|
Seth Avazutracking.net Hallo liebe Trojaner-Gemeinde, ich habe einen Seth Avazutracker, mit Seitenumleitungen im Browser, öffnen von extra Seiten und allgemeiner Langsamkeit des Browsers. Nachdem ich den Schritten 1-2 durchgeführt habe, stürzt mein Rechner in den Bluescreen beim Ausführen von Schritt 3, also dem starten von Gmer! Die Fehlermeldung ist whea-uncorretcable-problem! Hier mein Log für Schritte 1-2: OTL exe OTL logfile created on: 31/07/2013 09:29:36 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dirk\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16635) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 3.89 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 60.24% Memory free 7.89 Gb Paging File | 6.23 Gb Available in Paging File | 78.94% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 94.23 Gb Total Space | 17.94 Gb Free Space | 19.04% Space Free | Partition Type: NTFS Computer Name: DIESCHMIEDE | User Name: Dirk | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/07/31 08:34:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dirk\Downloads\OTL.exe PRC - [2013/07/31 08:33:57 | 000,050,477 | ---- | M] () -- C:\Users\Dirk\Downloads\Defogger.exe PRC - [2013/07/31 08:07:05 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013/07/31 08:06:39 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013/07/31 08:06:38 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013/07/28 16:44:18 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe PRC - [2013/07/04 11:56:45 | 000,010,752 | ---- | M] (Microsoft) -- C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe PRC - [2013/07/02 10:26:11 | 000,257,136 | ---- | M] (Microsoft Corporation) -- C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe PRC - [2013/06/28 09:39:11 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dirk\AppData\Local\Akamai\netsession_win.exe PRC - [2013/05/25 02:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/09/11 11:43:14 | 000,020,352 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe PRC - [2012/09/06 06:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2012/08/27 10:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2012/07/30 14:27:58 | 000,193,576 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe PRC - [2012/07/24 20:21:22 | 001,123,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe PRC - [2012/07/17 16:57:22 | 000,365,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012/07/17 16:57:20 | 000,277,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012/06/27 14:47:02 | 000,129,856 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012/06/25 12:57:14 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ========== Modules (No Company Name) ========== MOD - [2013/07/31 08:33:57 | 000,050,477 | ---- | M] () -- C:\Users\Dirk\Downloads\Defogger.exe MOD - [2013/07/28 16:44:17 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll MOD - [2013/06/28 09:39:00 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013/03/13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Dirk\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2013/01/28 14:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2013/01/28 14:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2012/11/14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Dirk\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ========== Services (SafeList) ========== SRV:64bit: - [2013/06/09 23:09:24 | 001,900,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc) SRV:64bit: - [2013/06/01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2013/05/04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013/05/04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2013/04/09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2013/03/05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McSchedulerSvc) SRV:64bit: - [2013/03/05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc) SRV:64bit: - [2013/03/05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McOobeSv2) SRV:64bit: - [2013/03/05 11:43:26 | 000,221,296 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe -- (McATScheduler) SRV:64bit: - [2013/03/02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2013/03/02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2013/01/29 03:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend) SRV:64bit: - [2013/01/10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2013/01/10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012/11/06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012/09/20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012/09/20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012/09/13 06:33:50 | 000,731,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:64bit: - [2012/08/15 19:08:14 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:64bit: - [2012/07/30 13:27:00 | 000,030,592 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DptfPolicyConfigTDPService.exe -- (DptfPolicyConfigTDPService) SRV:64bit: - [2012/07/30 13:26:58 | 000,029,056 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DptfParticipantProcessorService.exe -- (DptfParticipantProcessorService) SRV:64bit: - [2012/07/26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012/07/26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012/07/26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012/07/26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012/07/26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012/07/26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012/07/26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012/07/26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012/07/26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012/07/26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012/07/26 05:05:12 | 000,331,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv) SRV:64bit: - [2012/07/26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012/07/26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2012/07/18 14:14:38 | 002,699,568 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV:64bit: - [2012/07/18 14:14:16 | 000,272,176 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2012/07/18 14:14:04 | 000,627,504 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2012/07/18 14:13:40 | 000,149,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2012/04/20 16:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:64bit: - [2012/02/13 10:39:32 | 000,205,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCoreService.exe -- (MfeFfCoreService) SRV:64bit: - [2010/04/14 14:56:24 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxebcoms.exe -- (lxeb_device) SRV - [2013/07/31 08:07:05 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013/07/31 08:06:39 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013/07/28 16:44:18 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/07/04 11:56:45 | 000,010,752 | ---- | M] (Microsoft) [Auto | Running] -- C:\ProgramData\Microsoft\Windows\Time\Time-svc.exe -- (Time) SRV - [2013/06/28 09:39:10 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/11/06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012/09/06 06:50:40 | 001,124,288 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2012/08/27 10:45:56 | 001,112,000 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2012/07/30 14:27:58 | 000,193,576 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv) SRV - [2012/07/26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012/07/17 16:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012/07/17 16:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012/06/27 14:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012/06/25 12:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012/01/26 15:19:18 | 000,332,080 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- c:\PROGRA~1\mcafee\msc\mcawfwk.exe -- (McAWFwk) SRV - [2000/01/01 02:00:00 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/07/31 08:07:17 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2013/07/31 08:07:16 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013/07/31 08:07:16 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013/06/24 15:12:06 | 000,115,400 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ax88772.sys -- (AX88772) DRV:64bit: - [2013/06/21 03:09:40 | 000,067,880 | ---- | M] (McAfee, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\MfeEEFFV.sys -- (MfeEEFFV) DRV:64bit: - [2013/06/21 03:09:38 | 000,307,888 | ---- | M] (McAfee, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\MfeEEFF.sys -- (MfeEEFF) DRV:64bit: - [2013/06/21 03:09:36 | 000,206,424 | ---- | M] (McAfee, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\ImatDs.sys -- (ImatDs) DRV:64bit: - [2013/06/21 03:09:34 | 000,505,576 | ---- | M] (McAfee, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\ImatDmk.sys -- (ImatDmk) DRV:64bit: - [2013/06/21 03:09:34 | 000,016,360 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ImatDisk.sys -- (ImatDisk) DRV:64bit: - [2013/06/01 13:54:16 | 000,194,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2013/06/01 13:29:35 | 000,337,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2013/06/01 13:29:35 | 000,213,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2013/06/01 05:08:26 | 000,117,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthA2DP.sys -- (BthA2DP) DRV:64bit: - [2013/05/04 16:25:53 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2013/05/04 09:34:17 | 000,446,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2013/05/04 09:34:15 | 000,284,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2013/03/02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2013/03/02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2013/03/02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2013/02/12 02:17:50 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2013/02/06 08:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013/02/06 08:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013/02/02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013/02/02 09:24:42 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthHfAud.sys -- (BthHFAud) DRV:64bit: - [2013/01/29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2013/01/29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2013/01/10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/11/27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012/11/20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012/11/06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012/10/12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/10/11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012/10/11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012/09/20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012/09/20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012/09/20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012/09/13 08:26:34 | 004,293,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NETwew00.sys -- (NETwNe64) DRV:64bit: - [2012/09/13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2012/09/13 06:35:08 | 000,162,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2012/09/11 11:43:44 | 000,056,704 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsusTP.sys -- (ATP) DRV:64bit: - [2012/08/29 10:36:54 | 000,857,472 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2012/08/27 10:48:12 | 000,121,728 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/08/09 21:29:54 | 000,035,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2012/08/09 21:29:54 | 000,025,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2012/08/09 21:29:52 | 000,188,384 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xHCIPort.sys -- (XHCIPort) DRV:64bit: - [2012/08/09 21:29:52 | 000,048,096 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usb3Hub.sys -- (usb3Hub) DRV:64bit: - [2012/08/06 13:07:08 | 000,068,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iBtFltCoex.sys -- (ibtfltcoex) DRV:64bit: - [2012/08/02 05:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2012/07/30 14:27:52 | 000,043,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\irstrtdv.sys -- (irstrtdv) DRV:64bit: - [2012/07/26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/07/26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012/07/26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012/07/26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012/07/26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012/07/26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012/07/26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012/07/26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012/07/26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012/07/26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012/07/26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012/07/26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012/07/26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012/07/26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012/07/26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012/07/26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012/07/26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012/07/26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012/07/26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012/07/26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012/07/26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012/07/26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2012/07/26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012/07/26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012/07/26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012/07/26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012/07/26 04:28:02 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\acpials.sys -- (acpials) DRV:64bit: - [2012/07/26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012/07/26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012/07/26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012/07/26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012/07/26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012/07/26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012/07/26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012/07/26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012/07/26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012/07/26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012/07/26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012/07/26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012/07/26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/07/26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012/07/26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum) DRV:64bit: - [2012/07/26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012/07/26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012/07/26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012/07/24 20:21:22 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AiCharger.sys -- (AiCharger) DRV:64bit: - [2012/07/24 05:16:28 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA) DRV:64bit: - [2012/07/13 10:50:40 | 000,361,792 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfManager.sys -- (DptfManager) DRV:64bit: - [2012/07/13 10:50:40 | 000,064,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevGen.sys -- (DptfDevGen) DRV:64bit: - [2012/07/13 10:50:38 | 000,107,328 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevDram.sys -- (DptfDevDram) DRV:64bit: - [2012/07/13 10:50:36 | 000,042,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevFan.sys -- (DptfDevFan) DRV:64bit: - [2012/07/13 10:50:34 | 000,096,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevPch.sys -- (DptfDevPch) DRV:64bit: - [2012/07/13 10:50:32 | 000,228,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\DptfDevProc.sys -- (DptfDevProc) DRV:64bit: - [2012/07/02 17:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012/06/02 16:34:37 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2012/06/02 16:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2012/06/02 16:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2012/06/02 16:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress) DRV:64bit: - [2012/06/02 16:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr) DRV:64bit: - [2012/05/31 05:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys -- (HIDSwitch) DRV:64bit: - [2000/01/01 02:00:00 | 004,534,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2000/01/01 02:00:00 | 000,442,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2000/01/01 02:00:00 | 000,316,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsUVStor.sys -- (RSUSBVSTOR) DRV:64bit: - [2000/01/01 02:00:00 | 000,019,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\rtcrfilt64.sys -- (rtcrfilt64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {6BEA9054-A753-42D6-820C-E98B0EEB4549} IE - HKCU\..\SearchScopes\{6BEA9054-A753-42D6-820C-E98B0EEB4549}: "URL" = hxxp://searchou.com/?q={searchTerms}&id=de4edb83000000000000c4850842806b&r=234 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.teamliquid.net/" FF - prefs.js..extensions.enabledAddons: protectme%40protectme.com:1.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/26 19:03:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/12/19 11:01:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dirk\AppData\Roaming\mozilla\Extensions [2013/07/31 08:18:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dirk\AppData\Roaming\mozilla\Firefox\Profiles\2acnq9pm.default\extensions [2012/12/27 10:55:12 | 000,000,000 | ---D | M] ("Protect Me") -- C:\Users\Dirk\AppData\Roaming\mozilla\Firefox\Profiles\2acnq9pm.default\extensions\protectme@protectme.com [2013/05/26 19:04:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013/06/28 09:39:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter} CHR - plugin: Erster Nutzer (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll CHR - plugin: Error reading preferences file CHR - Extension: Docs = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: Google Drive = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: YouTube = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013/07/07 19:07:37 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (ASUS Browser Extension x64) - {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {0C9F4179-A319-4c6a-A3E5-67FF3592A12E} - No CLSID value found. O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2 - BHO: (ASUS Browser Extension x86) - {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [ASUSQuickGesture(x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) O4:64bit: - HKLM..\Run: [ASUSQuickGesture(x86)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc.) O4:64bit: - HKLM..\Run: [ASUSTPLoader(x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.) O4:64bit: - HKLM..\Run: [DptfPolicyLpmServiceHelper] C:\Windows\SysNative\dptfpolicylpmservicehelper.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MfeFfCore] C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\MfeFfCore.exe (McAfee, Inc.) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATUninstallIcon] C:\Program Files\McAfeeEx\McAfeeAntiTheft\ATLauncher.exe (McAfee, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.) O4 - HKLM..\Run: [MetroTileShortcut] C:\Program Files\McAfeeAntiTheft\2.2.279.5\McATUIHost.exe (McAfee, Inc.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Dirk\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [Driver Detective] C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe (PC Drivers Headquarters) O4 - HKCU..\Run: [DriverBoost] C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe (PC Drivers Headquarters) O4 - HKCU..\Run: [gSyncit] C:\Program Files\Fieldston Software\gSyncit\gsyncit.exe (Fieldston Software) O4 - HKCU..\Run: [SkyDrive] C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation) O4 - Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk = File not found O4 - Startup: C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Dirk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 1 O8:64bit: - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An Bluetooth senden - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab (DLM Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03F89746-7382-4083-AC82-6992D1C70FAC}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40A76840-FD47-4365-AABA-62679ACEB9DA}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE325ADD-477E-4CE8-A5B6-BB22E8411A14}: DhcpNameServer = 82.144.41.8 82.145.9.8 O18:64bit: - Protocol\Handler\ipp - No CLSID value found O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\ImatSup.dll) - C:\Program Files\McAfee\Endpoint Encryption for Files and Folders\ImatSup.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4a2d34d9-5135-11e2-be75-b92e64a0587f}\Shell - "" = AutoRun O33 - MountPoints2\{4a2d34d9-5135-11e2-be75-b92e64a0587f}\Shell\AutoRun\command - "" = "D:\KoDP.exe" autorun O33 - MountPoints2\{ac1082d3-c4c0-11e2-be8f-972169402560}\Shell - "" = AutoRun O33 - MountPoints2\{ac1082d3-c4c0-11e2-be8f-972169402560}\Shell\AutoRun\command - "" = "E:\LaunchU3.exe" -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/07/31 08:16:52 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Roaming\Avira [2013/07/31 08:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\APN [2013/07/31 08:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013/07/31 08:08:01 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013/07/31 08:08:01 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013/07/31 08:08:01 | 000,083,672 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013/07/31 08:08:01 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013/07/31 08:08:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013/07/31 08:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013/07/30 21:07:08 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013/07/30 21:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013/07/30 15:53:34 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Roaming\Malwarebytes [2013/07/30 15:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/07/30 15:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/07/30 15:53:17 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/07/30 15:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/07/30 15:40:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2013/07/30 15:40:08 | 002,102,040 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll [2013/07/30 15:40:08 | 000,834,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll [2013/07/30 15:40:08 | 000,635,160 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\sltech64.dll [2013/07/30 15:40:08 | 000,528,152 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\sl3apo64.dll [2013/07/30 15:40:08 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2013/07/30 15:40:08 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll [2013/07/30 15:40:08 | 000,215,320 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll [2013/07/30 15:40:08 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2013/07/30 15:40:08 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2013/07/30 15:40:08 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2013/07/30 15:40:07 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2013/07/30 15:40:07 | 004,816,664 | ---- | C] (ASUSTeKcomputer.Inc) -- C:\Windows\SysNative\RTKSMlfx.dll [2013/07/30 15:40:07 | 000,746,840 | ---- | C] (A-Volute) -- C:\Windows\SysNative\RTKSMSettingsIPC.dll [2013/07/30 15:40:07 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2013/07/30 15:40:07 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2013/07/30 15:40:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2013/07/30 15:40:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2013/07/30 15:40:07 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2013/07/30 15:40:07 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2013/07/30 15:40:07 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2013/07/30 15:40:07 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2013/07/30 15:40:07 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll [2013/07/30 15:40:07 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll [2013/07/30 15:40:07 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2013/07/30 15:40:07 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2013/07/30 15:40:07 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2013/07/30 15:40:06 | 014,021,912 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll [2013/07/30 15:40:06 | 009,123,608 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll [2013/07/30 15:40:06 | 002,032,408 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll [2013/07/30 15:40:06 | 001,900,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll [2013/07/30 15:40:06 | 000,910,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2013/07/30 15:40:06 | 000,719,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll [2013/07/30 15:40:06 | 000,612,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll [2013/07/30 15:40:06 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll [2013/07/30 15:40:06 | 000,395,208 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2013/07/30 15:40:06 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2013/07/30 15:40:06 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2013/07/30 