|
Plagegeister aller Art und deren Bekämpfung: Delta Search Toolbar VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
06.08.2013, 14:20 | #1 |
| Delta Search Toolbar Virus Hallo, hab mir den Delta Search Toolbar Virus eingefangen. Was soll ich tun? Danke |
06.08.2013, 14:24 | #2 |
/// Malware-holic | Delta Search Toolbar Virus Hi,
__________________es sind gleich 2 TXT's des Programms FRST zu posten, für die Additions.txt poste ich eine extra Arbeitsanweisung, die bitte auch mit gemacht wird. Empfehlungen fürs Deinstallieren Bitte kopiere die Liste der installierten Programme aus der additions.txt hier in deinen Thread. Notiere mir bitte hinter jede Zeile, ob folgendes Kategorie zutrifft: Unbekannt, Nötig, Unnötig Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
06.08.2013, 16:14 | #3 |
| Delta Search Toolbar Virus FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2013 Ran by Max-Uttendorfer (administrator) on 06-08-2013 16:58:33 Running from C:\Users\Max-Uttendorfer\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe () C:\Windows\SysWOW64\HsMgr.exe () C:\Windows\system\HsMgr64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (CMedia) C:\Program Files\ASUS Xonar D1 Audio\Customapp\ASUSAUDIOCENTER.EXE (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Cmaudio8788] - C:\Windows\Syswow64\cmicnfgp.dll [8769536 2011-05-12] (C-Media Corporation) HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess? HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-09-03] (Google Inc.) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1568976 2012-06-20] (Ask) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) Startup: C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series.lnk ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4620 series.lnk -> C:\Program Files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=7C04002522A6F805&affID=121564&tt=290713_190&tsp=4959 URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File URLSearchHook: (No Name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No File URLSearchHook: (No Name) - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - No File SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=7C04002522A6F805&affID=121564&tt=290713_190&tsp=4959 SearchScopes: HKCU - {BC5FDCDD-B0B1-4AD6-BB3D-28CCDB587D79} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=8b606ffc-0476-49bb-96a7-a913b2c99e1c&apn_sauid=04DE0806-B17A-428A-A0CF-A5ED23CC96FE BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO-x32: WiseConvert 1.3 Toolbar - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Program Files (x86)\WiseConvert_1.3\prxtbWis0.dll (Conduit Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files (x86)\WiseConvert\prxtbWise.dll (Conduit Ltd.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Program Files (x86)\WiseConvert\prxtbWise.dll (Conduit Ltd.) Toolbar: HKLM-x32 - WiseConvert 1.3 Toolbar - {213c8ed6-1d78-4d8f-8729-25006aa86a76} - C:\Program Files (x86)\WiseConvert_1.3\prxtbWis0.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No File Toolbar: HKCU - No Name - {213C8ED6-1D78-4D8F-8729-25006AA86A76} - No File DPF: HKLM-x32 {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab Handler: msdaipp - No CLSID Value - Handler-x32: msdaipp - No CLSID Value - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} Chrome: ======= CHR HomePage: hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=7C04002522A6F805&affID=121564&tt=290713_190&tsp=4959 CHR RestoreOnStartup: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=7C04002522A6F805&affID=121564&tt=290713_190&tsp=4959" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) CHR Extension: (YouTube) - C:\Users\MAX-UT~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\MAX-UT~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Delta Toolbar) - C:\Users\MAX-UT~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4 CHR Extension: (Gmail) - C:\Users\MAX-UT~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Max-Uttendorfer\AppData\Roaming\BabSolution\CR\Delta.crx CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG) R2 HPSLPSVC; C:\Users\MAX-UT~1\AppData\Local\Temp\7zS6ACE\hpslpsvc64.dll [1039360 2012-11-14] (Hewlett-Packard Co.) R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH) S2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [x] ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-28] (Avira Operations GmbH & Co. KG) R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH) R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc) S3 FUS2BASE; C:\Windows\System32\DRIVERS\fus2base.sys [696832 2009-06-10] (AVM Berlin) S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-06 16:58 - 2013-08-06 16:58 - 00000000 ____D C:\FRST 2013-08-06 16:57 - 2013-08-06 16:57 - 01788685 _____ (Farbar) C:\Users\Max-Uttendorfer\Downloads\FRST64.exe 2013-08-06 10:38 - 2013-08-06 10:38 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\Malwarebytes 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-06 10:38 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-06 10:37 - 2013-08-06 10:38 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max-Uttendorfer\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-08-06 10:35 - 2013-08-06 10:36 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max-Uttendorfer\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-06 09:30 - 2013-08-06 09:42 - 00000000 ____D C:\Users\Max-Uttendorfer\Desktop\Wohnanlage 2013-08-05 22:17 - 2013-08-05 22:17 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-08-05 22:17 - 2013-08-05 22:17 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-08-05 21:11 - 2013-08-05 21:12 - 00000000 ____D C:\Windows\system32\MRT 2013-07-30 09:45 - 2013-08-06 10:44 - 00000000 ____D C:\ProgramData\BrowserDefender 2013-07-30 09:45 - 2013-07-30 09:45 - 00001402 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2013-07-30 09:45 - 2013-07-30 09:45 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender 2013-07-30 09:45 - 2013-07-30 09:45 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\Delta 2013-07-30 09:45 - 2013-07-30 09:45 - 00000000 ____D C:\ProgramData\Babylon 2013-07-30 09:45 - 2013-07-30 09:45 - 00000000 ____D C:\Program Files (x86)\Delta 2013-07-30 09:43 - 2013-07-30 09:43 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Max-Uttendorfer\Downloads\FreeYouTubeToMP3Converter-3.12.9.725.exe 2013-07-30 06:50 - 2013-07-30 06:50 - 01067192 _____ (Solid State Networks) C:\Users\Max-Uttendorfer\Downloads\install_flashplayer11x32axau_mssa_aaa_aih.exe 2013-07-28 10:07 - 2013-07-28 10:07 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Max-Uttendorfer\Downloads\FreeYouTubeToMP3Converter.exe 2013-07-28 07:34 - 2013-07-29 06:55 - 00000000 ____D C:\Users\Max-Uttendorfer\Desktop\Treindl 2013-07-20 12:03 - 2013-07-20 12:03 - 00000000 ____D C:\Users\MAX-UT~1\AppData\Local\{F0095B25-8134-42E1-B444-638983C19F4E} 2013-07-20 11:48 - 2013-07-20 11:48 - 00000000 ____D C:\Users\MAX-UT~1\AppData\Local\{E830695D-CC67-4C62-B160-77610ECCDBE4} 2013-07-17 06:42 - 2013-07-17 06:42 - 00000000 ____D C:\Users\MAX-UT~1\AppData\Local\{EDA06EA2-02C6-469A-982D-6B8E54F5BC5F} 2013-07-14 14:07 - 2013-07-14 14:07 - 00000000 ____D C:\Users\MAX-UT~1\AppData\Local\{4A3BB289-5049-4E16-A726-8B7AE92591A0} 2013-07-12 14:56 - 2013-07-12 14:56 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo (3).lnk 2013-07-12 14:56 - 2013-07-12 14:56 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo (2).lnk 2013-07-12 14:54 - 2013-07-12 14:54 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\Hausmeisterarbeit 2013-07-12 14:54 - 2013-07-12 14:54 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo.lnk 2013-07-12 09:10 - 2013-07-12 09:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7eced48d6485.job 2013-07-11 01:14 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-07-11 01:14 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-07-11 01:14 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-07-11 01:14 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-07-11 01:14 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-07-11 01:14 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-07-11 01:14 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-07-11 01:14 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-07-11 01:14 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-07-11 01:11 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-07-11 01:11 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2013-07-11 01:11 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2013-07-11 01:11 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-07-11 01:11 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-07-11 01:11 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-07-11 01:11 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll ==================== One Month Modified Files and Folders ======= 2013-08-06 16:57 - 2013-08-06 16:57 - 01788685 _____ (Farbar) C:\Users\Max-Uttendorfer\Downloads\FRST64.exe 2013-08-06 16:42 - 2012-08-01 11:39 - 00271360 _____ C:\Users\Max-Uttendorfer\Desktop\& Zimmerhansl.pst 2013-08-06 10:50 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-06 10:50 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-06 10:47 - 2009-07-14 19:58 - 00654150 _____ C:\Windows\system32\perfh007.dat 2013-08-06 10:47 - 2009-07-14 19:58 - 00130022 _____ C:\Windows\system32\perfc007.dat 2013-08-06 10:47 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-06 10:44 - 2013-07-30 09:45 - 00000000 ____D C:\ProgramData\BrowserDefender 2013-08-06 10:43 - 2013-05-14 07:14 - 00009022 _____ C:\Windows\PFRO.log 2013-08-06 10:43 - 2013-05-14 07:14 - 00007274 _____ C:\Windows\setupact.log 2013-08-06 10:42 - 2011-08-08 19:43 - 01786703 _____ C:\Windows\WindowsUpdate.log 2013-08-06 10:38 - 2013-08-06 10:38 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\Malwarebytes 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-06 10:38 - 2013-08-06 10:37 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max-Uttendorfer\Downloads\mbam-setup-1.75.0.1300(1).exe 2013-08-06 10:36 - 2013-08-06 10:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max-Uttendorfer\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-06 09:42 - 2013-08-06 09:30 - 00000000 ____D C:\Users\Max-Uttendorfer\Desktop\Wohnanlage 2013-08-05 22:17 - 2013-08-05 22:17 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-08-05 22:17 - 2013-08-05 22:17 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-08-05 21:12 - 2013-08-05 21:11 - 00000000 ____D C:\Windows\system32\MRT 2013-08-05 13:15 - 2011-08-08 14:28 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0 S-Edition 2013-08-02 06:50 - 2013-04-15 06:19 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-07-30 09:45 - 2013-07-30 09:45 - 00001402 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2013-07-30 09:45 - 2013-07-30 09:45 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender 2013-07-30 09:45 - 2013-07-30 09:45 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\Delta 2013-07-30 09:45 - 2013-07-30 09:45 - 00000000 ____D C:\ProgramData\Babylon 2013-07-30 09:45 - 2013-07-30 09:45 - 00000000 ____D C:\Program Files (x86)\Delta 2013-07-30 09:45 - 2013-06-27 14:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-30 09:45 - 2011-12-27 15:19 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2013-07-30 09:45 - 2011-12-27 14:06 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\DVDVideoSoft 2013-07-30 09:45 - 2011-08-07 20:59 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\OpenCandy 2013-07-30 09:43 - 2013-07-30 09:43 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Max-Uttendorfer\Downloads\FreeYouTubeToMP3Converter-3.12.9.725.exe 2013-07-30 06:50 - 2013-07-30 06:50 - 01067192 _____ (Solid State Networks) C:\Users\Max-Uttendorfer\Downloads\install_flashplayer11x32axau_mssa_aaa_aih.exe 2013-07-29 12:13 - 2013-03-16 08:18 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\HpUpdate 2013-07-29 09:05 - 2011-08-07 17:12 - 01318912 _____ C:\Users\Max-Uttendorfer\Desktop\Job-Datei.mdb 2013-07-29 06:55 - 2013-07-28 07:34 - 00000000 ____D C:\Users\Max-Uttendorfer\Desktop\Treindl 2013-07-28 10:07 - 2013-07-28 10:07 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Max-Uttendorfer\Downloads\FreeYouTubeToMP3Converter.exe 2013-07-20 12:03 - 2013-07-20 12:03 - 00000000 ____D C:\Users\MAX-UT~1\AppData\Local\{F0095B25-8134-42E1-B444-638983C19F4E} 2013-07-20 11:48 - 2013-07-20 11:48 - 00000000 ____D C:\Users\MAX-UT~1\AppData\Local\{E830695D-CC67-4C62-B160-77610ECCDBE4} 2013-07-17 06:42 - 2013-07-17 06:42 - 00000000 ____D C:\Users\MAX-UT~1\AppData\Local\{EDA06EA2-02C6-469A-982D-6B8E54F5BC5F} 2013-07-14 14:07 - 2013-07-14 14:07 - 00000000 ____D C:\Users\MAX-UT~1\AppData\Local\{4A3BB289-5049-4E16-A726-8B7AE92591A0} 2013-07-12 14:56 - 2013-07-12 14:56 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo (3).lnk 2013-07-12 14:56 - 2013-07-12 14:56 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo (2).lnk 2013-07-12 14:54 - 2013-07-12 14:54 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\Hausmeisterarbeit 2013-07-12 14:54 - 2013-07-12 14:54 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo.lnk 2013-07-12 09:10 - 2013-07-12 09:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7eced48d6485.job 2013-07-11 07:30 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal 2013-07-11 07:30 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender 2013-07-11 07:30 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-07-11 07:30 - 2009-07-14 06:45 - 00290488 _____ C:\Windows\system32\FNTCACHE.DAT 2013-07-11 01:16 - 2009-07-14 04:34 - 00000499 _____ C:\Windows\win.ini 2013-07-07 09:41 - 2012-12-04 14:54 - 00000000 ____D C:\Users\Max-Uttendorfer\Desktop\Neuer Ordner (2) ZeroAccess: C:\$Recycle.Bin\S-1-5-21-3038766165-3120518270-3538088492-1000\$164a8b3777816ab28b7a19927b9d4669 ZeroAccess: C:\$Recycle.Bin\S-1-5-18\$164a8b3777816ab28b7a19927b9d4669 ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-06-03 07:53 ==================== End Of Log ============================ --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2013 Ran by Max-Uttendorfer at 2013-08-06 16:58:57 Running from C:\Users\Max-Uttendorfer\Downloads Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)unbekannt Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.202)nötig Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.202)nötig Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)nötig Ask Toolbar (x32 Version: 1.15.26.0)unnötig Audacity 1.2.6 (x32)nötig Audiograbber 1.83 SE (x32 Version: 1.83 SE )nötig Audiograbber MP3-Plugin (x32 Version: 1.0)nötig Avira Free Antivirus (x32 Version: 13.0.0.3885)nötig Avira SearchFree Toolbar plus Web Protection Updater (HKCU Version: 1.3.0.23930)unnötig AVM FRITZ!fax für FRITZ!Box (x32)nötig Bing Bar (x32 Version: 7.0.826.0)unbekannt CCleaner (Version: 3.22)nötig CDBurnerXP (Version: 4.3.8.2631)nötig CDBurnerXP (x32 Version: 4.4.0.2838)nötig Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)nötig D3DX10 (x32 Version: 15.4.2368.0902)unbekannt EASEUS Data Recovery Wizard Professional 5.5.1 Demo (x32)unbekannt Etron USB3.0 Host Controller (x32 Version: 0.96)unbekannt Free YouTube to MP3 Converter version 3.12.9.725 (x32 Version: 3.12.9.725)nötig Google Chrome (x32 Version: 28.0.1500.95)nötig Google Toolbar for Internet Explorer (x32 Version: 1.0.0)nötig Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)nötig Google Update Helper (x32 Version: 1.3.21.153)nötig Guitar Pro 5.2 (x32)nötig Guitar Pro 6 (x32)nötig HP Officejet 4620 series - Grundlegende Software für das Gerät (Version: 28.0.1315.0)nötig HP Officejet 4620 series Hilfe (x32 Version: 6.0.0)nötig HP Update (x32 Version: 5.003.003.001)nötig I.R.I.S. OCR (x32 Version: 12.3.4.0)unbekannt Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)nötig Intel(R) Processor Graphics (x32 Version: 8.15.10.2291)nötig Intel(R) Rapid Storage Technology (x32 Version: 10.1.0.1008)nötig Java 7 Update 21 (x32 Version: 7.0.210)nötig Java Auto Updater (x32 Version: 2.1.9.5)nötig JNLP (HKCU)unbekannt Junk Mail filter update (x32 Version: 15.4.3502.0922)unbekannt Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)nötig Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)nötig Mozilla Maintenance Service (x32 Version: 22.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) Nvu 1.0 (x32 Version: 1.0)unbekannt OpenAL (x32)unbekannt Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.23.623.2010)unbekannt S Xonar D1 Audio Driverunbekannt StarMoney (x32 Version: 3.0.0.124)nötig StarMoney 8.0 S-Edition (x32 Version: 8.0)nötig Studie zur Verbesserung von HP Officejet 4620 series Produkten (Version: 28.0.1315.0)unbekannt TAPI Services for FRITZ!Box (Version: 1.0.6)unbekannt TuxGuitar (x32 Version: 1.2)nötig Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) VLC media player 1.1.11 (x32 Version: 1.1.11)nötig Windows Live Communications Platform (x32 Version: 15.4.3502.0922)unbekannt Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3538.0513) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3538.0513) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922)unbekannt WiseConvert 1.3 Toolbar (x32 Version: 6.9.0.16)unnötig WiseConvert Toolbar (x32 Version: 6.8.9.0)unnötig ==================== Restore Points ========================= 05-08-2013 19:11:39 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {08B0DE10-A0FB-45C4-B6DA-D78CC1EF2A8F} - System32\Tasks\{6D0A9B16-E462-4904-8F44-8E1BEA6AF4C7} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {16FC7402-B700-4B23-A89F-66E72F596532} - System32\Tasks\{6F5CD08E-921D-4C12-B6C5-B64FC58E0657} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {18C492CF-5DA2-4A16-8013-E1B7F2806FC9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation) Task: {30263675-72F0-48EC-96BB-1FD363FBF0E5} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation) Task: {3F346BA3-5F46-4D62-A013-B2A1D1DF1DFD} - System32\Tasks\FaxArchive_CN2952334D05S1 => C:\Program Files\HP\HP Officejet 4620 series\Bin\FaxApplications.exe [2012-10-17] (Hewlett-Packard Co.) Task: {4094A8B6-015F-41FC-AA2F-6B0D22111001} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {415E7819-7260-4DF6-A396-F89717308481} - System32\Tasks\{14DE4FC6-6344-4A52-9AF8-234972EBEA60} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {524C2EBE-AFF2-48D6-93CC-47186D554297} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-03] (Google Inc.) Task: {67FB7233-92BF-4DB0-A788-D21AD193D73F} - System32\Tasks\{E8FE53EE-ADBD-4390-91BD-B36868F7B457} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {6B11642C-0680-4240-A9B9-28875A4C5242} - System32\Tasks\{BF16772A-710B-4FAD-A429-275B8700F9FC} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {981D8AED-6CCD-4382-B3E1-A98E9000E5EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15] (Adobe Systems Incorporated) Task: {9822C030-D7A9-4D03-B5BC-773E3807D2B2} - System32\Tasks\User_Feed_Synchronization-{38348A84-1508-456E-8101-FBD1328B9944} => C:\Windows\system32\msfeedssync.exe [2013-05-07] (Microsoft Corporation) Task: {9CE9F07D-4C5B-45A5-AC9D-F49DA5CA6630} - System32\Tasks\{6ECB3F04-4F8B-4BB9-B16E-D2DCB1178A46} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {B78DBAD3-D782-42BA-B3F9-A92890B6D8E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-03] (Google Inc.) Task: {B8D4DB47-8DF7-4F7B-A6A9-6842DC7BE994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd) Task: {C81B3434-72BD-4D27-9F46-54E54814A4A5} - System32\Tasks\{40C25AE8-2B5C-4779-8222-056B9AF2F66E} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {DA08ACD9-73C2-40E2-9813-C5191FD0B41E} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-30] () Task: {DB5193B6-A782-4108-8E0A-F0143507345E} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {DBE1DBCB-2034-49BC-B86F-91826DBBF4C4} - System32\Tasks\{E9516B3F-4F48-424F-811B-956FD2CEFF4B} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {E8D7C429-307B-4D7D-AF39-2628BDAF331A} - System32\Tasks\{DF04E1FB-8AB7-4495-95B1-D485B316DB3D} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {ED3FAACF-4546-4846-A249-B72B466AC40F} - System32\Tasks\{ABD6480F-D822-4DD1-A7BE-0C3B75250E36} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: {F8CC1175-2831-485E-85E2-DDF8A70D1947} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {FE1F006C-C9EC-4DA6-9242-22B674C6EA49} - System32\Tasks\{3802CBBA-F16E-44C9-A020-79BC4D4F769C} => C:\Users\Max-Uttendorfer\Desktop\SESSION\SESSION.EXE [1993-03-15] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FaxArchive_CN2952334D05S1.job => C:\Program Files\HP\HP Officejet 4620 series\Bin\FaxApplications.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7eced48d6485.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Faulty Device Manager Devices ============= Name: SM-Bus-Controller Description: SM-Bus-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/02/2013 08:06:56 AM) (Source: Application Error) (User: ) Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten Speichertreibern, oder der Datenträger fehlt. Das Programm Internet Explorer wurde wegen dieses Fehlers geschlossen. Programm: Internet Explorer Datei: Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet. Benutzeraktion 1. Öffnen Sie die Datei erneut. Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird. 2. Wenn Sie weiterhin nicht auf die Datei zugreifen können und - diese sich im Netzwerk befindet, dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann. - diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist. 3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE. 4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht. 5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt. Zusätzliche Daten Fehlerwert: 00000000 Datenträgertyp: 0 Error: (08/02/2013 08:06:56 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc000001d Fehleroffset: 0x196f1509 ID des fehlerhaften Prozesses: 0x4e4 Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0 Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1 Pfad des fehlerhaften Moduls: IEXPLORE.EXE2 Berichtskennung: IEXPLORE.EXE3 Error: (07/31/2013 10:16:17 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0x1aa4 Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (07/29/2013 05:57:18 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0x1568 Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (07/27/2013 09:50:08 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0x1530 Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (07/23/2013 10:13:50 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0x980 Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (07/16/2013 04:48:50 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0x1728 Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (07/16/2013 11:16:06 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16635, Zeitstempel: 0x51b7a921 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x004c0000 ID des fehlerhaften Prozesses: 0xd94 Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0 Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1 Pfad des fehlerhaften Moduls: IEXPLORE.EXE2 Berichtskennung: IEXPLORE.EXE3 Error: (07/12/2013 11:25:48 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0x121c Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 Error: (07/11/2013 07:05:03 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00173668 ID des fehlerhaften Prozesses: 0x8ac Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0 Pfad der fehlerhaften Anwendung: firefox.exe1 Pfad des fehlerhaften Moduls: firefox.exe2 Berichtskennung: firefox.exe3 System errors: ============= Error: (08/06/2013 10:43:12 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/06/2013 10:43:11 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (08/06/2013 03:01:57 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (08/05/2013 10:11:31 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (08/04/2013 04:59:15 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (08/03/2013 05:42:07 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (08/03/2013 05:21:21 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (08/02/2013 06:46:39 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (08/01/2013 06:29:11 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Error: (07/31/2013 02:47:40 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%5. Microsoft Office Sessions: ========================= Error: (08/02/2013 08:06:56 AM) (Source: Application Error)(User: ) Description: Internet Explorer000000000 Error: (08/02/2013 08:06:56 AM) (Source: Application Error)(User: ) Description: IEXPLORE.EXE10.0.9200.1663551b7a921unknown0.0.0.000000000c000001d196f15094e401ce8f44ca2004e7C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknownbb7b329d-fb39-11e2-8445-404e57434401 Error: (07/31/2013 10:16:17 PM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc0000005001736681aa401ce8e2accd830ebC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll0dfce25d-fa1e-11e2-9dee-404e57434401 Error: (07/29/2013 05:57:18 PM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc000000500173668156801ce8c73129bcb7bC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll8af2d12e-f867-11e2-b0f1-404e57434401 Error: (07/27/2013 09:50:08 PM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc000000500173668153001ce8af60ab9f4ecC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllbd1b3654-f6f5-11e2-b7fd-404e57434401 Error: (07/23/2013 10:13:50 PM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc00000050017366898001ce87d278f9caf9C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll62d02b21-f3d4-11e2-8696-404e57434401 Error: (07/16/2013 04:48:50 PM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc000000500173668172801ce82219e79fb31C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dlld331a6cf-ee26-11e2-87ca-404e57434401 Error: (07/16/2013 11:16:06 AM) (Source: Application Error)(User: ) Description: IEXPLORE.EXE10.0.9200.1663551b7a921unknown0.0.0.000000000c0000005004c0000d9401ce8204fc50362aC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown57c39d12-edf8-11e2-87ca-404e57434401 Error: (07/12/2013 11:25:48 PM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc000000500173668121c01ce7efcd8051c4bC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll9dfea6dc-eb39-11e2-8b2f-404e57434401 Error: (07/11/2013 07:05:03 PM) (Source: Application Error)(User: ) Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc0000005001736688ac01ce7e57d3994be6C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll06aa6f01-ea4c-11e2-b9eb-404e57434401 ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 7912.67 MB Available physical RAM: 6718.18 MB Total Pagefile: 15823.53 MB Available Pagefile: 14264.29 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:59.53 GB) (Free:5.73 GB) NTFS (Disk=0 Partition=2) Drive d: (Eigene Dateien) (Fixed) (Total:441.58 GB) (Free:370.81 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: B0FE9C2C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1267BE66) Partition 1: (Not Active) - (Size=24 GB) - (Type=42) Partition 2: (Active) - (Size=442 GB) - (Type=42) Partition 3: (Not Active) - (Size=1048 KB) - (Type=42) ==================== End Of Log ============================ |
06.08.2013, 16:26 | #4 |
/// Malware-holic | Delta Search Toolbar Virus Hi, es sind 2 Logs zu erstellen, möglichst gleichzeitig posten. sollte es bei den Deinstalationen Probleme geben, nutze Rewo: Revo Uninstaller - Download - Filepony 1. deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Ask Avira SearchFree Bing Google Toolbar : bitte verzichte auf Toolbars, sie sind nur ein zusätzliches Risiko. deinstaliere beide. Java 7 Update 21 downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren deinstaliere: Studie Windows Live : alle für dich unnötigen. Wise: beide. Starte neu. 2. Scan mit Combofix
3. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
07.08.2013, 09:14 | #5 |
| Delta Search Toolbar Virus Combofix Logfile: Code:
ATTFilter ComboFix 13-08-05.03 - Max-Uttendorfer 06.08.2013 17:52:00.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.7913.6035 [GMT 2:00] ausgeführt von:: c:\users\Max-Uttendorfer\Downloads\ComboFix.exe AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\AVM c:\program files (x86)\AVM\FRITZ!\avmcsock.dll c:\program files (x86)\AVM\FRITZ!\AvmSid.exe c:\program files (x86)\AVM\FRITZ!\C66dll.dll c:\program files (x86)\AVM\FRITZ!\C80dll.dll c:\program files (x86)\AVM\FRITZ!\capi2032.dll c:\program files (x86)\AVM\FRITZ!\CopyToXp64System.exe c:\program files (x86)\AVM\FRITZ!\Fax_col\fcol32.GPD c:\program files (x86)\AVM\FRITZ!\Fax_col\locale.gpd c:\program files (x86)\AVM\FRITZ!\Fax_col\oemprint.cat c:\program files (x86)\AVM\FRITZ!\Fax_col\OEMPRINT.INF c:\program files (x86)\AVM\FRITZ!\Fax_col\stdnames.gpd c:\program files (x86)\AVM\FRITZ!\Fax_col\ttfsub.gpd c:\program files (x86)\AVM\FRITZ!\Fax_col\UNIDRV.DLL c:\program files (x86)\AVM\FRITZ!\Fax_col\UNIDRV.HLP c:\program files (x86)\AVM\FRITZ!\Fax_col\UNIDRVUI.DLL c:\program files (x86)\AVM\FRITZ!\Fax_col\UNIRES.DLL c:\program files (x86)\AVM\FRITZ!\Fax_sw\ffax32.GPD c:\program files (x86)\AVM\FRITZ!\Fax_sw\locale.gpd c:\program files (x86)\AVM\FRITZ!\Fax_sw\oemprint.cat c:\program files (x86)\AVM\FRITZ!\Fax_sw\OEMPRINT.INF c:\program files (x86)\AVM\FRITZ!\Fax_sw\STDNAMES.GPD c:\program files (x86)\AVM\FRITZ!\Fax_sw\ttfsub.gpd c:\program files (x86)\AVM\FRITZ!\Fax_sw\UNIDRV.DLL c:\program files (x86)\AVM\FRITZ!\Fax_sw\UNIDRV.HLP c:\program files (x86)\AVM\FRITZ!\Fax_sw\UNIDRVUI.DLL c:\program files (x86)\AVM\FRITZ!\Fax_sw\UNIRES.DLL c:\program files (x86)\AVM\FRITZ!\FaxDb.exe c:\program files (x86)\AVM\FRITZ!\Fehler.wav c:\program files (x86)\AVM\FRITZ!\FriAdr32.exe c:\program files (x86)\AVM\FRITZ!\FriFax32.exe c:\program files (x86)\AVM\FRITZ!\FriSnd32.exe c:\program files (x86)\AVM\FRITZ!\FriSpl32.dll c:\program files (x86)\AVM\FRITZ!\FriStart.exe c:\program files (x86)\AVM\FRITZ!\FritzAdr._db c:\program files (x86)\AVM\FRITZ!\FritzAdr._md c:\program files (x86)\AVM\FRITZ!\FritzFax.chm c:\program files (x86)\AVM\FRITZ!\FritzMail.exe c:\program files (x86)\AVM\FRITZ!\FriVer32.exe c:\program files (x86)\AVM\FRITZ!\FriVw32.exe c:\program files (x86)\AVM\FRITZ!\G3cenc.exe c:\program files (x86)\AVM\FRITZ!\Gut.wav c:\program files (x86)\AVM\FRITZ!\i2errDeu.dll c:\program files (x86)\AVM\FRITZ!\Neufax.wav c:\program files (x86)\AVM\FRITZ!\PColorSetup.dll c:\program files (x86)\AVM\FRITZ!\PColorSetup_alt.dll c:\program files (x86)\AVM\FRITZ!\Ports\AvmColorFax.dll c:\program files (x86)\AVM\FRITZ!\Ports\AvmFax.dll c:\program files (x86)\AVM\FRITZ!\Ports\FriDru64.dll c:\program files (x86)\AVM\FRITZ!\Ports\FritzColorPort64.dll c:\program files (x86)\AVM\FRITZ!\Ports\FritzPort64.dll c:\program files (x86)\AVM\FRITZ!\PSetup.dll c:\program files (x86)\AVM\FRITZ!\Readme.rtf c:\program files (x86)\AVM\FRITZ!\setup.log c:\program files (x86)\AVM\FRITZ!\Setup64Fax.dll c:\program files (x86)\AVM\FRITZ!\Setup64FaxColor.dll c:\program files (x86)\AVM\FRITZ!\Setupdll.dll c:\program files (x86)\AVM\FRITZ!\SetupVistaColorFax32.dll c:\program files (x86)\AVM\FRITZ!\SetupVistaFax32.dll c:\program files (x86)\AVM\FRITZ!\UacTool.exe c:\program files (x86)\AVM\FRITZ!\Uninst.dll c:\program files (x86)\AVM\FRITZ!\Uninst.isu c:\users\MAX-UT~1\AppData\Local\Temp\7zS6ACE\HPSLPSVC64.DLL c:\users\Max-Uttendorfer\AppData\Local\Temp\7zS6ACE\HPSLPSVC64.DLL c:\windows\IsUn0407.exe . . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_BrowserDefendert -------\Service_HPSLPSVC . . ((((((((((((((((((((((( Dateien erstellt von 2013-07-06 bis 2013-08-06 )))))))))))))))))))))))))))))) . . 2013-08-06 15:43 . 2013-08-06 15:43 972712 ----a-w- c:\windows\system32\deployJava1.dll 2013-08-06 15:43 . 2013-08-06 15:43 312232 ----a-w- c:\windows\system32\javaws.exe 2013-08-06 15:43 . 2013-08-06 15:43 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-08-06 15:43 . 2013-08-06 15:43 189352 ----a-w- c:\windows\system32\javaw.exe 2013-08-06 15:43 . 2013-08-06 15:43 188840 ----a-w- c:\windows\system32\java.exe 2013-08-06 15:43 . 2013-08-06 15:43 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll 2013-08-06 15:43 . 2013-08-06 15:43 -------- d-----w- c:\program files\Java 2013-08-06 14:58 . 2013-08-06 14:58 -------- d-----w- C:\FRST 2013-08-06 08:38 . 2013-08-06 08:38 -------- d-----w- c:\users\Max-Uttendorfer\AppData\Roaming\Malwarebytes 2013-08-06 08:38 . 2013-08-06 08:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-08-06 08:38 . 2013-08-06 08:38 -------- d-----w- c:\programdata\Malwarebytes 2013-08-06 08:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-06 08:36 . 2013-08-06 08:36 -------- d-----w- c:\users\Max-Uttendorfer\AppData\Local\Programs 2013-08-05 20:17 . 2013-08-05 20:17 -------- d-----w- c:\windows\SysWow64\searchplugins 2013-08-05 20:17 . 2013-08-05 20:17 -------- d-----w- c:\windows\SysWow64\Extensions 2013-08-05 19:11 . 2013-08-05 19:12 -------- d-----w- c:\windows\system32\MRT 2013-07-30 07:45 . 2013-07-30 07:45 -------- d-----w- c:\program files (x86)\Delta 2013-07-30 07:45 . 2013-07-30 07:45 -------- d-----w- c:\users\Max-Uttendorfer\AppData\Roaming\Delta 2013-07-30 07:45 . 2013-08-06 08:44 -------- d-----w- c:\programdata\BrowserDefender 2013-07-30 07:45 . 2013-07-30 07:45 -------- d-----w- c:\programdata\Babylon 2013-07-10 23:11 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-06 15:32 . 2013-03-13 15:14 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-08-06 15:32 . 2011-09-02 14:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-27 11:46 . 2013-05-06 10:57 83672 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2013-06-23 22:57 . 2011-08-07 14:24 78277128 ----a-w- c:\windows\system32\MRT.exe 2013-05-13 08:09 . 2013-05-13 08:09 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2013-05-13 08:09 . 2012-01-02 06:29 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-05-13 05:51 . 2013-06-13 04:35 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2013-05-13 05:51 . 2013-06-13 04:35 1464320 ----a-w- c:\windows\system32\crypt32.dll 2013-05-13 05:51 . 2013-06-13 04:35 139776 ----a-w- c:\windows\system32\cryptnet.dll 2013-05-13 05:50 . 2013-06-13 04:35 52224 ----a-w- c:\windows\system32\certenc.dll 2013-05-13 04:45 . 2013-06-13 04:35 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2013-05-13 04:45 . 2013-06-13 04:35 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll 2013-05-13 04:45 . 2013-06-13 04:35 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2013-05-13 03:43 . 2013-06-13 04:35 1192448 ----a-w- c:\windows\system32\certutil.exe 2013-05-13 03:08 . 2013-06-13 04:35 903168 ----a-w- c:\windows\SysWow64\certutil.exe 2013-05-13 03:08 . 2013-06-13 04:35 43008 ----a-w- c:\windows\SysWow64\certenc.dll 2013-05-10 05:49 . 2013-06-13 04:35 30720 ----a-w- c:\windows\system32\cryptdlg.dll 2013-05-10 03:20 . 2013-06-13 04:35 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll 2013-05-09 19:29 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-09-03 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-06-27 345144] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576] . c:\users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Tintenwarnungen überwachen - HP Officejet 4620 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2952334D05S1;CONNECTION=USB;MONITOR=1; [2009-7-14 45568] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="userinit.exe" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x] R3 FUS2BASE;AVM FRITZ!Card USB;c:\windows\system32\DRIVERS\fus2base.sys;c:\windows\SYSNATIVE\DRIVERS\fus2base.sys [x] R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x] R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys;c:\windows\SYSNATIVE\Drivers\MHIKEY10x64.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x] S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x] S2 StarMoney 8.0 OnlineUpdate;StarMoney 8.0 OnlineUpdate;c:\program files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe;c:\program files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [x] S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Driver;c:\windows\system32\DRIVERS\AVMCOWAN.sys;c:\windows\SYSNATIVE\DRIVERS\AVMCOWAN.sys [x] S3 cmudaxp;ASUS Xonar D1 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x] S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x] S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-08-02 04:49 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2013-08-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 15:32] . 2013-06-08 c:\windows\Tasks\FaxArchive_CN2952334D05S1.job - c:\program files\HP\HP Officejet 4620 series\Bin\FaxApplications.exe [2012-10-17 02:34] . 2013-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ce7eced48d6485.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-03 07:23] . 2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-03 07:23] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2011-05-12 8769536] "Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704] "Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: Free YouTube to MP3 Converter - c:\users\Max-Uttendorfer\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 Trusted Zone: proximize.me TCP: DhcpNameServer = 192.168.178.1 FF - ProfilePath - c:\users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\ FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=7C04002522A6F805&affID=121564&tt=290713_190&tsp=4959 FF - ExtSQL: 2013-07-30 09:45; ffxtlbr@delta.com; c:\users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\extensions\ffxtlbr@delta.com FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 7c04c996000000000000002522a6f805 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15916 FF - user.js: extensions.delta.vrsn - 1.8.22.0 FF - user.js: extensions.delta.vrsni - 1.8.22.0 FF - user.js: extensions.delta.vrsnTs - 1.8.22.09:45 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - de FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=121564&tt=290713_190&tsp=4959 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . - - - - Entfernte verwaiste Registrierungseinträge - - - - . URLSearchHooks-{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file) URLSearchHooks-{213c8ed6-1d78-4d8f-8729-25006aa86a76} - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file) WebBrowser-{213C8ED6-1D78-4D8F-8729-25006AA86A76} - (no file) AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe . ************************************************************************** . Zeit der Fertigstellung: 2013-08-06 18:00:55 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2013-08-06 16:00 . Vor Suchlauf: 6.544.932.864 Bytes frei Nach Suchlauf: 6.436.548.608 Bytes frei . - - End Of File - - CCA41B87C57D309A3F5378855B56C046 D41D8CD98F00B204E9800998ECF8427E 10:12:13.0264 2920 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 10:12:13.0411 2920 ============================================================ 10:12:13.0411 2920 Current date / time: 2013/08/07 10:12:13.0411 10:12:13.0411 2920 SystemInfo: 10:12:13.0411 2920 10:12:13.0411 2920 OS Version: 6.1.7601 ServicePack: 1.0 10:12:13.0411 2920 Product type: Workstation 10:12:13.0411 2920 ComputerName: PC 10:12:13.0412 2920 UserName: Max-Uttendorfer 10:12:13.0412 2920 Windows directory: C:\Windows 10:12:13.0412 2920 System windows directory: C:\Windows 10:12:13.0412 2920 Running under WOW64 10:12:13.0412 2920 Processor architecture: Intel x64 10:12:13.0412 2920 Number of processors: 4 10:12:13.0412 2920 Page size: 0x1000 10:12:13.0412 2920 Boot type: Normal boot 10:12:13.0412 2920 ============================================================ 10:12:13.0643 2920 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:12:13.0655 2920 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 10:12:13.0662 2920 ============================================================ 10:12:13.0662 2920 \Device\Harddisk0\DR0: 10:12:13.0662 2920 MBR partitions: 10:12:13.0662 2920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 10:12:13.0662 2920 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D800 10:12:13.0662 2920 \Device\Harddisk1\DR1: 10:12:13.0662 2920 MBR partitions: 10:12:13.0662 2920 ============================================================ 10:12:13.0664 2920 C: <-> \Device\Harddisk0\DR0\Partition2 10:12:13.0664 2920 ============================================================ 10:12:13.0664 2920 Initialize success 10:12:13.0664 2920 ============================================================ 10:12:19.0406 2216 ============================================================ 10:12:19.0406 2216 Scan started 10:12:19.0406 2216 Mode: Manual; 10:12:19.0406 2216 ============================================================ 10:12:19.0475 2216 ================ Scan system memory ======================== 10:12:19.0475 2216 System memory - ok 10:12:19.0475 2216 ================ Scan services ============================= 10:12:19.0513 2216 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 10:12:19.0523 2216 1394ohci - ok 10:12:19.0531 2216 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 10:12:19.0533 2216 ACPI - ok 10:12:19.0537 2216 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 10:12:19.0541 2216 AcpiPmi - ok 10:12:19.0547 2216 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 10:12:19.0551 2216 AdobeARMservice - ok 10:12:19.0579 2216 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 10:12:19.0589 2216 AdobeFlashPlayerUpdateSvc - ok 10:12:19.0597 2216 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 10:12:19.0607 2216 adp94xx - ok 10:12:19.0613 2216 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 10:12:19.0622 2216 adpahci - ok 10:12:19.0626 2216 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 10:12:19.0633 2216 adpu320 - ok 10:12:19.0637 2216 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 10:12:19.0642 2216 AeLookupSvc - ok 10:12:19.0650 2216 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 10:12:19.0662 2216 AFD - ok 10:12:19.0666 2216 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 10:12:19.0670 2216 agp440 - ok 10:12:19.0674 2216 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 10:12:19.0678 2216 ALG - ok 10:12:19.0681 2216 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 10:12:19.0685 2216 aliide - ok 10:12:19.0687 2216 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 10:12:19.0691 2216 amdide - ok 10:12:19.0694 2216 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 10:12:19.0699 2216 