| |
| |||||||
Log-Analyse und Auswertung: Claro-Search als StartseiteWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
17.11.2012, 14:11
| #1 |
| |  Claro-Search als Startseite hi, ich habe hier nun schon mehrfach gelesen das ihr mir evtl bei dem Problem mit Claro-search helfen könnt. Claro search ist bei mir immer wieder als Startseite im Firefox un d ich bekomme es nicht weg. ich wolte jetzt nicht die genauen anleitungen von anderen leuten ausprobieren da sich das ja soweit ich verstanden haben individuel auf jeden PC bezieht. ich habe diverse scans schon gemacht aber keiner hat es wegbekommen :-( vielleicht könnt ihr mir ja helfen. LG Ironivan aswMBR: Code:
ATTFilter Run date: 2012-11-17 14:17:08
-----------------------------
14:17:08.912 OS Version: Windows x64 6.1.7601 Service Pack 1
14:17:08.912 Number of processors: 4 586 0x1E05
14:17:08.912 ComputerName: IVAN-PC UserName: Ivan
14:17:09.801 Initialize success
14:18:11.621 AVAST engine defs: 12111700
14:18:29.723 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:18:29.724 Disk 0 Vendor: WDC_WD5000AADS-00M2B0 01.00A01 Size: 476940MB BusType: 3
14:18:29.739 Disk 0 MBR read successfully
14:18:29.740 Disk 0 MBR scan
14:18:29.754 Disk 0 Windows 7 default MBR code
14:18:29.770 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:18:29.781 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 102299 MB offset 206848
14:18:29.798 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 374539 MB offset 209715200
14:18:29.820 Disk 0 scanning C:\Windows\system32\drivers
14:18:38.038 Service scanning
14:18:55.019 Modules scanning
14:18:55.024 Disk 0 trace - called modules:
14:18:55.051 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8003da72c0]<<sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:18:55.055 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004dea060]
14:18:55.058 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa8004aa3520]
14:18:55.061 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004aa5060]
14:18:55.064 \Driver\atapi[0xfffffa8004a91af0] -> IRP_MJ_CREATE -> 0xfffffa8003da72c0
14:18:56.341 AVAST engine scan C:\Windows
14:18:59.117 AVAST engine scan C:\Windows\system32
14:21:09.341 AVAST engine scan C:\Windows\system32\drivers
14:21:18.586 AVAST engine scan C:\Users\Ivan
14:39:24.632 AVAST engine scan C:\ProgramData
14:44:31.762 Scan finished successfully
14:44:45.970 Disk 0 MBR has been saved successfully to "C:\Users\Ivan\Desktop\MBR.dat"
14:44:45.973 The log file has been saved successfully to "C:\Users\Ivan\Desktop\aswMBR.txt"
14:45:45.007 Disk 0 MBR has been saved successfully to "C:\Users\Ivan\Desktop\MBR.dat"
14:45:45.010 The log file has been saved successfully to "C:\Users\Ivan\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-17 14:17:08
-----------------------------
14:17:08.912 OS Version: Windows x64 6.1.7601 Service Pack 1
14:17:08.912 Number of processors: 4 586 0x1E05
14:17:08.912 ComputerName: IVAN-PC UserName: Ivan
14:17:09.801 Initialize success
14:18:11.621 AVAST engine defs: 12111700
14:18:29.723 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:18:29.724 Disk 0 Vendor: WDC_WD5000AADS-00M2B0 01.00A01 Size: 476940MB BusType: 3
14:18:29.739 Disk 0 MBR read successfully
14:18:29.740 Disk 0 MBR scan
14:18:29.754 Disk 0 Windows 7 default MBR code
14:18:29.770 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:18:29.781 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 102299 MB offset 206848
14:18:29.798 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 374539 MB offset 209715200
14:18:29.820 Disk 0 scanning C:\Windows\system32\drivers
14:18:38.038 Service scanning
14:18:55.019 Modules scanning
14:18:55.024 Disk 0 trace - called modules:
14:18:55.051 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8003da72c0]<<sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:18:55.055 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004dea060]
14:18:55.058 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa8004aa3520]
14:18:55.061 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004aa5060]
14:18:55.064 \Driver\atapi[0xfffffa8004a91af0] -> IRP_MJ_CREATE -> 0xfffffa8003da72c0
14:18:56.341 AVAST engine scan C:\Windows
14:18:59.117 AVAST engine scan C:\Windows\system32
14:21:09.341 AVAST engine scan C:\Windows\system32\drivers
14:21:18.586 AVAST engine scan C:\Users\Ivan
14:39:24.632 AVAST engine scan C:\ProgramData
14:44:31.762 Scan finished successfully
14:44:45.970 Disk 0 MBR has been saved successfully to "C:\Users\Ivan\Desktop\MBR.dat"
