| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Notebook hängt sich ständig auf und fährt runterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.07.2013, 17:29
| #1 |
 |  Notebook hängt sich ständig auf und fährt runter Hallo, mein Notebook hängt sich ständig auf, wenn ich im Internet bin und es fährt auf einmal runter, ohne Grund. Es ist auch auf einmal total laaaaangsam und alles dauert irgendwie ewig. ich habe hier mal die logs FRST.exe mit beigefügt, vielleicht kann mir ja bitte hier auch jemand helfen. DANKE Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03
Ran by Kittikat1979 (administrator) on 31-07-2013 17:11:17
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Windows\AsScrPro.exe
(Windows Net) C:\Users\Kittikat1979\AppData\Roaming\Windows Net Data\net.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Simplygen) C:\Program Files (x86)\HomeTab\ProtectedSearch.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Eastman Kodak Company) D:\Kodak Drucker\AiO\Center\EKAiOHostService.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\InprocServer32: [Default-cscui] <==== ATTENTION!
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin [814472 2013-06-12] (Adobe Systems Incorporated)
MountPoints2: {631516c2-3ce7-11db-acfe-806d6172696f} - D:\AUTORUN\AUTORUN.EXE
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-10-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-09-17] (VIA)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480 2013-07-26] (APN)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe [x]
HKLM-x32\...\Run: [EKStatusMonitor] - D:\Kodak Drucker\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Kittikat1979\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Kittikat1979\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
Startup: C:\Users\Kittikat1979\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
URLSearchHook: (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=46364&gid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&q={searchTerms}
SearchScopes: HKCU - {5CBFFE22-22D5-40E5-B87D-BAE59D279B84} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=A463E612-0B0B-4CD7-B518-6F28079FD554&apn_sauid=02265470-D867-4705-9F6B-8BF404E886B8
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&q={searchTerms}
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Kittikat1979\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Kittikat1979\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} - C:\Users\Kittikat1979\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
Toolbar: HKLM-x32 - HomeTab - {19a395c9-823b-4700-b817-396fc84ffb16} - C:\Users\Kittikat1979\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler-x32: ipp - No CLSID Value -
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default
FF NewTab: www.google.de
FF SelectedSearchEngine: Web Search
FF Homepage: www.google.de
FF Keyword.URL: hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\searchplugins\winamp-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
FF Extension: No Name - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: pricealarm - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: No Name - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\Extensions\nostmp
FF Extension: HomeTab - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\Extensions\{24532715-4abc-47ee-bd4f-a6774d0723d2}
FF Extension: No Name - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\Extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8}
FF Extension: FoxyDeal - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: putlockerdownloader - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\Extensions\putlockerdownloader@putlockerdownloader.com.xpi
FF Extension: toolbar_AVIRA-V7 - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: webbooster - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\Extensions\webbooster@iminent.com.xpi
FF Extension: No Name - C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: () - C:\Users\KITTIK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 Kodak AiO Network Discovery Service; D:\Kodak Drucker\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company)
S2 Kodak AiO Status Monitor Service; D:\Kodak Drucker\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
S4 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2729512 2013-07-02] (Iminent)
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-07-20] ()
==================== Drivers (Whitelisted) ====================
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-05-20] ()
U3 tmlwf;
U3 tmwfp;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-31 17:03 - 2013-07-31 17:03 - 00000000 ____D C:\FRST
2013-07-31 11:33 - 2013-07-31 11:33 - 00003222 _____ C:\Users\Default\AppData\Local\installer.log
2013-07-31 11:33 - 2013-07-31 11:33 - 00003222 _____ C:\Users\Default User\AppData\Local\installer.log
2013-07-31 11:32 - 2013-07-31 11:32 - 00001845 _____ C:\Users\Public\Desktop\PrintProjects.lnk
2013-07-31 11:32 - 2013-07-31 11:32 - 00000000 ____D C:\ProgramData\Visan
2013-07-31 11:32 - 2013-07-31 11:32 - 00000000 ____D C:\ProgramData\PrintProjects
2013-07-31 11:32 - 2013-07-31 11:32 - 00000000 ____D C:\Program Files (x86)\PrintProjects
2013-07-31 11:31 - 2013-07-31 11:31 - 00001794 _____ C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2013-07-31 11:30 - 2013-07-31 11:30 - 00000000 ____D C:\Windows\SysWOW64\kodak
2013-07-31 11:29 - 2013-07-31 11:29 - 00000000 ____D C:\Windows\SysWOW64\spool
2013-07-31 11:25 - 2013-07-31 11:25 - 00000000 ____D C:\Users\Default\AppData\Roaming\KODAK AiO Home Center292376958
2013-07-31 11:25 - 2013-07-31 11:25 - 00000000 ____D C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center292376958
2013-07-28 12:45 - 2013-07-28 12:45 - 00216739 _____ C:\Users\Kittikat1979\Documents\Rechnungsnr...... Rasterbrille Pinhole Brille Nadeloehr. Bestellt u bezahlt am 27.07.2013.xps
2013-07-27 08:23 - 2013-07-27 08:26 - 00000000 ____D C:\Windows\system32\MRT
2013-07-20 16:46 - 2013-07-20 16:46 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\Avira
2013-07-20 16:43 - 2013-07-20 16:43 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-20 16:42 - 2013-07-20 16:42 - 00001965 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-20 16:41 - 2013-06-20 14:48 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-20 16:41 - 2013-06-20 14:48 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-07-20 16:41 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-07-20 16:40 - 2013-07-20 16:40 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-20 15:43 - 2013-07-20 15:43 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-20 15:43 - 2013-07-20 15:43 - 00000000 ____D C:\ProgramData\APN
2013-07-20 15:43 - 2013-07-20 15:43 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-20 15:42 - 2013-07-20 16:40 - 00000000 ____D C:\ProgramData\Avira
2013-07-20 15:25 - 2013-07-20 15:25 - 00000000 ____D C:\Windows\pss
2013-07-20 15:24 - 2013-07-20 15:24 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-07-20 15:18 - 2013-07-20 23:38 - 00000672 _____ C:\Windows\setupact.log
2013-07-20 15:18 - 2013-07-20 16:47 - 00101396 _____ C:\Windows\PFRO.log
2013-07-20 15:18 - 2013-07-20 15:18 - 00000000 _____ C:\Windows\setuperr.log
2013-07-20 15:10 - 2013-07-20 15:10 - 00000000 ____D C:\Users\KITTIK~1\AppData\Local\Freemium
2013-07-20 15:09 - 2013-07-20 15:24 - 00004068 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-20 15:09 - 2013-07-20 15:09 - 00003776 _____ C:\Windows\System32\Tasks\Freemium1ClickMaint
2013-07-20 15:09 - 2013-07-20 15:09 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\Iminent
2013-07-20 15:09 - 2013-07-20 15:09 - 00000000 ____D C:\ProgramData\Iminent
2013-07-20 15:08 - 2013-07-26 21:11 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\HomeTab
2013-07-20 15:08 - 2013-07-26 21:11 - 00000000 ____D C:\Program Files (x86)\HomeTab
2013-07-20 15:08 - 2013-07-25 07:10 - 00031816 _____ C:\Windows\Launcher.exe
2013-07-20 15:08 - 2013-07-20 15:33 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\Windows Net Data
2013-07-20 15:08 - 2013-07-20 15:09 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-20 15:08 - 2013-07-20 15:09 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-07-20 15:08 - 2013-07-20 15:08 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-07-20 15:08 - 2013-07-20 15:08 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\SimplyTech
2013-07-20 15:08 - 2013-07-20 15:08 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-20 15:08 - 2013-07-20 15:08 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-20 15:00 - 2013-07-31 16:59 - 00004244 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-07-20 14:59 - 2013-07-31 16:59 - 00004206 _____ C:\Windows\System32\Tasks\Software Updater
2013-07-20 14:58 - 2013-07-20 15:00 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-07-20 14:58 - 2013-07-20 14:58 - 00002563 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-07-20 14:58 - 2013-07-20 14:58 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-07-20 14:58 - 2013-07-20 14:58 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-07-20 14:56 - 2013-07-20 14:56 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-20 14:55 - 2013-07-20 15:06 - 00000215 _____ C:\Users\Kittikat1979\Desktop\Amazon.url
2013-07-20 14:54 - 2013-07-20 14:55 - 00000000 ____D C:\Users\KITTIK~1\AppData\Local\DownloadGuide
2013-07-12 12:45 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 12:45 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 12:45 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 12:45 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 12:45 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 12:45 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 12:45 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 12:45 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 12:45 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 12:45 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 12:45 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 12:45 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 12:45 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 12:45 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 12:45 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 12:45 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 12:45 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 12:45 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 12:45 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 12:45 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 12:45 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 12:45 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 21:58 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 21:58 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 21:58 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 21:58 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 21:58 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 21:57 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 21:57 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-03 13:52 - 2013-07-20 15:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 12:28 - 2013-07-02 12:28 - 00000000 ____D C:\Users\Kittikat1979\Desktop\Selbstständigkeit
==================== One Month Modified Files and Folders =======
2013-07-31 17:03 - 2013-07-31 17:03 - 00000000 ____D C:\FRST
2013-07-31 16:59 - 2013-07-20 15:00 - 00004244 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-07-31 16:59 - 2013-07-20 14:59 - 00004206 _____ C:\Windows\System32\Tasks\Software Updater
2013-07-31 16:43 - 2012-09-17 11:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-31 16:13 - 2010-01-21 05:10 - 02066513 _____ C:\Windows\WindowsUpdate.log
2013-07-31 11:33 - 2013-07-31 11:33 - 00003222 _____ C:\Users\Default\AppData\Local\installer.log
2013-07-31 11:33 - 2013-07-31 11:33 - 00003222 _____ C:\Users\Default User\AppData\Local\installer.log
2013-07-31 11:33 - 2010-08-22 09:01 - 00000000 ____D C:\ProgramData\Kodak
2013-07-31 11:32 - 2013-07-31 11:32 - 00001845 _____ C:\Users\Public\Desktop\PrintProjects.lnk
2013-07-31 11:32 - 2013-07-31 11:32 - 00000000 ____D C:\ProgramData\Visan
2013-07-31 11:32 - 2013-07-31 11:32 - 00000000 ____D C:\ProgramData\PrintProjects