AmdK8 - ok 10:12:19.0702 2216 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 10:12:19.0707 2216 AmdPPM - ok 10:12:19.0711 2216 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 10:12:19.0716 2216 amdsata - ok 10:12:19.0721 2216 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 10:12:19.0728 2216 amdsbs - ok 10:12:19.0730 2216 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 10:12:19.0733 2216 amdxata - ok 10:12:19.0736 2216 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys 10:12:19.0740 2216 androidusb - ok 10:12:19.0750 2216 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 10:12:19.0754 2216 AntiVirSchedulerService - ok 10:12:19.0758 2216 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 10:12:19.0763 2216 AntiVirService - ok 10:12:19.0767 2216 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 10:12:19.0771 2216 AppID - ok 10:12:19.0774 2216 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 10:12:19.0779 2216 AppIDSvc - ok 10:12:19.0782 2216 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 10:12:19.0787 2216 Appinfo - ok 10:12:19.0792 2216 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 10:12:19.0797 2216 arc - ok 10:12:19.0801 2216 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 10:12:19.0806 2216 arcsas - ok 10:12:19.0809 2216 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 10:12:19.0812 2216 AsyncMac - ok 10:12:19.0815 2216 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 10:12:19.0817 2216 atapi - ok 10:12:19.0827 2216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 10:12:19.0844 2216 AudioEndpointBuilder - ok 10:12:19.0852 2216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 10:12:19.0856 2216 AudioSrv - ok 10:12:19.0860 2216 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 10:12:19.0864 2216 avgntflt - ok 10:12:19.0868 2216 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 10:12:19.0873 2216 avipbb - ok 10:12:19.0876 2216 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 10:12:19.0879 2216 avkmgr - ok 10:12:19.0883 2216 [ 43744F1D3CDE20F3925F10927C9036C2 ] AVMCOWAN C:\Windows\system32\DRIVERS\AVMCOWAN.sys 10:12:19.0887 2216 AVMCOWAN - ok 10:12:19.0893 2216 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 10:12:19.0899 2216 AxInstSV - ok 10:12:19.0907 2216 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 10:12:19.0918 2216 b06bdrv - ok 10:12:19.0924 2216 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 10:12:19.0931 2216 b57nd60a - ok 10:12:19.0936 2216 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 10:12:19.0942 2216 BDESVC - ok 10:12:19.0945 2216 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 10:12:19.0947 2216 Beep - ok 10:12:19.0958 2216 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 10:12:19.0973 2216 BFE - ok 10:12:19.0984 2216 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 10:12:20.0001 2216 BITS - ok 10:12:20.0004 2216 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 10:12:20.0008 2216 blbdrive - ok 10:12:20.0011 2216 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 10:12:20.0016 2216 bowser - ok 10:12:20.0019 2216 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 10:12:20.0022 2216 BrFiltLo - ok 10:12:20.0025 2216 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 10:12:20.0027 2216 BrFiltUp - ok 10:12:20.0032 2216 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 10:12:20.0036 2216 BridgeMP - ok 10:12:20.0041 2216 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 10:12:20.0047 2216 Browser - ok 10:12:20.0052 2216 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 10:12:20.0060 2216 Brserid - ok 10:12:20.0064 2216 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 10:12:20.0068 2216 BrSerWdm - ok 10:12:20.0070 2216 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 10:12:20.0073 2216 BrUsbMdm - ok 10:12:20.0076 2216 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 10:12:20.0078 2216 BrUsbSer - ok 10:12:20.0082 2216 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 10:12:20.0086 2216 BTHMODEM - ok 10:12:20.0091 2216 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 10:12:20.0096 2216 bthserv - ok 10:12:20.0098 2216 catchme - ok 10:12:20.0102 2216 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 10:12:20.0106 2216 cdfs - ok 10:12:20.0111 2216 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 10:12:20.0117 2216 cdrom - ok 10:12:20.0121 2216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 10:12:20.0126 2216 CertPropSvc - ok 10:12:20.0129 2216 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 10:12:20.0133 2216 circlass - ok 10:12:20.0140 2216 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 10:12:20.0150 2216 CLFS - ok 10:12:20.0158 2216 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:12:20.0164 2216 clr_optimization_v2.0.50727_32 - ok 10:12:20.0172 2216 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 10:12:20.0181 2216 clr_optimization_v2.0.50727_64 - ok 10:12:20.0190 2216 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:12:20.0197 2216 clr_optimization_v4.0.30319_32 - ok 10:12:20.0206 2216 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 10:12:20.0208 2216 clr_optimization_v4.0.30319_64 - ok 10:12:20.0212 2216 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 10:12:20.0215 2216 CmBatt - ok 10:12:20.0218 2216 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 10:12:20.0222 2216 cmdide - ok 10:12:20.0252 2216 [ 0367F029425CBD5506E8DB2757FF3A8F ] cmudaxp C:\Windows\system32\drivers\cmudaxp.sys 10:12:20.0290 2216 cmudaxp - ok 10:12:20.0297 2216 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 10:12:20.0307 2216 CNG - ok 10:12:20.0310 2216 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 10:12:20.0314 2216 Compbatt - ok 10:12:20.0317 2216 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 10:12:20.0321 2216 CompositeBus - ok 10:12:20.0323 2216 COMSysApp - ok 10:12:20.0327 2216 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 10:12:20.0331 2216 crcdisk - ok 10:12:20.0337 2216 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 10:12:20.0344 2216 CryptSvc - ok 10:12:20.0353 2216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 10:12:20.0358 2216 DcomLaunch - ok 10:12:20.0364 2216 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 10:12:20.0373 2216 defragsvc - ok 10:12:20.0377 2216 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 10:12:20.0382 2216 DfsC - ok 10:12:20.0389 2216 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 10:12:20.0400 2216 Dhcp - ok 10:12:20.0403 2216 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 10:12:20.0407 2216 discache - ok 10:12:20.0410 2216 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 10:12:20.0414 2216 Disk - ok 10:12:20.0419 2216 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 10:12:20.0427 2216 Dnscache - ok 10:12:20.0432 2216 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 10:12:20.0440 2216 dot3svc - ok 10:12:20.0445 2216 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 10:12:20.0447 2216 DPS - ok 10:12:20.0449 2216 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 10:12:20.0452 2216 drmkaud - ok 10:12:20.0464 2216 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 10:12:20.0473 2216 DXGKrnl - ok 10:12:20.0477 2216 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 10:12:20.0483 2216 EapHost - ok 10:12:20.0516 2216 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 10:12:20.0554 2216 ebdrv - ok 10:12:20.0558 2216 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 10:12:20.0561 2216 EFS - ok 10:12:20.0571 2216 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 10:12:20.0586 2216 ehRecvr - ok 10:12:20.0590 2216 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 10:12:20.0596 2216 ehSched - ok 10:12:20.0604 2216 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 10:12:20.0614 2216 elxstor - ok 10:12:20.0618 2216 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 10:12:20.0621 2216 ErrDev - ok 10:12:20.0625 2216 [ DF2F6C1E55F6E81CFC7F688380D85816 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys 10:12:20.0629 2216 EtronHub3 - ok 10:12:20.0632 2216 [ E093ABFB67A4B9D94F80611A7D0A8BB9 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys 10:12:20.0636 2216 EtronXHCI - ok 10:12:20.0644 2216 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 10:12:20.0647 2216 EventSystem - ok 10:12:20.0652 2216 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 10:12:20.0659 2216 exfat - ok 10:12:20.0663 2216 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 10:12:20.0669 2216 fastfat - ok 10:12:20.0679 2216 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 10:12:20.0686 2216 Fax - ok 10:12:20.0689 2216 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 10:12:20.0692 2216 fdc - ok 10:12:20.0695 2216 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 10:12:20.0697 2216 fdPHost - ok 10:12:20.0701 2216 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 10:12:20.0704 2216 FDResPub - ok 10:12:20.0707 2216 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 10:12:20.0711 2216 FileInfo - ok 10:12:20.0714 2216 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 10:12:20.0718 2216 Filetrace - ok 10:12:20.0721 2216 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 10:12:20.0725 2216 flpydisk - ok 10:12:20.0730 2216 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 10:12:20.0738 2216 FltMgr - ok 10:12:20.0751 2216 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 10:12:20.0771 2216 FontCache - ok 10:12:20.0775 2216 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 10:12:20.0780 2216 FontCache3.0.0.0 - ok 10:12:20.0784 2216 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 10:12:20.0788 2216 FsDepends - ok 10:12:20.0791 2216 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 10:12:20.0794 2216 Fs_Rec - ok 10:12:20.0802 2216 [ 3D0F2C8B86BCAB9A2BC5D5A725F45DCC ] FUS2BASE C:\Windows\system32\DRIVERS\fus2base.sys 10:12:20.0817 2216 FUS2BASE - ok 10:12:20.0824 2216 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 10:12:20.0834 2216 fvevol - ok 10:12:20.0837 2216 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 10:12:20.0842 2216 gagp30kx - ok 10:12:20.0852 2216 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 10:12:20.0859 2216 gpsvc - ok 10:12:20.0864 2216 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:12:20.0865 2216 gupdate - ok 10:12:20.0868 2216 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 10:12:20.0869 2216 gupdatem - ok 10:12:20.0874 2216 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 10:12:20.0875 2216 gusvc - ok 10:12:20.0878 2216 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 10:12:20.0883 2216 hcw85cir - ok 10:12:20.0886 2216 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 10:12:20.0892 2216 HDAudBus - ok 10:12:20.0895 2216 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 10:12:20.0899 2216 HidBatt - ok 10:12:20.0902 2216 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 10:12:20.0907 2216 HidBth - ok 10:12:20.0911 2216 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 10:12:20.0915 2216 HidIr - ok 10:12:20.0918 2216 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 10:12:20.0921 2216 hidserv - ok 10:12:20.0925 2216 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 10:12:20.0928 2216 HidUsb - ok 10:12:20.0932 2216 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 10:12:20.0937 2216 hkmsvc - ok 10:12:20.0943 2216 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 10:12:20.0953 2216 HomeGroupListener - ok 10:12:20.0957 2216 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 10:12:20.0963 2216 HomeGroupProvider - ok 10:12:20.0966 2216 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 10:12:20.0971 2216 HpSAMD - ok 10:12:20.0981 2216 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 10:12:20.0998 2216 HTTP - ok 10:12:21.0001 2216 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 10:12:21.0003 2216 hwpolicy - ok 10:12:21.0007 2216 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 10:12:21.0013 2216 i8042prt - ok 10:12:21.0021 2216 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 10:12:21.0023 2216 iaStor - ok 10:12:21.0027 2216 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 10:12:21.0028 2216 IAStorDataMgrSvc - ok 10:12:21.0034 2216 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 10:12:21.0044 2216 iaStorV - ok 10:12:21.0055 2216 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 10:12:21.0083 2216 idsvc - ok 10:12:21.0211 2216 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 10:12:21.0356 2216 igfx - ok 10:12:21.0363 2216 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 10:12:21.0368 2216 iirsp - ok 10:12:21.0378 2216 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 10:12:21.0397 2216 IKEEXT - ok 10:12:21.0401 2216 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 10:12:21.0404 2216 intelide - ok 10:12:21.0408 2216 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 10:12:21.0408 2216 intelppm - ok 10:12:21.0412 2216 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 10:12:21.0417 2216 IPBusEnum - ok 10:12:21.0421 2216 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:12:21.0426 2216 IpFilterDriver - ok 10:12:21.0434 2216 [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll 10:12:21.0440 2216 IpHlpSvc - ok 10:12:21.0443 2216 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 10:12:21.0449 2216 IPMIDRV - ok 10:12:21.0452 2216 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 10:12:21.0457 2216 IPNAT - ok 10:12:21.0460 2216 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 10:12:21.0463 2216 IRENUM - ok 10:12:21.0466 2216 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 10:12:21.0470 2216 isapnp - ok 10:12:21.0475 2216 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 10:12:21.0484 2216 iScsiPrt - ok 10:12:21.0487 2216 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 10:12:21.0490 2216 kbdclass - ok 10:12:21.0493 2216 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 10:12:21.0497 2216 kbdhid - ok 10:12:21.0500 2216 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 10:12:21.0500 2216 KeyIso - ok 10:12:21.0504 2216 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 10:12:21.0509 2216 KSecDD - ok 10:12:21.0513 2216 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 10:12:21.0520 2216 KSecPkg - ok 10:12:21.0523 2216 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 10:12:21.0526 2216 ksthunk - ok 10:12:21.0532 2216 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 10:12:21.0543 2216 KtmRm - ok 10:12:21.0548 2216 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 10:12:21.0558 2216 LanmanServer - ok 10:12:21.0562 2216 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 10:12:21.0569 2216 LanmanWorkstation - ok 10:12:21.0574 2216 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 10:12:21.0578 2216 lltdio - ok 10:12:21.0584 2216 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 10:12:21.0592 2216 lltdsvc - ok 10:12:21.0595 2216 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 10:12:21.0598 2216 lmhosts - ok 10:12:21.0605 2216 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 10:12:21.0611 2216 LMS - ok 10:12:21.0616 2216 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 10:12:21.0621 2216 LSI_FC - ok 10:12:21.0625 2216 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 10:12:21.0630 2216 LSI_SAS - ok 10:12:21.0633 2216 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 10:12:21.0638 2216 LSI_SAS2 - ok 10:12:21.0641 2216 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 10:12:21.0646 2216 LSI_SCSI - ok 10:12:21.0650 2216 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 10:12:21.0655 2216 luafv - ok 10:12:21.0658 2216 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 10:12:21.0663 2216 Mcx2Svc - ok 10:12:21.0666 2216 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 10:12:21.0670 2216 megasas - ok 10:12:21.0676 2216 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 10:12:21.0683 2216 MegaSR - ok 10:12:21.0687 2216 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 10:12:21.0690 2216 MEIx64 - ok 10:12:21.0693 2216 [ BA7E071E855D4C502916164A31B05D4D ] MHIKEY10 C:\Windows\system32\Drivers\MHIKEY10x64.sys 10:12:21.0697 2216 MHIKEY10 - ok 10:12:21.0700 2216 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 10:12:21.0704 2216 MMCSS - ok 10:12:21.0707 2216 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 10:12:21.0711 2216 Modem - ok 10:12:21.0714 2216 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 10:12:21.0714 2216 monitor - ok 10:12:21.0717 2216 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 10:12:21.0721 2216 mouclass - ok 10:12:21.0724 2216 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 10:12:21.0728 2216 mouhid - ok 10:12:21.0731 2216 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 10:12:21.0736 2216 mountmgr - ok 10:12:21.0740 2216 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 10:12:21.0747 2216 MozillaMaintenance - ok 10:12:21.0751 2216 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 10:12:21.0759 2216 mpio - ok 10:12:21.0762 2216 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 10:12:21.0766 2216 mpsdrv - ok 10:12:21.0778 2216 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 10:12:21.0785 2216 MpsSvc - ok 10:12:21.0790 2216 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 10:12:21.0797 2216 MRxDAV - ok 10:12:21.0801 2216 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 10:12:21.0808 2216 mrxsmb - ok 10:12:21.0813 2216 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:12:21.0821 2216 mrxsmb10 - ok 10:12:21.0825 2216 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:12:21.0830 2216 mrxsmb20 - ok 10:12:21.0833 2216 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 10:12:21.0836 2216 msahci - ok 10:12:21.0840 2216 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 10:12:21.0847 2216 msdsm - ok 10:12:21.0851 2216 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 10:12:21.0858 2216 MSDTC - ok 10:12:21.0863 2216 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 10:12:21.0866 2216 Msfs - ok 10:12:21.0869 2216 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 10:12:21.0871 2216 mshidkmdf - ok 10:12:21.0874 2216 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 10:12:21.0877 2216 msisadrv - ok 10:12:21.0881 2216 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 10:12:21.0888 2216 MSiSCSI - ok 10:12:21.0891 2216 msiserver - ok 10:12:21.0895 2216 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 10:12:21.0897 2216 MSKSSRV - ok 10:12:21.0900 2216 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 10:12:21.0902 2216 MSPCLOCK - ok 10:12:21.0905 2216 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 10:12:21.0907 2216 MSPQM - ok 10:12:21.0914 2216 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 10:12:21.0923 2216 MsRPC - ok 10:12:21.0927 2216 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 10:12:21.0928 2216 mssmbios - ok 10:12:21.0930 2216 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 10:12:21.0933 2216 MSTEE - ok 10:12:21.0936 2216 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 10:12:21.0938 2216 MTConfig - ok 10:12:21.0941 2216 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 10:12:21.0945 2216 Mup - ok 10:12:21.0952 2216 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 10:12:21.0957 2216 napagent - ok 10:12:21.0964 2216 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 10:12:21.0973 2216 NativeWifiP - ok 10:12:21.0985 2216 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 10:12:21.0990 2216 NDIS - ok 10:12:21.0994 2216 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 10:12:21.0998 2216 NdisCap - ok 10:12:22.0000 2216 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 10:12:22.0004 2216 NdisTapi - ok 10:12:22.0007 2216 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 10:12:22.0012 2216 Ndisuio - ok 10:12:22.0016 2216 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 10:12:22.0023 2216 NdisWan - ok 10:12:22.0026 2216 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 10:12:22.0030 2216 NDProxy - ok 10:12:22.0033 2216 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 10:12:22.0037 2216 NetBIOS - ok 10:12:22.0043 2216 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 10:12:22.0051 2216 NetBT - ok 10:12:22.0055 2216 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 10:12:22.0056 2216 Netlogon - ok 10:12:22.0062 2216 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 10:12:22.0075 2216 Netman - ok 10:12:22.0083 2216 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 10:12:22.0087 2216 netprofm - ok 10:12:22.0091 2216 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 10:12:22.0098 2216 NetTcpPortSharing - ok 10:12:22.0101 2216 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 10:12:22.0106 2216 nfrd960 - ok 10:12:22.0112 2216 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 10:12:22.0115 2216 NlaSvc - ok 10:12:22.0122 2216 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 10:12:22.0127 2216 Npfs - ok 10:12:22.0130 2216 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 10:12:22.0134 2216 nsi - ok 10:12:22.0139 