14:44:45.973 The log file has been saved successfully to "C:\Users\Ivan\Desktop\aswMBR.txt"
14:45:45.007 Disk 0 MBR has been saved successfully to "C:\Users\Ivan\Desktop\MBR.dat"
14:45:45.010 The log file has been saved successfully to "C:\Users\Ivan\Desktop\aswMBR.txt"
14:47:56.394 Disk 0 MBR has been saved successfully to "C:\Users\Ivan\Desktop\MBR.dat"
14:47:56.398 The log file has been saved successfully to "C:\Users\Ivan\Desktop\aswMBR.txt"
Code:
ATTFilter 14:57:18.0556 4312 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:57:18.0878 4312 ============================================================
14:57:18.0878 4312 Current date / time: 2012/11/17 14:57:18.0878
14:57:18.0878 4312 SystemInfo:
14:57:18.0878 4312
14:57:18.0878 4312 OS Version: 6.1.7601 ServicePack: 1.0
14:57:18.0878 4312 Product type: Workstation
14:57:18.0878 4312 ComputerName: IVAN-PC
14:57:18.0878 4312 UserName: Ivan
14:57:18.0878 4312 Windows directory: C:\Windows
14:57:18.0878 4312 System windows directory: C:\Windows
14:57:18.0878 4312 Running under WOW64
14:57:18.0878 4312 Processor architecture: Intel x64
14:57:18.0878 4312 Number of processors: 4
14:57:18.0878 4312 Page size: 0x1000
14:57:18.0878 4312 Boot type: Normal boot
14:57:18.0878 4312 ============================================================
14:57:19.0764 4312 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:57:19.0767 4312 ============================================================
14:57:19.0767 4312 \Device\Harddisk0\DR0:
14:57:19.0767 4312 MBR partitions:
14:57:19.0767 4312 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:57:19.0767 4312 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC7CD800
14:57:19.0767 4312 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC800000, BlocksNum 0x2DB85800
14:57:19.0767 4312 ============================================================
14:57:19.0811 4312 C: <-> \Device\Harddisk0\DR0\Partition3
14:57:19.0835 4312 D: <-> \Device\Harddisk0\DR0\Partition2
14:57:19.0835 4312 ============================================================
14:57:19.0835 4312 Initialize success
14:57:19.0835 4312 ============================================================
14:57:21.0249 3744 ============================================================
14:57:21.0249 3744 Scan started
14:57:21.0249 3744 Mode: Manual;
14:57:21.0249 3744 ============================================================
14:57:22.0289 3744 ================ Scan system memory ========================
14:57:22.0289 3744 System memory - ok
14:57:22.0290 3744 ================ Scan services =============================
14:57:22.0413 3744 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:57:22.0416 3744 1394ohci - ok
14:57:22.0456 3744 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:57:22.0460 3744 ACPI - ok
14:57:22.0473 3744 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:57:22.0474 3744 AcpiPmi - ok
14:57:22.0503 3744 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
14:57:22.0504 3744 adfs - ok
14:57:22.0612 3744 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:57:22.0615 3744 AdobeFlashPlayerUpdateSvc - ok
14:57:22.0665 3744 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:57:22.0670 3744 adp94xx - ok
14:57:22.0676 3744 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:57:22.0679 3744 adpahci - ok
14:57:22.0693 3744 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:57:22.0695 3744 adpu320 - ok
14:57:22.0722 3744 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:57:22.0723 3744 AeLookupSvc - ok
14:57:22.0754 3744 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:57:22.0758 3744 AFD - ok
14:57:22.0770 3744 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:57:22.0771 3744 agp440 - ok
14:57:22.0783 3744 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:57:22.0784 3744 ALG - ok
14:57:22.0797 3744 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:57:22.0798 3744 aliide - ok
14:57:22.0838 3744 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:57:22.0840 3744 AMD External Events Utility - ok
14:57:22.0859 3744 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:57:22.0860 3744 amdide - ok
14:57:22.0873 3744 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:57:22.0874 3744 AmdK8 - ok
14:57:23.0079 3744 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:57:23.0239 3744 amdkmdag - ok
14:57:23.0273 3744 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:57:23.0277 3744 amdkmdap - ok
14:57:23.0292 3744 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:57:23.0293 3744 AmdPPM - ok
14:57:23.0309 3744 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:57:23.0311 3744 amdsata - ok
