.0693 3216 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:46:36.0725 3216 IpFilterDriver - ok
13:46:36.0771 3216 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:46:36.0818 3216 iphlpsvc - ok
13:46:36.0849 3216 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:46:36.0865 3216 IPMIDRV - ok
13:46:36.0896 3216 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:46:36.0927 3216 IPNAT - ok
13:46:36.0990 3216 [ 2872B90D57C8310194A78A9787406467 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:46:37.0021 3216 iPod Service - ok
13:46:37.0037 3216 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:46:37.0052 3216 IRENUM - ok
13:46:37.0083 3216 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:46:37.0099 3216 isapnp - ok
13:46:37.0130 3216 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:46:37.0177 3216 iScsiPrt - ok
13:46:37.0193 3216 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:46:37.0208 3216 kbdclass - ok
13:46:37.0239 3216 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:46:37.0271 3216 kbdhid - ok
13:46:37.0286 3216 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:46:37.0286 3216 KeyIso - ok
13:46:37.0302 3216 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:46:37.0317 3216 KSecDD - ok
13:46:37.0349 3216 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:46:37.0364 3216 KSecPkg - ok
13:46:37.0380 3216 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:46:37.0411 3216 ksthunk - ok
13:46:37.0442 3216 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:46:37.0489 3216 KtmRm - ok
13:46:37.0536 3216 [ 305BB2AC00D46542E0A653AB63F4ABB1 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
13:46:37.0551 3216 LADF_CaptureOnly - ok
13:46:37.0551 3216 [ 28CDDC7D478A6313F55077416DCBD0DE ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
13:46:37.0567 3216 LADF_RenderOnly - ok
13:46:37.0598 3216 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:46:37.0645 3216 LanmanServer - ok
13:46:37.0676 3216 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:46:37.0723 3216 LanmanWorkstation - ok
13:46:37.0801 3216 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
13:46:37.0801 3216 LBTServ - ok
13:46:37.0817 3216 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
13:46:37.0832 3216 LGBusEnum - ok
13:46:37.0863 3216 [ CDDC07D414B08FECD48E4940C29F483F ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
13:46:37.0879 3216 LGSHidFilt - ok
13:46:37.0895 3216 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
13:46:37.0895 3216 LGVirHid - ok
13:46:37.0926 3216 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:46:37.0926 3216 LHidFilt - ok
13:46:37.0941 3216 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:46:37.0973 3216 lltdio - ok
13:46:37.0988 3216 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:46:38.0035 3216 lltdsvc - ok
13:46:38.0051 3216 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:46:38.0082 3216 lmhosts - ok
13:46:38.0097 3216 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:46:38.0113 3216 LMouFilt - ok
13:46:38.0144 3216 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:46:38.0144 3216 LSI_FC - ok
13:46:38.0160 3216 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:46:38.0175 3216 LSI_SAS - ok
13:46:38.0191 3216 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:46:38.0191 3216 LSI_SAS2 - ok
13:46:38.0191 3216 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:46:38.0207 3216 LSI_SCSI - ok
13:46:38.0222 3216 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:46:38.0253 3216 luafv - ok
13:46:38.0316 3216 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:46:38.0331 3216 MBAMProtector - ok
13:46:38.0815 3216 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler E:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:46:38.0815 3216 MBAMScheduler - ok
13:46:38.0846 3216 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService E:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
13:46:38.0862 3216 MBAMService - ok
13:46:38.0877 3216 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:46:38.0877 3216 megasas - ok
13:46:38.0909 3216 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:46:38.0924 3216 MegaSR - ok
13:46:38.0940 3216 [ 1595FECFFBE9EA2417E06D5FD0BFA4C4 ] MEMSWEEP2 C:\Windows\system32\25AC.tmp
13:46:38.0955 3216 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
13:46:38.0955 3216 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
13:46:38.0987 3216 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:46:39.0018 3216 MMCSS - ok
13:46:39.0033 3216 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:46:39.0065 3216 Modem - ok
13:46:39.0080 3216 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:46:39.0096 3216 monitor - ok
13:46:39.0127 3216 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:46:39.0143 3216 mouclass - ok
13:46:39.0158 3216 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:46:39.0174 3216 mouhid - ok
13:46:39.0221 3216 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:46:39.0221 3216 mountmgr - ok
13:46:39.0252 3216 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:46:39.0267 3216 mpio - ok
13:46:39.0283 3216 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:46:39.0299 3216 mpsdrv - ok
13:46:39.0361 3216 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:46:39.0408 3216 MpsSvc - ok
13:46:39.0439 3216 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:46:39.0470 3216 MRxDAV - ok
13:46:39.0486 3216 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:39.0501 3216 mrxsmb - ok
13:46:39.0533 3216 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:39.0564 3216 mrxsmb10 - ok
13:46:39.0564 3216 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:39.0579 3216 mrxsmb20 - ok
13:46:39.0611 3216 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:46:39.0611 3216 msahci - ok
13:46:39.0626 3216 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:46:39.0642 3216 msdsm - ok
13:46:39.0657 3216 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:46:39.0689 3216 MSDTC - ok
13:46:39.0704 3216 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:46:39.0720 3216 Msfs - ok
13:46:39.0735 3216 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:46:39.0767 3216 mshidkmdf - ok
13:46:39.0767 3216 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:46:39.0782 3216 msisadrv - ok
13:46:39.0813 3216 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:46:39.0845 3216 MSiSCSI - ok
13:46:39.0860 3216 msiserver - ok
13:46:39.0860 3216 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:46:39.0891 3216 MSKSSRV - ok
13:46:39.0891 3216 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:39.0923 3216 MSPCLOCK - ok
13:46:39.0923 3216 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:46:39.0954 3216 MSPQM - ok
13:46:40.0001 3216 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:46:40.0016 3216 MsRPC - ok
13:46:40.0047 3216 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:46:40.0063 3216 mssmbios - ok
13:46:40.0079 3216 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:46:40.0110 3216 MSTEE - ok
13:46:40.0125 3216 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:46:40.0157 3216 MTConfig - ok
13:46:40.0172 3216 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
13:46:40.0188 3216 MTsensor - ok
13:46:40.0188 3216 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:46:40.0203 3216 Mup - ok
13:46:40.0235 3216 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:46:40.0281 3216 napagent - ok
13:46:40.0313 3216 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:46:40.0344 3216 NativeWifiP - ok
13:46:40.0391 3216 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:46:40.0422 3216 NDIS - ok
13:46:40.0437 3216 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:46:40.0469 3216 NdisCap - ok
13:46:40.0484 3216 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:40.0500 3216 NdisTapi - ok
13:46:40.0547 3216 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:40.0578 3216 Ndisuio - ok
13:46:40.0625 3216 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:40.0656 3216 NdisWan - ok
13:46:40.0687 3216 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:46:40.0718 3216 NDProxy - ok
13:46:40.0734 3216 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:46:40.0765 3216 NetBIOS - ok
13:46:40.0812 3216 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:46:40.0843 3216 NetBT - ok
13:46:40.0859 3216 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:46:40.0859 3216 Netlogon - ok
13:46:40.0890 3216 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:46:40.0937 3216 Netman - ok
13:46:40.0983 3216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:40.0983 3216 NetMsmqActivator - ok
13:46:41.0015 3216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:41.0015 3216 NetPipeActivator - ok
13:46:41.0046 3216 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:46:41.0093 3216 netprofm - ok
13:46:41.0093 3216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:41.0093 3216 NetTcpActivator - ok
13:46:41.0108 3216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:46:41.0108 3216 NetTcpPortSharing - ok
13:46:41.0139 3216 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:46:41.0139 3216 nfrd960 - ok
13:46:41.0155 3216 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:46:41.0186 3216 NlaSvc - ok
13:46:41.0202 3216 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
13:46:41.0202 3216 NPF - ok
13:46:41.0217 3216 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:46:41.0249 3216 Npfs - ok
13:46:41.0264 3216 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:46:41.0295 3216 nsi - ok
13:46:41.0311 3216 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:46:41.0342 3216 nsiproxy - ok
13:46:41.0420 3216 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:46:41.0467 3216 Ntfs - ok
13:46:41.0483 3216 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:46:41.0514 3216 Null - ok
13:46:41.0763 3216 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:46:42.0075 3216 nvlddmkm - ok
13:46:42.0122 3216 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:46:42.0138 3216 nvraid - ok
13:46:42.0153 3216 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:46:42.0169 3216 nvstor - ok
13:46:42.0185 3216 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:46:42.0185 3216 nv_agp - ok
13:46:42.0200 3216 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:46:42.0216 3216 ohci1394 - ok
13:46:42.0278 3216 [ B9C125314A025127FE562C116D614AA3 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:46:42.0278 3216 ose64 - ok
13:46:42.0465 3216 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:46:42.0621 3216 osppsvc - ok
13:46:42.0653 3216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:46:42.0684 3216 p2pimsvc - ok
13:46:42.0715 3216 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:46:42.0731 3216 p2psvc - ok
13:46:42.0762 3216 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:46:42.0762 3216 Parport - ok
13:46:42.0809 3216 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:46:42.0809 3216 partmgr - ok
13:46:42.0824 3216 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:46:42.0855 3216 PcaSvc - ok
13:46:42.0855 3216 pccsmcfd - ok
13:46:42.0855 3216 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:46:42.0871 3216 pci - ok
13:46:42.0887 3216 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:46:42.0902 3216 pciide - ok
13:46:42.0918 3216 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:46:42.0933 3216 pcmcia - ok
13:46:42.0933 3216 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:46:42.0933 3216 pcw - ok
13:46:42.0965 3216 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:46:43.0011 3216 PEAUTH - ok
13:46:43.0058 3216 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:46:43.0121 3216 PeerDistSvc - ok
13:46:43.0167 3216 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:46:43.0183 3216 PerfHost - ok
13:46:43.0261 3216 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:46:43.0339 3216 pla - ok
13:46:43.0386 3216 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:46:43.0417 3216 PlugPlay - ok
13:46:43.0417 3216 PnkBstrA - ok
13:46:43.0417 3216 PnkBstrB - ok
13:46:43.0433 3216 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:46:43.0448 3216 PNRPAutoReg - ok
13:46:43.0464 3216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:46:43.0479 3216 PNRPsvc - ok
13:46:43.0511 3216 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:46:43.0557 3216 PolicyAgent - ok
13:46:43.0589 3216 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:46:43.0620 3216 Power - ok
13:46:43.0635 3216 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:46:43.0682 3216 PptpMiniport - ok
13:46:43.0698 3216 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:46:43.0713 3216 Processor - ok
13:46:43.0745 3216 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:46:43.0776 3216 ProfSvc - ok
13:46:43.0791 3216 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:46:43.0791 3216 ProtectedStorage - ok
13:46:43.0838 3216 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:46:43.0854 3216 Psched - ok
13:46:43.0916 3216 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:46:43.0963 3216 ql2300 - ok
13:46:43.0979 3216 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:46:43.0979 3216 ql40xx - ok
13:46:44.0010 3216 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:46:44.0041 3216 QWAVE - ok
13:46:44.0057 3216 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:46:44.0072 3216 QWAVEdrv - ok
13:46:44.0088 3216 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:46:44.0119 3216 RasAcd - ok
13:46:44.0150 3216 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:46:44.0166 3216 RasAgileVpn - ok
13:46:44.0197 3216 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:46:44.0213 3216 RasAuto - ok
13:46:44.0259 3216 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:44.0291 3216 Rasl2tp - ok
13:46:44.0337 3216 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:46:44.0384 3216 RasMan - ok
13:46:44.0415 3216 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:44.0447 3216 RasPppoe - ok
13:46:44.0462 3216 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:46:44.0493 3216 RasSstp - ok
13:46:44.0540 3216 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:46:44.0571 3216 rdbss - ok
13:46:44.0587 3216 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:46:44.0587 3216 rdpbus - ok
13:46:44.0603 3216 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:44.0618 3216 RDPCDD - ok
13:46:44.0665 3216 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:46:44.0681 3216 RDPDR - ok
13:46:44.0696 3216 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:46:44.0727 3216 RDPENCDD - ok
13:46:44.0743 3216 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:46:44.0759 3216 RDPREFMP - ok
13:46:44.0790 3216 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:46:44.0821 3216 RdpVideoMiniport - ok
13:46:44.0868 3216 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:46:44.0883 3216 RDPWD - ok
13:46:44.0930 3216 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:46:44.0930 3216 rdyboost - ok
13:46:44.0961 3216 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:46:45.0008 3216 RemoteAccess - ok
13:46:45.0039 3216 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:46:45.0086 3216 RemoteRegistry - ok
13:46:45.0102 3216 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
13:46:45.0117 3216 ROOTMODEM - ok
13:46:45.0149 3216 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
13:46:45.0164 3216 rpcapd - ok
13:46:45.0180 3216 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:46:45.0227 3216 RpcEptMapper - ok
13:46:45.0258 3216 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:46:45.0273 3216 RpcLocator - ok
13:46:45.0305 3216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:46:45.0336 3216 RpcSs - ok
13:46:45.0351 3216 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:46:45.0383 3216 rspndr - ok
13:46:45.0414 3216 [ F15623B73768C35A666BB5CDCEEF497F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:46:45.0429 3216 RTL8167 - ok
13:46:45.0492 3216 [ CFBABCC8E8B72F9D1693FF583A09C79B ] RTL85n64 C:\Windows\system32\DRIVERS\RTL85n64.sys
13:46:45.0554 3216 RTL85n64 - ok
