Plagegeister aller Art und deren Bekämpfung: Pc stockt ab und zu für mehrere Sekunden...Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.
Pc stockt ab und zu für mehrere Sekunden... CCleaner wurde doch extra verlinkt! Lies bitte die Anleitung
#17
![]() ![]() | ![]() Pc stockt ab und zu für mehrere Sekunden... Sorry, hatte nur per smartphone deine Antwort gelesen und nicht gesehen, das es ein Link war. Hab dann Zuhause über Chip.de den CCleaner runtergeladen. Musste aber nach 3 Stunden abbrechen.
__________________Er war immernoch bei 0%. Nach dem Abbruch hat er mir angezeigt unter "details der zu löschenden Dateien", das es bis dahin 5.854.550 KB bzw 269.178 Dateien waren. Allein die Temporären Internet Dateien unter dem Internet Explorer. Ist das normal? Ich nutze übrigens als Internetbrowser den Mozilla Firefox. Soll ich nun nochmals den CCleaner "analysieren" lassen (über Nacht oder den ganzen Tag über)? Zurzeit läuft der PC flüssig. Ab und zu, meist in der 1. Stunde nach dem Starten des PCs, bleibt der Pc kurz stehen (man kann dann nix machen, Mauszeiger steht still und alles andere auch)... In der Zeit brechen auch ab und zu Youtube Videos ab, mit irgendein Problem des Shockwaveplayers..das gleiche passiert auch meiner Freundin bei dem browserspiel Farmville. Abbruch und dann muss man neu laden. Ansonsten läuft der PC. |
Pc stockt ab und zu für mehrere Sekunden...Zitat:
![]() ![]() | ![]() Pc stockt ab und zu für mehrere Sekunden... hmm trotz ausmisten unter IE und FF will TFC oder auch der CCleaner nicht richtig in Gang kommen :-/ habe mal in der systemkonfiguration unter Sytemstart geguckt, weil das Problem ja ziemlich am anfang entsteht, wenn der PC gestartet wird. Wollte mal gucken, ob da unnötige Programme gestartet werden. Neben den normalen und sinnvollen Programmen habe ich auch etwas gefunden was mir nichts sagte ApnTBMon (hersteller unbekannt). Nach schnellem googeln wurde da sehr oft das Wort Malware erwähnt. Was sagst du dazu? Stimmt das? und wenn ja, wie bekomm ich das weg? Kann auch gerne ein Screenshot anhängen, wenn gewünscht von meinem Systemstartprogrammen in der Liste. |
Pc stockt ab und zu für mehrere Sekunden... Kann zur Asktoolbar gehören. Lade adwCleaner und JRT nochmal neu runter: Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Logfiles bitte immer in CODE-Tags posten
![]() ![]() | ![]() Pc stockt ab und zu für mehrere Sekunden... los gehts mit den logs adwCleaner Code:
ATTFilter # AdwCleaner v3.003 - Bericht erstellt am 09/09/2013 um 10:05:13 # Updated 07/09/2013 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : Daniel - DANIEL-PC # Gestartet von : C:\Users\Daniel\Desktop\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Browser ] ***** -\\ Internet Explorer v10.0.9200.16611 -\\ Mozilla Firefox v23.0.1 (de) [ Datei : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0mumjyd8.default\prefs.js ] [ Datei : C:\Users\Administrator.Daniel-PC\AppData\Roaming\Mozilla\Firefox\Profiles\mufq2c1g.default\prefs.js ] ************************* AdwCleaner[R0].txt - [8781 octets] - [02/09/2013 08:51:22] AdwCleaner[R1].txt - [1041 octets] - [09/09/2013 10:04:01] AdwCleaner[S0].txt - [8624 octets] - [02/09/2013 08:53:25] AdwCleaner[S1].txt - [964 octets] - [09/09/2013 10:05:13] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1023 octets] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.5.9 (09.07.2013:1) OS: Windows 7 Home Premium x64 Ran by Daniel on 09.09.2013 at 10:07:59,59 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\apn" ~~~ FireFox Successfully deleted the following from C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\0mumjyd8.default\prefs.js user_pref("extensions.AVIRA-V7.com.avira.dnt.rules", "\"{\\\"Version\\\":38,\\\"Companies\\\":[{\\\"company\\\":\\\"Google Inc\\\",\\\"rules\\\":[{\\\"name\\\":\\\"Google Anal user_pref("extensions.AVIRA-V7.domain", "\"avira.search.ask.com\""); Emptied folder: C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\0mumjyd8.default\minidumps [27 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 09.09.2013 at 10:14:13,36 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 Ran by Daniel (administrator) on DANIEL-PC on 09-09-2013 10:22:20 Running from C:\Users\Daniel\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (All) ========================= (Microsoft Corporation) C:\windows\system32\csrss.exe (Microsoft Corporation) C:\windows\system32\wininit.exe (Microsoft Corporation) C:\windows\system32\csrss.exe (Microsoft Corporation) C:\windows\system32\services.exe (Microsoft Corporation) C:\windows\system32\lsass.exe (Microsoft Corporation) C:\windows\system32\lsm.exe (Microsoft Corporation) C:\windows\system32\winlogon.exe (Microsoft Corporation) C:\windows\system32\svchost.exe (Microsoft Corporation) C:\windows\system32\svchost.exe (AMD) C:\windows\system32\atiesrxx.exe (Microsoft Corporation) C:\windows\System32\svchost.exe (Microsoft Corporation) C:\windows\System32\svchost.exe (Microsoft Corporation) C:\windows\system32\svchost.exe (Microsoft Corporation) C:\windows\system32\svchost.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (AMD) C:\windows\system32\atieclxx.exe (Microsoft Corporation) C:\windows\system32\svchost.exe (Microsoft Corporation) C:\windows\system32\taskeng.exe (Microsoft Corporation) C:\windows\System32\spoolsv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Microsoft Corporation) C:\windows\system32\svchost.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Microsoft Corporation) C:\windows\system32\svchost.exe (Lenovo) C:\Program Files\Lenovo\Power Dial\LenovoCOMSvc.exe () C:\windows\runservice.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (SEIKO EPSON CORPORATION) C:\windows\SysWOW64\SAgent4.exe (Microsoft Corporation) C:\windows\system32\svchost.exe (Microsoft Corporation) C:\windows\System32\svchost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\windows\system32\taskhost.exe (Microsoft Corporation) C:\windows\system32\Dwm.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe (Microsoft Corporation) C:\windows\system32\svchost.exe (Microsoft Corporation) C:\windows\System32\WUDFHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) C:\windows\explorer.exe (Microsoft Corporation) C:\windows\system32\taskeng.exe (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Farbar) C:\Users\Daniel\Desktop\FRST64.exe (Microsoft Corporation) C:\windows\system32\wbem\wmiprvse.exe ==================== Registry (All) =========================== HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [242192 2008-02-29] (Logitech, Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-20] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Userinit] C:\windows\system32\userinit.exe, [26624 2010-11-20] (Microsoft Corporation) HKLM\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-25] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-02-25] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-02-25] (Microsoft Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-20] (Microsoft Corporation) HKCU\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [423144 2013-04-27] (BillP Studios) HKCU\...\Policies\system: [disableregistrytools] 0 HKCU\...\Policies\system: [DisableTaskMgr] 0 MountPoints2: {06a3660e-dc69-11df-b2fc-90fba619dd2d} - J:\LGAutoRun.exe HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKU\Administrator\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation) HKU\Administrator\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\Administrator\...\RunOnce: [WLStart] - C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation) HKU\Administrator.Daniel-PC\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\Administrator.Daniel-PC\...\Run: [Facebook Update] - "C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver HKU\Administrator.Daniel-PC\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1811880 2013-08-28] (Valve Corporation) HKU\Administrator.Daniel-PC\...