15:40:05 | 002,734,624 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2013/07/30 15:40:05 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2013/07/30 15:40:05 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2013/07/30 15:40:05 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2013/07/30 15:40:05 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2013/07/30 15:40:05 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2013/07/30 15:40:05 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2013/07/30 15:40:05 | 000,501,192 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll [2013/07/30 15:40:05 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2013/07/30 15:40:05 | 000,487,368 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll [2013/07/30 15:40:05 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2013/07/30 15:40:05 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2013/07/30 15:40:05 | 000,415,688 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll [2013/07/30 15:40:05 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2013/07/30 15:40:05 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2013/07/30 15:40:05 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2013/07/30 15:40:05 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll [2013/07/30 15:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2013/07/30 15:32:02 | 000,024,576 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013/07/30 15:30:41 | 000,064,000 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll [2013/07/30 15:30:41 | 000,060,416 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll [2013/07/30 15:26:47 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Local\SlimWare Utilities Inc [2013/07/30 15:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers [2013/07/30 15:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers [2013/07/30 15:26:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers [2013/07/30 14:52:47 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Local\Akamai [2013/07/30 14:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices [2013/07/30 14:01:22 | 000,505,576 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\ImatDmk.sys [2013/07/30 14:01:22 | 000,307,888 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\MfeEEFF.sys [2013/07/30 14:01:22 | 000,206,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\ImatDs.sys [2013/07/30 14:01:22 | 000,067,880 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\MfeEEFFV.sys [2013/07/30 14:01:22 | 000,016,360 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\ImatDisk.sys [2013/07/30 14:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Anti-Theft Service [2013/07/30 13:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfeeAntiTheft [2013/07/30 13:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\McAfeeAntiTheft [2013/07/29 17:23:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013/07/29 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013/07/29 17:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013/07/29 11:14:22 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It [2013/07/29 11:14:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reason [2013/07/29 10:25:35 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin [2013/07/23 09:14:08 | 000,000,000 | ---D | C] -- C:\Users\Dirk\Desktop\Bayreuth [2013/07/18 09:03:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT [2013/07/14 16:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013/07/14 16:33:30 | 006,131,200 | ---- | C] (Advanced Messaging Systems LLC) -- C:\Windows\SysWow64\PhoenixDll.dll [2013/07/14 16:33:30 | 000,791,680 | ---- | C] (Advanced Messaging Systems LLC) -- C:\Windows\SysWow64\StellarProfile.dll [2013/07/14 16:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Professional [2013/07/14 16:33:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery [2013/07/14 12:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital [2013/07/07 19:13:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2 [2013/07/07 19:10:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013/07/04 20:09:40 | 000,000,000 | ---D | C] -- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft [2013/07/04 20:09:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anvisoft [2013/07/04 09:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013/07/04 09:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013/07/04 09:42:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013/07/04 09:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/07/04 09:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/07/31 09:25:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/07/31 09:23:18 | 000,412,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/07/31 09:23:16 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013/07/31 09:23:15 | 821,139,852 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013/07/31 09:23:14 | 3340,271,616 | -HS- | M] () -- C:\hiberfil.sys [2013/07/31 09:18:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/07/31 08:46:47 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/07/31 08:46:47 | 000,760,560 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/07/31 08:46:47 | 000,717,670 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/07/31 08:46:47 | 000,158,770 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/07/31 08:46:47 | 000,135,558 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/07/31 08:34:26 | 000,000,168 | ---- | M] () -- C:\Users\Dirk\defogger_reenable [2013/07/31 08:21:17 | 000,043,714 | ---- | M] () -- C:\Users\Dirk\Documents\cc_20130731_082047.reg [2013/07/31 08:07:17 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013/07/31 08:07:17 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013/07/31 08:07:16 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013/07/31 08:07:16 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013/07/30 21:07:08 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe [2013/07/30 15:39:49 | 000,016,258 | ---- | M] () -- C:\Windows\SysNative\results.xml [2013/07/30 14:58:23 | 002,526,590 | ---- | M] () -- C:\Users\Dirk\Documents\UX31AAS219.zip [2013/07/30 10:11:48 | 000,001,254 | ---- | M] () -- C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2013/07/26 18:23:00 | 000,322,467 | ---- | M] () -- C:\Users\Dirk\Documents\TSCards_Aid.pdf [2013/07/14 