13:46:45.0585 3216 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:46:45.0601 3216 s3cap - ok
13:46:45.0617 3216 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:46:45.0632 3216 SamSs - ok
13:46:45.0632 3216 SAVRKBootTasks - ok
13:46:45.0648 3216 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:46:45.0663 3216 sbp2port - ok
13:46:45.0679 3216 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:46:45.0710 3216 SCardSvr - ok
13:46:45.0757 3216 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:46:45.0788 3216 scfilter - ok
13:46:45.0835 3216 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:46:45.0882 3216 Schedule - ok
13:46:45.0929 3216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:46:45.0944 3216 SCPolicySvc - ok
13:46:45.0960 3216 [ 8B56BDCE6A303DDE63D63440D1CF9AD1 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
13:46:45.0975 3216 ScreamBAudioSvc - ok
13:46:46.0007 3216 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:46:46.0038 3216 SDRSVC - ok
13:46:46.0053 3216 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:46:46.0085 3216 secdrv - ok
13:46:46.0131 3216 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:46:46.0163 3216 seclogon - ok
13:46:46.0178 3216 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:46:46.0209 3216 SENS - ok
13:46:46.0225 3216 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:46:46.0256 3216 SensrSvc - ok
13:46:46.0287 3216 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:46:46.0287 3216 Serenum - ok
13:46:46.0303 3216 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:46:46.0319 3216 Serial - ok
13:46:46.0319 3216 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:46:46.0350 3216 sermouse - ok
13:46:46.0381 3216 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:46:46.0428 3216 SessionEnv - ok
13:46:46.0459 3216 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:46:46.0475 3216 sffdisk - ok
13:46:46.0490 3216 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:46:46.0506 3216 sffp_mmc - ok
13:46:46.0521 3216 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:46:46.0537 3216 sffp_sd - ok
13:46:46.0568 3216 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:46:46.0584 3216 sfloppy - ok
13:46:46.0615 3216 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:46:46.0662 3216 SharedAccess - ok
13:46:46.0709 3216 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:46:46.0755 3216 ShellHWDetection - ok
13:46:46.0787 3216 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
13:46:46.0802 3216 SiSGbeLH - ok
13:46:46.0818 3216 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:46:46.0818 3216 SiSRaid2 - ok
13:46:46.0849 3216 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:46:46.0849 3216 SiSRaid4 - ok
13:46:46.0912 3216 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:46:46.0958 3216 SkypeUpdate - ok
13:46:46.0974 3216 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:46:47.0005 3216 Smb - ok
13:46:47.0036 3216 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:46:47.0052 3216 SNMPTRAP - ok
13:46:47.0083 3216 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:46:47.0083 3216 spldr - ok
13:46:47.0130 3216 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:46:47.0146 3216 Spooler - ok
13:46:47.0255 3216 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:46:47.0364 3216 sppsvc - ok
13:46:47.0380 3216 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:46:47.0426 3216 sppuinotify - ok
13:46:47.0458 3216 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:46:47.0473 3216 srv - ok
13:46:47.0489 3216 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:46:47.0520 3216 srv2 - ok
13:46:47.0520 3216 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:46:47.0536 3216 srvnet - ok
13:46:47.0567 3216 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:46:47.0598 3216 SSDPSRV - ok
13:46:47.0614 3216 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:46:47.0660 3216 SstpSvc - ok
13:46:47.0692 3216 Steam Client Service - ok
13:46:47.0692 3216 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:46:47.0707 3216 stexstor - ok
13:46:47.0738 3216 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
13:46:47.0754 3216 StillCam - ok
13:46:47.0816 3216 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:46:47.0863 3216 stisvc - ok
13:46:47.0894 3216 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:46:47.0894 3216 storflt - ok
13:46:47.0910 3216 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:46:47.0926 3216 storvsc - ok
13:46:47.0941 3216 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:46:47.0941 3216 swenum - ok
13:46:47.0972 3216 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:46:48.0019 3216 swprv - ok
13:46:48.0019 3216 Synth3dVsc - ok
13:46:48.0097 3216 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:46:48.0160 3216 SysMain - ok
13:46:48.0191 3216 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:46:48.0206 3216 TabletInputService - ok
13:46:48.0222 3216 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:46:48.0269 3216 TapiSrv - ok
13:46:48.0284 3216 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:46:48.0316 3216 TBS - ok
13:46:48.0394 3216 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:46:48.0440 3216 Tcpip - ok
13:46:48.0487 3216 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:46:48.0518 3216 TCPIP6 - ok
13:46:48.0565 3216 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:46:48.0581 3216 tcpipreg - ok
13:46:48.0612 3216 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:46:48.0628 3216 TDPIPE - ok
13:46:48.0643 3216 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:46:48.0659 3216 TDTCP - ok
13:46:48.0706 3216 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:46:48.0737 3216 tdx - ok
13:46:49.0189 3216 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 E:\Programme\TeamViewerVersion7\TeamViewer_Service.exe
13:46:49.0267 3216 TeamViewer7 - ok
13:46:49.0314 3216 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:46:49.0314 3216 TermDD - ok
13:46:49.0345 3216 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:46:49.0392 3216 TermService - ok
13:46:49.0423 3216 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:46:49.0439 3216 Themes - ok
13:46:49.0470 3216 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:46:49.0501 3216 THREADORDER - ok
13:46:49.0517 3216 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:46:49.0548 3216 TrkWks - ok
13:46:49.0610 3216 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:46:49.0642 3216 TrustedInstaller - ok
13:46:49.0673 3216 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:49.0704 3216 tssecsrv - ok
13:46:49.0751 3216 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:46:49.0782 3216 TsUsbFlt - ok
13:46:49.0782 3216 tsusbhub - ok
13:46:49.0860 3216 [ 50D8102EECC446F160C8C31AF927242D ] TuneUp.UtilitiesSvc E:\Programme\TuneUp Utility\TuneUpUtilitiesService64.exe
13:46:49.0891 3216 TuneUp.UtilitiesSvc - ok
13:46:49.0907 3216 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv E:\Programme\TuneUp Utility\TuneUpUtilitiesDriver64.sys
13:46:49.0907 3216 TuneUpUtilitiesDrv - ok
13:46:49.0938 3216 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:46:49.0969 3216 tunnel - ok
13:46:49.0985 3216 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:46:50.0000 3216 uagp35 - ok
13:46:50.0047 3216 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:46:50.0094 3216 udfs - ok
13:46:50.0125 3216 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:46:50.0141 3216 UI0Detect - ok
13:46:50.0156 3216 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:46:50.0156 3216 uliagpkx - ok
13:46:50.0203 3216 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:46:50.0219 3216 umbus - ok
13:46:50.0234 3216 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:46:50.0250 3216 UmPass - ok
13:46:50.0297 3216 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
13:46:50.0312 3216 UmRdpService - ok
13:46:50.0344 3216 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:46:50.0390 3216 upnphost - ok
13:46:50.0422 3216 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:46:50.0422 3216 USBAAPL64 - ok
13:46:50.0453 3216 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:46:50.0468 3216 usbaudio - ok
13:46:50.0484 3216 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:50.0500 3216 usbccgp - ok
13:46:50.0515 3216 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:46:50.0531 3216 usbcir - ok
13:46:50.0546 3216 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:46:50.0546 3216 usbehci - ok
13:46:50.0562 3216 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:46:50.0593 3216 usbhub - ok
13:46:50.0593 3216 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:46:50.0609 3216 usbohci - ok
13:46:50.0640 3216 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:46:50.0656 3216 usbprint - ok
13:46:50.0702 3216 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:46:50.0718 3216 usbscan - ok
13:46:50.0749 3216 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
13:46:50.0780 3216 usbser - ok
13:46:50.0796 3216 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:50.0812 3216 USBSTOR - ok
13:46:50.0827 3216 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:46:50.0827 3216 usbuhci - ok
13:46:50.0858 3216 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:46:50.0874 3216 usbvideo - ok
13:46:50.0890 3216 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:46:50.0936 3216 UxSms - ok
13:46:50.0999 3216 [ CC3A994F4733FF4CD8CAF09DF892E61C ] UxTuneUp C:\Windows\System32\uxtuneup.dll
13:46:50.0999 3216 UxTuneUp - ok
13:46:51.0014 3216 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:46:51.0014 3216 VaultSvc - ok
13:46:51.0046 3216 [ B4FFC1739B9BD3B0177B16B46CAF8420 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
13:46:51.0061 3216 VBoxNetAdp - ok
13:46:51.0061 3216 VBoxNetFlt - ok
13:46:51.0092 3216 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
13:46:51.0092 3216 VClone - ok
13:46:51.0124 3216 [ 3A4B01C2BDB07DFEF29B0B369487503A ] VCSVADHWSer C:\Windows\system32\DRIVERS\vcsvad.sys
13:46:51.0124 3216 VCSVADHWSer - ok
13:46:51.0139 3216 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:46:51.0139 3216 vdrvroot - ok
13:46:51.0186 3216 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:46:51.0233 3216 vds - ok
13:46:51.0264 3216 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:51.0280 3216 vga - ok
13:46:51.0295 3216 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:46:51.0311 3216 VgaSave - ok
13:46:51.0326 3216 VGPU - ok
13:46:51.0358 3216 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:46:51.0373 3216 vhdmp - ok
13:46:51.0420 3216 [ 8F69C38A8BA725F891F26AAC8888696E ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
13:46:51.0436 3216 VIAHdAudAddService - ok
13:46:51.0482 3216 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:46:51.0498 3216 viaide - ok
13:46:51.0514 3216 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:46:51.0529 3216 vmbus - ok
13:46:51.0545 3216 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:46:51.0560 3216 VMBusHID - ok
13:46:51.0560 3216 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:46:51.0576 3216 volmgr - ok
13:46:51.0592 3216 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:46:51.0623 3216 volmgrx - ok
13:46:51.0623 3216 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:46:51.0638 3216 volsnap - ok
13:46:51.0670 3216 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:46:51.0670 3216 vsmraid - ok
13:46:51.0732 3216 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:46:51.0794 3216 VSS - ok
13:46:51.0810 3216 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:46:51.0826 3216 vwifibus - ok
13:46:51.0857 3216 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:46:51.0904 3216 W32Time - ok
13:46:51.0935 3216 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:46:51.0935 3216 WacomPen - ok
13:46:51.0982 3216 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:46:51.0997 3216 WANARP - ok
13:46:52.0013 3216 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:46:52.0028 3216 Wanarpv6 - ok
13:46:52.0091 3216 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:46:52.0169 3216 WatAdminSvc - ok
13:46:52.0231 3216 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:46:52.0325 3216 wbengine - ok
13:46:52.0356 3216 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:46:52.0372 3216 WbioSrvc - ok
13:46:52.0418 3216 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:46:52.0465 3216 wcncsvc - ok
13:46:52.0481 3216 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:46:52.0512 3216 WcsPlugInService - ok
13:46:52.0528 3216 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:46:52.0543 3216 Wd - ok
13:46:52.0590 3216 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:46:52.0621 3216 Wdf01000 - ok
13:46:52.0652 3216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:46:52.0668 3216 WdiServiceHost - ok
13:46:52.0684 3216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:46:52.0699 3216 WdiSystemHost - ok
13:46:52.0730 3216 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:46:52.0777 3216 WebClient - ok
13:46:52.0808 3216 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:46:52.0855 3216 Wecsvc - ok
13:46:52.0886 3216 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:46:52.0918 3216 wercplsupport - ok
13:46:52.0933 3216 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:46:52.0949 3216 WerSvc - ok
13:46:52.0964 3216 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:46:52.0996 3216 WfpLwf - ok
13:46:53.0011 3216 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:46:53.0011 3216 WIMMount - ok
13:46:53.0042 3216 WinDefend - ok
13:46:53.0058 3216 WinHttpAutoProxySvc - ok
13:46:53.0120 3216 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:46:53.0152 3216 Winmgmt - ok
13:46:53.0230 3216 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
13:46:53.0339 3216 WinRM - ok
13:46:53.0401 3216 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:46:53.0417 3216 WinUsb - ok
13:46:53.0464 3216 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:46:53.0479 3216 Wlansvc - ok
13:46:53.0620 3216 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:46:53.0635 3216 wlidsvc - ok
13:46:53.0682 3216 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:46:53.0682 3216 WmiAcpi - ok
13:46:53.0729 3216 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:46:53.0760 3216 wmiApSrv - ok
13:46:53.0791 3216 WMPNetworkSvc - ok
13:46:53.0822 3216 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:46:53.0838 3216 WPCSvc - ok
13:46:53.0869 3216 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:46:53.0900 3216 WPDBusEnum - ok
13:46:53.0932 3216 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:46:53.0963 3216 ws2ifsl - ok
13:46:53.0978 3216 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:46:53.0994 3216 wscsvc - ok
13:46:54.0025 3216 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
13:46:54.0041 3216 WSDPrintDevice - ok
13:46:54.0041 3216 WSearch - ok
13:46:54.0134 3216 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:46:54.0197 3216 wuauserv - ok
13:46:54.0244 3216 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:46:54.0259 3216 WudfPf - ok
13:46:54.0275 3216 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:54.0306 3216 WUDFRd - ok
13:46:54.0353 3216 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:46:54.0368 3216 wudfsvc - ok
13:46:54.0400 3216 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:46:54.0431 3216 WwanSvc - ok
13:46:54.0478 3216 X6va006 - ok
13:46:54.0524 3216 X6va008 - ok
13:46:54.0540 3216 X6va012 - ok
13:46:54.0571 3216 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:46:54.0587 3216 xusb21 - ok
13:46:54.0618 3216 ================ Scan global ===============================
13:46:54.0649 3216 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:46:54.0696 3216 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:46:54.0712 3216 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:46:54.0727 3216 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:46:54.0774 3216 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:46:54.0774 3216 [Global] - ok
13:46:54.0774 3216 ================ Scan MBR ==================================