2216 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 10:12:22.0142 2216 nsiproxy - ok 10:12:22.0164 2216 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 10:12:22.0190 2216 Ntfs - ok 10:12:22.0193 2216 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 10:12:22.0195 2216 Null - ok 10:12:22.0199 2216 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 10:12:22.0205 2216 nvraid - ok 10:12:22.0209 2216 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 10:12:22.0216 2216 nvstor - ok 10:12:22.0219 2216 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 10:12:22.0225 2216 nv_agp - ok 10:12:22.0228 2216 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 10:12:22.0233 2216 ohci1394 - ok 10:12:22.0237 2216 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 10:12:22.0243 2216 ose - ok 10:12:22.0250 2216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 10:12:22.0254 2216 p2pimsvc - ok 10:12:22.0260 2216 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 10:12:22.0271 2216 p2psvc - ok 10:12:22.0275 2216 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 10:12:22.0279 2216 Parport - ok 10:12:22.0282 2216 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 10:12:22.0287 2216 partmgr - ok 10:12:22.0292 2216 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 10:12:22.0300 2216 PcaSvc - ok 10:12:22.0305 2216 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 10:12:22.0312 2216 pci - ok 10:12:22.0314 2216 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 10:12:22.0317 2216 pciide - ok 10:12:22.0322 2216 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 10:12:22.0330 2216 pcmcia - ok 10:12:22.0333 2216 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 10:12:22.0337 2216 pcw - ok 10:12:22.0344 2216 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 10:12:22.0359 2216 PEAUTH - ok 10:12:22.0384 2216 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 10:12:22.0389 2216 PerfHost - ok 10:12:22.0409 2216 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 10:12:22.0433 2216 pla - ok 10:12:22.0440 2216 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 10:12:22.0454 2216 PlugPlay - ok 10:12:22.0458 2216 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 10:12:22.0463 2216 PNRPAutoReg - ok 10:12:22.0468 2216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 10:12:22.0471 2216 PNRPsvc - ok 10:12:22.0479 2216 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 10:12:22.0492 2216 PolicyAgent - ok 10:12:22.0499 2216 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 10:12:22.0500 2216 Power - ok 10:12:22.0505 2216 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 10:12:22.0512 2216 PptpMiniport - ok 10:12:22.0515 2216 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 10:12:22.0521 2216 Processor - ok 10:12:22.0526 2216 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 10:12:22.0529 2216 ProfSvc - ok 10:12:22.0532 2216 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 10:12:22.0532 2216 ProtectedStorage - ok 10:12:22.0536 2216 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 10:12:22.0537 2216 Psched - ok 10:12:22.0555 2216 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 10:12:22.0578 2216 ql2300 - ok 10:12:22.0582 2216 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 10:12:22.0589 2216 ql40xx - ok 10:12:22.0595 2216 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 10:12:22.0605 2216 QWAVE - ok 10:12:22.0608 2216 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 10:12:22.0613 2216 QWAVEdrv - ok 10:12:22.0615 2216 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 10:12:22.0618 2216 RasAcd - ok 10:12:22.0623 2216 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 10:12:22.0628 2216 RasAgileVpn - ok 10:12:22.0632 2216 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 10:12:22.0637 2216 RasAuto - ok 10:12:22.0641 2216 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 10:12:22.0646 2216 Rasl2tp - ok 10:12:22.0652 2216 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 10:12:22.0663 2216 RasMan - ok 10:12:22.0667 2216 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 10:12:22.0672 2216 RasPppoe - ok 10:12:22.0675 2216 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 10:12:22.0680 2216 RasSstp - ok 10:12:22.0685 2216 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 10:12:22.0694 2216 rdbss - ok 10:12:22.0697 2216 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 10:12:22.0700 2216 rdpbus - ok 10:12:22.0703 2216 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 10:12:22.0705 2216 RDPCDD - ok 10:12:22.0709 2216 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 10:12:22.0711 2216 RDPENCDD - ok 10:12:22.0715 2216 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 10:12:22.0717 2216 RDPREFMP - ok 10:12:22.0722 2216 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 10:12:22.0728 2216 RDPWD - ok 10:12:22.0734 2216 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 10:12:22.0742 2216 rdyboost - ok 10:12:22.0763 2216 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 10:12:22.0768 2216 RemoteAccess - ok 10:12:22.0772 2216 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 10:12:22.0780 2216 RemoteRegistry - ok 10:12:22.0783 2216 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 10:12:22.0788 2216 RpcEptMapper - ok 10:12:22.0791 2216 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 10:12:22.0794 2216 RpcLocator - ok 10:12:22.0801 2216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 10:12:22.0805 2216 RpcSs - ok 10:12:22.0808 2216 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 10:12:22.0812 2216 rspndr - ok 10:12:22.0818 2216 [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 10:12:22.0823 2216 RTL8167 - ok 10:12:22.0825 2216 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 10:12:22.0826 2216 SamSs - ok 10:12:22.0830 2216 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 10:12:22.0836 2216 sbp2port - ok 10:12:22.0840 2216 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 10:12:22.0848 2216 SCardSvr - ok 10:12:22.0851 2216 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 10:12:22.0854 2216 scfilter - ok 10:12:22.0866 2216 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 10:12:22.0891 2216 Schedule - ok 10:12:22.0895 2216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 10:12:22.0895 2216 SCPolicySvc - ok 10:12:22.0900 2216 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 10:12:22.0909 2216 SDRSVC - ok 10:12:22.0912 2216 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 10:12:22.0915 2216 secdrv - ok 10:12:22.0918 2216 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 10:12:22.0922 2216 seclogon - ok 10:12:22.0926 2216 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 10:12:22.0927 2216 SENS - ok 10:12:22.0929 2216 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 10:12:22.0934 2216 SensrSvc - ok 10:12:22.0937 2216 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 10:12:22.0940 2216 Serenum - ok 10:12:22.0943 2216 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 10:12:22.0948 2216 Serial - ok 10:12:22.0951 2216 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 10:12:22.0954 2216 sermouse - ok 10:12:22.0962 2216 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 10:12:22.0968 2216 SessionEnv - ok 10:12:22.0971 2216 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 10:12:22.0974 2216 sffdisk - ok 10:12:22.0977 2216 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 10:12:22.0980 2216 sffp_mmc - ok 10:12:22.0982 2216 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 10:12:22.0985 2216 sffp_sd - ok 10:12:22.0989 2216 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 10:12:22.0992 2216 sfloppy - ok 10:12:23.0000 2216 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 10:12:23.0009 2216 SharedAccess - ok 10:12:23.0016 2216 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 10:12:23.0022 2216 ShellHWDetection - ok 10:12:23.0026 2216 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 10:12:23.0030 2216 SiSRaid2 - ok 10:12:23.0033 2216 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 10:12:23.0038 2216 SiSRaid4 - ok 10:12:23.0041 2216 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 10:12:23.0046 2216 Smb - ok 10:12:23.0052 2216 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 10:12:23.0056 2216 SNMPTRAP - ok 10:12:23.0058 2216 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 10:12:23.0061 2216 spldr - ok 10:12:23.0069 2216 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 10:12:23.0078 2216 Spooler - ok 10:12:23.0113 2216 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 10:12:23.0143 2216 sppsvc - ok 10:12:23.0147 2216 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 10:12:23.0152 2216 sppuinotify - ok 10:12:23.0159 2216 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 10:12:23.0169 2216 srv - ok 10:12:23.0175 2216 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 10:12:23.0185 2216 srv2 - ok 10:12:23.0190 2216 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 10:12:23.0196 2216 srvnet - ok 10:12:23.0202 2216 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys 10:12:23.0208 2216 ssadbus - ok 10:12:23.0210 2216 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys 10:12:23.0214 2216 ssadmdfl - ok 10:12:23.0218 2216 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys 10:12:23.0224 2216 ssadmdm - ok 10:12:23.0228 2216 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys 10:12:23.0233 2216 ssadserd - ok 10:12:23.0237 2216 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 10:12:23.0243 2216 SSDPSRV - ok 10:12:23.0247 2216 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 10:12:23.0252 2216 SstpSvc - ok 10:12:23.0261 2216 [ 98CC6BDCB5F593394CE2000EC454AEE4 ] StarMoney 8.0 OnlineUpdate C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe 10:12:23.0270 2216 StarMoney 8.0 OnlineUpdate - ok 10:12:23.0274 2216 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 10:12:23.0279 2216 stexstor - ok 10:12:23.0286 2216 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 10:12:23.0299 2216 stisvc - ok 10:12:23.0301 2216 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 10:12:23.0304 2216 swenum - ok 10:12:23.0311 2216 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 10:12:23.0322 2216 swprv - ok 10:12:23.0342 2216 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 10:12:23.0371 2216 SysMain - ok 10:12:23.0375 2216 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 10:12:23.0381 2216 TabletInputService - ok 10:12:23.0386 2216 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 10:12:23.0397 2216 TapiSrv - ok 10:12:23.0400 2216 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 10:12:23.0402 2216 TBS - ok 10:12:23.0421 2216 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 10:12:23.0455 2216 Tcpip - ok 10:12:23.0476 2216 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 10:12:23.0485 2216 TCPIP6 - ok 10:12:23.0490 2216 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 10:12:23.0494 2216 tcpipreg - ok 10:12:23.0500 2216 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 10:12:23.0502 2216 TDPIPE - ok 10:12:23.0506 2216 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 10:12:23.0509 2216 TDTCP - ok 10:12:23.0513 2216 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 10:12:23.0518 2216 tdx - ok 10:12:23.0521 2216 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 10:12:23.0525 2216 TermDD - ok 10:12:23.0535 2216 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 10:12:23.0551 2216 TermService - ok 10:12:23.0554 2216 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 10:12:23.0559 2216 Themes - ok 10:12:23.0562 2216 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 10:12:23.0563 2216 THREADORDER - ok 10:12:23.0567 2216 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 10:12:23.0573 2216 TrkWks - ok 10:12:23.0578 2216 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 10:12:23.0584 2216 TrustedInstaller - ok 10:12:23.0589 2216 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 10:12:23.0594 2216 tssecsrv - ok 10:12:23.0597 2216 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 10:12:23.0602 2216 TsUsbFlt - ok 10:12:23.0606 2216 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 10:12:23.0612 2216 tunnel - ok 10:12:23.0615 2216 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 10:12:23.0620 2216 uagp35 - ok 10:12:23.0626 2216 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 10:12:23.0636 2216 udfs - ok 10:12:23.0641 2216 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 10:12:23.0647 2216 UI0Detect - ok 10:12:23.0650 2216 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 10:12:23.0655 2216 uliagpkx - ok 10:12:23.0658 2216 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 10:12:23.0663 2216 umbus - ok 10:12:23.0665 2216 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 10:12:23.0669 2216 UmPass - ok 10:12:23.0697 2216 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 10:12:23.0719 2216 UNS - ok 10:12:23.0725 2216 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 10:12:23.0733 2216 upnphost - ok 10:12:23.0737 2216 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 10:12:23.0742 2216 usbccgp - ok 10:12:23.0745 2216 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 10:12:23.0752 2216 usbcir - ok 10:12:23.0755 2216 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 10:12:23.0759 2216 usbehci - ok 10:12:23.0765 2216 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 10:12:23.0774 2216 usbhub - ok 10:12:23.0777 2216 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 10:12:23.0781 2216 usbohci - ok 10:12:23.0784 2216 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 10:12:23.0787 2216 usbprint - ok 10:12:23.0790 2216 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 10:12:23.0794 2216 usbscan - ok 10:12:23.0797 2216 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:12:23.0803 2216 USBSTOR - ok 10:12:23.0806 2216 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 10:12:23.0810 2216 usbuhci - ok 10:12:23.0813 2216 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 10:12:23.0818 2216 UxSms - ok 10:12:23.0821 2216 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 10:12:23.0821 2216 VaultSvc - ok 10:12:23.0824 2216 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 10:12:23.0827 2216 vdrvroot - ok 10:12:23.0836 2216 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 10:12:23.0847 2216 vds - ok 10:12:23.0850 2216 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 10:12:23.0854 2216 vga - ok 10:12:23.0857 2216 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 10:12:23.0860 2216 VgaSave - ok 10:12:23.0865 2216 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 10:12:23.0873 2216 vhdmp - ok 10:12:23.0876 2216 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 10:12:23.0880 2216 viaide - ok 10:12:23.0883 2216 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 10:12:23.0887 2216 volmgr - ok 10:12:23.0893 2216 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 10:12:23.0903 2216 volmgrx - ok 10:12:23.0909 2216 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 10:12:23.0917 2216 volsnap - ok 10:12:23.0922 2216 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 10:12:23.0928 2216 vsmraid - ok 10:12:23.0945 2216 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 10:12:23.0968 2216 VSS - ok 10:12:23.0971 2216 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 10:12:23.0974 2216 vwifibus - ok 10:12:23.0981 2216 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 10:12:23.0994 2216 W32Time - ok 10:12:23.0999 2216 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 10:12:24.0003 2216 WacomPen - ok 10:12:24.0006 2216 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 10:12:24.0012 2216 WANARP - ok 10:12:24.0014 2216 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 10:12:24.0015 2216 Wanarpv6 - ok 10:12:24.0031 2216 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 10:12:24.0053 2216 wbengine - ok 10:12:24.0060 2216 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 10:12:24.0067 2216 WbioSrvc - ok 10:12:24.0075 2216 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 10:12:24.0084 2216 wcncsvc - ok 10:12:24.0088 2216 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 10:12:24.0093 2216 WcsPlugInService - ok 10:12:24.0095 2216 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 10:12:24.0099 2216 Wd - ok 10:12:24.0110 2216 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 10:12:24.0123 2216 Wdf01000 - ok 10:12:24.0127 2216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 10:12:24.0132 2216 WdiServiceHost - ok 10:12:24.0134 2216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 10:12:24.0136 2216 WdiSystemHost - ok 10:12:24.0141 2216 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 10:12:24.0151 2216 WebClient - ok 10:12:24.0156 2216 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 10:12:24.0164 2216 Wecsvc - ok 10:12:24.0168 2216 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 10:12:24.0173 2216 wercplsupport - ok 10:12:24.0176 2216 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 10:12:24.0182 2216 WerSvc - ok 10:12:24.0185 2216 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 10:12:24.0187 2216 WfpLwf - ok 10:12:24.0190 2216 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 10:12:24.0194 2216 WIMMount - ok 10:12:24.0198 2216 WinDefend - ok 10:12:24.0202 2216 WinHttpAutoProxySvc - ok 10:12:24.0213 2216 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 10:12:24.0222 2216 Winmgmt - ok 10:12:24.0244 2216 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 10:12:24.0271 2216 WinRM - ok 10:12:24.0278 2216 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 10:12:24.0283 2216 WinUsb - ok 10:12:24.0294 2216 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 10:12:24.0309 2216 Wlansvc - ok 10:12:24.0334 2216 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 10:12:24.0357 2216 wlidsvc - ok 10:12:24.0361 2216 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 10:12:24.0363 2216 WmiAcpi - ok 10:12:24.0369 2216 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 10:12:24.0376 2216 wmiApSrv - ok 10:12:24.0379 2216 WMPNetworkSvc - ok 10:12:24.0382 2216 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 10:12:24.0386 2216 WPCSvc - ok 10:12:24.0389 2216 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 10:12:24.0395 2216 WPDBusEnum - ok 10:12:24.0398 2216 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 10:12:24.0401 2216 ws2ifsl - ok 10:12:24.0404 2216 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 10:12:24.0409 2216 wscsvc - ok 10:12:24.0412 2216 WSearch - ok 10:12:24.0445 2216 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 10:12:24.0469 2216 wuauserv - ok 10:12:24.0476 2216 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 10:12:24.0481 2216 WudfPf - ok 10:12:24.0486 2216 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 10:12:24.0493 2216 WUDFRd - ok 10:12:24.0496 2216 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 10:12:24.0500 2216 wudfsvc - ok 10:12:24.0505 2216 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 10:12:24.0513 2216 WwanSvc - ok 10:12:24.0515 2216 ================ Scan global =============================== 10:12:24.0518 2216 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 10:12:24.0524 2216 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 10:12:24.0534 2216 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 10:12:24.0538 2216 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 10:12:24.0545 2216 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 10:12:24.0547 2216 [Global] - ok 10:12:24.0548 2216 ================ Scan MBR ================================== 10:12:24.0549 2216 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 10:12:24.0614 2216 \Device\Harddisk0\DR0 - ok 10:12:24.0617 2216 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 10:12:24.0698 2216 \Device\Harddisk1\DR1 - ok 10:12:24.0699 2216 ================ Scan VBR ================================== 10:12:24.0702 2216 [ 711AE08453A1A2160326204565602095 ] \Device\Harddisk0\DR0\Partition1 10:12:24.0705 2216 \Device\Harddisk0\DR0\Partition1 - ok 10:12:24.0708 2216 [ 6A7D517A36DD041273BF3FB45B146C5E ] \Device\Harddisk0\DR0\Partition2 10:12:24.0710 2216 \Device\Harddisk0\DR0\Partition2 - ok 10:12:24.0710 2216 ============================================================ 10:12:24.0710 2216 Scan finished 10:12:24.0710 2216 ============================================================ 10:12:24.0719 1868 Detected object count: 0 10:12:24.0719 1868 Actual detected object count: 0 |
07.08.2013, 11:07 | #6 |
/// Malware-holic | Delta Search Toolbar Virus Hi, TDSS Killer nach Anleitung konfigurieren, Log posten. Poste dieses Log wieder gleichzeitig, mit den 3 neu angeforderten. 1. Downloade Dir bitte AdwCleaner auf deinen Desktop.
neustarten. 2. Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
neustarten. 3. Lade Hitmanpro: HitmanPro - Download - Filepony Doppelklicken, Scan klicken. Log speichern und posten, bzw als XML exportieren, packen und anhängen. Nichts löschen hitmanpro einfach schließen.