\Run: [Google Update] - "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\Administrator.Daniel-PC\...\Run: [EPLTarget\P0000000000000000] - C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION) HKU\Administrator.Daniel-PC\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.) HKU\Administrator.Daniel-PC\...\Policies\system: [DisableTaskMgr] 0 HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation) HKU\Default\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\Default\...\RunOnce: [WLStart] - C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation) HKU\Default User\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation) HKU\Default User\...\RunOnce: [mctadmin] - C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\Default User\...\RunOnce: [WLStart] - C:\Program Files (x86)\Windows Live\Installer\wlstart.exe [786760 2009-07-26] (Microsoft Corporation) Lsa: [Authentication Packages] msv1_0 Lsa: [Notification Packages] scecli SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File BootExecute: autocheck autochk * AlternateShell: cmd.exe ==================== Internet (All) =========================== HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://lenovo.de.msn.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {977042D0-63DD-494A-A3C6-A275B25D41B1} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File DPF: HKLM-x32 {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: HKLM-x32 {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: HKLM-x32 {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation) Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll (Microsoft Corporation) Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - No File Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation) Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File Handler-x32: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) Filter-x32: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) Winsock: Catalog5 01 %SystemRoot%\system32\NLAapi.dll [52224] (Microsoft Corporation) Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [52224] (Microsoft Corporation) Winsock: Catalog5 03 %SystemRoot%\system32\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 04 %SystemRoot%\system32\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Winsock: Catalog5 08 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog5 09 %SystemRoot%\System32\winrnr.dll [20992] (Microsoft Corporation) Winsock: Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG) Winsock: Catalog9 09 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 10 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 11 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 12 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 13 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 14 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 15 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 16 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 17 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 18 %SystemRoot%\system32\mswsock.dll [232448] (Microsoft Corporation) Winsock: Catalog9 19 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG) Winsock: Catalog5-x64 01 %SystemRoot%\system32\NLAapi.dll [70656] (Microsoft Corporation) Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [68096] (Microsoft Corporation) Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation) Winsock: Catalog5-x64 04 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation) Winsock: Catalog5-x64 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.) Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.) Winsock: Catalog5-x64 08 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog5-x64 09 %SystemRoot%\System32\winrnr.dll [28672] (Microsoft Corporation) Winsock: Catalog9-x64 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG) Winsock: Catalog9-x64 09 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 10 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 11 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 12 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 13 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 14 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 15 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 16 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 17 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 18 %SystemRoot%\system32\mswsock.dll [326144] (Microsoft Corporation) Winsock: Catalog9-x64 19 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG) Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0mumjyd8.default FF NetworkProxy: "type", 4 FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0mumjyd8.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi FF Extension: No Name - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0mumjyd8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM-x32\...\Mozilla Firefox 23.0.1\Extensions: [Components] C:\Program Files (x86)\Mozilla Firefox\components FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\components FF HKLM-x32\...\Mozilla Firefox 23.0.1\Extensions: [Plugins] C:\Program Files (x86)\Mozilla Firefox\plugins FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\plugins FF HKCU\...\Mozilla Firefox 23.0.1\Extensions: [Components] C:\Program Files (x86)\Mozilla Firefox\components FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\components FF HKCU\...\Mozilla Firefox 23.0.1\Extensions: [Plugins] C:\Program Files (x86)\Mozilla Firefox\plugins FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\plugins FF StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" ==================== Services (All) ======================== R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640 2013-05-11] (Adobe Systems Incorporated) S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416 2013-08-21] (Adobe Systems Incorporated) R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [202752 2010-03-03] (AMD) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-02] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-02] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-02] (Avira Operations GmbH & Co. KG) R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-26] (APN LLC.) S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation) R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation) R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55144 2011-10-24] (Apple Inc.) R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation) R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-20] (Microsoft Corporation) S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation) R2 BcmSqlStartupSvc; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [30312 2008-01-16] (Microsoft Corporation) S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation) R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation) R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-31] (Apple Inc.) R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-05] (Microsoft Corporation) S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) R2 CEEBC40A-FDED-4C59-B354-939132350B01; C:\Program Files (x86)\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe [96752 2009-10-12] () S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation) S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_32; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-18] (Microsoft Corporation) S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation) R2 cvhsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [822624 2012-01-04] (Microsoft Corporation) R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation) R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation) S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation) R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) S3 