2013-07-31 11:32 - 2013-07-31 11:32 - 00000000 ____D C:\Program Files (x86)\PrintProjects
2013-07-31 11:31 - 2013-07-31 11:31 - 00001794 _____ C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2013-07-31 11:31 - 2011-03-23 16:22 - 00000000 ____D C:\Users\Default\AppData\Local\Eastman_Kodak_Company
2013-07-31 11:31 - 2011-03-23 16:22 - 00000000 ____D C:\Users\Default User\AppData\Local\Eastman_Kodak_Company
2013-07-31 11:30 - 2013-07-31 11:30 - 00000000 ____D C:\Windows\SysWOW64\kodak
2013-07-31 11:29 - 2013-07-31 11:29 - 00000000 ____D C:\Windows\SysWOW64\spool
2013-07-31 11:29 - 2009-08-04 11:51 - 00659238 _____ C:\Windows\system32\perfh007.dat
2013-07-31 11:29 - 2009-08-04 11:51 - 00132776 _____ C:\Windows\system32\perfc007.dat
2013-07-31 11:29 - 2009-07-14 07:13 - 01512418 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-31 11:25 - 2013-07-31 11:25 - 00000000 ____D C:\Users\Default\AppData\Roaming\KODAK AiO Home Center292376958
2013-07-31 11:25 - 2013-07-31 11:25 - 00000000 ____D C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center292376958
2013-07-31 11:25 - 2011-03-23 16:16 - 00800824 _____ (Microsoft Corporation) C:\Users\Default\AppData\Roaming\DPInst.exe
2013-07-31 11:25 - 2011-03-23 16:16 - 00800824 _____ (Microsoft Corporation) C:\Users\Default User\AppData\Roaming\DPInst.exe
2013-07-31 11:25 - 2011-03-23 16:16 - 00106496 _____ (Microsoft Corporation) C:\Users\Default\AppData\Roaming\gacutil.exe
2013-07-31 11:25 - 2011-03-23 16:16 - 00106496 _____ (Microsoft Corporation) C:\Users\Default User\AppData\Roaming\gacutil.exe
2013-07-31 11:25 - 2011-03-23 16:16 - 00036352 _____ (Microsoft Corporation) C:\Users\Default\AppData\Roaming\PnPutil.exe
2013-07-31 11:25 - 2011-03-23 16:16 - 00036352 _____ (Microsoft Corporation) C:\Users\Default User\AppData\Roaming\PnPutil.exe
2013-07-28 12:45 - 2013-07-28 12:45 - 00216739 _____ C:\Users\Kittikat1979\Documents\Rechnungsnr...... Rasterbrille Pinhole Brille Nadeloehr. Bestellt u bezahlt am 27.07.2013.xps
2013-07-27 15:17 - 2010-03-14 15:55 - 00002048 _____ C:\Users\Kittikat1979\AppData\Roaming\wklnhst.dat
2013-07-27 14:34 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-07-27 08:26 - 2013-07-27 08:23 - 00000000 ____D C:\Windows\system32\MRT
2013-07-26 21:11 - 2013-07-20 15:08 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\HomeTab
2013-07-26 21:11 - 2013-07-20 15:08 - 00000000 ____D C:\Program Files (x86)\HomeTab
2013-07-26 21:03 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-26 21:03 - 2009-07-14 06:45 - 00010240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-25 07:10 - 2013-07-20 15:08 - 00031816 _____ C:\Windows\Launcher.exe
2013-07-20 23:38 - 2013-07-20 15:18 - 00000672 _____ C:\Windows\setupact.log
2013-07-20 23:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-20 16:47 - 2013-07-20 15:18 - 00101396 _____ C:\Windows\PFRO.log
2013-07-20 16:46 - 2013-07-20 16:46 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\Avira
2013-07-20 16:43 - 2013-07-20 16:43 - 00083672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-07-20 16:42 - 2013-07-20 16:42 - 00001965 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-07-20 16:40 - 2013-07-20 16:40 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-20 16:40 - 2013-07-20 15:42 - 00000000 ____D C:\ProgramData\Avira
2013-07-20 16:08 - 2010-01-21 05:59 - 00002064 _____ C:\Windows\system32\AutoRunFilter.ini
2013-07-20 16:08 - 2010-01-21 05:59 - 00001717 _____ C:\Windows\system32\ServiceFilter.ini
2013-07-20 15:43 - 2013-07-20 15:43 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-20 15:43 - 2013-07-20 15:43 - 00000000 ____D C:\ProgramData\APN
2013-07-20 15:43 - 2013-07-20 15:43 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-20 15:33 - 2013-07-20 15:08 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\Windows Net Data
2013-07-20 15:25 - 2013-07-20 15:25 - 00000000 ____D C:\Windows\pss
2013-07-20 15:24 - 2013-07-20 15:24 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-07-20 15:24 - 2013-07-20 15:09 - 00004068 _____ C:\Windows\System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-20 15:22 - 2010-03-06 00:29 - 00000000 ____D C:\Users\Kittikat1979\Tracing
2013-07-20 15:18 - 2013-07-20 15:18 - 00000000 _____ C:\Windows\setuperr.log
2013-07-20 15:10 - 2013-07-20 15:10 - 00000000 ____D C:\Users\KITTIK~1\AppData\Local\Freemium
2013-07-20 15:09 - 2013-07-20 15:09 - 00003776 _____ C:\Windows\System32\Tasks\Freemium1ClickMaint
2013-07-20 15:09 - 2013-07-20 15:09 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\Iminent
2013-07-20 15:09 - 2013-07-20 15:09 - 00000000 ____D C:\ProgramData\Iminent
2013-07-20 15:09 - 2013-07-20 15:08 - 00000635 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-07-20 15:09 - 2013-07-20 15:08 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-07-20 15:08 - 2013-07-20 15:08 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-07-20 15:08 - 2013-07-20 15:08 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\SimplyTech
2013-07-20 15:08 - 2013-07-20 15:08 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2013-07-20 15:08 - 2013-07-20 15:08 - 00000000 ____D C:\Program Files (x86)\FoxyDeal
2013-07-20 15:08 - 2011-12-19 18:17 - 00000000 ____D C:\Users\KITTIK~1\AppData\Local\Google
2013-07-20 15:08 - 2010-03-05 22:43 - 00000000 ___RD C:\Users\Kittikat1979\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-20 15:07 - 2013-07-03 13:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-20 15:06 - 2013-07-20 14:55 - 00000215 _____ C:\Users\Kittikat1979\Desktop\Amazon.url
2013-07-20 15:00 - 2013-07-20 14:58 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-07-20 14:58 - 2013-07-20 14:58 - 00002563 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-07-20 14:58 - 2013-07-20 14:58 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-07-20 14:58 - 2013-07-20 14:58 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-07-20 14:56 - 2013-07-20 14:56 - 00000000 ____D C:\ProgramData\Package Cache
2013-07-20 14:55 - 2013-07-20 14:54 - 00000000 ____D C:\Users\KITTIK~1\AppData\Local\DownloadGuide
2013-07-20 14:38 - 2010-03-06 04:21 - 00000000 ____D C:\Users\Kittikat1979\AppData\Roaming\Winamp
2013-07-20 14:38 - 2009-07-29 08:03 - 00000000 ____D C:\Windows\Panther
2013-07-20 14:29 - 2013-06-27 16:37 - 00001735 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-07-20 14:29 - 2010-03-05 23:42 - 00000000 ____D C:\Program Files\Defraggler
2013-07-14 17:38 - 2009-07-14 06:45 - 00516152 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-14 17:37 - 2012-12-30 21:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-14 17:37 - 2012-12-30 21:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-14 17:35 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-14 17:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-14 17:35 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-12 12:45 - 2010-01-21 05:22 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-05 08:36 - 2012-10-08 07:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 12:28 - 2013-07-02 12:28 - 00000000 ____D C:\Users\Kittikat1979\Desktop\Selbstständigkeit
ZeroAccess:
C:\Windows\assembly\tmp
C:\Windows\assembly\tmp\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
ZeroAccess:
C:\Users\Kittikat1979\AppData\Local\886b0aec
C:\Users\Kittikat1979\AppData\Local\886b0aec\@
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-24 23:56
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03
Ran by Kittikat1979 at 2013-07-31 17:11:45
Running from F:\
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
aioprnt (Version: 5.3.1.0)
aioscnnr (x32 Version: 5.8.10.0)
aioscnnr (x32 Version: 7.6.13.10)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482)
All-In-One (x32)
AMD USB Filter Driver (x32 Version: 1.0.13.88)
ASUS AI Recovery (x32 Version: 1.0.7)
ASUS CopyProtect (x32 Version: 1.0.0015)
ASUS FancyStart (x32 Version: 1.0.6)
ASUS LifeFrame3 (x32 Version: 3.0.20)
ASUS Live Update (x32 Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.19)
ASUS SmartLogon (x32 Version: 1.0.0007)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0028)
ASUS Virtual Camera (x32 Version: 1.0.17)
ATI Catalyst Install Manager (Version: 3.0.745.0)
ATK Generic Function Service (x32 Version: 1.00.0008)
ATK Media (x32 Version: 2.0.0005)
ATKOSD2 (x32 Version: 7.0.0006)
Avira Free Antivirus (x32 Version: 13.0.0.3884)
Avira SearchFree Toolbar plus Web Protection (x32 Version: 12.2.2.663)
BaktiNet v1.4b (x32 Version: 1.4b)
C4USelfUpdater (x32 Version: 1.00.0000)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.1001.2247.39050)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1001.2247.39050)
Catalyst Control Center Graphics Full New (x32 Version: 2009.1001.2247.39050)
Catalyst Control Center Graphics Light (x32 Version: 2009.1001.2247.39050)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1001.2247.39050)
Catalyst Control Center InstallProxy (x32 Version: 2009.1001.2247.39050)
Catalyst Control Center Localization All (x32 Version: 2009.1001.2247.39050)
CCC Help Chinese Standard (x32 Version: 2009.1001.2246.39050)
CCC Help Chinese Traditional (x32 Version: 2009.1001.2246.39050)
CCC Help Czech (x32 Version: 2009.1001.2246.39050)
CCC Help Danish (x32 Version: 2009.1001.2246.39050)
CCC Help Dutch (x32 Version: 2009.1001.2246.39050)
CCC Help English (x32 Version: 2009.1001.2246.39050)
CCC Help Finnish (x32 Version: 2009.1001.2246.39050)
CCC Help French (x32 Version: 2009.1001.2246.39050)
CCC Help German (x32 Version: 2009.1001.2246.39050)
CCC Help Greek (x32 Version: 2009.1001.2246.39050)
CCC Help Hungarian (x32 Version: 2009.1001.2246.39050)
CCC Help Italian (x32 Version: 2009.1001.2246.39050)
CCC Help Japanese (x32 Version: 2009.1001.2246.39050)
CCC Help Korean (x32 Version: 2009.1001.2246.39050)
CCC Help Norwegian (x32 Version: 2009.1001.2246.39050)
CCC Help Polish (x32 Version: 2009.1001.2246.39050)
CCC Help Portuguese (x32 Version: 2009.1001.2246.39050)
CCC Help Russian (x32 Version: 2009.1001.2246.39050)
CCC Help Spanish (x32 Version: 2009.1001.2246.39050)
CCC Help Swedish (x32 Version: 2009.1001.2246.39050)
CCC Help Thai (x32 Version: 2009.1001.2246.39050)
CCC Help Turkish (x32 Version: 2009.1001.2246.39050)
ccc-core-static (x32 Version: 2009.1001.2247.39050)
ccc-utility64 (Version: 2009.1001.2247.39050)
center (x32 Version: 7.7.2.0)
CyberLink LabelPrint (x32 Version: 2.5.1908)
CyberLink Power2Go (x32 Version: 6.1.3509a)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Defraggler (Version: 2.15)
DHTML Editing Component (x32 Version: 6.02.0001)
eaner (Version: 4.03)
ElsterFormular für Privatanwender und Unternehmer (x32 Version: 12.2.0.6412k)
essentials (x32 Version: 7.7.2.0)
Fast Boot (Version: 1.0.4)
FoxyDeal (x32 Version: 1.1.0)
Free System Utilities (x32 Version: 1.1.0.95)
Free SystemUtilities (x32 Version: 1.1.0.95)
HomeTab 4.2 (x32 Version: 4.2)
Iminent (x32 Version: 6.27.21.0)
IrfanView (remove only) (x32)
IsoBuster 2.8 (x32 Version: 2.8)
Java 7 Update 10 (64-bit) (Version: 7.0.100)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 14.0.8117.416)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK All-in-One Software (x32 Version: 7.7.6.0)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.3 (x32 Version: 2.0.2313.0)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Notepad++ (x32 Version: 5.9)
Nvu 1.0 (x32 Version: 1.0)
ocr (x32 Version: 6.2.3.50)
OpenOffice.org 3.2 (x32 Version: 3.2.9502)
Photo Dose (x32)
PhotoDose Online Photoservice Plugin (x32)
PhotoImpact X3 (x32 Version: 13.0)
Platform (x32 Version: 1.34)
PreReq (x32 Version: 6.2.4.0)
PrintProjects (x32 Version: 1.0.0.9282)
PSFtp Free (x32 Version: 1.4.0.119)
Realtek 8136 8168 8169 Ethernet Driver (x32 Version: 1.00.0005)
Softwareprofi Database Engine 1.02 (x32 Version: 1.02)
SRS Premium Sound Control Panel (Version: 1.8.1200)
Turbo Lister 2 (x32 Version: 2.00.0000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
VIA Platform Device Manager (x32 Version: 1.34)
VLC media player 1.0.3 (x32 Version: 1.0.3)
Winamp (x32 Version: 5.601 )
Winamp Anwendungserkennung (HKCU Version: 1.0.0.1)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Toolbar (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Utils (x32)
WinFlash (x32 Version: 2.29.0)
WinRAR (x32)