__________________ --> Delta Search Toolbar Virus |
07.08.2013, 12:40 | #7 |
| Delta Search Toolbar Virus 13:26:04.0280 2036 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 13:26:04.0847 2036 ============================================================ 13:26:04.0847 2036 Current date / time: 2013/08/07 13:26:04.0847 13:26:04.0847 2036 SystemInfo: 13:26:04.0847 2036 13:26:04.0847 2036 OS Version: 6.1.7601 ServicePack: 1.0 13:26:04.0847 2036 Product type: Workstation 13:26:04.0847 2036 ComputerName: PC 13:26:04.0848 2036 UserName: Max-Uttendorfer 13:26:04.0848 2036 Windows directory: C:\Windows 13:26:04.0848 2036 System windows directory: C:\Windows 13:26:04.0848 2036 Running under WOW64 13:26:04.0848 2036 Processor architecture: Intel x64 13:26:04.0848 2036 Number of processors: 4 13:26:04.0848 2036 Page size: 0x1000 13:26:04.0848 2036 Boot type: Normal boot 13:26:04.0848 2036 ============================================================ 13:26:05.0029 2036 Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:26:05.0039 2036 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:26:05.0045 2036 ============================================================ 13:26:05.0045 2036 \Device\Harddisk0\DR0: 13:26:05.0045 2036 MBR partitions: 13:26:05.0045 2036 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 13:26:05.0045 2036 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D800 13:26:05.0045 2036 \Device\Harddisk1\DR1: 13:26:05.0045 2036 MBR partitions: 13:26:05.0045 2036 ============================================================ 13:26:05.0047 2036 C: <-> \Device\Harddisk0\DR0\Partition2 13:26:05.0047 2036 ============================================================ 13:26:05.0047 2036 Initialize success 13:26:05.0047 2036 ============================================================ 13:26:13.0076 3512 ============================================================ 13:26:13.0076 3512 Scan started 13:26:13.0076 3512 Mode: Manual; SigCheck; TDLFS; 13:26:13.0076 3512 ============================================================ 13:26:13.0152 3512 ================ Scan system memory ======================== 13:26:13.0152 3512 System memory - ok 13:26:13.0152 3512 ================ Scan services ============================= 13:26:13.0190 3512 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 13:26:13.0230 3512 1394ohci - ok 13:26:13.0236 3512 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 13:26:13.0247 3512 ACPI - ok 13:26:13.0250 3512 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 13:26:13.0273 3512 AcpiPmi - ok 13:26:13.0279 3512 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:26:13.0286 3512 AdobeARMservice - ok 13:26:13.0313 3512 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 13:26:13.0322 3512 AdobeFlashPlayerUpdateSvc - ok 13:26:13.0330 3512 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 13:26:13.0343 3512 adp94xx - ok 13:26:13.0349 3512 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 13:26:13.0359 3512 adpahci - ok 13:26:13.0364 3512 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 13:26:13.0373 3512 adpu320 - ok 13:26:13.0378 3512 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 13:26:13.0430 3512 AeLookupSvc - ok 13:26:13.0438 3512 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 13:26:13.0452 3512 AFD - ok 13:26:13.0456 3512 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 13:26:13.0463 3512 agp440 - ok 13:26:13.0467 3512 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 13:26:13.0477 3512 ALG - ok 13:26:13.0480 3512 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 13:26:13.0486 3512 aliide - ok 13:26:13.0489 3512 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 13:26:13.0496 3512 amdide - ok 13:26:13.0500 3512 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 13:26:13.0510 3512 AmdK8 - ok 13:26:13.0514 3512 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 13:26:13.0523 3512 AmdPPM - ok 13:26:13.0527 3512 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 13:26:13.0535 3512 amdsata - ok 13:26:13.0539 3512 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 13:26:13.0548 3512 amdsbs - ok 13:26:13.0551 3512 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 13:26:13.0558 3512 amdxata - ok 13:26:13.0561 3512 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys 13:26:13.0574 3512 androidusb - ok 13:26:13.0583 3512 [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 13:26:13.0589 3512 AntiVirSchedulerService - ok 13:26:13.0593 3512 [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 13:26:13.0599 3512 AntiVirService - ok 13:26:13.0602 3512 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 13:26:13.0670 3512 AppID - ok 13:26:13.0673 3512 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 13:26:13.0699 3512 AppIDSvc - ok 13:26:13.0703 3512 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 13:26:13.0712 3512 Appinfo - ok 13:26:13.0718 3512 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 13:26:13.0726 3512 arc - ok 13:26:13.0729 3512 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 13:26:13.0737 3512 arcsas - ok 13:26:13.0740 3512 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 13:26:13.0766 3512 AsyncMac - ok 13:26:13.0769 3512 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 13:26:13.0776 3512 atapi - ok 13:26:13.0786 3512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 13:26:13.0816 3512 AudioEndpointBuilder - ok 13:26:13.0824 3512 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 13:26:13.0852 3512 AudioSrv - ok 13:26:13.0863 3512 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 13:26:13.0871 3512 avgntflt - ok 13:26:13.0874 3512 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 13:26:13.0882 3512 avipbb - ok 13:26:13.0885 3512 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 13:26:13.0892 3512 avkmgr - ok 13:26:13.0896 3512 [ 43744F1D3CDE20F3925F10927C9036C2 ] AVMCOWAN C:\Windows\system32\DRIVERS\AVMCOWAN.sys 13:26:13.0919 3512 AVMCOWAN - ok 13:26:13.0924 3512 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 13:26:13.0937 3512 AxInstSV - ok 13:26:13.0945 3512 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 13:26:13.0957 3512 b06bdrv - ok 13:26:13.0962 3512 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 13:26:13.0973 3512 b57nd60a - ok 13:26:13.0978 3512 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 13:26:13.0987 3512 BDESVC - ok 13:26:13.0990 3512 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 13:26:14.0015 3512 Beep - ok 13:26:14.0027 3512 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 13:26:14.0055 3512 BFE - ok 13:26:14.0066 3512 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll 13:26:14.0099 3512 BITS - ok 13:26:14.0101 3512 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 13:26:14.0110 3512 blbdrive - ok 13:26:14.0114 3512 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 13:26:14.0123 3512 bowser - ok 13:26:14.0126 3512 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:26:14.0137 3512 BrFiltLo - ok 13:26:14.0139 3512 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:26:14.0149 3512 BrFiltUp - ok 13:26:14.0153 3512 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 13:26:14.0179 3512 BridgeMP - ok 13:26:14.0183 3512 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 13:26:14.0193 3512 Browser - ok 13:26:14.0198 3512 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 13:26:14.0209 3512 Brserid - ok 13:26:14.0213 3512 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 13:26:14.0223 3512 BrSerWdm - ok 13:26:14.0225 3512 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 13:26:14.0236 3512 BrUsbMdm - ok 13:26:14.0239 3512 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 13:26:14.0247 3512 BrUsbSer - ok 13:26:14.0250 3512 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 13:26:14.0261 3512 BTHMODEM - ok 13:26:14.0265 3512 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 13:26:14.0290 3512 bthserv - ok 13:26:14.0293 3512 catchme - ok 13:26:14.0297 3512 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 13:26:14.0323 3512 cdfs - ok 13:26:14.0327 3512 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 13:26:14.0337 3512 cdrom - ok 13:26:14.0341 3512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 13:26:14.0366 3512 CertPropSvc - ok 13:26:14.0369 3512 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 13:26:14.0394 3512 circlass - ok 13:26:14.0400 3512 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 13:26:14.0411 3512 CLFS - ok 13:26:14.0419 3512 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:26:14.0426 3512 clr_optimization_v2.0.50727_32 - ok 13:26:14.0434 3512 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 13:26:14.0440 3512 clr_optimization_v2.0.50727_64 - ok 13:26:14.0449 3512 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:26:14.0457 3512 clr_optimization_v4.0.30319_32 - ok 13:26:14.0465 3512 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 13:26:14.0472 3512 clr_optimization_v4.0.30319_64 - ok 13:26:14.0475 3512 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 13:26:14.0483 3512 CmBatt - ok 13:26:14.0486 3512 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 13:26:14.0493 3512 cmdide - ok 13:26:14.0520 3512 [ 0367F029425CBD5506E8DB2757FF3A8F ] cmudaxp C:\Windows\system32\drivers\cmudaxp.sys 13:26:14.0551 3512 cmudaxp - ok 13:26:14.0558 3512 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 13:26:14.0574 3512 CNG - ok 13:26:14.0577 3512 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 13:26:14.0584 3512 Compbatt - ok 13:26:14.0587 3512 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 13:26:14.0601 3512 CompositeBus - ok 13:26:14.0603 3512 COMSysApp - ok 13:26:14.0607 3512 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 13:26:14.0613 3512 crcdisk - ok 13:26:14.0619 3512 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 13:26:14.0629 3512 CryptSvc - ok 13:26:14.0637 3512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 13:26:14.0665 3512 DcomLaunch - ok 13:26:14.0670 3512 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 13:26:14.0697 3512 defragsvc - ok 13:26:14.0700 3512 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 13:26:14.0724 3512 DfsC - ok 13:26:14.0730 3512 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 13:26:14.0741 3512 Dhcp - ok 13:26:14.0744 3512 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 13:26:14.0769 3512 discache - ok 13:26:14.0772 3512 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 13:26:14.0780 3512 Disk - ok 13:26:14.0784 3512 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 13:26:14.0794 3512 Dnscache - ok 13:26:14.0800 3512 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 13:26:14.0827 3512 dot3svc - ok 13:26:14.0831 3512 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 13:26:14.0856 3512 DPS - ok 13:26:14.0859 3512 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 13:26:14.0869 3512 drmkaud - ok 13:26:14.0881 3512 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 13:26:14.0899 3512 DXGKrnl - ok 13:26:14.0902 3512 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 13:26:14.0928 3512 EapHost - ok 13:26:14.0959 3512 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 13:26:14.0994 3512 ebdrv - ok 13:26:14.0997 3512 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 13:26:15.0006 3512 EFS - ok 13:26:15.0017 3512 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 13:26:15.0031 3512 ehRecvr - ok 13:26:15.0034 3512 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 13:26:15.0043 3512 ehSched - ok 13:26:15.0051 3512 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 13:26:15.0063 3512 elxstor - ok 13:26:15.0066 3512 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 13:26:15.0075 3512 ErrDev - ok 13:26:15.0079 3512 [ DF2F6C1E55F6E81CFC7F688380D85816 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys 13:26:15.0086 3512 EtronHub3 - ok 13:26:15.0089 3512 [ E093ABFB67A4B9D94F80611A7D0A8BB9 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys 13:26:15.0097 3512 EtronXHCI - ok 13:26:15.0104 3512 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 13:26:15.0132 3512 EventSystem - ok 13:26:15.0137 3512 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 13:26:15.0164 3512 exfat - ok 13:26:15.0168 3512 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 13:26:15.0194 3512 fastfat - ok 13:26:15.0203 3512 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 13:26:15.0217 3512 Fax - ok 13:26:15.0221 3512 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 13:26:15.0229 3512 fdc - ok 13:26:15.0232 3512 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 13:26:15.0257 3512 fdPHost - ok 13:26:15.0260 3512 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 13:26:15.0285 3512 FDResPub - ok 13:26:15.0288 3512 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 13:26:15.0296 3512 FileInfo - ok 13:26:15.0299 3512 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 13:26:15.0325 3512 Filetrace - ok 13:26:15.0328 3512 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 13:26:15.0337 3512 flpydisk - ok 13:26:15.0342 3512 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 13:26:15.0352 3512 FltMgr - ok 13:26:15.0364 3512 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 13:26:15.0382 3512 FontCache - ok 13:26:15.0386 3512 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:26:15.0392 3512 FontCache3.0.0.0 - ok 13:26:15.0395 3512 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 13:26:15.0403 3512 FsDepends - ok 13:26:15.0406 3512 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 13:26:15.0413 3512 Fs_Rec - ok 13:26:15.0422 3512 [ 3D0F2C8B86BCAB9A2BC5D5A725F45DCC ] FUS2BASE C:\Windows\system32\DRIVERS\fus2base.sys 13:26:15.0437 3512 FUS2BASE - ok 13:26:15.0442 3512 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 13:26:15.0453 3512 fvevol - ok 13:26:15.0457 3512 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 13:26:15.0464 3512 gagp30kx - ok 13:26:15.0473 3512 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 13:26:15.0503 3512 gpsvc - ok 13:26:15.0508 3512 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:26:15.0515 3512 gupdate - ok 13:26:15.0519 3512 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:26:15.0525 3512 gupdatem - ok 13:26:15.0530 3512 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 13:26:15.0538 3512 gusvc - ok 13:26:15.0541 3512 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 13:26:15.0549 3512 hcw85cir - ok 13:26:15.0553 3512 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 13:26:15.0564 3512 HDAudBus - ok 13:26:15.0567 3512 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 13:26:15.0576 3512 HidBatt - ok 13:26:15.0579 3512 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 13:26:15.0590 3512 HidBth - ok 13:26:15.0593 3512 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 13:26:15.0603 3512 HidIr - ok 13:26:15.0606 3512 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 13:26:15.0631 3512 hidserv - ok 13:26:15.0635 3512 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 13:26:15.0643 3512 HidUsb - ok 13:26:15.0647 3512 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 13:26:15.0672 3512 hkmsvc - ok 13:26:15.0677 3512 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 13:26:15.0687 3512 HomeGroupListener - ok 13:26:15.0692 3512 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 13:26:15.0701 3512 HomeGroupProvider - ok 13:26:15.0705 3512 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 13:26:15.0712 3512 HpSAMD - ok 13:26:15.0721 3512 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 13:26:15.0751 3512 HTTP - ok 13:26:15.0754 3512 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 13:26:15.0761 3512 hwpolicy - ok 13:26:15.0764 3512 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 13:26:15.0773 3512 i8042prt - ok 13:26:15.0781 3512 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 13:26:15.0791 3512 iaStor - ok 13:26:15.0796 3512 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 13:26:15.0802 3512 IAStorDataMgrSvc - ok 13:26:15.0808 3512 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 13:26:15.0820 3512 iaStorV - ok 13:26:15.0830 3512 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 13:26:15.0845 3512 idsvc - ok 13:26:15.0965 3512 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 13:26:16.0087 3512 igfx - ok 13:26:16.0092 3512 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 13:26:16.0099 3512 iirsp - ok 13:26:16.0109 3512 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 13:26:16.0139 3512 IKEEXT - ok 13:26:16.0143 3512 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 13:26:16.0150 3512 intelide - ok 13:26:16.0153 3512 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 13:26:16.0162 3512 intelppm - ok 13:26:16.0165 3512 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 13:26:16.0191 3512 IPBusEnum - ok 13:26:16.0195 3512 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:26:16.0220 3512 IpFilterDriver - ok 13:26:16.0228 3512 [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll 13:26:16.0243 3512 IpHlpSvc - ok 13:26:16.0252 3512 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 13:26:16.0261 3512 IPMIDRV - ok 13:26:16.0268 3512 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 13:26:16.0296 3512 IPNAT - ok 13:26:16.0299 3512 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 13:26:16.0310 3512 IRENUM - ok 13:26:16.0314 3512 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 13:26:16.0321 3512 isapnp - ok 13:26:16.0329 3512 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 13:26:16.0339 3512 iScsiPrt - ok 13:26:16.0342 3512 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 13:26:16.0349 3512 kbdclass - ok 13:26:16.0352 3512 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 13:26:16.0360 3512 kbdhid - ok 13:26:16.0363 3512 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 13:26:16.0371 3512 KeyIso - ok 13:26:16.0375 3512 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 13:26:16.0383 3512 KSecDD - ok 13:26:16.0387 3512 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 13:26:16.0395 3512 KSecPkg - ok 13:26:16.0398 3512 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 13:26:16.0423 3512 ksthunk - ok 13:26:16.0429 3512 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 13:26:16.0457 3512 KtmRm - ok 13:26:16.0463 3512 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll 13:26:16.0489 3512 LanmanServer - ok 13:26:16.0492 3512 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 13:26:16.0517 3512 LanmanWorkstation - ok 13:26:16.0522 3512 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 13:26:16.0548 3512 lltdio - ok 13:26:16.0553 3512 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 13:26:16.0581 3512 lltdsvc - ok 13:26:16.0584 3512 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 13:26:16.0609 3512 lmhosts - ok 13:26:16.0615 3512 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 13:26:16.0624 3512 LMS - ok 13:26:16.0629 3512 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 13:26:16.0637 3512 LSI_FC - ok 13:26:16.0641 3512 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 13:26:16.0649 3512 LSI_SAS - ok 13:26:16.0652 3512 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:26:16.0659 3512 LSI_SAS2 - ok 13:26:16.0663 3512 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:26:16.0671 3512 LSI_SCSI - ok 13:26:16.0674 3512 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 13:26:16.0700 3512 luafv - ok 13:26:16.0704 3512 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 13:26:16.0713 3512 Mcx2Svc - ok 13:26:16.0716 3512 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 13:26:16.0724 3512 megasas - ok 13:26:16.0729 3512 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 13:26:16.0739 3512 MegaSR - ok 13:26:16.0742 3512 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 13:26:16.0748 3512 MEIx64 - ok 13:26:16.0751 3512 [ BA7E071E855D4C502916164A31B05D4D ] MHIKEY10 C:\Windows\system32\Drivers\MHIKEY10x64.sys 13:26:16.0759 3512 MHIKEY10 - ok 13:26:16.0762 3512 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 13:26:16.0788 3512 MMCSS - ok 13:26:16.0790 3512 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 13:26:16.0815 3512 Modem - ok 13:26:16.0818 3512 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 13:26:16.0829 3512 monitor - ok 13:26:16.0832 3512 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 13:26:16.0839 3512 mouclass - ok 13:26:16.0842 3512 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 13:26:16.0851 3512 mouhid - ok 13:26:16.0854 3512 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 13:26:16.0862 3512 mountmgr - ok 13:26:16.0866 3512 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 13:26:16.0873 3512 MozillaMaintenance - ok 13:26:16.0877 3512 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 13:26:16.0886 3512 mpio - ok 13:26:16.0889 3512 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 13:26:16.0914 3512 mpsdrv - ok 13:26:16.0925 3512 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 13:26:16.0955 3512 MpsSvc - ok 13:26:16.0960 3512 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 13:26:16.0972 3512 MRxDAV - ok 13:26:16.0977 3512 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 13:26:16.0988 3512 mrxsmb - ok 13:26:16.0993 3512 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:26:17.0002 3512 mrxsmb10 - ok 13:26:17.0006 3512 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:26:17.0015 3512 mrxsmb20 - ok 13:26:17.0018 3512 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 13:26:17.0024 3512 msahci - ok 13:26:17.0029 3512 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 13:26:17.0037 3512 msdsm - ok 13:26:17.0041 3512 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 13:26:17.0051 3512 MSDTC - ok 13:26:17.0056 3512 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 13:26:17.0081 3512 Msfs - ok 13:26:17.0083 3512 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 13:26:17.0108 3512 mshidkmdf - ok 13:26:17.0111 3512 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 13:26:17.0119 3512 msisadrv - ok 13:26:17.0124 3512 