EFS; C:\Windows\System32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation) S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation) S3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation) S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation) R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation) S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2012-03-06] (Google Inc.) S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2012-03-06] (Google Inc.) R3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation) S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336 2010-03-03] (Intel Corporation) S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [856400 2010-11-05] (Microsoft Corporation) R2 IKEEXT; C:\Windows\System32\ikeext.dll [853504 2010-11-20] (Microsoft Corporation) S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) R2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation) R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation) S3 LBTServ; C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe [160272 2008-05-02] (Logitech, Inc.) R2 LenovoCOMSvc; C:\Program Files\Lenovo\Power Dial\LenovoCOMSvc.exe [49152 2009-09-30] (Lenovo) R2 LicCtrlService; C:\windows\runservice.exe [2560 2011-02-18] () S3 LitModeCtrl; C:\Program Files\Lenovo\Power Dial\LitModeCtrl.exe [81920 2009-09-27] (Lenovo) S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824 2009-09-30] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation) S2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [117656 2013-08-18] (Mozilla Foundation) R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation) S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation) S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S4 MSSQLServerADHelper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) R2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208 2008-08-29] (Nero AG) S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [116560 2009-06-10] (Microsoft Corporation) R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation) R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) S3 odserv; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation) S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation) S3 osppsvc; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation) S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation) S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation) R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation) S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation) R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation) S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\SysWow64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) R2 SamSs; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation) S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation) R2 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation) R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) R2 SENS; C:\Windows\SysWow64\sens.dll [49664 2009-07-14] (Microsoft Corporation) S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation) S3 SessionEnv; C:\Windows\SysWow64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) R2 sftlist; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776 2011-10-01] (Microsoft Corporation) R3 sftvsa; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496 2011-10-01] (Microsoft Corporation) S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation) R2 ShellHWDetection; C:\Windows\SysWow64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [162408 2013-06-03] (Skype Technologies) S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation) S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) R2 SQLBrowser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [238944 2010-12-10] (Microsoft Corporation) R2 SQLWriter; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [153440 2010-12-10] (Microsoft Corporation) R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) R2 StatusAgent4; C:\windows\SysWOW64\SAgent4.exe [131072 2006-12-20] (SEIKO EPSON CORPORATION) S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [563624 2013-08-28] (Valve Corporation) R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation) S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation) S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation) S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) S3 TapiSrv; C:\Windows\SysWow64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-20] (Microsoft Corporation) R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) R2 UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2011-08-19] (Logitech Inc.) R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920 2009-09-30] (Intel Corporation) R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2011-11-17] (Microsoft Corporation) S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation) S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation) S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation) S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) S3 WebClient; C:\Windows\System32\webclnt.dll [258560 2010-11-20] (Microsoft Corporation) S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R3 WinHttpAutoProxySvc; C:\Windows\System32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation) R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-20] (Microsoft Corporation) R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corp.) S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation) S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation) R2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation) R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng.dll [2428952 2012-06-03] (Microsoft Corporation) R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) S3 WwanSvc; C:\Windows\System32\wwansvc.dll [230400 2013-03-19] (Microsoft Corporation) ==================== Drivers (All) ========================== S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation) R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation) S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation) S3 adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.) S3 adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.) S3 adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.) R1 AFD; C:\Windows\system32\drivers\afd.sys [498688 2011-12-28] (Microsoft Corporation) S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation) S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.) S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation) S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [6402560 2010-03-03] (ATI Technologies Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [188928 2010-03-03] (Advanced Micro Devices, Inc.) S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-11] (Advanced Micro Devices) S3 amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices) S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] (Microsoft Corporation) S3 arc; C:\Windows\system32\DRIVERS\arc.sys [87632 2009-07-14] (Adaptec, Inc.) S3 arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.) S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation) R3 AtiHdmiService; C:\Windows\System32\drivers\AtiHdmi.sys [116736 2010-01-28] (ATI Technologies, Inc.) S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6402560 2010-03-03] (ATI Technologies Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-02] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-02] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-02] (Avira Operations GmbH & Co. KG) S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation) S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] (Microsoft Corporation) S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) R1 cdrom; C:\Windows\system32\drivers\cdrom.sys [147456 2010-11-20] (Microsoft