Wireless Console 3 (x32 Version: 3.0.12)
Yahoo! Detect (x32)
==================== Restore Points =========================
16-07-2013 08:02:57 Windows Update
19-07-2013 16:28:18 Windows Update
20-07-2013 12:55:48 Free System Utilities
20-07-2013 13:02:33 Windows Update
20-07-2013 13:14:18 Free System Utilities 20.07.2013 15:14:18
20-07-2013 13:15:41 Free System Utilities 20.07.2013 15:15:41
26-07-2013 19:10:17 Windows Update
27-07-2013 06:16:40 Windows Update
31-07-2013 09:34:26 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2010-03-06 19:21 - 00380343 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {029092FB-8C8F-4FC9-8B54-A73DF77DF5FB} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {07BC71ED-B511-4C3A-BF12-0ED2A9DCE6F0} - System32\Tasks\FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl => C:\Users\Kittikat1979\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\Binaries\ChromeInstaller.exe [2013-07-22] (Iminent)
Task: {1099FCA0-62DD-4B01-8A7A-CCDC95CFB480} - System32\Tasks\Browser Updater\Browser Updater => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {128C1A2F-02B9-4A04-9FA7-D823791CC118} - System32\Tasks\{BBA28D73-CA05-4668-9791-172E1D900675} => C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE No File
Task: {15A59E18-F7B1-4587-9EC8-C6AD00174103} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {1B7842BF-D291-41DA-A223-88DC819CCA03} - System32\Tasks\{D6B724B5-3241-4848-8E00-04A3961F74DD} => C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE No File
Task: {3757F066-C520-4A3B-8F4C-271D058F5BCC} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {38ED9269-EB39-4111-A725-C98005B82CD1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {4897CF53-AFEC-493A-8844-AAA4220E1A74} - System32\Tasks\{900F6F34-2CDC-4ECD-B061-F84656A757F9} => C:\Program Files (x86)\Microsoft Office\Office\WINWORD.EXE No File
Task: {57B17B36-BE08-4C39-8076-8879E45395BE} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {6012AC60-BA10-44C7-848F-B71CEDB281F8} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-09-16] ()
Task: {6099B89D-FA0A-47A2-80D5-326597624C7A} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\ProtectedSearch.exe [2013-07-10] (Simplygen)
Task: {7473AC3E-F30E-4B30-9FC8-80DB563EC31B} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-07-29] (ATK)
Task: {7D9141A1-EC2B-4401-B660-ACC65E34F2DC} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {A3B225C0-D96B-4A28-B659-9840395CE6AF} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-07-20] ()
Task: {AAC3CA7E-B494-4706-8299-18F2CEB25955} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {C7A4A7CB-FAA1-4FD1-8D1B-1522A734AFBE} - System32\Tasks\{423C9FB6-2882-40FF-A687-A4CDFC643E89} => E:\SETUP.EXE No File
Task: {D19A8FCF-8EAF-4658-A0C1-DF1A0C91D498} - System32\Tasks\Freemium1ClickMaint => C:\Users\Kittikat1979\Desktop\Firefox Downloads\1Click.exe No File
Task: {DBF8227A-0CC6-4452-859D-BBED9A9C307E} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {E8F3839D-5DF1-452D-ABA7-95762661150C} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-07-20] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/28/2013 02:25:13 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1074
Startzeit: 01ce8ac2bc7e6940
Endzeit: 53
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: b9165dee-f780-11e2-8bfd-e0cb4e93c376
Error: (07/27/2013 09:13:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (07/25/2013 07:39:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (07/25/2013 00:00:14 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (07/20/2013 04:31:22 PM) (Source: MsiInstaller) (User: Kittikat1979-PC)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox
Error: (07/20/2013 04:31:18 PM) (Source: MsiInstaller) (User: Kittikat1979-PC)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox
Error: (07/20/2013 03:15:41 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service ADSM Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (07/20/2013 03:14:19 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service ADSM Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (07/20/2013 03:02:37 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service ADSM Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (07/20/2013 02:56:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service ADSM Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (07/31/2013 02:14:28 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{897150E4-F479-476C-8B44-99846976541D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/31/2013 00:17:25 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{897150E4-F479-476C-8B44-99846976541D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/31/2013 11:22:51 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.
Error: (07/29/2013 07:40:16 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{897150E4-F479-476C-8B44-99846976541D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/29/2013 03:56:27 PM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.1.5 mit dem Computer mit der
Netzwerkhardwareadresse 5C-B5-24-E5-C7-7D ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (07/20/2013 11:39:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/20/2013 11:39:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst System Store erreicht.
Error: (07/20/2013 11:38:06 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 20.07.2013 um 23:35:28 unerwartet heruntergefahren.
Error: (07/20/2013 07:48:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "System Store" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/20/2013 07:48:14 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst System Store erreicht.
Microsoft Office Sessions:
=========================
Error: (07/28/2013 02:25:13 PM) (Source: Application Hang)(User: )
Description: firefox.exe22.0.0.4917107401ce8ac2bc7e694053C:\Program Files (x86)\Mozilla Firefox\firefox.exeb9165dee-f780-11e2-8bfd-e0cb4e93c376
Error: (07/27/2013 09:13:04 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (07/25/2013 07:39:58 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (07/25/2013 00:00:14 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (07/20/2013 04:31:22 PM) (Source: MsiInstaller)(User: Kittikat1979-PC)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/20/2013 04:31:18 PM) (Source: MsiInstaller)(User: Kittikat1979-PC)
Description: Produkt: Avira SearchFree Toolbar plus Web Protection -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:
Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/20/2013 03:15:41 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service ADSM Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (07/20/2013 03:14:19 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service ADSM Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (07/20/2013 03:02:37 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service ADSM Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (07/20/2013 02:56:12 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service ADSM Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
==================== Memory info ===========================
Percentage of memory in use: 37%
Total physical RAM: 4095.12 MB
Available physical RAM: 2565.24 MB
Total Pagefile: 8188.42 MB
Available Pagefile: 6415.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Datenträger) (Fixed) (Total:74.52 GB) (Free:29.99 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]
Drive d: (Datenträger) (Fixed) (Total:208.92 GB) (Free:141.33 GB) NTFS (Disk=0 Partition=3)
Drive f: () (Removable) (Total:1.88 GB) (Free:1.87 GB) FAT (Disk=1 Partition=1)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=15 GB) - (Type=1C)
Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=209 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=2 GB) - (Type=06)
==================== End Of Log ============================
|
|
31.07.2013, 17:34
| #2 |
| /// Malware-holic   |  Notebook hängt sich ständig auf und fährt runter Hi,
__________________es sind mehrere Arbeitsschritte auszuführen, sollte es Probleme geben, melden. Es sind 2 Logs zu erstellen, poste sie gleichzeitig. 1. deinstaliere: FoxyDeal : falls unnötig. HomeTab Iminent Neustarten. 2. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
3. Scan mit Combofix
__________________ |
|
31.07.2013, 22:26
| #3 |
| | Notebook hängt sich ständig auf und fährt runter Hallo,
__________________punkt 1 erledigt ;o)) Punkt 2 erledingt und hier ist der log. Code:
ATTFilter 23:02:25.0634 3568 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:02:25.0962 3568 ============================================================
23:02:25.0962 3568 Current date / time: 2013/07/31 23:02:25.0962
23:02:25.0962 3568 SystemInfo:
23:02:25.0962 3568
23:02:25.0962 3568 OS Version: 6.1.7601 ServicePack: 1.0
23:02:25.0962 3568 Product type: Workstation
23:02:25.0962 3568 ComputerName: KITTIKAT1979-PC
23:02:25.0962 3568 UserName: Kittikat1979
23:02:25.0962 3568 Windows directory: C:\Windows
23:02:25.0962 3568 System windows directory: C:\Windows
23:02:25.0962 3568 Running under WOW64
23:02:25.0962 3568 Processor architecture: Intel x64
23:02:25.0962 3568 Number of processors: 2
23:02:25.0962 3568 Page size: 0x1000
23:02:25.0962 3568 Boot type: Normal boot
23:02:25.0962 3568 ============================================================
23:02:27.0350 3568 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:02:27.0350 3568 Drive \Device\Harddisk1\DR1 - Size: 0x78748E00 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:02:27.0350 3568 ============================================================
23:02:27.0350 3568 \Device\Harddisk0\DR0:
23:02:27.0350 3568 MBR partitions:
23:02:27.0350 3568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0x950A600
23:02:27.0381 3568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xB2557B7, BlocksNum 0x1A1D7F0A
23:02:27.0381 3568 \Device\Harddisk1\DR1:
23:02:27.0381 3568 MBR partitions:
23:02:27.0381 3568 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3C0E76
23:02:27.0381 3568 ============================================================
23:02:27.0412 3568 C: <-> \Device\Harddisk0\DR0\Partition1
23:02:27.0459 3568 D: <-> \Device\Harddisk0\DR0\Partition2
23:02:27.0459 3568 ============================================================
23:02:27.0459 3568 Initialize success
23:02:27.0459 3568 ============================================================
23:02:44.0947 2540 ============================================================
23:02:44.0947 2540 Scan started
23:02:44.0947 2540 Mode: Manual; SigCheck; TDLFS;
23:02:44.0947 2540 ============================================================
23:02:45.0945 2540 ================ Scan system memory ========================
23:02:45.0945 2540 System memory - ok
23:02:45.0945 2540 ================ Scan services =============================
23:02:46.0086 2540 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:02:46.0164 2540 1394ohci - ok
23:02:46.0210 2540 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:02:46.0226 2540 ACPI - ok
23:02:46.0257 2540 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:02:46.0335 2540 AcpiPmi - ok
23:02:46.0444 2540 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:02:46.0444 2540 AdobeARMservice - ok
23:02:46.0569 2540 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:02:46.0600 2540 AdobeFlashPlayerUpdateSvc - ok
23:02:46.0647 2540 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:02:46.0678 2540 adp94xx - ok
23:02:46.0678 2540 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:02:46.0710 2540 adpahci - ok
23:02:46.0725 2540 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:02:46.0741 2540 adpu320 - ok
23:02:46.0772 2540 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:02:46.0897 2540 AeLookupSvc - ok
23:02:46.0944 2540 [ FB2BE0BAE9B3F248080CDBF91EF16C7F ] AFBAgent C:\Windows\system32\FBAgent.exe
23:02:46.0975 2540 AFBAgent - ok
23:02:47.0006 2540 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:02:47.0068 2540 AFD - ok
23:02:47.0100 2540 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:02:47.0115 2540 agp440 - ok
23:02:47.0146 2540 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:02:47.0193 2540 ALG - ok
23:02:47.0224 2540 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:02:47.0240 2540 aliide - ok