17:15:14 | 000,000,141 | ---- | M] () -- C:\Windows\spwdrp.INI [2013/07/07 19:09:48 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2013/07/07 19:07:37 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/07/31 09:23:15 | 821,139,852 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013/07/31 08:34:26 | 000,000,168 | ---- | C] () -- C:\Users\Dirk\defogger_reenable [2013/07/31 08:21:10 | 000,043,714 | ---- | C] () -- C:\Users\Dirk\Documents\cc_20130731_082047.reg [2013/07/30 15:40:07 | 003,180,912 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat [2013/07/30 15:40:07 | 000,465,645 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2013/07/30 15:38:33 | 000,014,480 | ---- | C] () -- C:\Windows\SysNative\rtcrco.dll [2013/07/30 15:30:40 | 000,012,288 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll [2013/07/30 15:30:37 | 024,283,136 | ---- | C] () -- C:\Windows\SysNative\igdfcl64.dll [2013/07/30 15:30:37 | 000,286,720 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll [2013/07/30 15:30:37 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2013/07/30 15:30:37 | 000,117,760 | ---- | C] () -- C:\Windows\SysNative\igdail64.dll [2013/07/30 15:30:37 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll [2013/07/30 15:30:34 | 002,384,896 | ---- | C] () -- C:\Windows\SysNative\GfxRes.dll [2013/07/30 15:30:26 | 000,256,973 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources [2013/07/30 15:30:26 | 000,243,062 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources [2013/07/30 15:30:26 | 000,225,909 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources [2013/07/30 15:30:26 | 000,192,779 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources [2013/07/30 15:30:26 | 000,189,982 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources [2013/07/30 15:30:26 | 000,184,704 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources [2013/07/30 15:30:26 | 000,173,641 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources [2013/07/30 15:30:26 | 000,173,255 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources [2013/07/30 15:30:26 | 000,171,308 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources [2013/07/30 15:30:26 | 000,170,949 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources [2013/07/30 15:30:26 | 000,170,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources [2013/07/30 15:30:26 | 000,169,419 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources [2013/07/30 15:30:26 | 000,168,766 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources [2013/07/30 15:30:26 | 000,168,624 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources [2013/07/30 15:30:26 | 000,168,145 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources [2013/07/30 15:30:26 | 000,167,827 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources [2013/07/30 15:30:26 | 000,167,279 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources [2013/07/30 15:30:26 | 000,166,207 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources [2013/07/30 15:30:26 | 000,166,115 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources [2013/07/30 15:30:26 | 000,165,888 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources [2013/07/30 15:30:26 | 000,165,805 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources [2013/07/30 15:30:26 | 000,165,389 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources [2013/07/30 15:30:26 | 000,164,428 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources [2013/07/30 15:30:26 | 000,161,093 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources [2013/07/30 15:30:26 | 000,160,055 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources [2013/07/30 15:30:26 | 000,159,440 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources [2013/07/30 15:30:26 | 000,154,905 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources [2013/07/30 15:30:26 | 000,148,171 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources [2013/07/30 15:30:26 | 000,146,480 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources [2013/07/30 15:30:26 | 000,044,025 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp [2013/07/30 15:30:26 | 000,043,816 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp [2013/07/30 15:30:26 | 000,043,494 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp [2013/07/30 15:30:26 | 000,043,298 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp [2013/07/30 15:30:26 | 000,043,256 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp [2013/07/30 15:30:26 | 000,042,079 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp [2013/07/30 15:30:26 | 000,017,502 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp [2013/07/30 15:30:26 | 000,001,125 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp [2013/07/30 15:30:25 | 002,813,952 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa [2013/07/30 15:30:25 | 000,001,806 | ---- | C] () -- C:\Windows\SysNative\GfxUIEx.exe.config [2013/07/30 15:30:25 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\DPTopologyApp.exe.config [2013/07/30 15:30:25 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\CustomModeApp.exe.config [2013/07/30 15:30:25 | 000,000,264 | ---- | C] () -- C:\Windows\SysNative\GfxUIHotKeyMenu.exe.config [2013/07/30 14:58:19 | 002,526,590 | ---- | C] () -- C:\Users\Dirk\Documents\UX31AAS219.zip [2013/07/26 18:22:47 | 000,322,467 | ---- | C] () -- C:\Users\Dirk\Documents\TSCards_Aid.pdf [2013/07/17 19:54:24 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml [2013/07/14 16:33:30 | 000,000,141 | ---- | C] () -- C:\Windows\spwdrp.INI [2013/07/14 14:48:16 | 000,412,912 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/04/16 20:36:41 | 000,000,106 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc [2013/04/16 10:45:06 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-DIESCHMIEDE-Microsoft-Windows-8-(64-Bit).dat [2012/12/27 22:04:54 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012/11/17 13:32:50 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2012/11/17 13:26:46 | 000,185,216 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.exe [2012/11/17 13:26:46 | 000,004,362 | ---- | C] () -- C:\Windows\SysWow64\dptfinvalidpolicyremover.ini [2012/09/27 07:24:41 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2012/09/27 07:24:26 | 019,586,560 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll [2012/09/27 