Corporation) S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation) R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation) S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.) R0 CNG; C:\Windows\System32\Drivers\cng.sys [458704 2012-06-02] (Microsoft Corporation) S3 Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys [21584 2009-07-14] (Microsoft Corporation) R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation) S4 crcdisk; C:\Windows\system32\DRIVERS\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation) R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation) R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) R0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-14] (Microsoft Corporation) S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [983400 2013-04-10] (Microsoft Corporation) R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k62x64.sys [283824 2009-09-23] (Intel Corporation) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [530496 2009-07-14] (Emulex) S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation) S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation) R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation) S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation) S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation) U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation) R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation) S3 gagp30kx; C:\Windows\system32\DRIVERS\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation) S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation) R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation) R3 HECIx64; C:\Windows\System32\DRIVERS\HECIx64.sys [56344 2009-09-17] (Intel Corporation) S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation) R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation) S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-20] (Hewlett-Packard Company) R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation) R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation) S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) R0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [540696 2010-03-03] (Intel Corporation) S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] (Intel Corporation) S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [6108416 2009-06-10] (Intel Corporation) S3 iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH) R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [3379272 2013-03-29] (Realtek Semiconductor Corp.) S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation) R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation) S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation) S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [273792 2010-11-20] (Microsoft Corporation) R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation) R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation) R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95600 2012-06-02] (Microsoft Corporation) R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [151920 2012-06-02] (Microsoft Corporation) R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) R3 L8042Kbd; C:\Windows\System32\DRIVERS\L8042Kbd.sys [35344 2008-02-29] (Logitech, Inc.) R3 L8042mou; C:\Windows\System32\DRIVERS\L8042mou.Sys [113680 2008-02-29] (Logitech, Inc.) R3 LHidFilt; C:\Windows\System32\DRIVERS\LHidFilt.Sys [54800 2008-02-29] (Logitech, Inc.) R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) R3 LMouFilt; C:\Windows\System32\DRIVERS\LMouFilt.Sys [57360 2008-02-29] (Logitech, Inc.) R3 LMouKE; C:\Windows\System32\DRIVERS\LMouKE.Sys [112144 2008-02-29] (Logitech, Inc.) S3 LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [114752 2009-07-14] (LSI Corporation) S3 LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [106560 2009-07-14] (LSI Corporation) S3 LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation) S3 LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation) R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) S3 lvpopf64; C:\Windows\System32\DRIVERS\lvpopf64.sys [271712 2010-07-27] (Logitech Inc.) S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] () R3 LVRS64; C:\Windows\System32\DRIVERS\lvrs64.sys [351136 2011-08-19] (Logitech Inc.) R3 LVUVC64; C:\Windows\System32\DRIVERS\lvuvc64.sys [4869024 2011-08-19] (Logitech Inc.) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 megasas; C:\Windows\system32\DRIVERS\megasas.sys [35392 2009-07-14] (LSI Corporation) S3 MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.) S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] (Microsoft Corporation) R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-20] (Microsoft Corporation) S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-20] (Microsoft Corporation) R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2010-11-20] (Microsoft Corporation) R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] (Microsoft Corporation) R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] (Microsoft Corporation) R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] (Microsoft Corporation) R0 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation) S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-20] (Microsoft Corporation) R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation) S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-20] (Microsoft Corporation) R1 mssmbios; C:\Windows\system32\drivers\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation) S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation) R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation) S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation) R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation) R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation) R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation) R3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Ralink Technology Corp.) S3 nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [51264 2009-07-14] (IBM Corporation) R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation) R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1656680 2013-04-12] (Microsoft Corporation) R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] (NVIDIA Corporation) S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] (NVIDIA Corporation) S3 nv_agp; C:\Windows\system32\drivers\nv_agp.sys [122960 2009-07-14] (Microsoft Corporation) S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation) R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation) R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation) S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation) S3 pcmcia; C:\Windows\system32\DRIVERS\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation) R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation) R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation) S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] (Microsoft Corporation) R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55856 2010-03-19] (Sonic Solutions) S3 ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [1524816 2009-07-14] (QLogic Corporation) S3 ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [128592 2009-07-14] (QLogic Corporation) S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation) S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] (Microsoft Corporation) R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation) R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation ) S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-20] (Microsoft Corporation) S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation) R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation) S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation) S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfslh.sys [764264 2011-10-01] (Microsoft