23:02:47.0271 2540 [ 5B0539714C6BD5CBBA653A68318435C3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:02:47.0318 2540 AMD External Events Utility - ok
23:02:47.0349 2540 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:02:47.0365 2540 amdide - ok
23:02:47.0412 2540 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:02:47.0458 2540 AmdK8 - ok
23:02:47.0490 2540 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:02:47.0521 2540 AmdPPM - ok
23:02:47.0552 2540 [ 8818A2AB90189B7FF60A24C0847F9A6B ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
23:02:47.0568 2540 amdsata - ok
23:02:47.0583 2540 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:02:47.0599 2540 amdsbs - ok
23:02:47.0614 2540 [ 3C430969F097DEE18D13010D678069CD ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
23:02:47.0630 2540 amdxata - ok
23:02:47.0677 2540 [ 9C7F164B49CADC658D1B3C575782F346 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
23:02:47.0692 2540 AmUStor - ok
23:02:47.0895 2540 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:02:47.0895 2540 AntiVirSchedulerService - ok
23:02:47.0958 2540 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:02:47.0973 2540 AntiVirService - ok
23:02:48.0020 2540 [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:02:48.0036 2540 AntiVirWebService - ok
23:02:48.0098 2540 [ D41231AECFEE88973D56AEC2EE5B962D ] APNMCP C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
23:02:48.0114 2540 APNMCP - ok
23:02:48.0160 2540 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:02:48.0348 2540 AppID - ok
23:02:48.0363 2540 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:02:48.0426 2540 AppIDSvc - ok
23:02:48.0472 2540 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
23:02:48.0519 2540 Appinfo - ok
23:02:48.0550 2540 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:02:48.0566 2540 arc - ok
23:02:48.0582 2540 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:02:48.0597 2540 arcsas - ok
23:02:48.0644 2540 [ 2DB34EDD17D3A8DA7105A19C95A3DD68 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
23:02:48.0660 2540 ASMMAP64 - ok
23:02:48.0675 2540 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:02:48.0738 2540 AsyncMac - ok
23:02:48.0784 2540 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:02:48.0800 2540 atapi - ok
23:02:48.0847 2540 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
23:02:48.0940 2540 athr - ok
23:02:49.0128 2540 [ A47B3FCE2D47EAB02C608AA8200CCB7E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:02:49.0346 2540 atikmdag - ok
23:02:49.0377 2540 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
23:02:49.0393 2540 AtiPcie - ok
23:02:49.0408 2540 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
23:02:49.0424 2540 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
23:02:49.0424 2540 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
23:02:49.0471 2540 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:02:49.0533 2540 AudioEndpointBuilder - ok
23:02:49.0549 2540 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:02:49.0580 2540 AudioSrv - ok
23:02:49.0642 2540 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:02:49.0658 2540 avgntflt - ok
23:02:49.0689 2540 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:02:49.0705 2540 avipbb - ok
23:02:49.0720 2540 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:02:49.0736 2540 avkmgr - ok
23:02:49.0798 2540 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:02:49.0845 2540 AxInstSV - ok
23:02:49.0892 2540 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:02:49.0923 2540 b06bdrv - ok
23:02:49.0954 2540 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:02:49.0986 2540 b57nd60a - ok
23:02:50.0032 2540 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:02:50.0064 2540 BDESVC - ok
23:02:50.0095 2540 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:02:50.0142 2540 Beep - ok
23:02:50.0204 2540 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:02:50.0282 2540 BFE - ok
23:02:50.0313 2540 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:02:50.0407 2540 BITS - ok
23:02:50.0438 2540 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:02:50.0485 2540 blbdrive - ok
23:02:50.0516 2540 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:02:50.0563 2540 bowser - ok
23:02:50.0610 2540 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:02:50.0688 2540 BrFiltLo - ok
23:02:50.0688 2540 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:02:50.0703 2540 BrFiltUp - ok
23:02:50.0734 2540 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:02:50.0766 2540 Browser - ok
23:02:50.0797 2540 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:02:50.0844 2540 Brserid - ok
23:02:50.0859 2540 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:02:50.0890 2540 BrSerWdm - ok
23:02:50.0906 2540 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:02:50.0937 2540 BrUsbMdm - ok
23:02:50.0953 2540 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:02:50.0968 2540 BrUsbSer - ok
23:02:50.0984 2540 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:02:51.0015 2540 BTHMODEM - ok
23:02:51.0046 2540 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:02:51.0093 2540 bthserv - ok
23:02:51.0109 2540 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:02:51.0140 2540 cdfs - ok
23:02:51.0187 2540 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
23:02:51.0218 2540 cdrom - ok
23:02:51.0249 2540 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:02:51.0296 2540 CertPropSvc - ok
23:02:51.0327 2540 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:02:51.0358 2540 circlass - ok
23:02:51.0405 2540 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:02:51.0421 2540 CLFS - ok
23:02:51.0483 2540 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:02:51.0499 2540 clr_optimization_v2.0.50727_32 - ok
23:02:51.0561 2540 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:02:51.0577 2540 clr_optimization_v2.0.50727_64 - ok
23:02:51.0655 2540 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:02:51.0686 2540 clr_optimization_v4.0.30319_32 - ok
23:02:51.0717 2540 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:02:51.0733 2540 clr_optimization_v4.0.30319_64 - ok
23:02:51.0795 2540 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:02:51.0826 2540 CmBatt - ok
23:02:51.0858 2540 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:02:51.0858 2540 cmdide - ok
23:02:51.0904 2540 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:02:51.0936 2540 CNG - ok
23:02:51.0967 2540 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:02:51.0982 2540 Compbatt - ok
23:02:52.0014 2540 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:02:52.0045 2540 CompositeBus - ok
23:02:52.0060 2540 COMSysApp - ok
23:02:52.0076 2540 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:02:52.0092 2540 crcdisk - ok
23:02:52.0123 2540 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:02:52.0154 2540 CryptSvc - ok
23:02:52.0201 2540 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:02:52.0248 2540 DcomLaunch - ok
23:02:52.0279 2540 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:02:52.0341 2540 defragsvc - ok
23:02:52.0372 2540 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:02:52.0419 2540 DfsC - ok
23:02:52.0466 2540 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:02:52.0513 2540 Dhcp - ok
23:02:52.0528 2540 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:02:52.0575 2540 discache - ok
23:02:52.0606 2540 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:02:52.0622 2540 Disk - ok
23:02:52.0669 2540 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:02:52.0684 2540 Dnscache - ok
23:02:52.0716 2540 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:02:52.0762 2540 dot3svc - ok
23:02:52.0794 2540 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:02:52.0856 2540 DPS - ok
23:02:52.0887 2540 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:02:52.0918 2540 drmkaud - ok
23:02:52.0981 2540 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:02:52.0996 2540 DXGKrnl - ok
23:02:53.0043 2540 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:02:53.0106 2540 EapHost - ok
23:02:53.0199 2540 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:02:53.0308 2540 ebdrv - ok
23:02:53.0340 2540 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:02:53.0371 2540 EFS - ok
23:02:53.0418 2540 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:02:53.0464 2540 ehRecvr - ok
23:02:53.0480 2540 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:02:53.0511 2540 ehSched - ok
23:02:53.0558 2540 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:02:53.0574 2540 elxstor - ok
23:02:53.0605 2540 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:02:53.0636 2540 ErrDev - ok
23:02:53.0667 2540 [ 5CD1005B9BC241C3AB8501D5FBF09FD4 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
23:02:53.0698 2540 ETD - ok
23:02:53.0745 2540 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:02:53.0792 2540 EventSystem - ok
23:02:53.0839 2540 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:02:53.0886 2540 exfat - ok
23:02:53.0917 2540 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:02:53.0964 2540 fastfat - ok
23:02:54.0010 2540 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:02:54.0057 2540 Fax - ok
23:02:54.0073 2540 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:02:54.0104 2540 fdc - ok
23:02:54.0135 2540 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:02:54.0166 2540 fdPHost - ok
23:02:54.0182 2540 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:02:54.0307 2540 FDResPub - ok
23:02:54.0338 2540 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:02:54.0354 2540 FileInfo - ok
23:02:54.0385 2540 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:02:54.0432 2540 Filetrace - ok
23:02:54.0478 2540 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:02:54.0510 2540 flpydisk - ok
23:02:54.0525 2540 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:02:54.0541 2540 FltMgr - ok
23:02:54.0619 2540 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
23:02:54.0681 2540 FontCache - ok
23:02:54.0728 2540 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:02:54.0744 2540 FontCache3.0.0.0 - ok
23:02:54.0759 2540 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:02:54.0775 2540 FsDepends - ok
23:02:54.0806 2540 [ 53DAB1791917A72738539AD25C4EED7F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:02:54.0822 2540 fssfltr - ok
23:02:54.0915 2540 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:02:54.0962 2540 fsssvc - ok
23:02:54.0993 2540 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:02:55.0009 2540 Fs_Rec - ok
23:02:55.0056 2540 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:02:55.0071 2540 fvevol - ok
23:02:55.0118 2540 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:02:55.0134 2540 gagp30kx - ok
23:02:55.0180 2540 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:02:55.0243 2540 gpsvc - ok
23:02:55.0274 2540 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:02:55.0305 2540 hcw85cir - ok
23:02:55.0336 2540 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:02:55.0383 2540 HdAudAddService - ok
23:02:55.0399 2540 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:02:55.0430 2540 HDAudBus - ok
23:02:55.0446 2540 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:02:55.0477 2540 HidBatt - ok
23:02:55.0508 2540 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:02:55.0539 2540 HidBth - ok
23:02:55.0570 2540 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:02:55.0602 2540 HidIr - ok
23:02:55.0617 2540 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:02:55.0664 2540 hidserv - ok
23:02:55.0711 2540 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:02:55.0726 2540 HidUsb - ok
23:02:55.0742 2540 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:02:55.0789 2540 hkmsvc - ok
23:02:55.0820 2540 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:02:55.0851 2540 HomeGroupListener - ok
23:02:55.0867 2540 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:02:55.0898 2540 HomeGroupProvider - ok
23:02:55.0945 2540 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:02:55.0960 2540 HpSAMD - ok