07:24:24 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012/08/17 02:52:29 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe [2012/08/17 02:52:28 | 000,000,217 | ---- | C] () -- C:\ProgramData\SetStretch.cmd [2012/07/26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012/07/26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012/07/26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012/07/25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012/07/25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012/07/25 22:22:56 | 000,267,284 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012/07/25 22:22:54 | 000,963,376 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012/06/02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012/04/20 15:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2012/12/19 23:49:46 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\Windows\SysWow64\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/12/17 20:19:20 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\ASUS WebStorage [2013/07/31 08:16:36 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\DAEMON Tools Lite [2013/07/31 09:24:24 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\Dropbox [2013/04/16 10:05:22 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\gSyncit [2013/06/26 22:18:15 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\NuGet [2013/02/28 11:06:05 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\SYNCING.NET [2013/07/30 22:23:05 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\UseNeXT [2013/07/31 08:16:31 | 000,000,000 | ---D | M] -- C:\Users\Dirk\AppData\Roaming\uTorrent ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 3072 bytes -> C:\ProgramData\WinZipEC:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\WinZip:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Western Digital:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\USBChargerPlus:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\UAB:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\TEMP:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\StarApp:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Roaming:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\RELOADED:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\regid.1991-06.com.microsoft:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\PRICache:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\PC Drivers HeadQuarters:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Professional:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 3:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCTGN:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Anti-Theft Service:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gSyncit:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverBoost:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft SkyDrive:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\McAfee:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\lx_Cats:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Intel:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Intel.sav:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\HitmanPro:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\FolderView:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\DriverBoost:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\DAEMON Tools Lite:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\ChangeFolderView:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Avira:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\ASUSLogos:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\ASUS:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\ASUS WebStorage:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Apple:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Apple Computer:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\APN:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\Adobe:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\ProgramData:IMAT__DS_DIR_HDR @Alternate Data Stream - 3072 bytes -> C:\Program Files:IMAT__DS_DIR_HDR @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:D5FBE8F9 < End of report > Extra-Report gab es nicht!!! Vielen Dank für die Hilfe, PropositionD |
hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
|
Hallo und Danke für die schnelle Hilfsbereitschaft! Leider stürzt mein PC beim Ausführen von Frst 64 immer ab. (Sofort aus!!!) |
|
Addition: Code: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2013 03FRST Logfile: Code: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03 |
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte. |
Malwarebytes: Code: Malwarebytes Anti-Malware 1.75.0.1300Code: # AdwCleaner v2.306 - Datei am 31/07/2013 um 13:15:31 erstelltCode: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~FRST Logfile: FRST Logfile: Code: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03--- --- --- |
ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? :) |
Code: ESETSmartInstaller@High as downloader log:Code: Results of screen317's Security Check version 0.99.71 FRST Logfile: FRST Logfile: FRST Logfile: Code: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-07-2013 03--- --- --- --- --- --- Bis jetzt zeigen sich die Symptome nicht mehr! Ich kann nur hoffen, dass unsere Prozedur erfolgreich war - ich denke, dass sie es ist! Daher, vielen Dank Sir Schrauber! |
Fertig :) Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann. |
Danke nochmals, doch leider zeigte sich der wiederborstige Seth a... gerade wieder!!! Welche Waffen haben wir noch zur Verfügung? |
wo genau? |
Im Firefox. Ich habe das Gefuhl, dass es öfters eintritt, wenn ich die Pfeiltasten benutze. Kann aber auch nur Zufall sein. öfters werde ich auf eine Seite weitergeleitet - ohne, dass vorher der Weg über seth a... läuft, die: hxxp://funnygamel.com/javade/index.html heißt. Ist das etwas anderes als der a...? Das hatte ich im übrigen schon genauso lang wie den a. Guten Morgen! Noch ein paar Hinweise: mein Mauszeiger flimmert während ich im Firefox bin, außerdem stockt das Scrollen aller 2 sec kurz. Im IE habe ich bisher, nach 1h Testen, keines der bisher genannten Syndrome. |
Firefox deinstallieren, keine Daten behalten, neu installieren. Testen :) |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 07:11 Uhr. |
Copyright ©2000-2025, Trojaner-Board