Corporation) R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaylh.sys [268648 2011-10-01] (Microsoft Corporation) R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirlh.sys [25960 2011-10-01] (Microsoft Corporation) R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvollh.sys [22376 2011-10-01] (Microsoft Corporation) S3 SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.) S3 SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems) S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-07-30] () R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] (Microsoft Corporation) R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] (Microsoft Corporation) R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] (Microsoft Corporation) S3 stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [24656 2009-07-14] (Promise Technology) R3 swenum; C:\Windows\system32\drivers\swenum.sys [12496 2009-07-14] (Microsoft Corporation) R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1910208 2013-07-06] (Microsoft Corporation) S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1910208 2013-07-06] (Microsoft Corporation) R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation) S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation) R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-20] (Microsoft Corporation) R1 TermDD; C:\Windows\system32\drivers\termdd.sys [63360 2010-11-20] (Microsoft Corporation) S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation) S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation) R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation) S3 uagp35; C:\Windows\system32\DRIVERS\uagp35.sys [64080 2009-07-14] (Microsoft Corporation) S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation) S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation) R3 umbus; C:\Windows\system32\drivers\umbus.sys [48640 2010-11-20] (Microsoft Corporation) S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-05-10] (Apple, Inc.) R3 usbaudio; C:\Windows\system32\drivers\usbaudio.sys [109696 2010-11-20] (Microsoft Corporation) R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-25] (Microsoft Corporation) S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100352 2009-07-14] (Microsoft Corporation) R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [52736 2011-03-25] (Microsoft Corporation) R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-25] (Microsoft Corporation) S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2011-03-25] (Microsoft Corporation) S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-14] (Microsoft Corporation) R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] (Microsoft Corporation) S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2011-03-25] (Microsoft Corporation) S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184960 2010-11-20] (Microsoft Corporation) R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation) S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-20] (Microsoft Corporation) S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.) R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation) R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation) R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] (Microsoft Corporation) S3 vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd) R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation) S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) S3 Wd; C:\Windows\system32\DRIVERS\wd.sys [21056 2009-07-14] (Microsoft Corporation) R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785512 2012-07-26] (Microsoft Corporation) R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) S3 WimFltr; C:\Windows\System32\DRIVERS\wimfltr.sys [151656 2008-08-06] (Microsoft Corporation) S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation) S3 WIMMount; C:\Windows\SysWow64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation) R2 WinI2C-DDC; C:\windows\system32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.) U3 Winsock; No ImagePath S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation) R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink) R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [389120 2009-06-10] (Marvell) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] (Microsoft Corporation) U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-09 10:07 - 2013-09-09 10:07 - 00001103 _____ C:\Users\Daniel\Desktop\AdwCleaner[S1].txt 2013-09-09 09:45 - 2013-09-09 09:45 - 01029490 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe 2013-09-09 09:44 - 2013-09-09 09:44 - 01037278 _____ C:\Users\Daniel\Desktop\adwcleaner.exe 2013-09-06 17:06 - 2013-09-06 17:06 - 00000000 ____D C:\windows\SysWOW64\Adobe 2013-09-05 17:24 - 2013-09-05 17:24 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC 2013-09-05 17:24 - 2013-09-05 17:24 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-09-05 17:24 - 2013-09-05 17:24 - 00000000 ____D C:\Program Files\CCleaner 2013-09-03 19:05 - 2013-09-03 19:05 - 00448512 _____ (OldTimer Tools) C:\Users\Daniel\Desktop\TFC(1).exe 2013-09-02 09:30 - 2013-09-02 09:30 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-09-02 09:28 - 2013-09-02 09:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2013-09-02 09:25 - 2013-09-02 09:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Avira 2013-09-02 09:25 - 2013-09-02 09:25 - 00000000 ____D C:\ProgramData\AskPartnerNetwork 2013-09-02 09:25 - 2013-09-02 09:25 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork 2013-09-02 09:24 - 2013-09-02 15:28 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys 2013-09-02 09:23 - 2013-09-02 15:28 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys 2013-09-02 09:23 - 2013-09-02 15:28 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys 2013-09-02 09:23 - 2013-09-02 09:23 - 00001994 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-09-02 09:23 - 2013-09-02 09:23 - 00000000 ____D C:\ProgramData\Avira 2013-09-02 09:23 - 2013-09-02 09:23 - 00000000 ____D C:\Program Files (x86)\Avira 2013-09-02 09:23 - 2013-09-02 09:19 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys 2013-09-02 09:04 - 2013-09-09 10:17 - 01948948 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe 2013-09-02 08:51 - 2013-09-09 10:05 - 00000000 ____D C:\AdwCleaner 2013-08-29 13:34 - 2013-08-29 13:34 - 00000000 ____D C:\FRST 2013-08-28 20:23 - 2013-08-29 17:45 - 00000000 ____D C:\Users\Daniel\Desktop\Fotos Nadine 2013-08-26 22:00 - 2013-08-26 22:00 - 00000000 __RHD C:\Users\Daniel\AppData\Roaming\SecuROM 2013-08-26 20:13 - 2013-08-26 20:13 - 00000000 ____D C:\Users\Daniel\Documents\Electronic Arts 2013-08-26 20:10 - 2013-08-26 20:10 - 00000954 _____ C:\Users\Daniel\Desktop\EPSON Scan.lnk 2013-08-24 21:14 - 2013-08-24 21:14 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE 2013-08-24 21:01 - 2013-08-24 21:31 - 00000000 ____D C:\Program Files (x86)\Electronic Arts 2013-08-18 17:33 - 2013-08-18 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-16 16:27 - 2013-08-16 22:05 - 00000000 ____D C:\Users\Administrator.Daniel-PC\AppData\Roaming\Skype 2013-08-14 19:04 - 2013-08-14 19:05 - 00000000 ____D C:\windows\system32\MRT 2013-08-14 16:08 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll 2013-08-14 16:08 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll 2013-08-14 16:08 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll 2013-08-14 16:08 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll 2013-08-14 16:08 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll 2013-08-14 16:08 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll 2013-08-14 16:08 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll 2013-08-14 16:08 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll 2013-08-14 16:07 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL 2013-08-14 16:07 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL 2013-08-14 16:07 