14:57:23.0343 3744 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:57:23.0345 3744 amdsbs - ok
14:57:23.0356 3744 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:57:23.0356 3744 amdxata - ok
14:57:23.0458 3744 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:57:23.0459 3744 AntiVirSchedulerService - ok
14:57:23.0478 3744 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:57:23.0479 3744 AntiVirService - ok
14:57:23.0519 3744 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:57:23.0520 3744 AppID - ok
14:57:23.0549 3744 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:57:23.0550 3744 AppIDSvc - ok
14:57:23.0583 3744 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:57:23.0584 3744 Appinfo - ok
14:57:23.0639 3744 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:57:23.0640 3744 Apple Mobile Device - ok
14:57:23.0687 3744 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:57:23.0688 3744 arc - ok
14:57:23.0699 3744 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:57:23.0701 3744 arcsas - ok
14:57:23.0754 3744 [ 68726474C69B738EAC3A62E06B33ADDC ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
14:57:23.0755 3744 AsIO - ok
14:57:23.0819 3744 aspnet_state - ok
14:57:23.0837 3744 [ 798A87B2D7AD73B16B7CD968C5D1F18F ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
14:57:23.0838 3744 AsSysCtrlService - ok
14:57:23.0858 3744 [ A4398A8914C32F18EC2AB562CBA3CAAF ] asusgsb C:\Windows\system32\drivers\asusgsb.sys
14:57:23.0858 3744 asusgsb - ok
14:57:23.0875 3744 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:57:23.0875 3744 AsyncMac - ok
14:57:23.0900 3744 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:57:23.0900 3744 atapi - ok
14:57:23.0946 3744 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:57:23.0948 3744 AtiHDAudioService - ok
14:57:23.0984 3744 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
14:57:23.0985 3744 AtiHdmiService - ok
14:57:24.0157 3744 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:57:24.0199 3744 atikmdag - ok
14:57:24.0218 3744 [ FB4187C282CB467E5E606913A1FA79A3 ] atkdisplf C:\Windows\system32\drivers\ATKDispLowFilter.sys
14:57:24.0219 3744 atkdisplf - ok
14:57:24.0243 3744 [ 6B743379D19398224D96129241AED1F3 ] ATKFUSService C:\Windows\system32\ATKFUSService.exe
14:57:24.0244 3744 ATKFUSService - ok
14:57:24.0291 3744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:57:24.0297 3744 AudioEndpointBuilder - ok
14:57:24.0304 3744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:57:24.0307 3744 AudioSrv - ok
14:57:24.0326 3744 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:57:24.0327 3744 avgntflt - ok
14:57:24.0399 3744 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:57:24.0400 3744 avipbb - ok
14:57:24.0403 3744 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:57:24.0404 3744 avkmgr - ok
14:57:24.0443 3744 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:57:24.0445 3744 AxInstSV - ok
14:57:24.0483 3744 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:57:24.0487 3744 b06bdrv - ok
14:57:24.0524 3744 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:57:24.0527 3744 b57nd60a - ok
14:57:24.0551 3744 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:57:24.0553 3744 BDESVC - ok
14:57:24.0565 3744 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:57:24.0566 3744 Beep - ok
14:57:24.0612 3744 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:57:24.0618 3744 BFE - ok
14:57:24.0645 3744 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
14:57:24.0653 3744 BITS - ok
14:57:24.0660 3744 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:57:24.0661 3744 blbdrive - ok
14:57:24.0690 3744 [ 057F482CFDB57E75202E2E37795F2D3B ] BMLoad C:\Windows\system32\drivers\BMLoad.sys
14:57:24.0691 3744 BMLoad - ok
14:57:24.0751 3744 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:57:24.0755 3744 Bonjour Service - ok
14:57:24.0771 3744 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:57:24.0773 3744 bowser - ok
14:57:24.0784 3744 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:57:24.0785 3744 BrFiltLo - ok
14:57:24.0801 3744 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:57:24.0802 3744 BrFiltUp - ok
14:57:24.0825 3744 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:57:24.0827 3744 BridgeMP - ok
14:57:24.0858 3744 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:57:24.0860 3744 Browser - ok
14:57:24.0991 3744 [ 52BE156F6C23B2995AFACE7091D18493 ] Browser Manager C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