13:46:54.0790 3216 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:46:54.0930 3216 \Device\Harddisk0\DR0 - ok
13:46:54.0930 3216 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:46:55.0024 3216 \Device\Harddisk1\DR1 - ok
13:46:55.0024 3216 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk3\DR3
13:46:55.0133 3216 \Device\Harddisk3\DR3 - ok
13:46:55.0133 3216 ================ Scan VBR ==================================
13:46:55.0164 3216 [ 2F454BB6509B60AB4071EEC9716DB44D ] \Device\Harddisk0\DR0\Partition1
13:46:55.0164 3216 \Device\Harddisk0\DR0\Partition1 - ok
13:46:55.0164 3216 [ DC82E363FB5F676B1AC3F4F801BD7B44 ] \Device\Harddisk0\DR0\Partition2
13:46:55.0164 3216 \Device\Harddisk0\DR0\Partition2 - ok
13:46:55.0180 3216 [ A902328110913EE33AF8A7C1304C78F7 ] \Device\Harddisk1\DR1\Partition1
13:46:55.0180 3216 \Device\Harddisk1\DR1\Partition1 - ok
13:46:55.0180 3216 [ 3A096CDCCEF3A60ADAEB60FC8EE9D67C ] \Device\Harddisk1\DR1\Partition2
13:46:55.0180 3216 \Device\Harddisk1\DR1\Partition2 - ok
13:46:55.0180 3216 [ 1E0550AEDF0E19C5B0C9CFF7E0A1242D ] \Device\Harddisk3\DR3\Partition1
13:46:55.0180 3216 \Device\Harddisk3\DR3\Partition1 - ok
13:46:55.0180 3216 ============================================================
13:46:55.0180 3216 Scan finished
13:46:55.0180 3216 ============================================================
13:46:55.0180 4980 Detected object count: 2
13:46:55.0180 4980 Actual detected object count: 2
13:47:27.0830 4980 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
13:47:27.0830 4980 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:47:27.0830 4980 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
13:47:27.0830 4980 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:47:42.0744 5664 Deinitialize success
Geändert von BadGoblin (11.07.2013 um 13:25 Uhr) |
|
11.07.2013, 12:52
| #4 |
| /// Malware-holic | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.07.2013, 13:22
| #5 |
| | Google Chrome und alle anderen Browser funktionieren nicht mehr! Soo hatte keine Probleme mit dem Programm und hier der LOG Code:
ATTFilter ComboFix 13-07-09.01 - *** 1.Jul.2013 14:00:46.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.39.1031.18.8190.6372 [GMT 2:00]
Eseguito da: c:\users\***\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\***\AppData\Roaming\mIRC\logs\status.log
c:\windows\SysWow64\frapsvid.dll
D:\install.exe
.
.
((((((((((((((((((((((((( Files Creati Da 2013-06-11 al 2013-07-11 )))))))))))))))))))))))))))))))))))
.
.
2013-07-10 20:51 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-10 11:41 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-10 11:41 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-10 11:41 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-10 11:41 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-10 11:41 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-10 11:41 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 11:41 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 11:41 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-10 11:41 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-10 11:41 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-10 11:41 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-10 11:41 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-10 11:40 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 11:40 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 11:40 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 11:40 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:40 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:40 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-10 11:40 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-09 11:35 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{93CAA9C6-95E0-47D8-9C16-90E3A97D9AD1}\mpengine.dll
2013-06-26 11:11 . 2013-06-26 11:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-26 11:10 . 2013-06-26 11:10 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-21 12:48 . 2013-06-21 12:48 -------- d-----w- c:\programdata\ATI
2013-06-21 12:48 . 2013-06-21 12:48 -------- d-----w- c:\program files (x86)\AMD AVT
2013-06-21 12:39 . 2013-06-21 12:39 -------- d-----w- c:\programdata\Package Cache
2013-06-21 12:37 . 2013-06-21 12:47 -------- d-----w- c:\program files\ATI Technologies
2013-06-17 06:09 . 2013-06-17 06:09 5086424 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2013-06-17 06:09 . 2013-06-17 06:09 4851904 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2013-06-17 06:09 . 2013-06-17 06:09 25405632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2013-06-17 05:53 . 2013-06-17 05:53 6807768 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2013-06-17 05:53 . 2013-06-17 05:53 6584000 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2013-06-17 05:53 . 2013-06-17 05:53 35405504 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2013-06-17 05:53 . 2013-06-17 05:53 3002048 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1031\MSOINTL.DLL
2013-06-13 18:45 . 2013-06-13 18:45 34048 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-26 11:10 . 2013-01-23 07:46 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-06-26 11:10 . 2011-04-26 16:21 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-25 08:30 . 2012-04-05 06:05 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-25 08:30 . 2011-05-18 17:35 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-24 10:03 . 2013-05-06 08:34 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-06-12 22:05 . 2011-04-27 13:35 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-04 23:12 . 2013-06-04 23:12 78432 ----a-w- c:\windows\system32\atimpc64.dll
2013-06-04 23:12 . 2013-06-04 23:12 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2013-06-04 23:12 . 2013-06-04 23:12 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-06-04 23:12 . 2013-06-04 23:12 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-06-04 23:12 . 2013-06-04 23:12 139696 ----a-w- c:\windows\system32\atiuxp64.dll
2013-06-04 23:12 . 2013-06-04 23:12 123216 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-06-04 23:12 . 2013-06-04 23:12 97448 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-06-04 23:12 . 2013-06-04 23:12 113464 ----a-w- c:\windows\system32\atiu9p64.dll
2013-06-04 23:11 . 2013-06-04 23:11 1182056 ----a-w- c:\windows\system32\aticfx64.dll
2013-06-04 23:11 . 2013-06-04 23:11 990976 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-06-04 23:11 . 2013-06-04 23:11 8431232 ----a-w- c:\windows\system32\atidxx64.dll
2013-06-04 23:11 . 2013-06-04 23:11 7378560 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-06-04 23:11 . 2013-06-04 23:11 4415256 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-06-04 23:11 . 2013-06-04 23:11 5963328 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-06-04 23:11 . 2013-06-04 23:11 4957536 ----a-w- c:\windows\system32\atiumd6a.dll
2013-06-04 23:11 . 2013-06-04 23:11 6984088 ----a-w- c:\windows\system32\atiumd64.dll
2013-06-04 23:09 . 2013-06-04 23:09 11833856 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-06-04 22:51 . 2013-06-04 22:51 229376 ----a-w- c:\windows\system32\clinfo.exe
2013-06-04 22:51 . 2013-06-04 22:51 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
2013-06-04 22:51 . 2013-06-04 22:51 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
2013-06-04 22:51 . 2013-06-04 22:51 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
2013-06-04 22:51 . 2013-06-04 22:51 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
2013-06-04 22:51 . 2013-06-04 22:51 98304 ----a-w- c:\windows\system32\OpenVideo64.dll
2013-06-04 22:50 . 2013-06-04 22:50 82944 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2013-06-04 22:50 . 2013-06-04 22:50 86016 ----a-w- c:\windows\system32\OVDecode64.dll
2013-06-04 22:50 . 2013-06-04 22:50 72704 ----a-w- c:\windows\SysWow64\OVDecode.dll
2013-06-04 22:50 . 2013-06-04 22:50 27800576 ----a-w- c:\windows\system32\amdocl64.dll
2013-06-04 22:48 . 2013-06-04 22:48 23421440 ----a-w- c:\windows\SysWow64\amdocl.dll
2013-06-04 22:46 . 2013-06-04 22:46 63488 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-04 22:46 . 2013-06-04 22:46 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-06-04 22:33 . 2013-06-04 22:33 24250880 ----a-w- c:\windows\system32\atio6axx.dll
2013-06-04 22:27 . 2013-06-04 22:27 368640 ----a-w- c:\windows\system32\atiapfxx.exe
2013-06-04 22:25 . 2013-06-04 22:25 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2013-06-04 22:25 . 2013-06-04 22:25 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-06-04 22:25 . 2013-06-04 22:25 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2013-06-04 22:25 . 2013-06-04 22:25 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-06-04 22:25 . 2013-06-04 22:25 118784 ----a-w- c:\windows\system32\coinst_13.101.dll
2013-06-04 22:24 . 2013-06-04 22:24 16082944 ----a-w- c:\windows\system32\aticaldd64.dll
2013-06-04 22:20 . 2013-06-04 22:20 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-06-04 22:13 . 2013-06-04 22:13 19906560 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-06-04 22:03 . 2013-06-04 22:03 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-06-04 22:03 . 2013-06-04 22:03 26112 ----a-w- c:\windows\system32\atimuixx.dll
2013-06-04 22:03 . 2013-06-04 22:03 562688 ----a-w- c:\windows\system32\atieclxx.exe
2013-06-04 22:02 . 2013-06-04 22:02 241152 ----a-w- c:\windows\system32\atiesrxx.exe
2013-06-04 22:00 . 2013-06-04 22:00 120320 ----a-w- c:\windows\system32\atitmm64.dll
2013-06-04 22:00 . 2013-06-04 22:00 59392 ----a-w- c:\windows\system32\atiedu64.dll
2013-06-04 22:00 . 2013-06-04 22:00 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2013-06-04 21:35 . 2013-06-04 21:35 594944 ----a-w- c:\windows\system32\atiadlxx.dll
2013-06-04 21:35 . 2013-06-04 21:35 419840 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-06-04 21:35 . 2013-06-04 21:35 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2013-06-04 21:35 . 2013-06-04 21:35 15872 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-06-04 21:35 . 2013-06-04 21:35 15872 ----a-w- c:\windows\system32\atiglpxx.dll
2013-06-04 21:35 . 2013-06-04 21:35 41984 ----a-w- c:\windows\system32\atig6txx.dll
2013-06-04 21:35 . 2013-06-04 21:35 36352 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-06-04 21:35 . 2013-06-04 21:35 608768 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-06-04 21:31 . 2013-06-04 21:31 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-05-09 20:11 . 2012-07-17 13:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 20:41 . 2011-04-26 17:34 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-05-02 00:06 . 2011-04-26 15:47 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-05-01 01:59 . 2013-05-01 01:59 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2013-04-24 21:56 . 2013-04-24 21:56 77592 ----a-w- c:\windows\system32\ladfGSRCoinst_amd64.dll
2013-04-24 21:56 . 2013-04-24 21:56 410008 ----a-w- c:\windows\system32\drivers\ladfGSCamd64.sys
2013-04-24 21:56 . 2013-04-24 21:56 102808 ----a-w- c:\windows\system32\drivers\ladfGSRamd64.sys
2013-04-24 16:31 . 2013-04-24 16:31 96768 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2013-04-24 16:30 . 2013-04-24 16:30 110080 ----a-w- c:\windows\system32\DelayAPO.dll
2013-04-22 09:38 . 2013-03-04 13:35 838216 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-04-22 09:38 . 2011-06-10 04:34 78920 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-04-22 09:38 . 2011-03-21 11:22 108104 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-04-13 05:49 . 2013-05-15 18:32 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 18:32 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 18:32 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 18:32 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 18:32 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 18:32 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 08:08 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-27 13:21 222712 ----a-w- c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-27 13:21 222712 ----a-w- c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-27 13:21 222712 ----a-w- c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-06-03 05:35 1725128 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-06-03 05:35 1725128 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-06-03 05:35 1725128 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\steam\steam.exe" [2013-07-10 1672616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Spotify Web Helper"="c:\users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-09 1104384]
"Spotify"="c:\users\***\AppData\Roaming\Spotify\spotify.exe" [2013-07-09 4640768]
"TeamSpeak 3 Client"="e:\programme\TeamSpeak3\ts3client_win64.exe" [2013-04-10 13620200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-06-04 676608]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-24 345144]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="e:\programme\Quicktime\QTTask.exe" -atboottime
"StartCCC"="e:\ati\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"iTunesHelper"="e:\programme\iTune\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"RaidCall"=e:\programme\RaidCall\raidcall.exe
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys;c:\windows\SYSNATIVE\SAVRKBootTasks.sys [x]
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 A38CCID;CCID USB Smart Card Reader;c:\windows\system32\DRIVERS\a38ccid.sys;c:\windows\SYSNATIVE\DRIVERS\a38ccid.sys [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AODDriver4.0;AODDriver4.0;e:\ati\ATI.ACE\Fuel\amd64\AODDriver2.sys;e:\ati\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 atillk64;atillk64;e:\ati\atillk64.sys;e:\ati\atillk64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ESEADriver2;ESEADriver2;c:\users\***\AppData\Local\Temp\ESEADriver2.sys;c:\users\***\AppData\Local\Temp\ESEADriver2.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\25AC.tmp;c:\windows\SYSNATIVE\25AC.tmp [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n64.sys;c:\windows\SYSNATIVE\DRIVERS\RTL85n64.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SiSGbeLH;NDIS 6.0-Treiber für SiS191/SiS190-Ethernet-Gerät;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 X6va006;X6va006;c:\users\***\AppData\Local\Temp\0061B76.tmp;c:\users\***\AppData\Local\Temp\0061B76.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R4 CltMngSvc;Search Protect by Conduit Updater;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe [x]
R4 CodeMeter.exe;CodeMeter Runtime Server;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe;c:\program files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [x]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R4 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
R4 TeamViewer7;TeamViewer 7;e:\programme\TeamViewerVersion7\TeamViewer_Service.exe;e:\programme\TeamViewerVersion7\TeamViewer_Service.exe [x]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys;c:\windows\SYSNATIVE\DRIVERS\avfwot.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirFirewallService;Avira FireWall;c:\program files (x86)\Avira\AntiVir Desktop\avfwsvc.exe;c:\program files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [x]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 ezGOSvc;Easybits GO Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 MBAMScheduler;MBAMScheduler;e:\programme\Malwarebytes' Anti-Malware\mbamscheduler.exe;e:\programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;e:\programme\Malwarebytes' Anti-Malware\mbamservice.exe;e:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;e:\programme\TuneUp Utility\TuneUpUtilitiesService64.exe;e:\programme\TuneUp Utility\TuneUpUtilitiesService64.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys;c:\windows\SYSNATIVE\DRIVERS\avfwim.sys [x]
S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;e:\programme\TuneUp Utility\TuneUpUtilitiesDriver64.sys;e:\programme\TuneUp Utility\TuneUpUtilitiesDriver64.sys [x]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-10 20:03 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.71\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-07-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 08:30]
.