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll 2013-08-14 16:07 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll 2013-08-14 16:07 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2013-08-14 16:07 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2013-08-14 16:07 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2013-08-14 16:07 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2013-08-14 16:07 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2013-08-14 16:07 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2013-08-14 16:07 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2013-08-14 16:07 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2013-08-14 16:07 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2013-08-14 16:07 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2013-08-14 16:07 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2013-08-14 16:07 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2013-08-14 16:07 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2013-08-14 16:07 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2013-08-14 16:07 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys ==================== One Month Modified Files and Folders ======= 2013-09-09 10:22 - 2010-06-25 15:54 - 01069233 _____ C:\windows\WindowsUpdate.log 2013-09-09 10:17 - 2013-09-09 10:14 - 00001407 _____ C:\Users\Daniel\Desktop\JRT.txt 2013-09-09 10:17 - 2013-09-02 09:04 - 01948948 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe 2013-09-09 10:13 - 2009-07-14 06:45 - 00017136 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-09 10:13 - 2009-07-14 06:45 - 00017136 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-09 10:12 - 2009-09-14 08:03 - 00711572 _____ C:\windows\system32\perfh007.dat 2013-09-09 10:12 - 2009-09-14 08:03 - 00153742 _____ C:\windows\system32\perfc007.dat 2013-09-09 10:12 - 2009-07-14 07:13 - 01647734 _____ C:\windows\system32\PerfStringBackup.INI 2013-09-09 10:07 - 2013-09-09 10:07 - 00001103 _____ C:\Users\Daniel\Desktop\AdwCleaner[S1].txt 2013-09-09 10:06 - 2012-03-06 19:55 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-09 10:06 - 2011-06-19 18:00 - 00065536 _____ C:\windows\system32\Ikeext.etl 2013-09-09 10:06 - 2011-02-18 18:09 - 00000833 ___SH C:\windows\SysWOW64\mmf.sys 2013-09-09 10:06 - 2010-09-21 06:23 - 00000000 _____ C:\windows\system32\Drivers\lvuvc.hs 2013-09-09 10:06 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2013-09-09 10:06 - 2009-07-14 06:51 - 00228312 _____ C:\windows\setupact.log 2013-09-09 10:06 - 2009-07-14 05:20 - 00000000 ____D C:\windows\tracing 2013-09-09 10:05 - 2013-09-02 08:51 - 00000000 ____D C:\AdwCleaner 2013-09-09 09:45 - 2013-09-09 09:45 - 01029490 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe 2013-09-09 09:44 - 2013-09-09 09:44 - 01037278 _____ C:\Users\Daniel\Desktop\adwcleaner.exe 2013-09-09 09:43 - 2012-03-06 19:55 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-08 22:23 - 2012-04-16 13:51 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2013-09-08 20:18 - 2011-07-11 17:25 - 00003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{19B1EBA0-53F3-43B8-93EF-A4AD7F495B07} 2013-09-07 11:35 - 2009-07-14 07:32 - 00000000 ____D C:\windows\system32\FxsTmp 2013-09-06 21:36 - 2011-11-10 12:38 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-06 17:06 - 2013-09-06 17:06 - 00000000 ____D C:\windows\SysWOW64\Adobe 2013-09-05 17:24 - 2013-09-05 17:24 - 00002774 _____ C:\windows\System32\Tasks\CCleanerSkipUAC 2013-09-05 17:24 - 2013-09-05 17:24 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-09-05 17:24 - 2013-09-05 17:24 - 00000000 ____D C:\Program Files\CCleaner 2013-09-03 19:05 - 2013-09-03 19:05 - 00448512 _____ (OldTimer Tools) C:\Users\Daniel\Desktop\TFC(1).exe 2013-09-03 16:37 - 2010-06-25 16:31 - 00590742 _____ C:\windows\PFRO.log 2013-09-03 00:00 - 2011-03-01 21:10 - 00000396 _____ C:\windows\Tasks\NeroLiveEpgUpdate-Daniel-PC_Daniel.job 2013-09-02 17:26 - 2012-10-24 05:48 - 00000000 ____D C:\Program Files (x86)\Origin 2013-09-02 15:28 - 2013-09-02 09:24 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys 2013-09-02 15:28 - 2013-09-02 09:23 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys 2013-09-02 15:28 - 2013-09-02 09:23 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys 2013-09-02 09:30 - 2013-09-02 09:30 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-09-02 09:30 - 2010-12-17 19:43 - 00000000 ____D C:\ProgramData\Apple Computer 2013-09-02 09:28 - 2013-09-02 09:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2013-09-02 09:25 - 2013-09-02 09:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Avira 2013-09-02 09:25 - 2013-09-02 09:25 - 00000000 ____D C:\ProgramData\AskPartnerNetwork 2013-09-02 09:25 - 2013-09-02 09:25 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork 2013-09-02 09:23 - 2013-09-02 09:23 - 00001994 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-09-02 09:23 - 2013-09-02 09:23 - 00000000 ____D C:\ProgramData\Avira 2013-09-02 09:23 - 2013-09-02 09:23 - 00000000 ____D C:\Program Files (x86)\Avira 2013-09-02 09:19 - 2013-09-02 09:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys 2013-08-29 17:45 - 2013-08-28 20:23 - 00000000 ____D C:\Users\Daniel\Desktop\Fotos Nadine 2013-08-29 13:34 - 2013-08-29 13:34 - 00000000 ____D C:\FRST 2013-08-26 22:00 - 2013-08-26 22:00 - 00000000 __RHD C:\Users\Daniel\AppData\Roaming\SecuROM 2013-08-26 20:13 - 2013-08-26 20:13 - 00000000 ____D C:\Users\Daniel\Documents\Electronic Arts 2013-08-26 20:10 - 2013-08-26 20:10 - 00000954 _____ C:\Users\Daniel\Desktop\EPSON Scan.lnk 2013-08-26 20:09 - 2012-01-16 17:54 - 00000000 ____D C:\Users\Daniel\Arbeit 2013-08-26 15:35 - 2013-07-08 18:27 - 00000000 ____D C:\windows\System32\Tasks\NCH Software 2013-08-24 21:31 - 2013-08-24 21:01 - 00000000 ____D C:\Program Files (x86)\Electronic Arts 2013-08-24 21:30 - 2010-06-25 15:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-08-24 21:17 - 2012-03-14 06:47 - 00007618 _____ C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg 2013-08-24 21:14 - 2013-08-24 21:14 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE 2013-08-21 17:23 - 2012-04-16 13:51 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2013-08-21 17:23 - 2012-04-16 13:51 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2013-08-21 17:23 - 2011-08-01 15:44 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-08-18 22:10 - 2012-04-28 17:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-18 17:33 - 2013-08-18 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-16 22:05 - 2013-08-16 16:27 - 00000000 ____D C:\Users\Administrator.Daniel-PC\AppData\Roaming\Skype 2013-08-16 19:43 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache 2013-08-14 19:10 - 2010-06-25 16:15 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-08-14 19:05 - 2013-08-14 19:04 - 00000000 ____D C:\windows\system32\MRT 2013-08-14 19:04 - 2011-01-14 07:29 - 78161360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2013-08-10 09:33 - 2009-07-14 07:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT Files to move or delete: ==================== C:\ProgramData\flashax10.exe C:\Users\Daniel\UnityWebPlayer.exe C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-01 09:39 ==================== End Of Log ============================ Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013 Ran by Daniel at 2013-09-09 10:22:40 Running from C:\Users\Daniel\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) (x32) "Nero SoundTrax Help (x32 Version: 2007 Microsoft Office system (x32 Version: 12.0.6612.1000) ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212) Adobe AIR (x32 Version: Adobe Community Help (x32 Version: 3.2.1) Adobe Community Help (x32 Version: Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03) Adobe Shockwave Player 12.0 (x32 Version: Advertising Center (x32 