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 13:26:17.0150 3512 MSiSCSI - ok 13:26:17.0152 3512 msiserver - ok 13:26:17.0155 3512 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 13:26:17.0181 3512 MSKSSRV - ok 13:26:17.0183 3512 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 13:26:17.0208 3512 MSPCLOCK - ok 13:26:17.0211 3512 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 13:26:17.0235 3512 MSPQM - ok 13:26:17.0241 3512 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 13:26:17.0252 3512 MsRPC - ok 13:26:17.0256 3512 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 13:26:17.0264 3512 mssmbios - ok 13:26:17.0267 3512 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 13:26:17.0291 3512 MSTEE - ok 13:26:17.0294 3512 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 13:26:17.0302 3512 MTConfig - ok 13:26:17.0305 3512 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 13:26:17.0312 3512 Mup - ok 13:26:17.0319 3512 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 13:26:17.0348 3512 napagent - ok 13:26:17.0354 3512 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 13:26:17.0367 3512 NativeWifiP - ok 13:26:17.0379 3512 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 13:26:17.0396 3512 NDIS - ok 13:26:17.0399 3512 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 13:26:17.0423 3512 NdisCap - ok 13:26:17.0426 3512 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 13:26:17.0451 3512 NdisTapi - ok 13:26:17.0454 3512 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 13:26:17.0479 3512 Ndisuio - ok 13:26:17.0483 3512 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 13:26:17.0509 3512 NdisWan - ok 13:26:17.0512 3512 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 13:26:17.0537 3512 NDProxy - ok 13:26:17.0540 3512 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 13:26:17.0566 3512 NetBIOS - ok 13:26:17.0571 3512 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 13:26:17.0597 3512 NetBT - ok 13:26:17.0600 3512 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 13:26:17.0608 3512 Netlogon - ok 13:26:17.0614 3512 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 13:26:17.0641 3512 Netman - ok 13:26:17.0656 3512 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 13:26:17.0688 3512 netprofm - ok 13:26:17.0694 3512 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 13:26:17.0701 3512 NetTcpPortSharing - ok 13:26:17.0708 3512 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 13:26:17.0716 3512 nfrd960 - ok 13:26:17.0726 3512 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 13:26:17.0738 3512 NlaSvc - ok 13:26:17.0748 3512 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 13:26:17.0773 3512 Npfs - ok 13:26:17.0775 3512 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 13:26:17.0801 3512 nsi - ok 13:26:17.0804 3512 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 13:26:17.0829 3512 nsiproxy - ok 13:26:17.0847 3512 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 13:26:17.0872 3512 Ntfs - ok 13:26:17.0877 3512 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 13:26:17.0901 3512 Null - ok 13:26:17.0905 3512 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 13:26:17.0914 3512 nvraid - ok 13:26:17.0918 3512 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 13:26:17.0927 3512 nvstor - ok 13:26:17.0930 3512 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 13:26:17.0938 3512 nv_agp - ok 13:26:17.0941 3512 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 13:26:17.0949 3512 ohci1394 - ok 13:26:17.0953 3512 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:26:17.0960 3512 ose - ok 13:26:17.0967 3512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 13:26:17.0980 3512 p2pimsvc - ok 13:26:17.0987 3512 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 13:26:17.0998 3512 p2psvc - ok 13:26:18.0002 3512 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 13:26:18.0010 3512 Parport - ok 13:26:18.0014 3512 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 13:26:18.0022 3512 partmgr - ok 13:26:18.0026 3512 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 13:26:18.0039 3512 PcaSvc - ok 13:26:18.0043 3512 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 13:26:18.0053 3512 pci - ok 13:26:18.0055 3512 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 13:26:18.0063 3512 pciide - ok 13:26:18.0067 3512 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 13:26:18.0076 3512 pcmcia - ok 13:26:18.0080 3512 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 13:26:18.0088 3512 pcw - ok 13:26:18.0095 3512 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 13:26:18.0125 3512 PEAUTH - ok 13:26:18.0150 3512 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 13:26:18.0159 3512 PerfHost - ok 13:26:18.0177 3512 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 13:26:18.0213 3512 pla - ok 13:26:18.0220 3512 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 13:26:18.0232 3512 PlugPlay - ok 13:26:18.0235 3512 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 13:26:18.0243 3512 PNRPAutoReg - ok 13:26:18.0248 3512 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 13:26:18.0259 3512 PNRPsvc - ok 13:26:18.0266 3512 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 13:26:18.0294 3512 PolicyAgent - ok 13:26:18.0299 3512 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 13:26:18.0326 3512 Power - ok 13:26:18.0330 3512 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 13:26:18.0355 3512 PptpMiniport - ok 13:26:18.0359 3512 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 13:26:18.0368 3512 Processor - ok 13:26:18.0373 3512 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 13:26:18.0383 3512 ProfSvc - ok 13:26:18.0386 3512 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 13:26:18.0394 3512 ProtectedStorage - ok 13:26:18.0398 3512 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 13:26:18.0423 3512 Psched - ok 13:26:18.0439 3512 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 13:26:18.0462 3512 ql2300 - ok 13:26:18.0466 3512 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 13:26:18.0474 3512 ql40xx - ok 13:26:18.0479 3512 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 13:26:18.0493 3512 QWAVE - ok 13:26:18.0496 3512 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 13:26:18.0508 3512 QWAVEdrv - ok 13:26:18.0510 3512 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 13:26:18.0535 3512 RasAcd - ok 13:26:18.0538 3512 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 13:26:18.0562 3512 RasAgileVpn - ok 13:26:18.0566 3512 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 13:26:18.0592 3512 RasAuto - ok 13:26:18.0596 3512 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 13:26:18.0621 3512 Rasl2tp - ok 13:26:18.0626 3512 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 13:26:18.0653 3512 RasMan - ok 13:26:18.0657 3512 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 13:26:18.0683 3512 RasPppoe - ok 13:26:18.0686 3512 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 13:26:18.0711 3512 RasSstp - ok 13:26:18.0717 3512 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 13:26:18.0743 3512 rdbss - ok 13:26:18.0746 3512 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 13:26:18.0757 3512 rdpbus - ok 13:26:18.0759 3512 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 13:26:18.0783 3512 RDPCDD - ok 13:26:18.0787 3512 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 13:26:18.0813 3512 RDPENCDD - ok 13:26:18.0816 3512 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 13:26:18.0841 3512 RDPREFMP - ok 13:26:18.0846 3512 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 13:26:18.0856 3512 RDPWD - ok 13:26:18.0860 3512 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 13:26:18.0870 3512 rdyboost - ok 13:26:18.0873 3512 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 13:26:18.0900 3512 RemoteAccess - ok 13:26:18.0904 3512 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 13:26:18.0930 3512 RemoteRegistry - ok 13:26:18.0934 3512 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 13:26:18.0959 3512 RpcEptMapper - ok 13:26:18.0962 3512 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 13:26:18.0971 3512 RpcLocator - ok 13:26:18.0978 3512 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 13:26:19.0008 3512 RpcSs - ok 13:26:19.0011 3512 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 13:26:19.0037 3512 rspndr - ok 13:26:19.0043 3512 [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 13:26:19.0053 3512 RTL8167 - ok 13:26:19.0056 3512 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 13:26:19.0064 3512 SamSs - ok 13:26:19.0068 3512 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 13:26:19.0075 3512 sbp2port - ok 13:26:19.0080 3512 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 13:26:19.0106 3512 SCardSvr - ok 13:26:19.0109 3512 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 13:26:19.0133 3512 scfilter - ok 13:26:19.0145 3512 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 13:26:19.0178 3512 Schedule - ok 13:26:19.0182 3512 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 13:26:19.0207 3512 SCPolicySvc - ok 13:26:19.0211 3512 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 13:26:19.0221 3512 SDRSVC - ok 13:26:19.0224 3512 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 13:26:19.0249 3512 secdrv - ok 13:26:19.0252 3512 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 13:26:19.0277 3512 seclogon - ok 13:26:19.0280 3512 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 13:26:19.0306 3512 SENS - ok 13:26:19.0309 3512 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 13:26:19.0317 3512 SensrSvc - ok 13:26:19.0320 3512 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 13:26:19.0328 3512 Serenum - ok 13:26:19.0332 3512 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 13:26:19.0340 3512 Serial - ok 13:26:19.0344 3512 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 13:26:19.0352 3512 sermouse - ok 13:26:19.0358 3512 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 13:26:19.0384 3512 SessionEnv - ok 13:26:19.0386 3512 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 13:26:19.0394 3512 sffdisk - ok 13:26:19.0397 3512 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 13:26:19.0405 3512 sffp_mmc - ok 13:26:19.0407 3512 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 13:26:19.0417 3512 sffp_sd - ok 13:26:19.0420 3512 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 13:26:19.0428 3512 sfloppy - ok 13:26:19.0435 3512 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 13:26:19.0462 3512 SharedAccess - ok 13:26:19.0468 3512 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 13:26:19.0496 3512 ShellHWDetection - ok 13:26:19.0499 3512 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:26:19.0506 3512 SiSRaid2 - ok 13:26:19.0509 3512 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 13:26:19.0517 3512 SiSRaid4 - ok 13:26:19.0521 3512 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 13:26:19.0547 3512 Smb - ok 13:26:19.0552 3512 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 13:26:19.0561 3512 SNMPTRAP - ok 13:26:19.0564 3512 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 13:26:19.0571 3512 spldr - ok 13:26:19.0579 3512 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 13:26:19.0592 3512 Spooler - ok 13:26:19.0624 3512 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 13:26:19.0676 3512 sppsvc - ok 13:26:19.0681 3512 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 13:26:19.0706 3512 sppuinotify - ok 13:26:19.0713 3512 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 13:26:19.0726 3512 srv - ok 13:26:19.0733 3512 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 13:26:19.0744 3512 srv2 - ok 13:26:19.0748 3512 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 13:26:19.0758 3512 srvnet - ok 13:26:19.0763 3512 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys 13:26:19.0774 3512 ssadbus - ok 13:26:19.0777 3512 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys 13:26:19.0786 3512 ssadmdfl - ok 13:26:19.0790 3512 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys 13:26:19.0800 3512 ssadmdm - ok 13:26:19.0805 3512 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys 13:26:19.0814 3512 ssadserd - ok 13:26:19.0818 3512 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 13:26:19.0845 3512 SSDPSRV - ok 13:26:19.0849 3512 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 13:26:19.0874 3512 SstpSvc - ok 13:26:19.0884 3512 [ 98CC6BDCB5F593394CE2000EC454AEE4 ] StarMoney 8.0 OnlineUpdate C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe 13:26:19.0898 3512 StarMoney 8.0 OnlineUpdate - ok 13:26:19.0901 3512 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 13:26:19.0909 3512 stexstor - ok 13:26:19.0917 3512 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 13:26:19.0933 3512 stisvc - ok 13:26:19.0936 3512 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 13:26:19.0943 3512 swenum - ok 13:26:19.0950 3512 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 13:26:19.0979 3512 swprv - ok 13:26:19.0997 3512 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 13:26:20.0023 3512 SysMain - ok 13:26:20.0027 3512 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 13:26:20.0040 3512 TabletInputService - ok 13:26:20.0046 3512 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 13:26:20.0073 3512 TapiSrv - ok 13:26:20.0077 3512 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 13:26:20.0103 3512 TBS - ok 13:26:20.0122 3512 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 13:26:20.0151 3512 Tcpip - ok 13:26:20.0170 3512 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 13:26:20.0199 3512 TCPIP6 - ok 13:26:20.0203 3512 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 13:26:20.0212 3512 tcpipreg - ok 13:26:20.0216 3512 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 13:26:20.0224 3512 TDPIPE - ok 13:26:20.0227 3512 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 13:26:20.0235 3512 TDTCP - ok 13:26:20.0239 3512 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 13:26:20.0264 3512 tdx - ok 13:26:20.0267 3512 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 13:26:20.0274 3512 TermDD - ok 13:26:20.0283 3512 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 13:26:20.0312 3512 TermService - ok 13:26:20.0315 3512 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 13:26:20.0327 3512 Themes - ok 13:26:20.0330 3512 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 13:26:20.0355 3512 THREADORDER - ok 13:26:20.0359 3512 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 13:26:20.0385 3512 TrkWks - ok 13:26:20.0390 3512 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 13:26:20.0415 3512 TrustedInstaller - ok 13:26:20.0420 3512 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 13:26:20.0444 3512 tssecsrv - ok 13:26:20.0448 3512 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 13:26:20.0456 3512 TsUsbFlt - ok 13:26:20.0460 3512 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 13:26:20.0485 3512 tunnel - ok 13:26:20.0488 3512 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 13:26:20.0495 3512 uagp35 - ok 13:26:20.0501 3512 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 13:26:20.0527 3512 udfs - ok 13:26:20.0532 3512 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 13:26:20.0542 3512 UI0Detect - ok 13:26:20.0545 3512 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 13:26:20.0552 3512 uliagpkx - ok 13:26:20.0555 3512 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 13:26:20.0564 3512 umbus - ok 13:26:20.0567 3512 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 13:26:20.0575 3512 UmPass - ok 13:26:20.0601 3512 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 13:26:20.0636 3512 UNS - ok 13:26:20.0643 3512 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 13:26:20.0670 3512 upnphost - ok 13:26:20.0674 3512 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 13:26:20.0683 3512 usbccgp - ok 13:26:20.0686 3512 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 13:26:20.0697 3512 usbcir - ok 13:26:20.0700 3512 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 13:26:20.0708 3512 usbehci - ok 13:26:20.0714 3512 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 13:26:20.0725 3512 usbhub - ok 13:26:20.0728 3512 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 13:26:20.0735 3512 usbohci - ok 13:26:20.0738 3512 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 13:26:20.0749 3512 usbprint - ok 13:26:20.0752 3512 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 13:26:20.0762 3512 usbscan - ok 13:26:20.0765 3512 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:26:20.0775 3512 USBSTOR - ok 13:26:20.0778 3512 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 13:26:20.0786 3512 usbuhci - ok 13:26:20.0789 3512 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 13:26:20.0814 3512 UxSms - ok 13:26:20.0817 3512 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 13:26:20.0825 3512 VaultSvc - ok 13:26:20.0828 3512 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 13:26:20.0835 3512 vdrvroot - ok 13:26:20.0843 3512 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 13:26:20.0870 3512 vds - ok 13:26:20.0873 3512 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 13:26:20.0883 3512 vga - ok 13:26:20.0885 3512 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 13:26:20.0910 3512 VgaSave - ok 13:26:20.0915 3512 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 13:26:20.0924 3512 vhdmp - ok 13:26:20.0927 3512 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 13:26:20.0934 3512 viaide - ok 13:26:20.0937 3512 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 13:26:20.0945 3512 volmgr - ok 13:26:20.0951 3512 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 13:26:20.0961 3512 volmgrx - ok 13:26:20.0967 3512 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 13:26:20.0977 3512 volsnap - ok 13:26:20.0982 3512 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 13:26:20.0991 3512 vsmraid - ok 13:26:21.0008 3512 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 13:26:21.0045 3512 VSS - ok 13:26:21.0048 3512 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 13:26:21.0058 3512 vwifibus - ok 13:26:21.0064 3512 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 13:26:21.0092 3512 W32Time - ok 13:26:21.0099 3512 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 13:26:21.0108 3512 WacomPen - ok 13:26:21.0111 3512 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 13:26:21.0136 3512 WANARP - ok 13:26:21.0138 3512 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 13:26:21.0163 3512 Wanarpv6 - ok 13:26:21.0178 3512 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 13:26:21.0199 3512 wbengine - ok 13:26:21.0204 3512 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 13:26:21.0217 3512 WbioSrvc - ok 13:26:21.0223 3512 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 13:26:21.0237 3512 wcncsvc - ok 13:26:21.0240 3512 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 13:26:21.0248 3512 WcsPlugInService - ok 13:26:21.0251 3512 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 13:26:21.0258 3512 Wd - ok 13:26:21.0268 3512 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 13:26:21.0284 3512 Wdf01000 - ok 13:26:21.0288 3512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 13:26:21.0303 3512 WdiServiceHost - ok 13:26:21.0305 3512 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 13:26:21.0318 3512 WdiSystemHost - ok 13:26:21.0323 3512 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 13:26:21.0337 3512 WebClient - ok 13:26:21.0342 3512 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 13:26:21.0370 3512 Wecsvc - ok 13:26:21.0373 3512 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 13:26:21.0399 3512 wercplsupport - ok 13:26:21.0402 3512 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 13:26:21.0427 3512 WerSvc - ok 13:26:21.0431 3512 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 13:26:21.0456 3512 WfpLwf - ok 13:26:21.0458 3512 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 13:26:21.0465 3512 WIMMount - ok 13:26:21.0469 3512 WinDefend - ok 13:26:21.0472 3512 WinHttpAutoProxySvc - ok 13:26:21.0483 3512 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 13:26:21.0509 3512 Winmgmt - ok 13:26:21.0530 3512 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 13:26:21.0571 3512 WinRM - ok 13:26:21.0577 3512 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 13:26:21.0587 3512 WinUsb - ok 13:26:21.0598 3512 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 13:26:21.0616 3512 Wlansvc - ok 13:26:21.0640 3512 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 13:26:21.0673 3512 wlidsvc - ok 13:26:21.0676 3512 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 13:26:21.0685 3512 WmiAcpi - ok 13:26:21.0691 3512 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 13:26:21.0701 3512 wmiApSrv - ok 13:26:21.0703 3512 WMPNetworkSvc - ok 13:26:21.0707 3512 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 13:26:21.0715 3512 WPCSvc - ok 13:26:21.0719 3512 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 13:26:21.0729 3512 WPDBusEnum - ok 13:26:21.0732 3512 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 13:26:21.0756 3512 ws2ifsl - ok 13:26:21.0760 3512 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 13:26:21.0772 3512 wscsvc - ok 13:26:21.0774 3512 WSearch - ok 13:26:21.0801 3512 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 13:26:21.0837 3512 wuauserv - ok 13:26:21.0840 3512 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 13:26:21.0849 3512 WudfPf - ok 13:26:21.0854 3512 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 13:26:21.0864 3512 WUDFRd - ok 13:26:21.0868 3512 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 13:26:21.0877 3512 wudfsvc - ok 13:26:21.0882 3512 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 13:26:21.0893 3512 WwanSvc - ok 13:26:21.0896 3512 ================ Scan global =============================== 13:26:21.0898 3512 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 