2013-03-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-906868190-618524015-2706588552-1001Core.job
- c:\users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-07 20:38]
.
2013-03-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-906868190-618524015-2706588552-1001UA.job
- c:\users\***\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-07 20:38]
.
2013-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 16:14]
.
2013-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-02 16:14]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-906868190-618524015-2706588552-1001Core.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 16:00]
.
2013-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-906868190-618524015-2706588552-1001UA.job
- c:\users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-27 13:21 261624 ----a-w- c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-27 13:21 261624 ----a-w- c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-27 13:21 261624 ----a-w- c:\users\***\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-06-03 05:33 2328264 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-06-03 05:33 2328264 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-06-03 05:33 2328264 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11786344]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-04-24 7477016]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
ezGOSvc
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
mSearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3175297&SearchSource=2&CUI=UN10706683192285716&UM=2&q=
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
AddRemove-nhwsfzpwafhjlwo - c:\windows\system32\nhwsfzpwafhjlwo.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_new_5-9-08.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\25AC.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va006]
"ImagePath"="\??\c:\users\***\AppData\Local\Temp\0061B76.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-906868190-618524015-2706588552-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-906868190-618524015-2706588552-1001)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-906868190-618524015-2706588552-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
e:\programme\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Ora fine scansione: 2013-07-11 14:13:57 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2013-07-11 12:13
.
Pre-Run: 7 Verzeichnis(se), 71.740.166.144 Bytes frei
Post-Run: 12 Verzeichnis(se), 71.507.660.800 Bytes frei
.
- - End Of File - - C794D378392D6B26798AF99FD94DF269
A36C5E4F47E84449FF07ED3517B43A31
|
|
11.07.2013, 13:33
| #6 |
| /// Malware-holic | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ --> Google Chrome und alle anderen Browser funktionieren nicht mehr! |
|
11.07.2013, 14:14
| #7 |
| | Google Chrome und alle anderen Browser funktionieren nicht mehr! So hat ein bischen gedauert aber hier: Code:
ATTFilter 1... 2... 3... KICK IT! (Drop That Beat Like an Ugly Baby) 26.Apr.2011 3DMark Futuremark 01.Jun.2013 1.1 unnötig 7-Zip 9.20 (x64 edition) Igor Pavlov 09.Feb.2013 4,53MB 9.20.00.0 unnötig AaAaAA!!! - A Reckless Disregard for Gravity Dejobaan Games 26.Apr.2011 Adobe AIR Adobe Systems Incorporated 24.Apr.2013 3.7.0.1530 notwendig Adobe Download Assistant Adobe Systems Incorporated 09.Jan.2012 1.0.6 notwendig Adobe Flash Media Live Encoder 3.2 Adobe Systems Incorporated 26.Mrz.2013 14,0MB 3.2.0 notwendig Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 20.Feb.2013 6,00MB 11.6.602.168 notwendig Adobe Flash Player 11 Plugin Adobe Systems Incorporated 25.Jun.2013 6,00MB 11.7.700.224 notwendig Adobe Reader XI (11.0.03) - Deutsch Adobe Systems Incorporated 20.Mai.2013 133MB 11.0.03 notwendig Adobe Shockwave Player 12.0 Adobe Systems, Inc. 30.Mrz.2013 12.0.0.112 notwendig Age of Chivalry Dedicated Server Team Chivalry 13.Mai.2011 unnötig Age of Empires Online Microsoft 10.Apr.2012 Alien Swarm Valve 27.Apr.2011 Alien Swarm - SDK Valve 13.Mai.2011 Alliance of Valiant Arms 16.Jun.2011 AMD Catalyst Install Manager Advanced Micro Devices, Inc. 21.Jun.2013 26,4MB 8.0.915.0 American Conquest 05.Nov.2011 American Conquest - Fight Back 05.Nov.2011 Amnesia: The Dark Descent 26.Apr.2011 Apple Application Support Apple Inc. 03.Jun.2013 64,7MB 2.3.4 Apple Mobile Device Support Apple Inc. 10.Apr.2013 25,2MB 6.1.0.13 Apple Software Update Apple Inc. 02.Jul.2011 2,25MB 2.1.3.127 Application Profiles Advanced Micro Devices, Inc. 23.Dez.2011 361KB 2.0.4365.36132 ArcSoft WebCam Companion 3 ArcSoft 21.Dez.2011 3.0.15.182 ASIO4ALL Michael Tippach 04.Apr.2013 2.10 unbekannt Audiosurf BestGameEver 26.Apr.2011 Authorizer 2.0.2 Propellerhead Software AB 15.Apr.2013 51,6MB 2.0.2 unbekannt Avira Internet Security Avira 01.Jul.2013 173MB 13.0.0.3737 Back to the Future: Ep 1 - It's About Time 26.Okt.2011 Back to the Future: Ep 2 - Get Tannen! 26.Okt.2011 Back to the Future: Ep 3 - Citizen Brown 26.Okt.2011 Back to the Future: Ep 4 - Double Visions 26.Okt.2011 Back to the Future: Ep 5 - OUTATIME 26.Okt.2011 Batman: Arkham City™ PC Rocksteady 25.Nov.2011 Bewerbungsfoto-/Passbild-Generator v3.5b 26.Sep.2012 1,28MB unnötig BIT.TRIP BEAT Gaijin Games 26.Apr.2011 Bit4Id - miniLector Bit4id 17.Apr.2012 3.0 unbekannt Bloodline Champions Stunlock Studios 07.Apr.2012 Bonjour Apple Inc. 14.Okt.2011 2,00MB 3.0.0.10 unbekannt BookScan&Whiteboard Suite Reallusion 21.Mrz.2012 1.0 unbekannt Brawl Busters 25.Mrz.2012 Brother BRAdmin Light 1.12 Brother 21.Mrz.2012 1.12 notwendig Brother MFL-Pro Suite MFC-5890CN Brother Industries, Ltd. 21.Mrz.2012 1.0.1.0 notwendig Brütal Legend 20.Feb.2013 CamStudio version 2.7 CamStudio Open Source 04.Apr.2013 15,1MB 2.7 unnötig CardOS API Siemens IT Solutions and Services GmbH 17.Apr.2012 5,26MB 3.3.018 notwendig CCleaner Piriform 19.Jun.2013 4.03 notwendig Chameleon Gems Freeze Tag 26.Apr.2011 Champions Online: Free For All Cryptic Studios 16.Jun.2011 Cogs Lazy 8 Studios 26.Apr.2011 Company of Heroes Relic 26.Apr.2011 Company of Heroes: Tales of Valor Relic 27.Apr.2011 Cossacks II: Battle for Europe 05.Nov.2011 Cossacks II: Napoleonic Wars 05.Nov.2011 Cossacks: Art of War 05.Nov.2011 Cossacks: Back to War GSC Game World 05.Nov.2011 Cossacks: European Wars 05.Nov.2011 Counter-Strike Valve 27.Apr.2011 Counter-Strike: Condition Zero Valve 27.Apr.2011 Counter-Strike: Condition Zero Deleted Scenes Ritual 27.Apr.2011 Counter-Strike: Global Offensive 22.Nov.2012 Counter-Strike: Global Offensive - SDK 22.Nov.2012 Counter-Strike: Source Valve 26.Apr.2011 Counter-Strike: Source Beta 27.Apr.2011 CPUID CPU-Z 1.64.0 18.Jun.2013 3,26MB Crazy Machines 1.5 Inventors Training Camp Viva-Media 14.Okt.2011 Critter Crunch 18.Okt.2012 D-i-v-X AVI Codec Pack Pro 2.4.0 D-i-v-X AVI Codec Pack Pro 16.Jan.2013 unbekannt Day of Defeat Valve 27.Apr.2011 Day of Defeat: Source Valve 27.Apr.2011 DC Universe Online Sony Online Entertainment 26.Mai.2011 Deathmatch Classic Valve 27.Apr.2011 Deckadance Image-Line 04.Apr.2013 46,8MB 2.0 Defense Grid: The Awakening Hidden Path Entertainment 27.Apr.2011 Diablo III Blizzard Entertainment 09.Jun.2013 1.0.8.16603 DiRT 3 Codemasters 26.Mrz.2013 DivX-Setup DivX, LLC 26.Sep.2012 2.6.1.9 unbekannt Don't Starve 30.Apr.2013 Dota 2 21.Okt.2012 Dual-Core Optimizer AMD 25.Nov.2011 86,0KB 1.1.4.0169 unbekannt Dungeon Defenders 04.Nov.2011 Dungeons & Dragons Online® 28.Jun.2012 Dust: An Elysian Tail Humble Hearts LLC 03.Jul.2013 Elsword_DE 02.Jun.2013 1,98GB EVEREST Ultimate Edition v5.50 Lavalys, Inc. 26.Apr.2011 5.50 notwendig Facebook Video Calling 1.2.0.287 Skype Limited 24.Okt.2012 4,76MB 1.2.287 unnötig FaceFilter Studio Brother Edition 21.Mrz.2012 1.0 ffdshow v1.2.4422 [2012-04-09] 01.Apr.2013 13,3MB 1.2.4422.0 unbekannt FileZilla Client 3.6.0.2 FileZilla Project 22.Jan.2013 17,1MB 3.6.0.2 Firebird SQL Server - MAGIX Edition MAGIX AG 24.Mrz.2013 11,5MB 2.1.31.0 unnötig Fishing Craze Freeze Tag 27.Apr.2011 FL Studio 10 Image-Line 04.Apr.2013 Forsaken World 16.Jun.2011 Fraps (remove only) 18.Jul.2012 Free Studio version 2013 DVDVideoSoft Ltd. 20.Mrz.2013 403MB 6.1.0.319 Frontlines: Fuel of War Kaos Studios 27.Apr.2011 Full Spectrum Warrior Pandemic Studios 27.Apr.2011 Full Spectrum Warrior: Ten Hammers Pandemic Studios 27.Apr.2011 Futuremark SystemInfo Futuremark Corporation 01.Jun.2013 4.17.0 unbekannt Game Dev Tycoon Version 1.3.8 Greenheart Games Pty. Ltd. 06.Mai.2013 139MB 1.3.8 GamerzHost.de CSGO Config Creator Karow GamerzHost 22.Jan.2013 1.0.0.8 unnötig GhostMouse AutomaticSolution Software 19.Mrz.2012 1,44MB Free V3.1 unnötig Global Agenda Hi-Rez Studios 16.Jun.2011 Google Chrome Google Inc. 10.Jul.2013 28.0.1500.71 Google Drive Google, Inc. 22.Jun.2013 32,1MB 1.10.4769.632 Google Talk Plugin Google 11.Jul.2013 20,6MB 4.2.1.14031 unnötig Grooveshark Escape Media Group 15.Apr.2012 20120118.01 unnötig Half-Life 2 Valve 27.Apr.2011 Half-Life 2: Deathmatch Valve 27.Apr.2011 Half-Life 2: Episode One Valve 27.Apr.2011 Half-Life 2: Episode Two Valve 27.Apr.2011 Half-Life 2: Lost Coast Valve 27.Apr.2011 Half-Life Deathmatch: Source Valve 27.Apr.2011 Half-Life: Blue Shift Gearbox 27.Apr.2011 Half-Life: Opposing Force Gearbox 27.Apr.2011 HDVidCodec hdvidcodec.com 01.Apr.2013 2.1 Build 26473 unbekannt Hellgate Hanbit Soft 31.Mai.2011 5,76GB 2.0.0.3 HiJackThis Trend Micro 19.Jan.2013 369KB 1.0.0 HLSW v1.4.0.2 Stripf Software 29.Jan.2013 47,2MB iCloud Apple Inc. 03.Jun.2013 81,9MB 2.1.2.8 IL Download Manager Image-Line 04.Apr.2013 unbekannt IL Shared Libraries Image-Line 04.Apr.2013 unbekannt IrfanView (remove only) Irfan Skiljan 11.Nov.2012 2,00MB 