Version: Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17) Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: Apple Software Update (x32 Version: AquaSoft DiaShow 7 Ultimate (x32 Version: 7.7.10) ATI Catalyst Install Manager (Version: 3.0.765.0) Avira Free Antivirus (x32 Version: Avira SearchFree Toolbar plus Web Protection (x32 Version: Benutzerhandbuch EPSON SX235 Series (x32) Bonjour (Version: Business Contact Manager für Outlook 2007 SP2 (x32 Version: 3.0.8619.1) CameraHelperMsi (x32 Version: 13.30.1395.0) CARRERA's 3D Realism Gameplaypatch (x32 Version: 3.00b) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Core Implementation (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Full New (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Light (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412) Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412) Catalyst Control Center Localization All (x32 Version: 2010.0302.2233.40412) CCC Help Chinese Standard (x32 Version: 2010.0302.2232.40412) CCC Help Chinese Traditional (x32 Version: 2010.0302.2232.40412) CCC Help Czech (x32 Version: 2010.0302.2232.40412) CCC Help Danish (x32 Version: 2010.0302.2232.40412) CCC Help Dutch (x32 Version: 2010.0302.2232.40412) CCC Help English (x32 Version: 2010.0302.2232.40412) CCC Help Finnish (x32 Version: 2010.0302.2232.40412) CCC Help French (x32 Version: 2010.0302.2232.40412) CCC Help German (x32 Version: 2010.0302.2232.40412) CCC Help Greek (x32 Version: 2010.0302.2232.40412) CCC Help Hungarian (x32 Version: 2010.0302.2232.40412) CCC Help Italian (x32 Version: 2010.0302.2232.40412) CCC Help Japanese (x32 Version: 2010.0302.2232.40412) CCC Help Korean (x32 Version: 2010.0302.2232.40412) CCC Help Norwegian (x32 Version: 2010.0302.2232.40412) CCC Help Polish (x32 Version: 2010.0302.2232.40412) CCC Help Portuguese (x32 Version: 2010.0302.2232.40412) CCC Help Russian (x32 Version: 2010.0302.2232.40412) CCC Help Spanish (x32 Version: 2010.0302.2232.40412) CCC Help Swedish (x32 Version: 2010.0302.2232.40412) CCC Help Thai (x32 Version: 2010.0302.2232.40412) CCC Help Turkish (x32 Version: 2010.0302.2232.40412) ccc-core-static (x32 Version: 2010.0302.2233.40412) ccc-utility64 (Version: 2010.0302.2233.40412) CDDRV_Installer (Version: 4.60) D3DX10 (x32 Version: 15.4.2368.0902) Die Sims™ 3 (x32 Version: 1.55.4) Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96) DolbyFiles (x32 Version: 2.0) eaner (Version: 4.05) Eastside Hockey Manager v1.16 (x32) Epson Easy Photo Print 2 (x32 Version: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (x32 Version: 1.00.0000) Epson Event Manager (x32 Version: 2.50.0000) EPSON Scan (x32) EPSON SX235 Series Printer Uninstall EpsonNet Print (x32 Version: 2.4j) erLT (x32 Version: 1.12.0117) EVEREST Home Edition v2.20 (x32 Version: 2.20) Firebird SQL Server - MAGIX Edition (x32 Version: Free YouTube Download 2.9 (x32) Free YouTube to MP3 Converter version (x32 Version: Freemake Video Converter Version 3.0.2 (x32 Version: 3.0.2) FUSSBALL MANAGER 13 (x32 Version: Genesys USB Mass Storage Device (x32 Version: GIMP 2.8.2 (Version: 2.8.2) Google Earth (x32 Version: Google Update Helper (x32 Version: ImagXpress (x32 Version: Intel(R) Control Center (x32 Version: Intel(R) Management Engine Components (x32 Version: Intel(R) Network Connections Drivers (Version: 14.5) Intel(R) Rapid Storage Technology (x32 Version: Internet-TV für Windows Media Center (x32 Version: Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: Junk Mail filter update (x32 Version: 15.4.3502.0922) KhalInstallWrapper (Version: 4.60.122) Lenovo Healthcare Software (x32 Version: Lenovo Power2Go (x32 Version: 6.0.3321a3) Lenovo Rescue System (Version: 3.0.0827) Lenovo Rescue System (x32 Version: 3.0.0827) Lenovo Treiber- und Anwendungsinstallation (x32 Version: Logitech SetPoint (x32 Version: 4.60) Logitech Vid HD (x32 Version: 7.2 (7230)) Logitech Webcam Software (x32 Version: 2.0) LVT (x32 Version: LWS Facebook (x32 Version: 13.30.1346.0) LWS Gallery (x32 Version: 13.30.1379.0) LWS Help_main (x32 Version: 13.30.1396.0) LWS Launcher (x32 Version: 13.30.1379.0) LWS Motion Detection (x32 Version: 13.30.1395.0) LWS Pictures And Video (x32 Version: 13.30.1395.0) LWS Twitter (x32 Version: 13.30.1346.0) LWS Video Mask Maker (x32 Version: 13.00.1774.0) LWS VideoEffects (Version: 13.30.1379.0) LWS Webcam Software (x32 Version: 13.30.1379.0) LWS WLM Plugin (x32 Version: 1.30.1201.0) LWS YouTube Plugin (x32 Version: 13.30.1346.0) LXH-JME2207FN Hotkey Driver (x32 Version: 5.1.0804) Magic Encyclopedia (x32) Malwarebytes Anti-Malware Version (x32 Version: Menu Templates - Starter Kit (x32 Version: Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2003 Web Components (x32 Version: 11.0.8003.0) Microsoft Office 2007 Primary Interop Assemblies (x32 Version: 12.0.4518.1014) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000) Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Small Business Connectivity Components (x32 Version: 2.0.7024.0) Microsoft Office Suite Activation Assistant (x32 Version: 2.7) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 (x32) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (x32 Version: 9.4.5000.00) Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00) Microsoft SQL Server Native Client (Version: 9.00.5000.00) Microsoft SQL Server Setup Support Files (English) (x32 Version: 9.00.5000.00) Microsoft SQL Server VSS Writer (Version: 9.00.5000.00) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) MixPad (x32) Movie Templates - Starter Kit (x32 Version: Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) Nero 9 (x32) Nero BurningROM (x32 Version: Nero BurnRights (x32 Version: Nero ControlCenter (x32 Version: Nero CoverDesigner (x32 Version: Nero CoverDesigner Help (x32 Version: Nero Disc Copy Gadget (x32 Version: Nero Disc Copy Gadget Help (x32 Version: Nero DiscSpeed (x32 Version: Nero DriveSpeed (x32 Version: Nero Express (x32 Version: Nero InfoTool (x32 Version: Nero Installer (x32 Version: Nero Live (x32 Version: Nero Live Help (x32 Version: Nero PhotoSnap (x32 Version: Nero PhotoSnap Help (x32 Version: Nero Recode (x32 Version: Nero Recode Help (x32 Version: Nero Rescue Agent (x32 Version: Nero RescueAgent Help (x32 Version: Nero ShowTime (x32 Version: Nero StartSmart (x32 Version: Nero StartSmart Help (x32 Version: Nero Vision (x32 Version: Nero Vision (x32 Version: Nero WaveEditor (x32 Version: Nero WaveEditor Help (x32 Version: NeroBurningROM (x32 Version: NeroExpress (x32 Version: neroxml (x32 Version: 1.0.0) Netzwerkhandbuch EPSON SX235 Series (x32) OpenOffice.org 3.3 (x32 Version: 3.3.9567) Origin (x32 Version: PDF24 Creator 5.3.0 (x32) PokerStars.net (x32) Power Dial (x32 Version: QuickTime (x32 Version: Realtek High Definition Audio Driver (x32 Version: Roxio BackOnTrack (x32 Version: 1.3.1) Roxio File Backup (x32 Version: 1.3.0) Roxio Update Manager (x32 Version: 6.0.0) Skype™ 6.5 (x32 Version: 6.5.158) SoundTrax (x32 Version: Steam (x32 Version: swMSM (x32 Version: The Elder Scrolls V: Skyrim (x32) ThemeWallpaper (x32 Version: TuneUp (x32 Version: TVAnts 1.0 (x32) UnderCoverXP 1.23 (x32) Uninstall (x32) Unity Web Player (HKCU Version: ) Unlocker 1.9.1 (x32 Version: 1.9.1) Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (x32 Version: 9.00.5000.00) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition (x32) Update für Microsoft Office Excel 2007 Help (KB963678) (x32) Update für Microsoft Office Outlook 2007 Help (KB963677) (x32) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update für Microsoft Office Word 2007 Help (KB963665) (x32) VirtualDJ Home FREE (x32 Version: 7.4) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3555.0308) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3555.0308) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Messenger (x32 Version: 15.4.3538.0513) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live OneCare safety scanner (x32 Version: Windows Live OneCare safety scanner (x32) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live Sync (x32 Version: 14.0.8117.416) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) WinPatrol (Version: 28.1.2013.0) WinRAR (x32) ==================== Restore Points ========================= 05-09-2013 15:26:13 Windows Update 05-09-2013 17:20:27 Windows Update 06-09-2013 20:04:47 Windows Update 07-09-2013 12:09:09 Windows Update 07-09-2013 15:53:35 Windows Update 07-09-2013 21:19:21 Windows Update 08-09-2013 07:23:20 Windows Update 08-09-2013 21:13:21 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0005F81E-961D-45F9-A391-197C24F8FE26} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd) Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {17CC7D15-8EC0-4287-BD60-50263BC12FE8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {1BE89D56-4A13-4F73-846A-BDAA2775E5EF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {4AAA7A38-5185-4E26-9E72-45C00EE877D8} - System32\Tasks\User_Feed_Synchronization-{19B1EBA0-53F3-43B8-93EF-A4AD7F495B07} => C:\windows\system32\msfeedssync.exe [2013-03-22] (Microsoft Corporation) Task: {4C1B6FED-31B2-4DB3-A102-CCA6F1FA6E4F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated) Task: {4C8F348A-2224-4BF7-A81C-727E5E1F6CE6} - \BrowserDefendert No Task File Task: {5E744E19-81D2-44F2-B2B7-8FAB34941801} - System32\Tasks\NeroLiveEpgUpdate-Daniel-PC_Daniel => C:\Program Files (x86)\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-01] (Nero AG) Task: {79F64E39-F7AD-40BA-80CC-0D3F9C4F9FBF} - System32\Tasks\{66F2DD3C-0F5E-4EAD-A984-0D32571203DD} => Iexplore.exe hxxp://ui.skype.com/ui/0/ Task: {84F8A7BF-0CC2-4F8D-A698-0E016942E92E} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {87092DAD-F14A-4EB7-A7B2-9407F9CF3025} - \EPUpdater No Task File Task: {9CDB1E5D-8445-4451-A93A-23CAE1C7AAB7} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation) Task: {AF8B55DA-C2A5-4F50-B79D-376F120D7B1C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-06] (Google Inc.) Task: {C5FC1B6E-F920-47C4-8F90-4DCBEC5F170A} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {DE660F33-6E08-484E-849F-E2EF13299249} - System32\Tasks\WPD\SqmUpload_S-1-5-21-33591351-2617588201-1420577605-1004 => C:\Windows\System32\portabledeviceapi.dll [2010-11-20] (Microsoft Corporation) Task: {E1337932-8F27-44AA-B0B1-8E80B1B9CE57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-06] (Google Inc.) Task: {F3F0FF69-55BB-466F-9162-FE2B758C8A30} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\NeroLiveEpgUpdate-Daniel-PC_Daniel.job => C:\Program Files (x86)\Nero\Nero 9\Nero Live\NeroLive.exe ==================== Loaded Modules (whitelisted) ============= 2013-07-07 12:01 - 2012-12-10 03:46 - 00600868 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll 2013-07-07 12:01 - 2013-04-27 00:24 - 00064728 ____N (BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\PATROLPRO.DLL 2013-09-02 09:23 - 2013-09-02 15:26 - 00055352 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\cfglib.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00349752 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccguard.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00029240 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgrdrc.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00229432 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgrdw.dll 2013-09-02 09:23 - 2013-09-02 15:28 - 00419384 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccwgrd.dll 2013-09-02 09:23 - 2013-09-02 15:28 - 00027192 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccwgrdrc.dll 2013-09-02 09:23 - 2013-09-02 15:28 - 00127544 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccwgrdw.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00807992 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgen.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00049720 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgenrc.dll 2013-09-02 09:23 - 2013-09-02 15:28 - 00220216 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccupdate.dll 2013-09-02 09:23 - 2013-09-02 15:28 - 00028728 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccupdrc.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00083000 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\cclic.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00009784 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\cclicrc.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00237624 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccmsg.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00010296 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccmsgrc.dll 2013-09-02 09:23 - 2013-09-02 15:27 - 00014392 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccmainrc.dll 2013-09-02 09:23 - 2013-09-02 15:28 - 00218168 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\gpipc.dll 2013-08-18 17:33 - 2013-08-18 17:33 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\Users\Daniel\Thumbs.db:encryptable ==================== Faulty Device Manager Devices ============= Name: PS/2 Mouse Description: PS/2 Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Logitech Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: PS/2 Keyboard Description: PS/2 Keyboard Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: Logitech Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 38% Total physical RAM: 3958.52 MB Available physical RAM: 2442.12 MB Total Pagefile: 7915.23 MB Available Pagefile: 6094.59 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:906.34 GB) (Free:718.14 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FE6D0A40) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=906 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=25 GB) - (Type=12) ==================== End Of Log ============================ |
Pc stockt ab und zu für mehrere Sekunden... Läuft das System mittlerweile besser?
Logfiles bitte immer in CODE-Tags posten
#23
Pc stockt ab und zu für mehrere Sekunden... Ich würde ausm Gefühl jetzt sagen "Ja". Natürlich kann ich erst in 1-2 Tagen genaueres sagen, aber für den Moment scheints besser zu laufen. Mal schauen, ob es noch diese Abstürze beim Flashplayer gibt bzw den Desktop-Freeze. sind denn aus deiner Sicht keine schädlichen Programme etc mehr zu finden auf den logs? Ne andere Frage, die ich habe. Wenn ich in der Systemkonfiguration bin und unter "Dienste" gucke, sind da einige angehakt. Was bedeutet das genau, wenn dahinter steht "wird ausgeführt"? Denn da sind einige Dienste dabei, wo ich mir nicht vorstellen kann, das die nun unbedingt ausgeführt werden müssen. Macht es Sinn dort etwas zu ändern?
Pc stockt ab und zu für mehrere Sekunden... Lass die Finger von Diensten! Du machst mehr kaputt wenn du keinen Plan hast wozu welcher Dienst genau da ist!
Logfiles bitte immer in CODE-Tags posten
#25
Pc stockt ab und zu für mehrere Sekunden... ok, dann rühr ich da lieber nix. Ich bedanke mich auf jedenfall für die Hilfe bis hierhin. Scheitn auf jedenfall besser zu laufen und bis jetzt gab es auch noch keine der beschriebenen Probleme. Kann ich denn alle Programme wieder entfernen? ADWCleaner, CCLeaner, FRST, JRT, TFC
Pc stockt ab und zu für mehrere Sekunden... Dann wären wir durch!
Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
Logfiles bitte immer in CODE-Tags posten
#27
Pc stockt ab und zu für mehrere Sekunden... Danke für diesen Leitfaden. :-) Bin gerade mal dabei, die aktualität zu überprüfen bzw Updates durchzuführen und habe glaube ich ein kleines Problem mit dem Windows Updater. 1 Update scheint immer fehlzuschlagen.
Themen zu Pc stockt ab und zu für mehrere Sekunden... |
adware/downware.aa.3, andere, anti-malware, dateien, folge, folgendes, gelöscht, hintergrund, infizierte, mauszeiger, minute, minuten, problem, pup.optional.browserdefender.a, pup.optional.delta.a, pup.optional.iminent.a, pup.optional.sweetim, schonmal, sekunden, stockt, unterforum, überhaupt, überlastet |