14:57:25.0020 3744 Browser Manager - ok
14:57:25.0043 3744 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:57:25.0046 3744 Brserid - ok
14:57:25.0055 3744 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:57:25.0056 3744 BrSerWdm - ok
14:57:25.0066 3744 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:57:25.0066 3744 BrUsbMdm - ok
14:57:25.0073 3744 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:57:25.0074 3744 BrUsbSer - ok
14:57:25.0085 3744 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:57:25.0086 3744 BTHMODEM - ok
14:57:25.0133 3744 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:57:25.0134 3744 bthserv - ok
14:57:25.0153 3744 catchme - ok
14:57:25.0167 3744 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:57:25.0169 3744 cdfs - ok
14:57:25.0210 3744 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:57:25.0211 3744 cdrom - ok
14:57:25.0249 3744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:57:25.0250 3744 CertPropSvc - ok
14:57:25.0275 3744 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:57:25.0276 3744 circlass - ok
14:57:25.0313 3744 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:57:25.0316 3744 CLFS - ok
14:57:25.0335 3744 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:57:25.0337 3744 clr_optimization_v2.0.50727_32 - ok
14:57:25.0386 3744 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:57:25.0388 3744 clr_optimization_v2.0.50727_64 - ok
14:57:25.0476 3744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:57:25.0478 3744 clr_optimization_v4.0.30319_32 - ok
14:57:25.0507 3744 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:57:25.0509 3744 clr_optimization_v4.0.30319_64 - ok
14:57:25.0531 3744 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:57:25.0531 3744 CmBatt - ok
14:57:25.0543 3744 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:57:25.0544 3744 cmdide - ok
14:57:25.0580 3744 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:57:25.0584 3744 CNG - ok
14:57:25.0601 3744 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:57:25.0601 3744 Compbatt - ok
14:57:25.0635 3744 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:57:25.0635 3744 CompositeBus - ok
14:57:25.0638 3744 COMSysApp - ok
14:57:25.0655 3744 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:57:25.0656 3744 crcdisk - ok
14:57:25.0687 3744 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:57:25.0689 3744 CryptSvc - ok
14:57:25.0761 3744 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:57:25.0768 3744 cvhsvc - ok
14:57:25.0796 3744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:57:25.0801 3744 DcomLaunch - ok
14:57:25.0874 3744 [ 3B604417EBAE4E1E66E6ABD8CC55FD76 ] DCService.exe C:\ProgramData\DatacardService\DCService.exe
14:57:25.0876 3744 DCService.exe - ok
14:57:26.0025 3744 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:57:26.0049 3744 defragsvc - ok
14:57:26.0079 3744 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:57:26.0080 3744 DfsC - ok
14:57:26.0098 3744 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:57:26.0101 3744 Dhcp - ok
14:57:26.0119 3744 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:57:26.0120 3744 discache - ok
14:57:26.0147 3744 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:57:26.0148 3744 Disk - ok
14:57:26.0177 3744 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:57:26.0179 3744 Dnscache - ok
14:57:26.0225 3744 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:57:26.0228 3744 dot3svc - ok
14:57:26.0254 3744 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:57:26.0256 3744 DPS - ok
14:57:26.0283 3744 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:57:26.0284 3744 drmkaud - ok
14:57:26.0327 3744 [ 8AAE70D76436E4695455AA9CA634A9F4 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:57:26.0330 3744 dtsoftbus01 - ok
14:57:26.0365 3744 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:57:26.0373 3744 DXGKrnl - ok
14:57:26.0385 3744 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:57:26.0387 3744 EapHost - ok
14:57:26.0445 3744 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:57:26.0498 3744 ebdrv - ok
14:57:26.0528 3744 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:57:26.0530 3744 EFS - ok
14:57:26.0572 3744 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:57:26.0579 3744 ehRecvr - ok
14:57:26.0607 3744 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:57:26.0608 3744 ehSched - ok
14:57:26.0628 3744 [ 343ADA10D948DB29251F2D9C809AF204 ] EIO64 C:\Windows\system32\DRIVERS\EIO64.sys
14:57:26.0629 3744 EIO64 - ok