23:02:55.0992 2540 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:02:56.0054 2540 HTTP - ok
23:02:56.0085 2540 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:02:56.0101 2540 hwpolicy - ok
23:02:56.0116 2540 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:02:56.0132 2540 i8042prt - ok
23:02:56.0179 2540 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:02:56.0194 2540 iaStorV - ok
23:02:56.0272 2540 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:02:56.0319 2540 idsvc - ok
23:02:56.0350 2540 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:02:56.0366 2540 iirsp - ok
23:02:56.0413 2540 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:02:56.0475 2540 IKEEXT - ok
23:02:56.0506 2540 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:02:56.0522 2540 intelide - ok
23:02:56.0553 2540 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:02:56.0584 2540 intelppm - ok
23:02:56.0616 2540 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:02:56.0647 2540 IPBusEnum - ok
23:02:56.0678 2540 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:02:56.0725 2540 IpFilterDriver - ok
23:02:56.0772 2540 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:02:56.0803 2540 iphlpsvc - ok
23:02:56.0850 2540 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:02:56.0865 2540 IPMIDRV - ok
23:02:56.0928 2540 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:02:56.0974 2540 IPNAT - ok
23:02:57.0006 2540 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:02:57.0068 2540 IRENUM - ok
23:02:57.0084 2540 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:02:57.0099 2540 isapnp - ok
23:02:57.0130 2540 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:02:57.0146 2540 iScsiPrt - ok
23:02:57.0177 2540 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:02:57.0193 2540 kbdclass - ok
23:02:57.0224 2540 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:02:57.0255 2540 kbdhid - ok
23:02:57.0286 2540 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
23:02:57.0302 2540 kbfiltr - ok
23:02:57.0318 2540 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:02:57.0333 2540 KeyIso - ok
23:02:57.0520 2540 [ 140692763A50BFFF322CDC076300587E ] Kodak AiO Network Discovery Service D:\Kodak Drucker\AiO\Center\EKAiOHostService.exe
23:02:57.0536 2540 Kodak AiO Network Discovery Service - ok
23:02:57.0630 2540 [ E29F999616D7C08B0E91296908C47CAF ] Kodak AiO Status Monitor Service D:\Kodak Drucker\AiO\StatusMonitor\EKPrinterSDK.exe
23:02:57.0661 2540 Kodak AiO Status Monitor Service - ok
23:02:57.0676 2540 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:02:57.0692 2540 KSecDD - ok
23:02:57.0723 2540 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:02:57.0739 2540 KSecPkg - ok
23:02:57.0770 2540 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:02:57.0817 2540 ksthunk - ok
23:02:57.0832 2540 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:02:57.0895 2540 KtmRm - ok
23:02:57.0942 2540 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:02:58.0004 2540 LanmanServer - ok
23:02:58.0035 2540 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:02:58.0082 2540 LanmanWorkstation - ok
23:02:58.0144 2540 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:02:58.0176 2540 lltdio - ok
23:02:58.0222 2540 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:02:58.0285 2540 lltdsvc - ok
23:02:58.0316 2540 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:02:58.0363 2540 lmhosts - ok
23:02:58.0394 2540 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:02:58.0410 2540 LSI_FC - ok
23:02:58.0441 2540 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:02:58.0456 2540 LSI_SAS - ok
23:02:58.0472 2540 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:02:58.0488 2540 LSI_SAS2 - ok
23:02:58.0503 2540 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:02:58.0519 2540 LSI_SCSI - ok
23:02:58.0534 2540 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:02:58.0581 2540 luafv - ok
23:02:58.0612 2540 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
23:02:58.0628 2540 lullaby - ok
23:02:58.0768 2540 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
23:02:58.0784 2540 McComponentHostService - ok
23:02:58.0800 2540 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:02:58.0831 2540 Mcx2Svc - ok
23:02:58.0846 2540 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:02:58.0862 2540 megasas - ok
23:02:58.0878 2540 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:02:58.0909 2540 MegaSR - ok
23:02:59.0112 2540 Microsoft SharePoint Workspace Audit Service - ok
23:02:59.0143 2540 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:02:59.0205 2540 MMCSS - ok
23:02:59.0221 2540 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:02:59.0283 2540 Modem - ok
23:02:59.0314 2540 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:02:59.0330 2540 monitor - ok
23:02:59.0377 2540 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:02:59.0392 2540 mouclass - ok
23:02:59.0439 2540 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:02:59.0455 2540 mouhid - ok
23:02:59.0533 2540 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:02:59.0564 2540 mountmgr - ok
23:02:59.0626 2540 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:02:59.0626 2540 MozillaMaintenance - ok
23:02:59.0673 2540 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:02:59.0689 2540 mpio - ok
23:02:59.0720 2540 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:02:59.0767 2540 mpsdrv - ok
23:02:59.0814 2540 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:02:59.0876 2540 MpsSvc - ok
23:02:59.0907 2540 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:02:59.0938 2540 MRxDAV - ok
23:02:59.0985 2540 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:00.0016 2540 mrxsmb - ok
23:03:00.0032 2540 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:00.0079 2540 mrxsmb10 - ok
23:03:00.0094 2540 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:00.0126 2540 mrxsmb20 - ok
23:03:00.0157 2540 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:03:00.0157 2540 msahci - ok
23:03:00.0172 2540 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:03:00.0188 2540 msdsm - ok
23:03:00.0219 2540 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:03:00.0250 2540 MSDTC - ok
23:03:00.0297 2540 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:03:00.0344 2540 Msfs - ok
23:03:00.0391 2540 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:03:00.0438 2540 mshidkmdf - ok
23:03:00.0469 2540 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:03:00.0469 2540 msisadrv - ok
23:03:00.0500 2540 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:03:00.0547 2540 MSiSCSI - ok
23:03:00.0562 2540 msiserver - ok
23:03:00.0594 2540 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:03:00.0640 2540 MSKSSRV - ok
23:03:00.0656 2540 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:00.0703 2540 MSPCLOCK - ok
23:03:00.0703 2540 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:03:00.0750 2540 MSPQM - ok
23:03:00.0796 2540 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:03:00.0812 2540 MsRPC - ok
23:03:00.0843 2540 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:03:00.0859 2540 mssmbios - ok
23:03:00.0890 2540 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:03:00.0937 2540 MSTEE - ok
23:03:00.0937 2540 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:03:00.0968 2540 MTConfig - ok
23:03:01.0015 2540 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
23:03:01.0015 2540 MTsensor - ok
23:03:01.0030 2540 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:03:01.0046 2540 Mup - ok
23:03:01.0077 2540 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:03:01.0140 2540 napagent - ok
23:03:01.0171 2540 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:03:01.0202 2540 NativeWifiP - ok
23:03:01.0264 2540 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:03:01.0296 2540 NDIS - ok
23:03:01.0311 2540 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:03:01.0358 2540 NdisCap - ok
23:03:01.0389 2540 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:01.0436 2540 NdisTapi - ok
23:03:01.0467 2540 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:01.0530 2540 Ndisuio - ok
23:03:01.0545 2540 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:01.0592 2540 NdisWan - ok
23:03:01.0608 2540 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:03:01.0654 2540 NDProxy - ok
23:03:01.0686 2540 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:03:01.0732 2540 NetBIOS - ok
23:03:01.0764 2540 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:03:01.0810 2540 NetBT - ok
23:03:01.0826 2540 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:03:01.0842 2540 Netlogon - ok
23:03:01.0888 2540 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:03:01.0951 2540 Netman - ok
23:03:01.0982 2540 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:03:02.0029 2540 netprofm - ok
23:03:02.0044 2540 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:03:02.0060 2540 NetTcpPortSharing - ok
23:03:02.0107 2540 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:03:02.0122 2540 nfrd960 - ok
23:03:02.0185 2540 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:03:02.0216 2540 NlaSvc - ok
23:03:02.0232 2540 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:03:02.0263 2540 Npfs - ok
23:03:02.0294 2540 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:03:02.0341 2540 nsi - ok
23:03:02.0372 2540 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:03:02.0419 2540 nsiproxy - ok
23:03:02.0497 2540 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:03:02.0559 2540 Ntfs - ok
23:03:02.0575 2540 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:03:02.0637 2540 Null - ok
23:03:02.0668 2540 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:03:02.0684 2540 nvraid - ok
23:03:02.0684 2540 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:03:02.0700 2540 nvstor - ok
23:03:02.0731 2540 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:03:02.0746 2540 nv_agp - ok
23:03:02.0778 2540 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:03:02.0809 2540 ohci1394 - ok
23:03:02.0871 2540 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:03:02.0887 2540 ose64 - ok
23:03:03.0043 2540 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:03:03.0214 2540 osppsvc - ok
23:03:03.0246 2540 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:03:03.0277 2540 p2pimsvc - ok
23:03:03.0308 2540 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:03:03.0339 2540 p2psvc - ok
23:03:03.0370 2540 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:03:03.0386 2540 Parport - ok
23:03:03.0417 2540 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:03:03.0433 2540 partmgr - ok
23:03:03.0464 2540 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:03:03.0495 2540 PcaSvc - ok
23:03:03.0542 2540 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:03:03.0558 2540 pci - ok
23:03:03.0573 2540 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:03:03.0589 2540 pciide - ok
23:03:03.0620 2540 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:03:03.0651 2540 pcmcia - ok
23:03:03.0651 2540 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:03:03.0667 2540 pcw - ok
23:03:03.0698 2540 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:03:03.0760 2540 PEAUTH - ok
23:03:03.0838 2540 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:03:03.0854 2540 PerfHost - ok
23:03:03.0932 2540 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:03:04.0026 2540 pla - ok
23:03:04.0057 2540 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:03:04.0088 2540 PlugPlay - ok
23:03:04.0119 2540 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:03:04.0150 2540 PNRPAutoReg - ok
23:03:04.0182 2540 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:03:04.0197 2540 PNRPsvc - ok
23:03:04.0228 2540 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:03:04.0291 2540 PolicyAgent - ok
23:03:04.0322 2540 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:03:04.0369 2540 Power - ok
23:03:04.0416 2540 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:03:04.0462 2540 PptpMiniport - ok
23:03:04.0494 2540 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:03:04.0587 2540 Processor - ok
23:03:04.0634 2540 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:03:04.0665 2540 ProfSvc - ok