13:26:21.0903 3512 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 13:26:21.0908 3512 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 13:26:21.0911 3512 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 13:26:21.0917 3512 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 13:26:21.0920 3512 [Global] - ok 13:26:21.0920 3512 ================ Scan MBR ================================== 13:26:21.0922 3512 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 13:26:22.0003 3512 \Device\Harddisk0\DR0 - ok 13:26:22.0005 3512 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 13:26:22.0133 3512 \Device\Harddisk1\DR1 - ok 13:26:22.0133 3512 ================ Scan VBR ================================== 13:26:22.0136 3512 [ 711AE08453A1A2160326204565602095 ] \Device\Harddisk0\DR0\Partition1 13:26:22.0138 3512 \Device\Harddisk0\DR0\Partition1 - ok 13:26:22.0142 3512 [ 6A7D517A36DD041273BF3FB45B146C5E ] \Device\Harddisk0\DR0\Partition2 13:26:22.0144 3512 \Device\Harddisk0\DR0\Partition2 - ok 13:26:22.0144 3512 ============================================================ 13:26:22.0145 3512 Scan finished 13:26:22.0145 3512 ============================================================ 13:26:22.0156 3248 Detected object count: 0 13:26:22.0156 3248 Actual detected object count: 0 13:28:06.0748 4052 Deinitialize successAdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.306 - Datei am 07/08/2013 um 13:29:34 erstellt # Aktualisiert am 19/07/2013 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : Max-Uttendorfer - PC # Bootmodus : Normal # Ausgeführt unter : C:\Users\Max-Uttendorfer\Downloads\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gelöscht : C:\Users\Max-Uttendorfer\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data Datei Gelöscht : C:\Users\Max-Uttendorfer\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences Datei Gelöscht : C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\bprotector_extensions.sqlite Datei Gelöscht : C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\bprotector_prefs.js Datei Gelöscht : C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\searchplugins\Babylon.xml Ordner Gelöscht : C:\Program Files (x86)\Conduit Ordner Gelöscht : C:\Program Files (x86)\delta Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com Ordner Gelöscht : C:\ProgramData\Ask Ordner Gelöscht : C:\ProgramData\Babylon Ordner Gelöscht : C:\ProgramData\BrowserDefender Ordner Gelöscht : C:\Users\Max-Uttendorfer\AppData\Local\Conduit Ordner Gelöscht : C:\Users\Max-Uttendorfer\AppData\Local\OpenCandy Ordner Gelöscht : C:\Users\Max-Uttendorfer\AppData\LocalLow\Conduit Ordner Gelöscht : C:\Users\Max-Uttendorfer\AppData\LocalLow\PriceGong Ordner Gelöscht : C:\Users\Max-Uttendorfer\AppData\Roaming\delta Ordner Gelöscht : C:\Users\Max-Uttendorfer\AppData\Roaming\dvdvideosoftiehelpers Ordner Gelöscht : C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender Ordner Gelöscht : C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\extensions\ffxtlbr@delta.com Ordner Gelöscht : C:\Users\Max-Uttendorfer\AppData\Roaming\OpenCandy ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar Schlüssel Gelöscht : HKCU\Software\BabSolution Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar Schlüssel Gelöscht : HKCU\Software\Delta Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Schlüssel Gelöscht : HKCU\Software\5c55dedde735e547 Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3196716 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3242337 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Schlüssel Gelöscht : HKLM\Software\Conduit Schlüssel Gelöscht : HKLM\Software\DataMngr Schlüssel Gelöscht : HKLM\Software\Delta Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5c55dedde735e547 Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] ***** [Internet Browser] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Die Registrierungsdatenbank ist sauber. -\\ Mozilla Firefox v22.0 (de) Datei : C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\prefs.js C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\user.js ... Gelöscht ! Gelöscht : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=7C04002522A6F805&[...] Gelöscht : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=7C04002522A[...] Gelöscht : user_pref("extensions.delta.admin", false); Gelöscht : user_pref("extensions.delta.aflt", "babsst"); Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Gelöscht : user_pref("extensions.delta.autoRvrt", "false"); Gelöscht : user_pref("extensions.delta.dfltLng", "de"); Gelöscht : user_pref("extensions.delta.excTlbr", false); Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true); Gelöscht : user_pref("extensions.delta.id", "7c04c996000000000000002522a6f805"); Gelöscht : user_pref("extensions.delta.instlDay", "15916"); Gelöscht : user_pref("extensions.delta.instlRef", "sst"); Gelöscht : user_pref("extensions.delta.newTab", false); Gelöscht : user_pref("extensions.delta.prdct", "delta"); Gelöscht : user_pref("extensions.delta.prtnrId", "delta"); Gelöscht : user_pref("extensions.delta.rvrt", "false"); Gelöscht : user_pref("extensions.delta.smplGrp", "none"); Gelöscht : user_pref("extensions.delta.tlbrId", "base"); Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", ""); Gelöscht : user_pref("extensions.delta.vrsn", "1.8.22.0"); Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.22.09:45:43"); Gelöscht : user_pref("extensions.delta.vrsni", "1.8.22.0"); Gelöscht : user_pref("extensions.delta_i.babExt", ""); Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121564&tt=290713_190&tsp=4959"); Gelöscht : user_pref("extensions.delta_i.srcExt", "ss"); -\\ Google Chrome v28.0.1500.95 Datei : C:\Users\Max-Uttendorfer\AppData\Local\Google\Chrome\User Data\Default\Preferences Gelöscht [l.2078] : homepage = "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=7C04002522A6F805&affID=121564&tt=2[...] Gelöscht [l.2252] : urls_to_restore_on_startup = [ "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=7C04002522A[...] ************************* AdwCleaner[S1].txt - [9970 octets] - [07/08/2013 13:29:34] ########## EOF - C:\AdwCleaner[S1].txt - [10030 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.3.4 (08.06.2013:1) OS: Windows 7 Home Premium x64 Ran by Max-Uttendorfer on 07.08.2013 at 13:32:01,10 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BC5FDCDD-B0B1-4AD6-BB3D-28CCDB587D79} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Max-Uttendorfer\AppData\Roaming\systweak" Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{0AAA3377-E31E-4B43-A5BA-6AF51B201ABA} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{0B957C6E-B2A8-44FB-872C-633F2D50ACB6} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{0EA68A91-BED2-48AB-A80C-03FDBBAAFC6D} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{14ACBC78-CC7C-4589-8AE5-15F67F557BF2} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{1779C5F8-722D-4C11-9E7E-E2BDDB0368AF} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{17D840FE-63F9-46D9-9899-F06CCE0ED821} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{240F0C3D-81CE-411D-B203-48EC5EE657B7} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{250ED602-2793-4A3A-AF2E-3D0B75E2D9F6} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{271B4ECC-D357-41BB-A9BC-39102B30E589} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{2951FBB0-CDB0-4ACD-AA68-5FF2BC739A1D} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{41F19692-B31D-4C07-A33E-D23A0998F671} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{4224FB34-7BA8-474D-843E-E9AD614F1E3E} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{45B0D0D5-94C8-4D6C-9316-FA94BD5E142B} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{4A3BB289-5049-4E16-A726-8B7AE92591A0} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{4AD656CC-E7D3-434A-9CA0-48715835430E} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{515F7248-6EA4-4F9E-A10C-F3054EC52023} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{552473FF-1F0A-4043-88DA-E117663190CB} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{64410ABA-08D5-4933-AB15-FB6ABCF8AF3C} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{84381F36-FD36-4B70-BBC2-081918AE4EF8} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{89707F1E-3707-4304-930D-EEC8A3F908F0} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{9BBD2123-6370-4B8B-9D0C-4C00DFA7CECA} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{A06E201F-CA2C-4179-BBD3-4F8C5C9B4B77} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{B6E45353-431C-4ED3-AAF1-8FB8260AE342} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{BEABB6D8-883E-4218-A347-474C1018C5AF} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{C136C8F7-2FE6-4231-957F-0BEBFA0F2794} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{C2727EB4-67D1-49DD-B76C-7FBA90195C58} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{C5D598F8-C8B1-4C9D-9FA5-60F8180F1245} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{C83C22FD-16C5-4AC0-904E-B45F1956B4A5} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{CBFF539E-205C-47F4-A8E5-EA8EBF2BB616} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{D644D517-0359-4540-B511-72810F1D769F} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{D7BD4460-33A0-4351-9351-C66057F95586} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{E16F56F4-E0FC-49BF-B63D-3CFCCE918EFA} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{E3FCF6E0-BE51-42D2-B82A-F414B1B58A7D} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{E830695D-CC67-4C62-B160-77610ECCDBE4} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{EAA82B73-1930-4561-B1BB-2FC5AC89C87C} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{EC253F94-A64D-4761-90B6-42C2B10ABFDB} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{EDA06EA2-02C6-469A-982D-6B8E54F5BC5F} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{F0095B25-8134-42E1-B444-638983C19F4E} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{F2F9D9C7-72A6-42E1-BE4E-D8AD47CB8D45} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{F3DD29B6-5E91-4354-92C3-474F9A426A8D} Successfully deleted: [Empty Folder] C:\Users\Max-Uttendorfer\appdata\local\{F7359C0E-E2D5-4A02-BD7F-9BCEBB5D3EBC} ~~~ FireFox Emptied folder: C:\Users\Max-Uttendorfer\AppData\Roaming\mozilla\firefox\profiles\24s0b13i.default-1368358248882\minidumps [75 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 07.08.2013 at 13:34:22,60 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter HitmanPro 3.7.7.203 www.hitmanpro.com Computer name . . . . : PC Windows . . . . . . . : 6.1.1.7601.X64/4 User name . . . . . . : PC\Max-Uttendorfer UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2013-08-07 13:36:05 Scan mode . . . . . . : Normal Scan duration . . . . : 1m 5s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 1480 Objects scanned . . . : 2.103.481 Files scanned . . . . : 29.204 Remnants scanned . . : 729.795 files / 1.344.482 keys Potential Unwanted Programs _________________________________________________ HKU\S-1-5-21-3038766165-3120518270-3538088492-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro) HKU\S-1-5-21-3038766165-3120518270-3538088492-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro) Cookies _____________________________________________________________________ C:\Users\Max-Uttendorfer\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com C:\Users\Max-Uttendorfer\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\Max-Uttendorfer\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\0O8IMZFN.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\0RE1D9QT.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\0Z58ZRYM.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\10CMCRSH.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\13UP8J1V.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\1CKNKBHX.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\1IPNNM0Y.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\1KDOI2YZ.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\1ST6EXBP.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\24YUJXCF.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\2ACNKCD0.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\2DVL0I20.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\2G36BVJN.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\2JHV8E2W.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\2XG577RN.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\3024WP91.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\3BN89BFA.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\3E2UF5LM.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\3OMVJBGY.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\453UHLH6.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\4A3YR7G1.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\4O6RIY8D.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\4UBUEC5R.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\4XTGDBFW.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\4ZHGGTBM.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\53730TX1.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\5EV4BUAF.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\5G3UX9EM.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\5NAVHKNN.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\5ND5I3YN.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\5SW1KQE0.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\5YKECOK5.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\60MDP182.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\6A5PMPVA.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\6CQLIEZG.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\6DYD3V52.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\7GF2TBS3.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\8ESQSFDQ.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\96GE6UYC.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\9BJ6EGUH.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\9N4IIP5W.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\AFX0XIZY.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\AIQP9FQM.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\AIZQLNFT.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\AN43L0VL.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\AP3GVWJQ.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\AR34VK79.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\AROL3PUA.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\B0W8ONBS.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\B8QOKROE.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\B934OCMW.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\BRPN7MDD.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\BUV5E76U.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\C1MX6MGS.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\C4NUQKYP.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\CC7P4WP4.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\CE35ZV8A.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\D8LZHJGT.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\D9EFG1D6.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\DDYF4XP6.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\DKI12BN9.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\DL3Q7T8L.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\DMW4Z6DY.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\E7XZGKAJ.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\ENOO7AQL.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\F0HZ0WLL.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\F1WP85YT.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\F8HZXFD8.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\FI5262IN.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\GHW0PE44.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\GN5WI9OD.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\GZ5OYTBD.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\H38E74R6.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\HZK4NROX.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\ICGNV013.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\IGCP7SIW.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\IVBK35WO.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\IWFSN2GD.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\IWZUHSCM.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\JWYO9GPG.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\K0C1Q4MN.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\K7XKE3QX.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\KCYK99NR.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\KIN92GRG.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\KNS09ANM.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\KUA5BVD8.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\L5DWKYT6.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\LDCRFOZG.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\LETMHAVW.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\LPHCHU1D.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\LTJV140Q.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\M1CI42T1.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\MCHAT510.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\MFH2JWOU.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\MHFCV1KE.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\MPTIP3EF.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\MW5UM6UV.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\MXAU8WRC.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\NCVGLO2D.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\NEQ1EN0K.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\NH9790FH.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\NI37JD7L.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\NTNEX2I6.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\NWKE7PJG.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\OA4ZBDKB.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\OV1JEN3Q.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\OXWP0056.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\OYU1YVQY.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\P1DKW6WA.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\PLZAEPJ7.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\PRFQDEOT.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\PSGZPNOD.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\PUMIW00A.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\Q301DKIV.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\QDME8VOD.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\QSVGR231.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\QT7V12C1.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\QVPEXUCW.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\QZBGB8IX.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\RD0IEGJY.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\RFXV0B25.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\RMQHHCMU.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\RUQFWAUV.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\SH25EKVJ.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\T3O7D7HL.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\T549D4EN.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\T67ZDYCK.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\T7EKMMN7.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\TF2H5L27.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\TKP5EB43.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\TO55YSP2.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\TTH8AHYC.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\TZZ1LY85.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\U4MWM2AX.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\U7KIHUHA.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\UEW6VRIY.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\UQD2M7X5.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\UUP8T3YD.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\UWDJ195U.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\UZUT1RSD.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\V0VNXJPX.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\V7SGZAXD.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\VKNLBQ78.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\W2H3IPSK.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\W2UIHUE5.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\WJQA7KKS.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\WKV1JLWM.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\X6HPRTUO.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\X9MZLD7T.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\XRZ5ZHQ4.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\XZDMFAU2.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\Y8DHHOJW.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\YL1CC30V.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\YUXGS53R.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\YVV3LUUJ.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\Z4BQ2XJ2.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\Z9KVR6RN.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Cookies\ZDWG99Z5.txt C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ad.ad-srv.net C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ad.dyntracker.de C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ad.movad.net C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ad.yieldmanager.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ad.zanox.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ads.creative-serving.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ads.p161.net C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ads.semigator.de C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:advertising.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:apmebf.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:atdmt.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:bs.serving-sys.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:c.atdmt.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:c1.atdmt.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:casalemedia.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:doubleclick.net C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:eas.apm.emediate.eu C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:invitemedia.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:media6degrees.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:mediaplex.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:oracle.112.2o7.net C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:paypal.112.2o7.net C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:pool-eu-ie.creative-serving.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:revsci.net C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ru4.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:serving-sys.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:smartadserver.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:stats.paypal.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:track.adform.net C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:tradedoubler.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:ww251.smartadserver.com C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default-1368358248882\cookies.sqlite:www.googleadservices.com |