14:57:26.0661 3744 [ 9A47AC3DFCF81D30922CDAAF1C2D579F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:57:26.0662 3744 ElbyCDIO - ok
14:57:26.0691 3744 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:57:26.0696 3744 elxstor - ok
14:57:26.0717 3744 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:57:26.0718 3744 ErrDev - ok
14:57:26.0751 3744 esgiguard - ok
14:57:26.0768 3744 [ C33ACB897AF927D1C1BD84F211FAE75B ] ESLvnic1 C:\Windows\system32\DRIVERS\ESLvnic.sys
14:57:26.0768 3744 ESLvnic1 - ok
14:57:26.0818 3744 [ ABC24F129C616E5DEE5CE58683606C84 ] ESLWireAC C:\Windows\system32\drivers\ESLWireACD.sys
14:57:26.0819 3744 ESLWireAC - ok
14:57:26.0861 3744 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:57:26.0866 3744 EventSystem - ok
14:57:26.0890 3744 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:57:26.0892 3744 exfat - ok
14:57:26.0899 3744 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:57:26.0901 3744 fastfat - ok
14:57:26.0942 3744 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:57:26.0948 3744 Fax - ok
14:57:26.0961 3744 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:57:26.0961 3744 fdc - ok
14:57:26.0968 3744 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:57:26.0969 3744 fdPHost - ok
14:57:26.0981 3744 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:57:26.0982 3744 FDResPub - ok
14:57:26.0989 3744 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:57:26.0990 3744 FileInfo - ok
14:57:26.0999 3744 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:57:27.0000 3744 Filetrace - ok
14:57:27.0084 3744 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
14:57:27.0096 3744 FLEXnet Licensing Service 64 - ok
14:57:27.0113 3744 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:57:27.0114 3744 flpydisk - ok
14:57:27.0129 3744 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:57:27.0132 3744 FltMgr - ok
14:57:27.0172 3744 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:57:27.0183 3744 FontCache - ok
14:57:27.0239 3744 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:57:27.0240 3744 FontCache3.0.0.0 - ok
14:57:27.0249 3744 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:57:27.0250 3744 FsDepends - ok
14:57:27.0274 3744 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:57:27.0275 3744 Fs_Rec - ok
14:57:27.0293 3744 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:57:27.0296 3744 fvevol - ok
14:57:27.0318 3744 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:57:27.0319 3744 gagp30kx - ok
14:57:27.0379 3744 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:57:27.0380 3744 GEARAspiWDM - ok
14:57:27.0423 3744 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:57:27.0430 3744 gpsvc - ok
14:57:27.0492 3744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:27.0493 3744 gupdate - ok
14:57:27.0510 3744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:57:27.0510 3744 gupdatem - ok
14:57:27.0531 3744 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
14:57:27.0532 3744 hamachi - ok
14:57:27.0547 3744 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:57:27.0547 3744 hcw85cir - ok
14:57:27.0590 3744 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:57:27.0594 3744 HdAudAddService - ok
14:57:27.0618 3744 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:57:27.0619 3744 HDAudBus - ok
14:57:27.0632 3744 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:57:27.0633 3744 HidBatt - ok
14:57:27.0650 3744 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:57:27.0652 3744 HidBth - ok
14:57:27.0667 3744 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:57:27.0668 3744 HidIr - ok
14:57:27.0688 3744 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:57:27.0689 3744 hidserv - ok
14:57:27.0706 3744 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:57:27.0707 3744 HidUsb - ok
14:57:27.0727 3744 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:57:27.0728 3744 hkmsvc - ok
14:57:27.0760 3744 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:57:27.0762 3744 HomeGroupListener - ok
14:57:27.0790 3744 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:57:27.0792 3744 HomeGroupProvider - ok
14:57:27.0833 3744 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:57:27.0834 3744 HpSAMD - ok
14:57:27.0862 3744 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:57:27.0868 3744 HTTP - ok
14:57:27.0931 3744 [ D969D0E26C5B1E813B17066A8318D5D4 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:57:27.0933 3744 hwdatacard - ok
14:57:27.0958 3744 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:57:27.0959 3744 hwpolicy - ok