23:03:04.0681 2540 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:03:04.0696 2540 ProtectedStorage - ok
23:03:04.0743 2540 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:03:04.0790 2540 Psched - ok
23:03:04.0868 2540 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:03:04.0930 2540 ql2300 - ok
23:03:04.0946 2540 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:03:04.0962 2540 ql40xx - ok
23:03:04.0977 2540 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:03:05.0008 2540 QWAVE - ok
23:03:05.0024 2540 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:03:05.0055 2540 QWAVEdrv - ok
23:03:05.0071 2540 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:03:05.0118 2540 RasAcd - ok
23:03:05.0164 2540 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:03:05.0211 2540 RasAgileVpn - ok
23:03:05.0242 2540 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:03:05.0305 2540 RasAuto - ok
23:03:05.0320 2540 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:05.0367 2540 Rasl2tp - ok
23:03:05.0383 2540 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:03:05.0445 2540 RasMan - ok
23:03:05.0476 2540 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:05.0523 2540 RasPppoe - ok
23:03:05.0554 2540 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:03:05.0601 2540 RasSstp - ok
23:03:05.0632 2540 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:03:05.0679 2540 rdbss - ok
23:03:05.0695 2540 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:03:05.0726 2540 rdpbus - ok
23:03:05.0757 2540 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:05.0804 2540 RDPCDD - ok
23:03:05.0820 2540 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:03:05.0866 2540 RDPENCDD - ok
23:03:05.0882 2540 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:03:05.0944 2540 RDPREFMP - ok
23:03:05.0960 2540 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:03:06.0007 2540 RDPWD - ok
23:03:06.0054 2540 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:03:06.0069 2540 rdyboost - ok
23:03:06.0116 2540 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:03:06.0163 2540 RemoteAccess - ok
23:03:06.0194 2540 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:03:06.0241 2540 RemoteRegistry - ok
23:03:06.0256 2540 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:03:06.0303 2540 RpcEptMapper - ok
23:03:06.0334 2540 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:03:06.0366 2540 RpcLocator - ok
23:03:06.0397 2540 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:03:06.0444 2540 RpcSs - ok
23:03:06.0475 2540 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:03:06.0522 2540 rspndr - ok
23:03:06.0568 2540 [ 16D4E350420BAA7E63E16E3FC033E1F5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:03:06.0584 2540 RTL8167 - ok
23:03:06.0600 2540 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:03:06.0615 2540 SamSs - ok
23:03:06.0646 2540 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:03:06.0662 2540 sbp2port - ok
23:03:06.0693 2540 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:03:06.0740 2540 SCardSvr - ok
23:03:06.0756 2540 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:03:06.0802 2540 scfilter - ok
23:03:06.0865 2540 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:03:06.0958 2540 Schedule - ok
23:03:06.0974 2540 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:03:07.0005 2540 SCPolicySvc - ok
23:03:07.0036 2540 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:03:07.0068 2540 SDRSVC - ok
23:03:07.0099 2540 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:03:07.0146 2540 secdrv - ok
23:03:07.0177 2540 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:03:07.0224 2540 seclogon - ok
23:03:07.0255 2540 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:03:07.0302 2540 SENS - ok
23:03:07.0317 2540 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:03:07.0348 2540 SensrSvc - ok
23:03:07.0380 2540 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:03:07.0411 2540 Serenum - ok
23:03:07.0442 2540 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:03:07.0458 2540 Serial - ok
23:03:07.0489 2540 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:03:07.0520 2540 sermouse - ok
23:03:07.0567 2540 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:03:07.0614 2540 SessionEnv - ok
23:03:07.0645 2540 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:03:07.0660 2540 sffdisk - ok
23:03:07.0676 2540 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:03:07.0707 2540 sffp_mmc - ok
23:03:07.0723 2540 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:03:07.0738 2540 sffp_sd - ok
23:03:07.0754 2540 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:03:07.0785 2540 sfloppy - ok
23:03:07.0832 2540 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:03:07.0879 2540 SharedAccess - ok
23:03:07.0910 2540 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:03:07.0957 2540 ShellHWDetection - ok
23:03:07.0972 2540 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
23:03:07.0988 2540 SiSGbeLH - ok
23:03:08.0019 2540 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:03:08.0035 2540 SiSRaid2 - ok
23:03:08.0050 2540 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:03:08.0066 2540 SiSRaid4 - ok
23:03:08.0082 2540 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:03:08.0144 2540 Smb - ok
23:03:08.0175 2540 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:03:08.0206 2540 SNMPTRAP - ok
23:03:08.0284 2540 [ 2D280B5799F9C143FA7D49E032FBCE46 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
23:03:08.0362 2540 SNP2UVC - ok
23:03:08.0378 2540 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:03:08.0394 2540 spldr - ok
23:03:08.0440 2540 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:03:08.0472 2540 Spooler - ok
23:03:08.0565 2540 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:03:08.0706 2540 sppsvc - ok
23:03:08.0737 2540 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:03:08.0799 2540 sppuinotify - ok
23:03:08.0830 2540 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:03:08.0877 2540 srv - ok
23:03:08.0908 2540 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:03:08.0940 2540 srv2 - ok
23:03:08.0971 2540 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:03:09.0002 2540 srvnet - ok
23:03:09.0033 2540 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:03:09.0096 2540 SSDPSRV - ok
23:03:09.0111 2540 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:03:09.0158 2540 SstpSvc - ok
23:03:09.0189 2540 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:03:09.0205 2540 stexstor - ok
23:03:09.0252 2540 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:03:09.0314 2540 stisvc - ok
23:03:09.0345 2540 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:03:09.0361 2540 swenum - ok
23:03:09.0392 2540 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:03:09.0439 2540 swprv - ok
23:03:09.0688 2540 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:03:09.0782 2540 SysMain - ok
23:03:09.0844 2540 [ 9D40AC2003DCA9F045181241C2BF47A2 ] SystemStoreService C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
23:03:09.0876 2540 SystemStoreService ( UnsignedFile.Multi.Generic ) - warning
23:03:09.0876 2540 SystemStoreService - detected UnsignedFile.Multi.Generic (1)
23:03:09.0907 2540 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:03:09.0938 2540 TabletInputService - ok
23:03:09.0969 2540 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:03:10.0016 2540 TapiSrv - ok
23:03:10.0063 2540 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:03:10.0125 2540 TBS - ok
23:03:10.0203 2540 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:03:10.0281 2540 Tcpip - ok
23:03:10.0359 2540 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:03:10.0406 2540 TCPIP6 - ok
23:03:10.0453 2540 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:03:10.0484 2540 tcpipreg - ok
23:03:10.0515 2540 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:03:10.0531 2540 TDPIPE - ok
23:03:10.0562 2540 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:03:10.0578 2540 TDTCP - ok
23:03:10.0609 2540 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:03:10.0656 2540 tdx - ok
23:03:10.0702 2540 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:03:10.0718 2540 TermDD - ok
23:03:10.0749 2540 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:03:10.0812 2540 TermService - ok
23:03:10.0843 2540 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:03:10.0874 2540 Themes - ok
23:03:10.0890 2540 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:03:10.0936 2540 THREADORDER - ok
23:03:10.0952 2540 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:03:10.0999 2540 TrkWks - ok
23:03:11.0061 2540 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:03:11.0108 2540 TrustedInstaller - ok
23:03:11.0139 2540 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:11.0186 2540 tssecsrv - ok
23:03:11.0233 2540 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:03:11.0264 2540 TsUsbFlt - ok
23:03:11.0311 2540 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:03:11.0358 2540 tunnel - ok
23:03:11.0389 2540 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:03:11.0404 2540 uagp35 - ok
23:03:11.0436 2540 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:03:11.0498 2540 udfs - ok
23:03:11.0529 2540 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:03:11.0545 2540 UI0Detect - ok
23:03:11.0576 2540 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:03:11.0592 2540 uliagpkx - ok
23:03:11.0638 2540 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
23:03:11.0654 2540 umbus - ok
23:03:11.0685 2540 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:03:11.0701 2540 UmPass - ok
23:03:11.0732 2540 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:03:11.0794 2540 upnphost - ok
23:03:11.0857 2540 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:11.0872 2540 usbccgp - ok
23:03:11.0904 2540 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:03:11.0935 2540 usbcir - ok
23:03:11.0966 2540 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:03:11.0982 2540 usbehci - ok
23:03:12.0013 2540 [ D524F3716D85B744762FF5EAAEF8F3A2 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
23:03:12.0013 2540 usbfilter - ok
23:03:12.0060 2540 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:03:12.0091 2540 usbhub - ok
23:03:12.0106 2540 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:03:12.0138 2540 usbohci - ok
23:03:12.0169 2540 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:03:12.0200 2540 usbprint - ok
23:03:12.0216 2540 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:03:12.0247 2540 USBSTOR - ok
23:03:12.0278 2540 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:03:12.0294 2540 usbuhci - ok
23:03:12.0340 2540 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:03:12.0356 2540 usbvideo - ok
23:03:12.0387 2540 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:03:12.0434 2540 UxSms - ok
23:03:12.0450 2540 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:03:12.0465 2540 VaultSvc - ok
23:03:12.0496 2540 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:03:12.0496 2540 vdrvroot - ok
23:03:12.0543 2540 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:03:12.0590 2540 vds - ok
23:03:12.0621 2540 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:03:12.0637 2540 vga - ok
23:03:12.0652 2540 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:03:12.0684 2540 VgaSave - ok
23:03:12.0715 2540 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:03:12.0730 2540 vhdmp - ok
23:03:12.0793 2540 [ FE595D1A1B781190BB483444B62CC607 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
23:03:12.0871 2540 VIAHdAudAddService - ok
23:03:12.0902 2540 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:03:12.0918 2540 viaide - ok
23:03:12.0949 2540 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:03:12.0964 2540 volmgr - ok
23:03:12.0996 2540 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:03:13.0027 2540 volmgrx - ok
23:03:13.0042 2540 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:03:13.0058 2540 volsnap - ok
23:03:13.0105 2540 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:03:13.0120 2540 vsmraid - ok