4.35 IsoBuster 3.0 Smart Projects 10.Aug.2012 10,4MB 3.0 iTunes Apple Inc. 03.Jun.2013 187MB 11.0.3.42 Java 7 Update 25 Oracle 26.Jun.2013 129MB 7.0.250 JDownloader 0.9 AppWork GmbH 26.Apr.2011 0.9 JDownloader 2 AppWork GmbH 05.Apr.2013 2 Juiced 2: Hot Import Nights Juice Games 28.Apr.2011 K-Lite Codec Pack 9.5.0 (Full) 25.Nov.2012 84,0MB 9.5.0 Killing Floor Tripwire Interactive 28.Apr.2011 League of Legends Riot Games 03.Mai.2011 2.0 Left 4 Dead 2 Valve 05.Nov.2011 Lightworks Lightworks 24.Mrz.2013 11.0.3.0 unnötig LIMBO 18.Okt.2012 Line 6 Uninstaller Line 6 15.Apr.2013 unbekannt Little Inferno 13.Mai.2013 Logitech Gaming Software 8.46 Logitech Inc. 02.Mai.2013 85,5MB 8.46.27 Logitech Harmony Remote Software Logitech 13.Mai.2012 1.0.110307 Logitech SetPoint 6.32 Logitech 21.Mrz.2012 39,0MB 6.32.20 LOLReplay www.leaguereplays.com 18.Feb.2013 0.8.1.4 Magic The Gathering Tactics Sony Online Entertainment 27.Mai.2011 unnötih Magic: The Gathering - Duels of the Planeswalkers 26.Apr.2011 unnötig Magic: The Gathering – Tactics 05.Feb.2012 unnötig Magicka Arrowhead Game Studios AB 13.Mai.2011 unnötig MAGIX Content und Soundpools MAGIX AG 23.Aug.2012 1.0.0.0 unnötig MAGIX Goya burnR (MSI) MAGIX AG 15.Apr.2013 4.3.2.0 unnötig MAGIX Music Maker 2013 MAGIX AG 15.Apr.2013 19.0.1.36 unnötig MAGIX Screenshare MAGIX AG 15.Apr.2013 4.3.6.1987 unnötig MAGIX Speed burnR (MSI) MAGIX AG 24.Mrz.2013 7.0.2.6 unnötig MAGIX Video deluxe 2013 MAGIX AG 24.Mrz.2013 12.0.0.32 unnötig Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 10.Jul.2013 19,2MB 1.75.0.1300 unnötig Metro 2033 THQ 28.Apr.2011 Microsoft .NET Framework 1.1 Microsoft 29.Jun.2012 34,8MB 1.1.4322 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 29.Apr.2011 38,8MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 29.Apr.2011 2,93MB 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 26.Mai.2011 51,9MB 4.0.30319 Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 26.Mai.2011 10,6MB 4.0.30319 Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 25.Nov.2011 31,3MB 3.5.92.0 Microsoft Games for Windows Marketplace Microsoft Corporation 07.Mai.2011 6,03MB 3.5.50.0 Microsoft Office Professional Plus 2013 Microsoft Corporation 03.Jan.2013 15.0.4420.1017 Microsoft Silverlight Microsoft Corporation 10.Jul.2013 149MB 5.1.20513.0 Microsoft SkyDrive Microsoft Corporation 27.Dez.2012 26,4MB 17.0.2003.1112 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 13.Mai.2011 1,69MB 3.1.0000 Microsoft Visual Basic PowerPacks 10.0 Microsoft 22.Jan.2013 1,47MB 10.0.20911 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 28.Apr.2011 250KB 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 30.Jan.2012 2,38MB 8.0.59193 Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 Microsoft Corporation 27.Apr.2011 210KB 9.0.30729.4148 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 15.Mai.2011 198KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 29.Apr.2011 790KB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 01.Jun.2011 598KB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 03.Mai.2011 3,43MB 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 26.Apr.2011 788KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 12.Mai.2011 234KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 16.Jun.2011 788KB 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 02.Jul.2011 5,76MB 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Corporation 30.Mai.2011 1,46MB 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 24.Jun.2011 234KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 13.Mai.2011 596KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 04.Nov.2011 224KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.Jun.2011 600KB 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 02.Dez.2011 15,2MB 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 05.Nov.2011 15,0MB 10.0.40219 Microsoft Xbox 360 Accessories 1.2 Microsoft 19.Nov.2012 7,82MB 1.20.146.0 Microsoft XNA Framework Redistributable 3.1 Microsoft Corporation 13.Mai.2011 7,55MB 3.1.10527.0 Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft Corporation 04.Jul.2013 8,03MB 4.0.30901.0 mIRC mIRC Co. Ltd. 21.Jan.2013 7.29 Mirror's Edge DICE 18.Nov.2011 Mixxx 1.10.1 The Mixxx Team 15.Apr.2013 1.10.1 unnötig Mouse Recorder Pro 2.0.7.4 Nemex Studios 19.Mrz.2012 4,40MB unnötig Mozilla Firefox 12.0 (x86 de) Mozilla 06.Mai.2012 62,2MB 12.0 unnötig Mozilla Firefox 5.0 (x86 de) Mozilla 28.Jun.2011 32,1MB 5.0 unnötig Mozilla Thunderbird (7.0.1) Mozilla 04.Nov.2011 7.0.1 (de) unnötig Mozilla Thunderbird 12.0.1 (x86 de) Mozilla 27.Dez.2012 60,6MB 12.0.1 unnötig MSXML 4.0 SP2 (KB954430) Microsoft Corporation 28.Apr.2011 1,27MB 4.20.9870.0 unbekannt MSXML 4.0 SP2 (KB973688) Microsoft Corporation 28.Apr.2011 1,33MB 4.20.9876.0 unbekannt MSXML 4.0 SP3 Parser Microsoft Corporation 23.Aug.2012 1,47MB 4.30.2100.0 unbekannt MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 24.Aug.2012 1,53MB 4.30.2114.0 unbekannt MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 10.Jan.2013 1,54MB 4.30.2117.0 unbekannt MXPLAY Beta 1.1 MXPLAY, Inc. 15.Apr.2013 1.1.7 unnötig Need For Speed™ World Electronic Arts 07.Apr.2012 12,5MB 1.0.0.659 unnötig Nokia Connectivity Cable Driver 19.Jun.2013 7.1.32.64 unnötig Notepad++ 06.Jun.2011 5.9.2 NVIDIA PhysX NVIDIA Corporation 20.Feb.2013 80,0MB 9.10.0222 unnötig Octoshape Streaming Services Octoshape ApS 21.Nov.2011 Open Broadcaster Software 07.Jan.2013 OpenAL 26.Mrz.2013 unbekannt OpenOffice.org 3.4.1 Apache Software Foundation 04.Feb.2013 331MB 3.41.9593 Opera 12.15 Opera Software ASA 17.Apr.2013 12.15.1748 Orcs Must Die! 18.Okt.2011 Orcs Must Die! 2 05.Dez.2012 Pandora Saga: Weapons of Balance 01.Mrz.2012 PC Gamer 17.Nov.2011 Peggle Deluxe PopCap 28.Apr.2011 Peggle Nights PopCap 28.Apr.2011 Performance Solution Brincome. 26.Apr.2011 unbekannt Pets Fun House Freeze Tag 28.Apr.2011 Picasa 3 Google, Inc. 20.Apr.2013 3.9 Pinball FX2 13.Mai.2013 Plants vs. Zombies: Game of the Year PopCap 28.Apr.2011 Poker Night at the Inventory Telltale Games 09.Jun.2011 PokerStars.it PokerStars.it 27.Feb.2013 Portal Valve 28.Apr.2011 Portal 2 Valve 28.Apr.2011 Portal 2 Authoring Tools - Beta Valve 13.Mai.2011 PunkBuster Services Even Balance, Inc. 28.Apr.2011 0.986 Puzzle Quest Infinite Interactive 30.Apr.2013 1.01 Puzzle Quest Infinite Interactive 30.Apr.2013 Puzzle Quest 2 30.Apr.2013 Puzzle Quest 2 30.Apr.2013 Quake id Software 28.Apr.2011 Quake 4 27.Jan.2012 Quake II id Software 28.Apr.2011 Quake II: Ground Zero id Software 29.Apr.2011 Quake II: The Reckoning id Software 29.Apr.2011 Quake III Arena id Software 29.Apr.2011 Quake III: Team Arena id Software 29.Apr.2011 Quake Live Mozilla Plugin id Software 09.Aug.2012 14,0MB 1.0.520 Quake Mission Pack 1: Scourge of Armagon Ritual Software 29.Apr.2011 Quake Mission Pack 2: Dissolution of Eternity Rogue Software 29.Apr.2011 QuickTime Apple Inc. 03.Jun.2013 74,6MB 7.74.80.86 RaidCall raidcall.com 15.Apr.2013 7.2.0-1.0.5185.0 unnötig Rapture3D 2.4.8 Game Blue Ripple Sound 26.Mrz.2013 ubekannt Ravensburger tiptoi 26.Dez.2012 RealPlayer RealNetworks 07.Jun.2012 91,7MB 15.0.4 Realtek High Definition Audio Driver Realtek Semiconductor Corp. 26.Apr.2011 6.0.1.6343 Reason 6.5.3 Propellerhead Software AB 15.Apr.2013 3,28GB 6.5.3 unbekannt/unnötig Recuva Piriform 17.Apr.2012 1.42 unbekannt Red Faction 29.Apr.2011 Red Faction II 29.Apr.2011 Red Faction: Guerrilla Volition 29.Apr.2011 Ricochet Valve 29.Apr.2011 Rotastic Dancing Dots 18.Okt.2012 RUSH Two Tribes 29.Apr.2011 S.T.A.L.K.E.R.: Shadow of Chernobyl GSC Game World 29.Apr.2011 Saints Row 2 Volition 30.Apr.2011 Sanctum 04.Nov.2011 Scrolls Mojang 11.Jun.2013 1.0.0 Search Protect by conduit Conduit 06.Apr.2013 1.4.1.12 unbekannt Serious Sam Classic: The First Encounter 29.Apr.2011 Serious Sam Classic: The Second Encounter 29.Apr.2011 Serious Sam HD: The First Encounter Croteam 29.Apr.2011 Serious Sam HD: The Second Encounter Croteam 29.Apr.2011 Skulls of the Shogun 17-BIT 03.Jul.2013 Skype Click to Call Skype Technologies S.A. 30.Mai.2012 34,2MB 5.10.9560 Skype™ 6.5 Skype Technologies S.A. 28.Jun.2013 21,8MB 6.5.158 Smart File Advisor 1.1.1 Filefacts.net 10.Aug.2012 1,50MB 1.1.1 unbekannt Sophos Anti-Rootkit 1.5.0 Sophos Plc 13.Jan.2013 1.5.0 unbekannt Speccy Piriform 01.Feb.2012 1.15 unbekannt Spiral Knights SEGA 16.Jun.2011 Spore Maxis 18.Nov.2011 Spore: Creepy & Cute Parts Pack Maxis 18.Nov.2011 Spore: Galactic Adventures EA - Maxis 18.Nov.2011 Spotify Spotify AB 09.Jul.2013 0.9.1.57.ge7405149 Star Wars: The Old Republic Electronic Arts, Inc. 12.Jan.2012 26,7MB 1.00 Steam Valve Corporation 26.Apr.2011 35,4MB 1.0.0.0 Street Fighter X Tekken hxxp://www.capcom.com 16.Nov.2012 Stronghold Kingdoms Firefly Studios Ltd 25.Mrz.2012 Super Meat Boy 29.Apr.2011 Team Fortress 2 Valve 30.Apr.2011 Team Fortress 2 Beta Valve 30.Apr.2011 Team Fortress Classic Valve 30.Apr.2011 TeamViewer 7 TeamViewer 20.Sep.2012 7.0.14563 unnötig TERA Gameforge Productions GmbH 03.Mrz.2013 42,5MB 19.04.02.03.hf3 TeraCopy 2.27 Code Sector 08.Dez.2012 5,49MB Terraria 26.Mai.2011 Text-To-Speech-Runtime Magix Development GmbH 15.Apr.2013 260KB 1.0.0.0 unnötig The Ball Teotl Studios 26.Apr.2011 The Binding of Isaac 18.Okt.2012 The Wonderful End of the World Dejobaan Games 01.Mai.2011 Titan Quest IronLore 30.Apr.2011 Titan Quest: Immortal Throne IronLore 30.Apr.2011 TmNationsForever Nadeo 01.Dez.2011 Toki Tori Two Tribes 30.Apr.2011 Tony Hawk's Pro Skater HD 26.Mrz.2013 Torchlight Runic Games, Inc. 01.Mai.2011 Torchlight Editor Runic Games, Inc. 13.Mai.2011 TuneUp Utilities 2013 TuneUp