14:57:27.0994 3744 [ B45B3647BA32749B94FA689175EC8C26 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
14:57:27.0995 3744 hwusbdev - ok
14:57:28.0027 3744 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:57:28.0029 3744 i8042prt - ok
14:57:28.0048 3744 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:57:28.0052 3744 iaStorV - ok
14:57:28.0117 3744 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
14:57:28.0118 3744 IDriverT - ok
14:57:28.0148 3744 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:57:28.0156 3744 idsvc - ok
14:57:28.0182 3744 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:57:28.0183 3744 iirsp - ok
14:57:28.0209 3744 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:57:28.0217 3744 IKEEXT - ok
14:57:28.0236 3744 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:57:28.0236 3744 intelide - ok
14:57:28.0255 3744 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:57:28.0256 3744 intelppm - ok
14:57:28.0280 3744 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:57:28.0281 3744 IPBusEnum - ok
14:57:28.0306 3744 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:57:28.0307 3744 IpFilterDriver - ok
14:57:28.0337 3744 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:57:28.0342 3744 iphlpsvc - ok
14:57:28.0363 3744 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:57:28.0364 3744 IPMIDRV - ok
14:57:28.0381 3744 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:57:28.0382 3744 IPNAT - ok
14:57:28.0424 3744 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:57:28.0432 3744 iPod Service - ok
14:57:28.0471 3744 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:57:28.0472 3744 IRENUM - ok
14:57:28.0483 3744 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:57:28.0483 3744 isapnp - ok
14:57:28.0507 3744 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:57:28.0510 3744 iScsiPrt - ok
14:57:28.0548 3744 [ 2224ABC439D115A44EDB5630A92C1D7E ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
14:57:28.0550 3744 JRAID - ok
14:57:28.0579 3744 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:57:28.0580 3744 kbdclass - ok
14:57:28.0605 3744 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:57:28.0606 3744 kbdhid - ok
14:57:28.0617 3744 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:57:28.0618 3744 KeyIso - ok
14:57:28.0636 3744 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:57:28.0638 3744 KSecDD - ok
14:57:28.0649 3744 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:57:28.0651 3744 KSecPkg - ok
14:57:28.0671 3744 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:57:28.0672 3744 ksthunk - ok
14:57:28.0705 3744 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:57:28.0709 3744 KtmRm - ok
14:57:28.0725 3744 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:57:28.0728 3744 LanmanServer - ok
14:57:28.0748 3744 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:57:28.0750 3744 LanmanWorkstation - ok
14:57:28.0781 3744 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:57:28.0782 3744 lltdio - ok
14:57:28.0808 3744 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:57:28.0811 3744 lltdsvc - ok
14:57:28.0823 3744 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:57:28.0824 3744 lmhosts - ok
14:57:28.0846 3744 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:57:28.0847 3744 LSI_FC - ok
14:57:28.0859 3744 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:57:28.0860 3744 LSI_SAS - ok
14:57:28.0877 3744 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:57:28.0878 3744 LSI_SAS2 - ok
14:57:28.0895 3744 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:57:28.0896 3744 LSI_SCSI - ok
14:57:28.0903 3744 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:57:28.0904 3744 luafv - ok
14:57:28.0948 3744 [ 4A503882318BB2F59218D401614E6AF6 ] lvpepf64 C:\Windows\system32\DRIVERS\lv302a64.sys
14:57:28.0949 3744 lvpepf64 - ok
14:57:28.0987 3744 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:57:28.0988 3744 LVPr2M64 - ok
14:57:28.0999 3744 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
14:57:29.0000 3744 LVPr2Mon - ok
14:57:29.0037 3744 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
14:57:29.0039 3744 LVPrcS64 - ok
14:57:29.0061 3744 [ 125AE13C293889001B8456CF3EB04A40 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
14:57:29.0064 3744 LVRS64 - ok
14:57:29.0079 3744 [ 5C3FF68267A5D242EE79EE01B993D6CE ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
14:57:29.0080 3744 LVUSBS64 - ok