23:03:13.0183 2540 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:03:13.0276 2540 VSS - ok
23:03:13.0292 2540 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:03:13.0323 2540 vwifibus - ok
23:03:13.0339 2540 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:03:13.0354 2540 vwififlt - ok
23:03:13.0386 2540 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:03:13.0432 2540 vwifimp - ok
23:03:13.0479 2540 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:03:13.0542 2540 W32Time - ok
23:03:13.0573 2540 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:03:13.0588 2540 WacomPen - ok
23:03:13.0620 2540 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:03:13.0682 2540 WANARP - ok
23:03:13.0682 2540 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:03:13.0713 2540 Wanarpv6 - ok
23:03:13.0776 2540 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:03:13.0838 2540 WatAdminSvc - ok
23:03:13.0900 2540 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:03:13.0978 2540 wbengine - ok
23:03:14.0010 2540 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:03:14.0041 2540 WbioSrvc - ok
23:03:14.0072 2540 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:03:14.0103 2540 wcncsvc - ok
23:03:14.0119 2540 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:03:14.0150 2540 WcsPlugInService - ok
23:03:14.0181 2540 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:03:14.0197 2540 Wd - ok
23:03:14.0244 2540 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:03:14.0275 2540 Wdf01000 - ok
23:03:14.0290 2540 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:03:14.0337 2540 WdiServiceHost - ok
23:03:14.0337 2540 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:03:14.0353 2540 WdiSystemHost - ok
23:03:14.0384 2540 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:03:14.0446 2540 WebClient - ok
23:03:14.0478 2540 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:03:14.0524 2540 Wecsvc - ok
23:03:14.0556 2540 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:03:14.0602 2540 wercplsupport - ok
23:03:14.0618 2540 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:03:14.0680 2540 WerSvc - ok
23:03:14.0712 2540 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:03:14.0774 2540 WfpLwf - ok
23:03:14.0821 2540 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
23:03:14.0836 2540 WimFltr - ok
23:03:14.0868 2540 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:03:14.0868 2540 WIMMount - ok
23:03:14.0899 2540 WinDefend - ok
23:03:14.0914 2540 WinHttpAutoProxySvc - ok
23:03:14.0977 2540 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:03:15.0039 2540 Winmgmt - ok
23:03:15.0117 2540 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:03:15.0211 2540 WinRM - ok
23:03:15.0273 2540 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:03:15.0289 2540 WinUsb - ok
23:03:15.0336 2540 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:03:15.0382 2540 Wlansvc - ok
23:03:15.0382 2540 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:03:15.0414 2540 WmiAcpi - ok
23:03:15.0445 2540 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:03:15.0476 2540 wmiApSrv - ok
23:03:15.0492 2540 WMPNetworkSvc - ok
23:03:15.0523 2540 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:03:15.0538 2540 WPCSvc - ok
23:03:15.0554 2540 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:03:15.0570 2540 WPDBusEnum - ok
23:03:15.0585 2540 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:03:15.0648 2540 ws2ifsl - ok
23:03:15.0663 2540 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:03:15.0694 2540 wscsvc - ok
23:03:15.0694 2540 WSearch - ok
23:03:15.0772 2540 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:03:15.0866 2540 wuauserv - ok
23:03:15.0882 2540 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:03:15.0913 2540 WudfPf - ok
23:03:15.0944 2540 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:03:15.0975 2540 WUDFRd - ok
23:03:16.0006 2540 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:03:16.0022 2540 wudfsvc - ok
23:03:16.0053 2540 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:03:16.0084 2540 WwanSvc - ok
23:03:16.0116 2540 ================ Scan global ===============================
23:03:16.0147 2540 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:03:16.0178 2540 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:16.0178 2540 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:16.0209 2540 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:03:16.0240 2540 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:03:16.0240 2540 [Global] - ok
23:03:16.0240 2540 ================ Scan MBR ==================================
23:03:16.0256 2540 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:03:16.0771 2540 \Device\Harddisk0\DR0 - ok
23:03:16.0771 2540 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1
23:03:23.0136 2540 \Device\Harddisk1\DR1 - ok
23:03:23.0136 2540 ================ Scan VBR ==================================
23:03:23.0182 2540 [ 54539B3E716D99A32D5340DA032FB59A ] \Device\Harddisk0\DR0\Partition1
23:03:23.0198 2540 \Device\Harddisk0\DR0\Partition1 - ok
23:03:23.0198 2540 [ B2D42383A27D4B6BB25904774B2B28D9 ] \Device\Harddisk0\DR0\Partition2
23:03:23.0198 2540 \Device\Harddisk0\DR0\Partition2 - ok
23:03:23.0198 2540 [ 845F69A1ACFDC0D73807A48B373C77F1 ] \Device\Harddisk1\DR1\Partition1
23:03:23.0214 2540 \Device\Harddisk1\DR1\Partition1 - ok
23:03:23.0214 2540 ============================================================
23:03:23.0214 2540 Scan finished
23:03:23.0214 2540 ============================================================
23:03:23.0214 2856 Detected object count: 2
23:03:23.0214 2856 Actual detected object count: 2
23:03:39.0157 2856 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
23:03:39.0157 2856 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:03:39.0157 2856 SystemStoreService ( UnsignedFile.Multi.Generic ) - skipped by user
23:03:39.0157 2856 SystemStoreService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:03:47.0955 2160 Deinitialize success
Punkt 3 folgt sofort. bis dahin schon mal ein Danke an Dich. ;o)) Hier nun die combofix.txt Code:
ATTFilter ComboFix 13-07-31.02 - Kittikat1979 31.07.2013 23:13:48.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2673 [GMT 2:00]
ausgeführt von:: c:\users\Kittikat1979\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\programdata\FullRemove.exe
c:\users\Default\AppData\Roaming\DPInst.exe
c:\users\Default\AppData\Roaming\gacutil.exe
c:\users\Default\AppData\Roaming\PnPutil.exe
c:\users\Kittikat1979\AppData\Local\uninstall.tmp
c:\users\Kittikat1979\AppData\Roaming\.#
c:\windows\assembly\tmp\U
c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-28 bis 2013-07-31 ))))))))))))))))))))))))))))))
.
.
2013-07-31 21:20 . 2013-07-31 21:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-31 21:19 . 2013-07-31 21:19 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AA3703F7-8E51-4DFA-AD3F-54F078D2DE8D}\offreg.dll
2013-07-31 21:02 . 2013-07-31 21:02 208216 ----a-w- c:\windows\system32\drivers\24772003.sys
2013-07-31 15:03 . 2013-07-31 15:03 -------- d-----w- C:\FRST
2013-07-31 09:35 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AA3703F7-8E51-4DFA-AD3F-54F078D2DE8D}\mpengine.dll
2013-07-31 09:32 . 2013-07-31 09:32 -------- d-----w- c:\programdata\PrintProjects
2013-07-31 09:32 . 2013-07-31 09:32 -------- d-----w- c:\program files (x86)\PrintProjects
2013-07-31 09:32 . 2013-07-31 09:32 -------- d-----w- c:\programdata\Visan
2013-07-31 09:30 . 2013-07-31 09:30 -------- d-----w- c:\windows\SysWow64\kodak
2013-07-31 09:29 . 2013-07-31 09:29 -------- d-----w- c:\windows\SysWow64\spool
2013-07-31 09:25 . 2013-07-31 09:25 -------- d-----w- c:\users\Default\AppData\Roaming\KODAK AiO Home Center292376958
2013-07-27 06:23 . 2013-07-27 06:26 -------- d-----w- c:\windows\system32\MRT
2013-07-20 14:46 . 2013-07-20 14:46 -------- d-----w- c:\users\Kittikat1979\AppData\Roaming\Avira
2013-07-20 14:43 . 2013-07-20 14:43 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-07-20 14:41 . 2013-06-20 12:48 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-07-20 14:41 . 2013-06-20 12:48 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-07-20 14:41 . 2013-03-06 14:13 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-07-20 14:40 . 2013-07-20 14:40 -------- d-----w- c:\program files (x86)\Avira
2013-07-20 13:43 . 2013-07-20 13:43 -------- d-----w- c:\programdata\AskPartnerNetwork
2013-07-20 13:43 . 2013-07-20 13:43 -------- d-----w- c:\program files (x86)\AskPartnerNetwork
2013-07-20 13:43 . 2013-07-20 13:43 -------- d-----w- c:\programdata\APN
2013-07-20 13:42 . 2013-07-20 14:40 -------- d-----w- c:\programdata\Avira
2013-07-20 13:10 . 2013-07-20 13:10 -------- d-----w- c:\users\Kittikat1979\AppData\Local\Freemium
2013-07-20 13:08 . 2013-07-20 13:33 -------- d-----w- c:\users\Kittikat1979\AppData\Roaming\Windows Net Data
2013-07-20 13:08 . 2013-07-25 05:10 31816 ----a-w- c:\windows\Launcher.exe
2013-07-20 12:58 . 2013-07-20 13:00 -------- d-----w- c:\program files (x86)\SoftwareUpdater
2013-07-20 12:58 . 2013-07-20 12:58 -------- d-----w- c:\programdata\FreeSystemUtilities
2013-07-20 12:58 . 2013-07-20 12:58 -------- d-----w- c:\program files (x86)\Covus Freemium
2013-07-20 12:56 . 2013-07-20 12:56 -------- d-----w- c:\programdata\Package Cache
2013-07-20 12:54 . 2013-07-20 12:55 -------- d-----w- c:\users\Kittikat1979\AppData\Local\DownloadGuide
2013-07-11 19:58 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-11 19:58 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-11 19:58 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-11 19:58 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 19:58 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 19:58 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 19:58 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 19:58 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 19:58 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-11 19:58 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 19:58 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 19:58 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 19:57 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 19:57 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 19:57 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 19:57 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 19:57 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 19:57 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-11 19:57 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 15:00 . 2013-06-27 15:00 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-27 15:00 . 2012-10-15 16:01 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-27 15:00 . 2010-10-16 12:52 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-23 22:57 . 2010-03-05 23:57 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-12 16:47 . 2012-09-17 09:52 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 16:47 . 2011-06-11 11:40 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-19 20:39 . 2013-05-19 20:39 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-19 20:39 . 2013-05-19 20:39 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-19 20:39 . 2013-05-19 20:39 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-19 20:39 . 2013-05-19 20:39 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-19 20:39 . 2013-05-19 20:39 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-19 20:39 . 2013-05-19 20:39 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-19 20:39 . 2013-05-19 20:39 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-19 20:39 . 2013-05-19 20:39 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-19 20:39 . 2013-05-19 20:39 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-19 20:39 . 2013-05-19 20:39 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-19 20:39 . 2013-05-19 20:39 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-19 20:39 . 2013-05-19 20:39 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-19 20:39 . 2013-05-19 20:39 441856 ----a-w- c:\windows\system32\html.iec