07.08.2013, 12:43 | #8 |
/// Malware-holic | Delta Search Toolbar Virus Hi, bitte alle Browser schließen, Hitmanpro Funde löschen. Neustart, neues frst Log
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
07.08.2013, 12:51 | #9 |
| Delta Search Toolbar Virus FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-08-2013 Ran by Max-Uttendorfer (administrator) on 07-08-2013 13:52:08 Running from C:\Users\Max-Uttendorfer\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe () C:\Windows\SysWOW64\HsMgr.exe () C:\Windows\system\HsMgr64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (CMedia) C:\Program Files\ASUS Xonar D1 Audio\Customapp\ASUSAUDIOCENTER.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Farbar) C:\Users\Max-Uttendorfer\Downloads\FRST64(1).exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Cmaudio8788] - C:\Windows\Syswow64\cmicnfgp.dll [8769536 2011-05-12] (C-Media Corporation) HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-09-03] (Google Inc.) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) Startup: C:\Users\Max-Uttendorfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series.lnk ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4620 series.lnk -> C:\Program Files\HP\HP Officejet 4620 series\bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) DPF: HKLM-x32 {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab Handler: msdaipp - No CLSID Value - Handler-x32: msdaipp - No CLSID Value - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Max-Uttendorfer\AppData\Roaming\Mozilla\Firefox\Profiles\24s0b13i.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} Chrome: ======= CHR DefaultSearchURL: (Delta Search) - hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=7C04002522A6F805&affID=121564&tt=290713_190&tsp=4959 CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG) R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-28] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-28] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-28] (Avira Operations GmbH & Co. KG) R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH) R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc) S3 FUS2BASE; C:\Windows\System32\DRIVERS\fus2base.sys [696832 2009-06-10] (AVM Berlin) S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader) S3 catchme; \??\C:\ComboFix\catchme.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-07 13:38 - 2013-08-07 13:38 - 00037984 _____ C:\Users\Max-Uttendorfer\Downloads\HitmanPro_20130807_1338.log 2013-08-07 13:35 - 2013-08-07 13:38 - 00000000 ____D C:\ProgramData\HitmanPro 2013-08-07 13:34 - 2013-08-07 13:34 - 00005780 _____ C:\Users\Max-Uttendorfer\Desktop\JRT.txt 2013-08-07 13:32 - 2013-08-07 13:32 - 00000000 ____D C:\Windows\ERUNT 2013-08-07 13:29 - 2013-08-07 13:29 - 00010070 _____ C:\AdwCleaner[S1].txt 2013-08-07 13:28 - 2013-08-07 13:29 - 09853928 _____ (SurfRight B.V.) C:\Users\Max-Uttendorfer\Downloads\HitmanPro_x64.exe 2013-08-07 13:28 - 2013-08-07 13:28 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\Max-Uttendorfer\Downloads\JRT.exe 2013-08-07 13:27 - 2013-08-07 13:27 - 00666633 _____ C:\Users\Max-Uttendorfer\Downloads\adwcleaner.exe 2013-08-07 10:11 - 2013-08-07 10:12 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Max-Uttendorfer\Downloads\tdsskiller.exe 2013-08-06 18:00 - 2013-08-06 18:00 - 00017979 _____ C:\ComboFix.txt 2013-08-06 17:49 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-08-06 17:49 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-08-06 17:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-08-06 17:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-08-06 17:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-08-06 17:49 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-08-06 17:49 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-08-06 17:49 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-08-06 17:47 - 2013-08-06 18:00 - 00000000 ____D C:\Windows\erdnt 2013-08-06 17:47 - 2013-08-06 18:00 - 00000000 ____D C:\Qoobox 2013-08-06 17:46 - 2013-08-06 17:46 - 05100695 ____R (Swearware) C:\Users\Max-Uttendorfer\Downloads\ComboFix.exe 2013-08-06 17:43 - 2013-08-06 17:43 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2013-08-06 17:43 - 2013-08-06 17:43 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2013-08-06 17:43 - 2013-08-06 17:43 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-08-06 17:43 - 2013-08-06 17:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-08-06 17:43 - 2013-08-06 17:43 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-08-06 17:43 - 2013-08-06 17:43 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-08-06 17:43 - 2013-08-06 17:43 - 00000000 ____D C:\Program Files\Java 2013-08-06 17:42 - 2013-08-06 17:43 - 33150376 _____ (Oracle Corporation) C:\Users\Max-Uttendorfer\Downloads\jre-7u25-windows-x64.exe 2013-08-06 17:35 - 2013-08-06 17:35 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-08-06 17:35 - 2013-08-06 17:35 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-08-06 16:58 - 2013-08-06 16:59 - 00023205 _____ C:\Users\Max-Uttendorfer\Downloads\Addition.txt 2013-08-06 16:58 - 2013-08-06 16:58 - 00000000 ____D C:\FRST 2013-08-06 16:57 - 2013-08-06 16:57 - 01788685 _____ (Farbar) C:\Users\Max-Uttendorfer\Downloads\FRST64.exe 2013-08-06 10:38 - 2013-08-06 10:38 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\Malwarebytes 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-06 10:38 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-06 10:35 - 2013-08-06 10:36 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max-Uttendorfer\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-06 09:30 - 2013-08-07 09:50 - 00000000 ____D C:\Users\Max-Uttendorfer\Desktop\Wohnanlage 2013-08-05 22:17 - 2013-08-05 22:17 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-08-05 22:17 - 2013-08-05 22:17 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-08-05 21:11 - 2013-08-05 21:12 - 00000000 ____D C:\Windows\system32\MRT 2013-07-30 09:45 - 2013-07-30 09:45 - 00001402 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2013-07-30 09:43 - 2013-07-30 09:43 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Max-Uttendorfer\Downloads\FreeYouTubeToMP3Converter-3.12.9.725.exe 2013-07-30 06:50 - 2013-07-30 06:50 - 01067192 _____ (Solid State Networks) C:\Users\Max-Uttendorfer\Downloads\install_flashplayer11x32axau_mssa_aaa_aih.exe 2013-07-28 10:07 - 2013-07-28 10:07 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Max-Uttendorfer\Downloads\FreeYouTubeToMP3Converter.exe 2013-07-28 07:34 - 2013-07-29 06:55 - 00000000 ____D C:\Users\Max-Uttendorfer\Desktop\Treindl 2013-07-12 14:56 - 2013-07-12 14:56 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo (3).lnk 2013-07-12 14:56 - 2013-07-12 14:56 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo (2).lnk 2013-07-12 14:54 - 2013-07-12 14:54 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\Hausmeisterarbeit 2013-07-12 14:54 - 2013-07-12 14:54 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo.lnk 2013-07-12 09:10 - 2013-07-12 09:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7eced48d6485.job 2013-07-11 01:14 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-07-11 01:14 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-07-11 01:14 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-07-11 01:14 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-07-11 01:14 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-07-11 01:14 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-07-11 01:14 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-07-11 01:14 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-07-11 01:14 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-07-11 01:14 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-07-11 01:14 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-07-11 01:14 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-07-11 01:11 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-07-11 01:11 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2013-07-11 01:11 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2013-07-11 01:11 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-07-11 01:11 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-07-11 01:11 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-07-11 01:11 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 107 ==================== One Month Modified Files and Folders ======= 2013-08-07 13:51 - 2013-08-07 13:51 - 01788943 _____ (Farbar) C:\Users\Max-Uttendorfer\Downloads\FRST64(1).exe 2013-08-07 13:49 - 2013-05-14 07:14 - 00007610 _____ C:\Windows\setupact.log 2013-08-07 13:49 - 2011-08-08 19:43 - 01832101 _____ C:\Windows\WindowsUpdate.log 2013-08-07 13:38 - 2013-08-07 13:38 - 00037984 _____ C:\Users\Max-Uttendorfer\Downloads\HitmanPro_20130807_1338.log 2013-08-07 13:38 - 2013-08-07 13:35 - 00000000 ____D C:\ProgramData\HitmanPro 2013-08-07 13:38 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-07 13:38 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-07 13:35 - 2009-07-14 19:58 - 00654150 _____ C:\Windows\system32\perfh007.dat 2013-08-07 13:35 - 2009-07-14 19:58 - 00130022 _____ C:\Windows\system32\perfc007.dat 2013-08-07 13:35 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-07 13:34 - 2013-08-07 13:34 - 00005780 _____ C:\Users\Max-Uttendorfer\Desktop\JRT.txt 2013-08-07 13:32 - 2013-08-07 13:32 - 00000000 ____D C:\Windows\ERUNT 2013-08-07 13:29 - 2013-08-07 13:29 - 00010070 _____ C:\AdwCleaner[S1].txt 2013-08-07 13:29 - 2013-08-07 13:28 - 09853928 _____ (SurfRight B.V.) C:\Users\Max-Uttendorfer\Downloads\HitmanPro_x64.exe 2013-08-07 13:28 - 2013-08-07 13:28 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\Max-Uttendorfer\Downloads\JRT.exe 2013-08-07 13:27 - 2013-08-07 13:27 - 00666633 _____ C:\Users\Max-Uttendorfer\Downloads\adwcleaner.exe 2013-08-07 13:20 - 2012-08-01 11:39 - 00271360 _____ C:\Users\Max-Uttendorfer\Desktop\& Zimmerhansl.pst 2013-08-07 10:12 - 2013-08-07 10:11 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Max-Uttendorfer\Downloads\tdsskiller.exe 2013-08-07 09:50 - 2013-08-06 09:30 - 00000000 ____D C:\Users\Max-Uttendorfer\Desktop\Wohnanlage 2013-08-07 08:19 - 2011-08-08 14:28 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0 S-Edition 2013-08-06 18:00 - 2013-08-06 18:00 - 00017979 _____ C:\ComboFix.txt 2013-08-06 18:00 - 2013-08-06 17:47 - 00000000 ____D C:\Windows\erdnt 2013-08-06 18:00 - 2013-08-06 17:47 - 00000000 ____D C:\Qoobox 2013-08-06 17:59 - 2013-05-14 07:14 - 00011180 _____ C:\Windows\PFRO.log 2013-08-06 17:59 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2013-08-06 17:46 - 2013-08-06 17:46 - 05100695 ____R (Swearware) C:\Users\Max-Uttendorfer\Downloads\ComboFix.exe 2013-08-06 17:43 - 2013-08-06 17:43 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2013-08-06 17:43 - 2013-08-06 17:43 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2013-08-06 17:43 - 2013-08-06 17:43 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-08-06 17:43 - 2013-08-06 17:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-08-06 17:43 - 2013-08-06 17:43 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-08-06 17:43 - 2013-08-06 17:43 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-08-06 17:43 - 2013-08-06 17:43 - 00000000 ____D C:\Program Files\Java 2013-08-06 17:43 - 2013-08-06 17:42 - 33150376 _____ (Oracle Corporation) C:\Users\Max-Uttendorfer\Downloads\jre-7u25-windows-x64.exe 2013-08-06 17:35 - 2013-08-06 17:35 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-08-06 17:35 - 2013-08-06 17:35 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-08-06 17:35 - 2011-08-07 21:50 - 00000000 ____D C:\Users\MAX-UT~1\AppData\Local\Adobe 2013-08-06 17:35 - 2011-08-07 21:50 - 00000000 ____D C:\ProgramData\Adobe 2013-08-06 17:32 - 2013-03-13 17:14 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-08-06 17:32 - 2013-03-13 17:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-06 17:32 - 2011-09-02 16:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-06 16:59 - 2013-08-06 16:58 - 00023205 _____ C:\Users\Max-Uttendorfer\Downloads\Addition.txt 2013-08-06 16:58 - 2013-08-06 16:58 - 00000000 ____D C:\FRST 2013-08-06 16:57 - 2013-08-06 16:57 - 01788685 _____ (Farbar) C:\Users\Max-Uttendorfer\Downloads\FRST64.exe 2013-08-06 10:38 - 2013-08-06 10:38 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\Malwarebytes 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-06 10:38 - 2013-08-06 10:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-06 10:36 - 2013-08-06 10:35 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Max-Uttendorfer\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-05 22:17 - 2013-08-05 22:17 - 00000000 ____D C:\Windows\SysWOW64\searchplugins 2013-08-05 22:17 - 2013-08-05 22:17 - 00000000 ____D C:\Windows\SysWOW64\Extensions 2013-08-05 21:12 - 2013-08-05 21:11 - 00000000 ____D C:\Windows\system32\MRT 2013-08-02 06:50 - 2013-04-15 06:19 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-07-30 09:45 - 2013-07-30 09:45 - 00001402 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2013-07-30 09:45 - 2013-06-27 14:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-30 09:45 - 2011-12-27 15:19 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2013-07-30 09:45 - 2011-12-27 14:06 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\DVDVideoSoft 2013-07-30 09:43 - 2013-07-30 09:43 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Max-Uttendorfer\Downloads\FreeYouTubeToMP3Converter-3.12.9.725.exe 2013-07-30 06:50 - 2013-07-30 06:50 - 01067192 _____ (Solid State Networks) C:\Users\Max-Uttendorfer\Downloads\install_flashplayer11x32axau_mssa_aaa_aih.exe 2013-07-29 12:13 - 2013-03-16 08:18 - 00000000 ____D C:\Users\Max-Uttendorfer\AppData\Roaming\HpUpdate 2013-07-29 09:05 - 2011-08-07 17:12 - 01318912 _____ C:\Users\Max-Uttendorfer\Desktop\Job-Datei.mdb 2013-07-29 06:55 - 2013-07-28 07:34 - 00000000 ____D C:\Users\Max-Uttendorfer\Desktop\Treindl 2013-07-28 10:07 - 2013-07-28 10:07 - 01211376 _____ (DVDVideoSoft Ltd. ) C:\Users\Max-Uttendorfer\Downloads\FreeYouTubeToMP3Converter.exe 2013-07-12 14:56 - 2013-07-12 14:56 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo (3).lnk 2013-07-12 14:56 - 2013-07-12 14:56 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo (2).lnk 2013-07-12 14:54 - 2013-07-12 14:54 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\Hausmeisterarbeit 2013-07-12 14:54 - 2013-07-12 14:54 - 02543691 _____ C:\Users\Max-Uttendorfer\Desktop\EASEUS Data Recovery Wizard Professional 5.5.1 Demo.lnk 2013-07-12 09:10 - 2013-07-12 09:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7eced48d6485.job 2013-07-11 07:30 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal 2013-07-11 07:30 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender 2013-07-11 07:30 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2013-07-11 07:30 - 2009-07-14 06:45 - 00290488 _____ C:\Windows\system32\FNTCACHE.DAT 2013-07-11 01:16 - 2009-07-14 04:34 - 00000499 _____ C:\Windows\win.ini ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-06-03 07:53 ==================== End Of Log ============================ |
07.08.2013, 12:59 | #10 |
/// Malware-holic | Delta Search Toolbar Virus Hi, hattest du die Google Toolbar nicht deinstaliert? dann tuh das bitte. 1. Fix mit FRST Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR DefaultSearchURL: (Delta Search) - hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=7C04002522A6F805&affID=121564&tt=290713_190&tsp=4959 CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
bitte teste, ob es im Firefox, internet explorer, und sonstigen evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt. Teste wie pc und programme allgemein laufen. Wenn das alles läuft: 3. Die Reihenfolge ist hier entscheidend.
4. als antimalware programm würde ich emsisoft empfehlen. diese haben für mich den besten schutz kostet aber etwas. Computeractive Software Store - Emsisoft Anti-Malware 8 [1-PC] - 63% off RRP testversion: Meine Antivirus-Empfehlung: Emsisoft Anti-Malware insbesondere wenn du onlinebanking, einkäufe, sonstige zahlungsabwicklungen oder ähnlich wichtiges, wie zb berufliches machst, also sensible daten zu schützen sind, solltest du in sicherheitssoftware investieren. vor dem aktivieren der lizenz die 30 tage testzeitraum ausnutzen. kostenlos, aber eben nicht ganz so gut währe avast zu empfehlen. http://www.trojaner-board.de/110895-...antivirus.html sag mir welches du nutzt, dann gebe ich konfigurationshinweise. bitte dein bisheriges av deinstalieren die folgende anleitung ist umfangreich, dass ist mir klar, sie sollte aber umgesetzt werden, da nur dann dein pc sicher ist. stelle so viele fragen wie nötig, ich arbeite gern alles mit dir durch! http://www.trojaner-board.de/96344-a...-rechners.html Starte bitte mit der Passage, Windows Vista und Windows 7 Bitte beginne damit, Windows Updates zu instalieren. Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst. Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist: - Updates automatisch Instalieren, - Täglich - Uhrzeit wählen - Bitte den gesammten rest anhaken, außer: - detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist. Klicke jetzt die Schaltfläche "OK" Klicke jetzt "nach Updates suchen". Bitte instaliere zunächst wichtige Updates. Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren. Mache das selbe bitte mit den optionalen Updates. Bitte übernimm den rest so, wie es im Abschnitt windows 7 / Vista zu lesen ist. aus dem Abschnitt xp, bitte den punkt "datenausführungsverhinderung, dep" übernehmen. als browser rate ich dir zu chrome: http://support.google.com/chrome/bin...&answer=118663 anleitung lesen bitte falls du nen andern nutzen willst, sags mir dann muss ich teile der nun folgenden anleitung anpassen. Sandboxie Die devinition einer Sandbox ist hier nachzulesen: Sandbox Kurz gesagt, man kann Programme fast 100 %ig isuliert vom System ausführen. Der Vorteil liegt klar auf der Hand, wenn über den Browser Schadcode eingeschläust wird, kann dieser nicht nach außen dringen. Download Link: Sandboxie - Download - Filepony anleitung: http://www.trojaner-board.de/71542-a...sandboxie.html ausführliche anleitung als pdf, auch abarbeiten: Sandbox Einstellungen | bitte folgende zusatz konfiguration machen: sandboxie control öffnen, menü sandbox anklicken, defauldbox wählen. dort klicke auf sandbox einstellungen. beschrenkungen, bei programm start und internet zugriff schreibe: chrome.exe dann gehe auf anwendungen, webbrowser, chrome. dort aktiviere alles außer gesammten profil ordner freigeben. Wie du evtl. schon gesehen hast, kannst du einige Funktionen nicht nutzen. Dies ist nur in der Vollversion nötig, zu deren Kauf ich dir rate. Du kannst zb unter "Erzwungene Programmstarts" festlegen, dass alle Browser in der Sandbox starten. Ansonsten musst du immer auf "Sandboxed webbrowser" klicken bzw Rechtsklick, in Sandboxie starten. Eine lebenslange Lizenz kostet 30 €, und ist auf allen deinen PC's nutzbar. Weiter mit: Maßnahmen für ALLE Windows-Versionen alles komplett durcharbeiten anmerkung zu file hippo. in den settings zusätzlich auswählen: hide beta updates. Run updateChecker when Windows starts Backup Programm: in meiner Anleitung ist bereits ein Backup Programm verlinkt, als Alternative bietet sich auch das Windows eigene Backup Programm an: http://www.trojaner-board.de/82962-w...en-backup.html Dies ist aber leider nur für Windows 7 Nutzer vernünftig nutzbar. Alle Anderen sollten sich aber auf jeden fall auch ein Backup Programm instalieren, denn dies kann unter Umständen sehr wichtig sein, zum Beispiel, wenn die Festplatte einmal kaputt ist. Zum Schluss, die allgemeinen sicherheitstipps beachten, wenn es dich betrifft, den Tipp zum Onlinebanking beachten und alle Passwörter ändern bitte auch lesen, wie mache ich programme für alle sichtbar: Programme für alle Konten nutzbar machen - PCtipp.ch - Praxis & Hilfe surfe jetzt also nur noch im standard nutzer konto und dort in der sandbox. wenn du die kostenlose version nutzt, dann mit klick auf sandboxed web browser, wenn du die bezahlversion hast, kannst du erzwungene programm starts festlegen, dann wird Sandboxie immer gestartet wenn du nen browser aufrufst. wenn du mit der maus über den browser fährst sollte der eingerahmt sein, dann bist du im sandboxed web browser passwort sicherheit: jeder dienst benötigt ein eigenes, mindestens 12-stelliges passwort bei der passwort verwaltung und erstellung hilft roboform Password Manager, Form Filler, Password Management | RoboForm Password Manager anleitung: http://www.roboform.com/de/manual.htmlb
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu Delta Search Toolbar Virus |
delta, delta search, search, toolbar, virus |