Software 27.Feb.2013 13.0.3020.2 Unreal Gold Epic Games 27.Jan.2012 Unreal II: The Awakening Epic Games 27.Jan.2012 Unreal Tournament 2004 Epic Games 27.Jan.2012 Unreal Tournament 3: Black Edition Epic Games 27.Jan.2012 Unreal Tournament: Game of the Year Edition Epic Games 27.Jan.2012 VIA Manager Piattaforma VIA Technologies, Inc. 30.Jan.2012 2,61MB 1.34 unbekannt VirtualCloneDrive Elaborate Bytes 26.Apr.2011 VirtualDJ Home FREE Atomix Productions 04.Apr.2013 53,5MB 7.4 VLC media player 2.0.7 VideoLAN 08.Jul.2013 2.0.7 Warhammer 40,000: Dawn of War – Dark Crusade Relic 01.Mai.2011 Warhammer 40,000: Dawn of War – Soulstorm Relic 01.Mai.2011 Warhammer 40,000: Dawn of War – Winter Assault Relic 01.Mai.2011 Warhammer® 40,000™: Dawn of War® II Relic 01.Mai.2011 Warhammer® 40,000™: Dawn of War® II – Chaos Rising™ Relic 01.Mai.2011 Winamp Nullsoft, Inc 16.Jan.2013 5.63 Winamp Erkennungs-Plug-in Nullsoft, Inc 16.Jan.2013 75,0KB 1.0.0.1 Windows Live Essentials Microsoft Corporation 27.Dez.2012 16.4.3505.0912 Windows Media Player Firefox Plugin Microsoft Corp 26.Apr.2011 296KB 1.0.0.8 unnötig WinPcap 4.1.2 CACE Technologies 05.Jun.2011 4.1.0.2001 unbekannt WinRAR archiver 26.Apr.2011 World of Goo 2D Boy 14.Okt.2012 World of Warcraft Blizzard Entertainment 20.Jun.2013 5.3.0.17055 World of Zoo Blue Fang Games 01.Mai.2011 Worms Reloaded Team17 14.Nov.2012 Xango Tango Freeze Tag 01.Mai.2011 XSplit SplitMediaLabs 25.Mrz.2013 95,7MB 1.2.1303.0101 µTorrent 04.Mai.2012 3.1.3 unnötig |
|
11.07.2013, 14:16
| #8 |
| /// Malware-holic | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hi, es sind 2 Logs zu erstellen, poste diese möglichst gleichzeitig. 1. deinstaliere: 3DMark 7-Zip Adobe Flash Player alle http://get.adobe.com/de/flashplayer/ neueste version laden, instalieren. bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Age of : beide falls beide unnötig Bewerbungsfoto CamStudio DivX Firebird Futuremark GamerzHost GhostMouse Google Talk HiJackThis IL Magic : alle Malwarebytes Magicka MAGIX : alle Mixxx Mouse Mozilla : alle MXPLAY Nokia RaidCall Reason Recuva TeamViewer Windows Media Player Firefox µTorrent Performance Solution Brincome Search Protect Smart File Sophos Anti Speccy Öffne CCleaner, analysieren, starten, PC neustarten. 2. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
neustarten. 3. Hitmanpro laden: http://filepony.de/download-hitmanpro_64/ Doppelklicken, Scan klicken. Nichts löschen, weiter klicken. Log speichern und posten, bzw als XML exportieren, packen und anhängen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet Geändert von markusg (11.07.2013 um 14:26 Uhr) |
|
11.07.2013, 15:36
| #9 |
| | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hallo, hab jetz alles hat ein bischen gedauert da ich Probleme hatte mit ein zwei Programmen die sich zuerst nicht deinstalliern wollten hat aber nach einem Neustart gklappt. Adw LOG: Code:
ATTFilter # AdwCleaner v2.304 - Datei am 11/07/2013 um 16:15:19 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : *** - ***-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\searchplugins\Askcom.xml
Gelöscht mit Neustart : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\oikliheaihindkomebcajofjponhlhhh
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\HDvidCodec.com
Ordner Gelöscht : C:\Program Files (x86)\Movie2KDownloader.com
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Users\***\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\oikliheaihindkomebcajofjponhlhhh
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\ConduitCommon
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\CT2438727
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\extensions\{dc84d6f4-abf5-441d-bdef-65f3f4d7aabe}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\oikliheaihindkomebcajofjponhlhhh
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oikliheaihindkomebcajofjponhlhhh
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com
-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\prefs.js
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfa508wj.default\user.js ... Gelöscht !
Gelöscht : user_pref("CT2438727..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2438727.CT2438727", "CT2438727");
Gelöscht : user_pref("CT2438727.CurrentServerDate", "7-7-2011");
Gelöscht : user_pref("CT2438727.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2438727.DialogsGetterLastCheckTime", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CT2438727.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Gelöscht : user_pref("CT2438727.FirstServerDate", "7-7-2011");
Gelöscht : user_pref("CT2438727.FirstTime", true);
Gelöscht : user_pref("CT2438727.FirstTimeFF3", true);
Gelöscht : user_pref("CT2438727.FixPageNotFoundErrors", false);
Gelöscht : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2438727.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2438727.HomePageProtectorEnabled", false);
Gelöscht : user_pref("CT2438727.Initialize", true);
Gelöscht : user_pref("CT2438727.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2438727.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2438727.InstalledDate", "Thu Jul 07 2011 16:24:05 GMT+0200");
Gelöscht : user_pref("CT2438727.IsAlertDBUpdated", true);
Gelöscht : user_pref("CT2438727.IsGrouping", false);
Gelöscht : user_pref("CT2438727.IsInitSetupIni", true);
Gelöscht : user_pref("CT2438727.IsMulticommunity", false);
Gelöscht : user_pref("CT2438727.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2438727.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2438727.IsProtectorsInit", true);
Gelöscht : user_pref("CT2438727.LanguagePackLastCheckTime", "Thu Jul 07 2011 16:24:05 GMT+0200");
Gelöscht : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2438727.LastLogin_3.5.0.12", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CT2438727.LatestVersion", "3.3.5.1");
Gelöscht : user_pref("CT2438727.Locale", "en");
Gelöscht : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2438727.MCDetectTooltipShow", false);
Gelöscht : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2438727.MyStuffEnabledAtInstallation", false);
Gelöscht : user_pref("CT2438727.OriginalFirstVersion", "3.5.0.12");
Gelöscht : user_pref("CT2438727.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
Gelöscht : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Thu Jul 07 2011 16:24:05 GMT+0200");
Gelöscht : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2438727.SearchProtectorEnabled", false);
Gelöscht : user_pref("CT2438727.SearchProtectorToolbarDisabled", false);
Gelöscht : user_pref("CT2438727.ServiceMapLastCheckTime", "Thu Jul 07 2011 16:24:03 GMT+0200");
Gelöscht : user_pref("CT2438727.SettingsLastCheckTime", "Thu Jul 07 2011 16:24:03 GMT+0200");
Gelöscht : user_pref("CT2438727.SettingsLastUpdate", "1308866789");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu Jul 07 2011 16:24:03 GMT+0200");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246786978");
Gelöscht : user_pref("CT2438727.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Gelöscht : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,OurTo[...]
Gelöscht : user_pref("CT2438727.UserID", "UN55215680790562232");
Gelöscht : user_pref("CT2438727.alertChannelId", "832836");
Gelöscht : user_pref("CT2438727.approveUntrustedApps", true);
Gelöscht : user_pref("CT2438727.components.1000034", false);
Gelöscht : user_pref("CT2438727.components.1000082", false);
Gelöscht : user_pref("CT2438727.components.1000234", false);
Gelöscht : user_pref("CT2438727.components.1000515", false);
Gelöscht : user_pref("CT2438727.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Gelöscht : user_pref("CT2438727.globalFirstTimeInfoLastCheckTime", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CT2438727.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2438727.initDone", true);
Gelöscht : user_pref("CT2438727.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2438727.myStuffEnabled", true);
Gelöscht : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2438727.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2438727.testingCtid", "");
Gelöscht : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CT2438727.toolbarContextMenuLastCheckTime", "Thu Jul 07 2011 16:24:05 GMT+0200");
Gelöscht : user_pref("CT2438727.usagesFlag", 2);
Gelöscht : user_pref("CT3175297.FF19Solved", "true");
Gelöscht : user_pref("CT3175297.UserID", "UN10706683192285716");
Gelöscht : user_pref("CT3175297.addressUrlXPETakeover", "true");
Gelöscht : user_pref("CT3175297.autoDisableScopes", 0);
Gelöscht : user_pref("CT3175297.installDate", "6/4/2013 21:18:36");
Gelöscht : user_pref("CT3175297.installerVersion", "1.3.7.3");
Gelöscht : user_pref("CT3175297.keyword", "true");
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/IT", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"2[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\***\\AppData\\Roaming\\Mozilla\\F[...]
Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2438727");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "a0c3d2ac-d913-4ff6-9e3a-0cf22601d4dc");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Jul 07 2011 16:24:0[...]
Gelöscht : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Jul 07 2011 16:24:14 GMT+020[...]
Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Jul 07 2011 16:24:04 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");
Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.notifications.userId", "370b8da9-f541-432f-a317-0f3f7cae820c");
Gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3175297&SearchSource=2&CU[...]
Gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Gelöscht : user_pref("smartbar.originalSearchAddressUrl", "");
Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v28.0.1500.71
Datei : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Chromium v directory_upgrade: true
}
Datei : C:\Users\***\AppData\Local\Chromium\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v [Version kann nicht ermittelt werden]
Datei : C:\Users\***\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [16121 octets] - [11/07/2013 16:15:19]
########## EOF - C:\AdwCleaner[S1].txt - [16182 octets] ##########
Code:
ATTFilter HitmanPro 3.7.6.201
www.hitmanpro.com
Computer name . . . . : KLAUS-PC
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Klaus-PC\Klaus
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2013-07-11 16:23:13
Scan mode . . . . . . : Normal
Scan duration . . . . : 7m 54s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 14
Traces . . . . . . . : 364
Objects scanned . . . : 2.401.390
Files scanned . . . . : 54.984
Remnants scanned . . : 527.573 files / 1.818.833 keys
Malware _____________________________________________________________________
C:\Users\Klaus\AppData\Local\Apps\2.0\KPRH08T9.LM4\M7ZE2HPO.NN9\game..tion_274b60bfce57d9e6_0001.0000_7f54574cc6d64f29\GamerzHost.de CSGO Config Creator.exe -> Quarantined
Size . . . . . . . : 260.608 bytes
Age . . . . . . . : 169.9 days (2013-01-22 17:59:16)
Entropy . . . . . : 7.5
SHA-256 . . . . . : 71A4BC07E9D5CE7DC063EFC4E2E3DB15B05886F3CA3E488B2239F597F84B9F01
Product . . . . . : CSGO Config Creator
Description . . . : CSGO Config Creator
Version . . . . . : 1.0.0.0
Copyright . . . . : Copyright © 2012
> Ikarus . . . . . . : Trojan-PWS.MSIL!IK
Fuzzy . . . . . . : 109.0
Suspicious files ____________________________________________________________
C:\Windows\system32\hasplms.exe
Size . . . . . . . : 4.941.768 bytes
Age . . . . . . . : 108.8 days (2013-03-24 22:10:18)
Entropy . . . . . : 7.7
SHA-256 . . . . . : 8661FDD7344A1059B99450BA22C29F70C2DF2D3A381AA47D5B24A514DE8C029F
Product . . . . . : LDK License Manager Service
Publisher . . . . : SafeNet Inc.
Description . . . : Sentinel LDK License Manager Service
Version . . . . . : 13.23.1.26482
Copyright . . . . : © 2012 SafeNet, Inc. All rights reserved.
RSA Key Size . . . : 2048
Service . . . . . : hasplms
Authenticode . . . : Valid
Fuzzy . . . . . . : 26.0
The file name extension of this program is not common.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
The Entry Point of this file lies in a resource section. This is an indication of malware infection.
The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
Starts automatically as a service during system bootup.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
Startup
HKLM\SYSTEM\CurrentControlSet\Services\hasplms\
Cookies _____________________________________________________________________
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:247realmedia.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:ad.yieldmanager.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:ad.zanox.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:ads.ad4game.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:adtech.de
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:apmebf.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:atdmt.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:bs.serving-sys.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:cocacola2.solution.weborama.fr
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:content.yieldmanager.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:doubleclick.net
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:fastclick.net
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:invitemedia.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:media6degrees.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:microsoftwllivemkt.112.2o7.net
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:ru4.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:serving-sys.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:smartadserver.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:tradedoubler.com
C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\9389v1w2.default\cookies.sqlite:weborama.fr
Code:
ATTFilter
Typ: Datei
Quelle: C:\Users\Klaus\Downloads\codecc_pack_chrome_source.exe
Status: Infiziert
Quarantäne-Objekt: 543262ea.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.74
Virendefinitionsdatei: 7.11.89.254
Meldung: APPL/CoolMirage.Gen6
Datum/Uhrzeit: 11.Jul.2013, 16:28
Typ: URL
Quelle: hxxp://uploadbaz.com/favicon.ico
Status: Infiziert
Quarantäne-Objekt: 5270126c.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows XP/VISTA Workstation/Windows 7
Suchengine: 8.02.12.30
Virendefinitionsdatei: 7.11.73.184
Meldung: HTML/Infected.WebPage.Gen3
Datum/Uhrzeit: 20.Apr.2013, 18:08
|
|
11.07.2013, 15:57
| #10 |
| /// Malware-holic | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hi, GamerzHost.de CSGO Config Creator.exe der Fund war ein Fehlalarm, und die Löschung daher nicht nötig. Wenn du die benötigst, aus der Quarantäne wiederherstellen. PC neustarten, neues OTL Log.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.07.2013, 16:06
| #11 |
| | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hey, so neuer LOG Code:
ATTFilter OTL logfile created on: 11.Jul.2013 16:59:18 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MMM.yyyy 8,00 Gb Total Physical Memory | 6,05 Gb Available Physical Memory | 75,60% Memory free 15,99 Gb Paging File | 13,85 Gb Available in Paging File | 86,58% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 186,96 Gb Total Space | 68,70 Gb Free Space | 36,74% Space Free | Partition Type: NTFS Drive D: | 977,56 Gb Total Space | 373,95 Gb Free Space | 38,25% Space Free | Partition Type: NTFS Drive E: | 885,45 Gb Total Space | 295,84 Gb Free Space | 33,41% Space Free | Partition Type: NTFS Drive I: | 7,44 Gb Total Space | 6,36 Gb Free Space | 85,43% Space Free | Partition Type: FAT32 Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.11 12:04:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2013.07.09 08:59:20 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2013.07.05 13:31:51 | 000,239,496 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe PRC - [2013.06.24 12:02:59 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.06.24 12:02:44 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2013.06.24 12:02:39 | 000,371,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe PRC - [2013.06.24 12:02:38 | 000,654,392 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe PRC - [2013.06.24 12:02:38 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.06.24 12:02:38 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.04.28 03:15:10 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2011.04.28 03:14:59 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2009.03.30 16:00:54 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe PRC - [2009.02.24 16:47:06 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe ========== Modules (No Company Name) ========== MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.06.05 00:02:24 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2013.06.04 18:40:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2013.01.28 15:19:28 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2012.06.28 10:53:00 | 004,941,768 | ---- | M] (SafeNet Inc.) [Disabled | Stopped] -- C:\Windows\SysNative\hasplms.exe -- (hasplms) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.07.11 15:42:06 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.07.10 03:56:22 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.06.24 12:02:59 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.06.24 12:02:44 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2013.06.24 12:02:39 | 000,371,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2013.06.24 12:02:38 | 000,654,392 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService) SRV - [2013.06.24 12:02:38 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.01.28 15:19:28 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | Running] -- E:\Programme\TuneUp Utility\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2013.01.28 15:19:28 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2012.10.01 21:34:38 | 005,132,888 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2012.10.01 21:34:38 | 000,178,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV - [2012.07.17 16:14:44 | 002,292,480 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.07.06 04:30:00 | 002,304,912 | ---- | M] (WIBU-SYSTEMS AG) [Disabled | Stopped] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe) SRV - [2011.05.28 06:39:39 | 000,080,256 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ezGOSvc.dll -- (ezGOSvc) SRV - [2011.04.28 03:15:10 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2011.04.28 03:14:59 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.06.05 01:09:44 | 011,833,856 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2013.06.04 23:35:04 | 000,608,768 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2013.04.24 23:56:50 | 000,410,008 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly) DRV:64bit: - [2013.04.24 23:56:50 | 000,102,808 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly) DRV:64bit: - [2013.04.24 18:31:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2013.04.22 11:38:46 | 000,838,216 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2013.03.21 16:06:07 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013.03.21 16:06:07 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013.03.21 16:06:07 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2013.02.12 22:44:28 | 000,141,376 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avfwot.sys -- (avfwot) DRV:64bit: - [2013.02.12 22:44:28 | 000,114,608 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfwim.sys -- (avfwim) DRV:64bit: - [2013.01.17 22:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV:64bit: - [2012.12.13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.09.12 16:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.06.28 10:51:36 | 000,139,592 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.11.22 16:14:54 | 000,078,208 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf) DRV:64bit: - [2011.09.28 17:31:30 | 000,321,536 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock) DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.04.26 19:35:55 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:64bit: - [2011.04.26 19:35:55 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:64bit: - [2011.04.26 14:37:38 | 000,156,912 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010.08.04 21:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2010.07.01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2010.03.23 02:17:06 | 002,061,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64) DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.12.16 00:38:56 | 000,045,824 | ---- | M] (Advanced Card Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a38ccid.sys -- (A38CCID) DRV:64bit: - [2009.08.13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub) DRV:64bit: - [2009.07.14 03:18:06 | 000,281,088 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb) DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:64bit: - [2009.06.18 13:54:10 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\25AC.tmp -- (MEMSWEEP2) DRV:64bit: - [2009.06.10 22:41:10 | 000,015,360 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrUsbSIb.sys -- (BrUsbSIb) DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008.12.26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) DRV - [2012.11.16 17:51:26 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- E:\Programme\TuneUp Utility\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2) DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9B 23 31 8E 27 04 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{93FDDC1C-6421-4DB3-9BDF-A4CC8134D0C7}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYIT&apn_uid=2FFD2986-32E8-4847-B627-11F640661F82&apn_sauid=A1AF69D2-B9F1-4A3E-8FBF-7355865AA555 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Programme\iTune\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\***\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll (Octoshape ApS) FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\***\AppData\LocalLow\Sony Online Entertainment\npsoe.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.06.07 09:02:06 | 000,000,000 | ---D | M] [2011.04.26 18:38:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.07.11 16:15:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dfa508wj.default\extensions [2013.02.27 20:50:07 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfa508wj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.06.13 20:45:42 | 000,034,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.71\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npo1d.dll CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\***\AppData\Roaming\Mozilla\plugins\npoctoshape.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = E:\Programme\Firefox\plugins\np-mswmp.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = E:\Programme\Firefox\plugins\nppl3260.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = E:\Programme\Firefox\plugins\npqtplugin5.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = E:\Programme\Firefox\plugins\nprjplug.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = E:\Programme\Firefox\plugins\nprpplugin.dll CHR - plugin: Winamp Application Detector (Enabled) = E:\Programme\Firefox\plugins\npwachk.dll CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Harmony Firefox Plugin (Enabled) = C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll CHR - plugin: SOE Web Installer (Enabled) = C:\Users\***\AppData\LocalLow\Sony Online Entertainment\npsoe.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\***\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\***\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll CHR - plugin: Raidcall plugin (Enabled) = C:\Users\***\AppData\Roaming\raidcall\plugins\nprcplugin.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: DivX Web Player (Enabled) = C:\Windows\system32\C2MP\npdivx32.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = E:\Programme\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: iTunes Application Detector (Enabled) = E:\Programme\iTune\Mozilla Plugins\npitunes.dll CHR - Extension: Auto HD For YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\4.0.2_0\ CHR - Extension: Evernote Web = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\ CHR - Extension: W\u00E4hrung Konverter = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbhghjdcfghfhlogkgdklfgmpodeglno\1.31_0\ CHR - Extension: Awesome New Tab Page = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2013.122.3.1_0\ CHR - Extension: Enhanced Steam = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg\3.9.1_0\ CHR - Extension: Picasa = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\ CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: Twitch Giveaways = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd\1.5.2_0\ O1 HOSTS File: ([2013.07.11 14:05:45 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Spotify] C:\Users\***\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [TeamSpeak 3 Client] E:\Programme\TeamSpeak3\ts3client_win64.exe (TeamSpeak Systems GmbH) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.25.2) O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.25.2) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C1BB0A5-661C-4693-AF64-AE0E94D0DEB5}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DB63A12-AD61-4D3D-834B-44D4E2F075AC}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{546FA774-03DF-4F7A-BBE3-AC729C0E7B67}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AF06241-00A0-4726-AAF3-BFFC298493D3}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (bootdelete) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.11 16:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2013.07.11 16:31:26 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013.07.11 16:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013.07.11 16:22:23 | 009,833,328 | ---- | C] (SurfRight B.V.) -- C:\Users\***\Desktop\HitmanPro_x64.exe [2013.07.11 15:49:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.07.11 13:58:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.07.11 13:58:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.07.11 13:58:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.07.11 13:58:31 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.07.11 13:58:15 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.07.11 13:54:43 | 005,087,643 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe [2013.07.11 13:45:23 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe [2013.07.11 12:26:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.07.10 22:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.07.10 21:44:37 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Chrome UserData [2013.07.08 21:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.07.08 13:52:54 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Saved Games [2013.07.04 13:44:39 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\SavedGames [2013.06.26 13:11:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.06.26 10:38:29 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\*** [2013.06.26 10:04:38 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\*** [2013.06.21 14:48:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.06.21 14:48:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013.06.21 14:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [2013.06.21 14:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2013.06.21 14:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2013.06.18 09:25:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.07.11 