2013-05-19 20:39 . 2013-05-19 20:39 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-19 20:39 . 2013-05-19 20:39 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-19 20:39 . 2013-05-19 20:39 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-19 20:39 . 2013-05-19 20:39 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-19 20:39 . 2013-05-19 20:39 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-19 20:39 . 2013-05-19 20:39 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-19 20:39 . 2013-05-19 20:39 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-19 20:39 . 2013-05-19 20:39 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-19 20:39 . 2013-05-19 20:39 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-19 20:39 . 2013-05-19 20:39 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-19 20:39 . 2013-05-19 20:39 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-19 20:39 . 2013-05-19 20:39 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-19 20:39 . 2013-05-19 20:39 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-19 20:39 . 2013-05-19 20:39 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-19 20:39 . 2013-05-19 20:39 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-19 20:39 . 2013-05-19 20:39 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-19 20:39 . 2013-05-19 20:39 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-19 20:39 . 2013-05-19 20:39 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-19 20:39 . 2013-05-19 20:39 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-19 20:39 . 2013-05-19 20:39 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-19 20:39 . 2013-05-19 20:39 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-19 20:39 . 2013-05-19 20:39 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-19 20:39 . 2013-05-19 20:39 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-19 20:39 . 2013-05-19 20:39 235008 ----a-w- c:\windows\system32\url.dll
2013-05-19 20:39 . 2013-05-19 20:39 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-19 20:39 . 2013-05-19 20:39 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-19 20:39 . 2013-05-19 20:39 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-19 20:39 . 2013-05-19 20:39 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-19 20:39 . 2013-05-19 20:39 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-19 20:39 . 2013-05-19 20:39 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-19 20:39 . 2013-05-19 20:39 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-19 20:39 . 2013-05-19 20:39 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-19 20:39 . 2013-05-19 20:39 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-19 20:39 . 2013-05-19 20:39 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-19 20:39 . 2013-05-19 20:39 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-19 20:39 . 2013-05-19 20:39 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-19 20:37 . 2013-05-19 20:37 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-19 20:37 . 2013-05-19 20:37 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-19 20:37 . 2013-05-19 20:37 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-19 20:37 . 2013-05-19 20:37 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-19 20:37 . 2013-05-19 20:37 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-19 20:37 . 2013-05-19 20:37 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-05-19 20:37 . 2013-05-19 20:37 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-05-19 20:37 . 2013-05-19 20:37 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-19 20:37 . 2013-05-19 20:37 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-19 20:37 . 2013-05-19 20:37 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-05-19 20:37 . 2013-05-19 20:37 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-19 20:37 . 2013-05-19 20:37 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-05-19 20:37 . 2013-05-19 20:37 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-05-19 20:37 . 2013-05-19 20:37 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-05-19 20:37 . 2013-05-19 20:37 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-05-19 20:37 . 2013-05-19 20:37 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-05-19 20:37 . 2013-05-19 20:37 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-05-19 20:37 . 2013-05-19 20:37 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-05-19 20:37 . 2013-05-19 20:37 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-05-19 20:37 . 2013-05-19 20:37 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-05-19 20:37 . 2013-05-19 20:37 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-05-19 20:37 . 2013-05-19 20:37 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-05-19 20:37 . 2013-05-19 20:37 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-19 20:37 . 2013-05-19 20:37 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-05-19 20:37 . 2013-05-19 20:37 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-05-19 20:37 . 2013-05-19 20:37 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-05-19 20:37 . 2013-05-19 20:37 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-05-19 20:37 . 2013-05-19 20:37 1238528 ----a-w- c:\windows\system32\d3d10.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{D8278076-BC68-4484-9233-6E7F1628B56C}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" [2013-07-26 129488]
.
[HKEY_CLASSES_ROOT\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}]
[HKEY_CLASSES_ROOT\TypeLib\{7C4EE486-5EA5-4683-8C23-BF520933BB5E}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-07-26 20:30 12240 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-07-26 12240]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-10-02 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-07-26 1558480]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-20 345144]
"EKStatusMonitor"="d:\kodak drucker\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="d:\kodak drucker\AiO\Center\AiOHomeCenter.exe" [2013-03-15 2236792]
.
c:\users\Kittikat1979\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
net.lnk - c:\users\Kittikat1979\AppData\Roaming\Windows Net Data\net.exe [2013-7-20 709120]
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe -displayname System Store -servicename SystemStoreService [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys;c:\windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;d:\kodak drucker\AiO\Center\EKAiOHostService.exe;d:\kodak drucker\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;d:\kodak drucker\AiO\StatusMonitor\EKPrinterSDK.exe;d:\kodak drucker\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 82037437
*Deregistered* - 82037437
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-17 16:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:newtab
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
mStart Page = about:newtab
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
mSearch Bar = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{92808042-fb78-4fa0-bb4f-c9a95e0e9c10} - {ba696155-d96e-4281-b467-0367a0456474} -
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=
FF - ExtSQL: 2013-07-25 10:31; EFGLQA@78ETGYN-0W7FN789T87.COM; c:\users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{19a395c9-823b-4700-b817-396fc84ffb16} - c:\users\Kittikat1979\AppData\Roaming\HomeTab\HomeTab.dll
Toolbar-Locked - (no file)
Toolbar-{19a395c9-823b-4700-b817-396fc84ffb16} - c:\users\Kittikat1979\AppData\Roaming\HomeTab\HomeTab.dll
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{722b3793-5367-4446-b6bb-db89b05c1f24}\LocalServer32]
@DACL=(02 0000)
@=expand:"%SystemRoot%\\System32\\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {722b3793-5367-4446-b6bb-db89b05c1f24}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-31 23:24:28
ComboFix-quarantined-files.txt 2013-07-31 21:24
.
Vor Suchlauf: 9 Verzeichnis(se), 31.845.552.128 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 31.548.334.080 Bytes frei
.
- - End Of File - - F4C7922024971E849E82E2E0F1DB9C5E
D41D8CD98F00B204E9800998ECF8427E
|
|
01.08.2013, 12:01
| #4 |
| /// Malware-holic | Notebook hängt sich ständig auf und fährt runter Hi, es sind 2 Logs zu erstellen, bitte gleichzeitig posten, wenn möglich. 1. Downloade Dir bitte  Malwarebytes Anti-Malware
2. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.08.2013, 12:39
| #5 |
| | Notebook hängt sich ständig auf und fährt runterCode:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.03.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 Kittikat1979 :: KITTIKAT1979-PC [Administrator] 03.08.2013 13:23:50 mbam-log-2013-08-03 (13-23-50).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 228473 Laufzeit: 5 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 6 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=) Gut: (hxxp://www.google.com/) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q=) Gut: (hxxp://www.google.com/) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Windows\Installer\3dafe983.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v2.306 - Datei am 03/08/2013 um 13:32:59 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Kittikat1979 - KITTIKAT1979-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Kittikat1979\Desktop\adwcleaner(1).exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : APNMCP
Gestoppt & Gelöscht : SystemStoreService
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\searchplugins\ask-search.xml
Datei Gelöscht : C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\searchplugins\Web Search.xml
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\Covus Freemium
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\ProgramData\APN
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Covus Freemium
Ordner Gelöscht : C:\Users\KITTIK~1\AppData\Local\Temp\APN
Ordner Gelöscht : C:\Users\Kittikat1979\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Kittikat1979\AppData\Local\Freemium
Ordner Gelöscht : C:\Users\Kittikat1979\AppData\LocalLow\SimplyTech
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKLM\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q= --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&st=chrome&q= --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&q=%s --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.1&ts=1374325647635.000005&tguid=46364-3869-1374325647635-5F6038B4C92317FCE3BBA10B22350C8C&q=%s --> hxxp://www.google.com
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Kittikat1979\AppData\Roaming\Mozilla\Firefox\Profiles\ackyp6j3.default\prefs.js
Gelöscht : user_pref("browser.search.order.1", "Web Search");
Gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
Gelöscht : user_pref("extensions.APN_TB.first-previous-keyword-url", "hxxp://search.certified-toolbar.com?si=46[...]
Gelöscht : user_pref("extensions.AVIRA-V7.previous-keyword-url", "\"hxxp://search.certified-toolbar.com?si=4636[...]
Gelöscht : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=46364&tid=3869&ver=4.1&ts=137432564[...]
*************************
AdwCleaner[R1].txt - [21537 octets] - [27/06/2013 16:44:53]
AdwCleaner[S1].txt - [21475 octets] - [27/06/2013 16:45:45]
AdwCleaner[S2].txt - [14159 octets] - [03/08/2013 13:32:59]
########## EOF - C:\AdwCleaner[S2].txt - [14220 octets] ##########
|
|
05.08.2013, 16:14
| #6 |
| /// Malware-holic | Notebook hängt sich ständig auf und fährt runter Hi, sieht gut aus. Es sind 2 Logs zu erstellen, bitte möglichst gleichzeitig posten. 1. Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Neustarten. 2. Lade Hitmanpro: HitmanPro - Download - Filepony Bitte doppelklicken, Scan klicken. Nichts löschen (nicht weiter klicken) Log speichern unter und posten, bzw als XML exportieren, packen und anhängen.
__________________ --> Notebook hängt sich ständig auf und fährt runter |
|
| Themen zu Notebook hängt sich ständig auf und fährt runter |
| antivir, antivirus, autorun, avira, avira searchfree toolbar, branding, browser, computer, desktop, excel, farbar, farbar recovery scan tool, fehler, flash player, format, frst.exe, frst.txt, helper, home, homepage, hängt, hängt sich auf, internet, mozilla, msiinstaller, newtab, pc fährt runter, plug-in, registry, richtlinie, rundll, scan, security, sprotection, stüzt ab, svchost.exe, system, usb, virus ?, vista, wlansvc |
WARNUNG an die MITLESER: 
Linear-Darstellung