16:39:00 | 000,001,148 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.11 16:39:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.07.11 16:31:26 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013.07.11 16:31:26 | 000,000,390 | ---- | M] () -- C:\Windows\SysNative\bootdelete.lst [2013.07.11 16:26:19 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.11 16:26:18 | 000,016,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.11 16:18:33 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.11 16:18:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.11 16:16:19 | 000,000,172 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat [2013.07.11 16:03:42 | 000,574,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.07.11 15:51:08 | 009,833,328 | ---- | M] (SurfRight B.V.) -- C:\Users\***\Desktop\HitmanPro_x64.exe [2013.07.11 15:49:12 | 000,650,027 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.07.11 14:05:45 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.07.11 13:54:12 | 005,087,643 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe [2013.07.11 13:44:50 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe [2013.07.11 12:33:49 | 001,403,922 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.07.11 12:33:49 | 001,361,536 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.07.11 12:33:49 | 000,807,068 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.07.11 12:33:49 | 000,776,542 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.07.11 12:33:49 | 000,006,866 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.07.11 12:27:53 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2013.07.11 12:05:48 | 000,377,856 | ---- | M] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe [2013.07.11 12:04:52 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe [2013.07.11 12:04:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.07.11 11:02:32 | 000,027,606 | ---- | M] () -- C:\Users\***\Documents\cc_20130711_110229.reg [2013.07.11 10:56:48 | 000,007,661 | ---- | M] () -- C:\Users\***\AppData\Local\resmon.resmoncfg [2013.07.02 09:34:10 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013.07.01 11:51:33 | 000,015,441 | ---- | M] () -- C:\Users\***\Documents\TeamSpeak Thing.odt [2013.06.24 12:03:05 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.06.19 19:28:32 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013.06.19 19:28:32 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.07.11 16:31:26 | 000,000,390 | ---- | C] () -- C:\Windows\SysNative\bootdelete.lst [2013.07.11 16:15:27 | 000,000,172 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat [2013.07.11 16:08:16 | 000,650,027 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.07.11 16:03:24 | 000,574,472 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.07.11 15:42:06 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.07.11 13:58:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.07.11 13:58:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.07.11 13:58:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.07.11 13:58:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.07.11 13:58:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.07.11 12:27:53 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2013.07.11 12:26:45 | 000,377,856 | ---- | C] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe [2013.07.11 12:26:45 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe [2013.07.11 11:02:31 | 000,027,606 | ---- | C] () -- C:\Users\***\Documents\cc_20130711_110229.reg [2013.07.02 09:34:10 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013.07.01 01:44:10 | 000,015,441 | ---- | C] () -- C:\Users\***\Documents\TeamSpeak Thing.odt [2013.06.05 00:51:06 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2013.06.05 00:51:06 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2013.06.05 00:03:28 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2013.06.05 00:03:28 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2013.03.18 15:09:26 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.11.25 13:54:27 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012.11.07 22:40:23 | 000,000,000 | ---- | C] () -- C:\Windows\SUFDesign.INI [2012.10.18 13:33:10 | 000,038,520 | ---- | C] () -- C:\Windows\SysWow64\RGBAcodec.dll [2012.09.28 13:47:15 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2012.06.29 08:55:22 | 000,000,093 | ---- | C] () -- C:\Users\***\AppData\Local\fusioncache.dat [2012.05.01 14:37:35 | 000,000,486 | RHS- | C] () -- C:\Users\***\ntuser.pol [2012.03.21 15:29:25 | 000,000,871 | ---- | C] () -- C:\Windows\Brpfx04a.ini [2012.03.21 15:29:25 | 000,000,131 | ---- | C] () -- C:\Windows\brpcfx.ini [2012.03.21 15:29:21 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.03.21 15:29:21 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.03.21 15:29:04 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll [2012.03.21 15:29:04 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini [2012.03.21 15:29:04 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat [2012.03.21 15:15:20 | 000,000,000 | RHS- | C] () -- C:\Windows\FFSSET.BIN [2012.03.03 12:28:54 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI [2012.01.31 00:12:43 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012.01.31 00:12:42 | 000,027,743 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011.12.01 23:14:11 | 003,736,364 | ---- | C] () -- C:\Users\***\ts3_recording_11_12_01_22_14_9.wav [2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.06.16 17:25:02 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat [2011.05.15 20:16:02 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.05.08 12:33:11 | 000,000,155 | ---- | C] () -- C:\Users\***\.gtkrc-2.0 [2011.05.02 19:20:32 | 000,012,800 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.02 13:13:11 | 000,007,661 | ---- | C] () -- C:\Users\***\AppData\Local\resmon.resmoncfg [2011.04.26 18:29:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.04.27 13:02:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft [2011.10.28 20:42:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avnex [2013.04.24 12:47:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Awesomium [2012.01.09 20:57:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2013.04.04 22:51:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Deckadance19 [2013.02.20 23:57:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Doublefine [2012.09.29 21:23:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Downloaded Installations [2013.03.24 22:09:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft [2013.04.27 13:07:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla [2012.04.07 04:42:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Firefly Studios [2012.10.18 15:28:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Focus [2012.01.13 19:48:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FOG Downloader [2013.01.07 20:22:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ftblauncher [2013.07.11 11:33:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo [2011.12.19 00:13:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\go [2012.04.15 17:57:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GroovesharkDesktop.7F9BF17D6D9CB2159C78A6A6AB076EA0B1E0497C.1 [2011.06.17 20:50:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Hi-Rez Studios [2013.06.30 23:08:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HLSW [2013.04.15 13:14:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Image-Line [2012.11.07 22:42:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IndigoRose [2011.06.03 09:06:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Lazy 8 Studios [2011.04.26 19:34:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech [2013.04.15 15:41:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Line 6 [2013.05.21 15:55:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Little Inferno [2011.04.26 20:06:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient [2012.05.24 06:19:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\LolClient2 [2013.03.24 22:16:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX [2013.01.17 11:21:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MediaMonkey [2012.03.19 20:24:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mouse Recorder Pro [2013.04.15 21:04:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MXPLAY [2012.03.03 12:33:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MySQL [2012.04.07 05:16:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Need for Speed World [2011.12.19 00:16:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nokia Ovi Suite [2011.06.06 15:41:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++ [2013.01.07 09:38:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OBS [2011.11.21 02:33:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Octoshape [2013.02.04 11:11:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2013.04.17 23:02:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera [2011.05.03 21:18:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC Suite [2012.03.21 15:50:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC-FAX TX [2011.05.01 17:06:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PetsFunHouse [2013.04.15 15:42:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Propellerhead Software [2013.04.15 23:38:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\raidcall [2012.12.27 14:30:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\RavensburgerTipToi [2011.05.13 12:10:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\runic games [2012.11.03 14:26:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Screaming Bee [2013.02.20 14:41:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SFBot [2013.01.03 14:45:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client [2013.04.04 22:51:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SongManager [2011.10.20 00:06:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SplitMediaLabs [2011.11.18 21:35:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spore [2013.07.11 16:19:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spotify [2012.09.28 14:14:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\systweak [2013.03.21 10:48:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer [2013.06.01 11:23:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TERA [2012.12.13 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeraCopy [2011.11.04 14:22:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird [2011.05.01 11:00:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP [2012.04.08 23:25:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Trillian [2011.10.14 21:53:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ts3overlay [2013.04.04 13:22:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software [2013.07.11 15:59:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\uTorrent [2011.10.23 10:38:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer [2012.03.31 15:44:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\X-Chat 2 [2013.04.07 16:44:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\YaTQA ========== Purity Check ========== < End of report > |
|
11.07.2013, 16:19
| #12 |
| /// Malware-holic | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hi, 1. sichere mal deine Lizenzdaten von Avira, und lade dir die neueste, passene Version von deren Homepage. Deinstaliere deine Avira Version, starte neu, reinstaliere Avira. Bitte benutzerdefiniert instalieren, darauf achten, dass die Ask Toolbar nicht instaliert wird. Schuld an deinem Problem ist warscheinlich ein fehlerhaftes Avira Update. Nicht das du denkst, die Arbeit war umsonst, wir sind noch ein wenig Adware los geworden :-) 2. otl fix Fixen mit OTL
Code:
ATTFilter :OTL
IE - HKCU\..\SearchScopes\{93FDDC1C-6421-4DB3-9BDF-A4CC8134D0C7}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYIT&apn_uid=2FFD2986-32E8-4847-B627-11F640661F82&apn_sauid=A1AF69D2-B9F1-4A3E-8FBF-7355865AA555
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
:files
:Commands
[emptytemp]
3. bitte teste, ob es im Firefox, internet explorer, und sonstigen evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt. Teste wie pc und programme allgemein laufen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.07.2013, 16:49
| #13 |
| | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hallo, also hab jetzt den Avira wieder neu installiert. Programme laufen stabil und hab das Gefühl dass alles einwenig schneller vonstatten geht. Broweser sind ohne Toolbars und scheint ich könnte wieder normal surfen. Hier noch der FIXLOG Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{93FDDC1C-6421-4DB3-9BDF-A4CC8134D0C7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93FDDC1C-6421-4DB3-9BDF-A4CC8134D0C7}\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 57472 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6826997 bytes
->FireFox cache emptied: 356935924 bytes
->Flash cache emptied: 2163 bytes
User: HomeGroupUser$
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: ***
->Temp folder emptied: 9280758 bytes
->Temporary Internet Files folder emptied: 6106 bytes
->Java cache emptied: 1733589 bytes
->FireFox cache emptied: 75015086 bytes
->Google Chrome cache emptied: 6157890 bytes
->Opera cache emptied: 188 bytes
->Flash cache emptied: 58076 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 12288 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8413985 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68094 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 443,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07112013_173200
Files\Folders moved on Reboot...
C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
11.07.2013, 16:59
| #14 |
| /// Malware-holic | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hi, schön zu hören. Wenn alles zu deiner Zufriedenheit läuft, öffne OTL, bereinigen, PC startet neu, Remover werden gelöscht. Lösche übrig gebliebene Logs, Setups, von uns verwendete Programme. PC absichern: die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch! http://www.trojaner-board.de/96344-a...-rechners.html Starte bitte mit der Passage, Windows Vista und Windows 7 Bitte beginne damit, Windows Updates zu instalieren. Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst. Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist: - Updates automatisch Instalieren, - Täglich - Uhrzeit wählen - Bitte den gesammten rest anhaken, außer: - detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist. Klicke jetzt die Schaltfläche "OK" Klicke jetzt "nach Updates suchen". Bitte instaliere zunächst wichtige Updates. Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren. Mache das selbe bitte mit den optionalen Updates. Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist. adblock für chrome: http://filepony.de/download-ghostery_chrome/ HTTPS Everywhere https://chrome.google.com/webstore/d...jekcdonpmejbdp wählt, wenn möglich, eine sichere Verbindung sicher surfen mit chrome: Sicher surfen mit Google Chrome | Verbraucher sicher online Sandboxie Die devinition einer Sandbox ist hier nachzulesen: Sandbox Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen. Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen. Download Link: Sandboxie - Download - Filepony anleitung: http://www.trojaner-board.de/71542-a...sandboxie.html ausführliche anleitung als pdf, auch abarbeiten: Sandbox Einstellungen | bitte folgende zusatz konfiguration machen: sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen. dort klicke auf sandbox einstellungen. beschrenkungen, bei programm start und internet zugriff schreibe: chrome.exe dann gehe auf anwendungen, webbrowser, chrome. dort aktiviere alles außer gesammten profil ordner freigeben. Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen. Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate. Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten. Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten. Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar. Weiter mit: Maßnahmen für ALLE Windows-Versionen alles komplett durcharbeiten anmerkung zu file hippo. in den settings zusätzlich auswählen: hide beta updates. Run updateChecker when Windows starts Backup Programm: in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an: http://www.trojaner-board.de/82962-w...en-backup.html Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar. Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist. Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern bitte auch lesen, wie mache ich programme für alle sichtbar: Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox. wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird Sandboxie immer gestartet wenn du nen browser aufrufst. wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser passwort sicherheit: jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort bei der passwort verwaltung und erstellung hilft roboform Passwort Manager, Formular Ausfueller, Passwort Management | RoboForm Passwort Manager anleitung: RoboForm-Bedienungsanleitung: Passwort-Manager, Verwalten von Passwörtern und persönlichen Daten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.07.2013, 17:38
| #15 |
| | Google Chrome und alle anderen Browser funktionieren nicht mehr! Hey, hab mir das jetz mal durchgeschaut und durchgelesen! Habe jetz schon einige sachen von der Liste abgearbeitet werd mich dran halte dass ich das alles hinbekomme. Vielen Vielen Dank für die rasche und erfolgreiche Hilfe! Werde euch aufjedenfall weiterempfehlen. Kann geclosed werden! Vielen Dank nochmal!  |
|
| Themen zu Google Chrome und alle anderen Browser funktionieren nicht mehr! |
| ahnung, anderen, angemeldet, browser, einfach, falsch, forum, funktionieren, funktioniert, google, langsamer, lesezeichen, malwarebytes, morgen, neu, neustart, nicht mehr, nichts, opera, problem, seite, software, versuche, weiße, weiße seite, wirklich |
WARNUNG an die MITLESER: 
Textbox. 
Linear-Darstellung