14:57:29.0116 3744 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:57:29.0117 3744 MBAMProtector - ok
14:57:29.0158 3744 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:57:29.0162 3744 MBAMScheduler - ok
14:57:29.0189 3744 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:57:29.0195 3744 MBAMService - ok
14:57:29.0219 3744 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:57:29.0221 3744 Mcx2Svc - ok
14:57:29.0231 3744 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:57:29.0232 3744 megasas - ok
14:57:29.0245 3744 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:57:29.0248 3744 MegaSR - ok
14:57:29.0267 3744 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:57:29.0268 3744 MMCSS - ok
14:57:29.0282 3744 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:57:29.0283 3744 Modem - ok
14:57:29.0316 3744 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:57:29.0316 3744 monitor - ok
14:57:29.0335 3744 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:57:29.0336 3744 mouclass - ok
14:57:29.0357 3744 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:57:29.0358 3744 mouhid - ok
14:57:29.0388 3744 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:57:29.0389 3744 mountmgr - ok
14:57:29.0462 3744 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:57:29.0463 3744 MozillaMaintenance - ok
14:57:29.0474 3744 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:57:29.0476 3744 mpio - ok
14:57:29.0493 3744 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:57:29.0494 3744 mpsdrv - ok
14:57:29.0518 3744 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:57:29.0526 3744 MpsSvc - ok
14:57:29.0557 3744 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:57:29.0559 3744 MRxDAV - ok
14:57:29.0577 3744 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:57:29.0578 3744 mrxsmb - ok
14:57:29.0599 3744 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:57:29.0602 3744 mrxsmb10 - ok
14:57:29.0605 3744 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:57:29.0607 3744 mrxsmb20 - ok
14:57:29.0640 3744 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:57:29.0641 3744 msahci - ok
14:57:29.0665 3744 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:57:29.0667 3744 msdsm - ok
14:57:29.0687 3744 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:57:29.0689 3744 MSDTC - ok
14:57:29.0694 3744 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:57:29.0694 3744 Msfs - ok
14:57:29.0708 3744 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:57:29.0709 3744 mshidkmdf - ok
14:57:29.0711 3744 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:57:29.0712 3744 msisadrv - ok
14:57:29.0754 3744 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:57:29.0756 3744 MSiSCSI - ok
14:57:29.0758 3744 msiserver - ok
14:57:29.0785 3744 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:57:29.0786 3744 MSKSSRV - ok
14:57:29.0809 3744 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:57:29.0810 3744 MSPCLOCK - ok
14:57:29.0819 3744 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:57:29.0820 3744 MSPQM - ok
14:57:29.0854 3744 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:57:29.0857 3744 MsRPC - ok
14:57:29.0873 3744 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:57:29.0874 3744 mssmbios - ok
14:57:29.0887 3744 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:57:29.0888 3744 MSTEE - ok
14:57:29.0902 3744 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:57:29.0903 3744 MTConfig - ok
14:57:29.0946 3744 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:57:29.0947 3744 MTsensor - ok
14:57:29.0968 3744 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:57:29.0969 3744 Mup - ok
14:57:29.0998 3744 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:57:30.0003 3744 napagent - ok
14:57:30.0027 3744 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:57:30.0030 3744 NativeWifiP - ok
14:57:30.0064 3744 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:57:30.0073 3744 NDIS - ok
14:57:30.0090 3744 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:57:30.0091 3744 NdisCap - ok
14:57:30.0106 3744 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:57:30.0107 3744 NdisTapi - ok
14:57:30.0141 3744 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:57:30.0142 3744 Ndisuio - ok
14:57:30.0158 3744 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:57:30.0160 3744 NdisWan - ok
14:57:30.0178 3744 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:57:30.0179 3744 NDProxy - ok
14:57:30.0182 3744 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:57:30.0183 3744 NetBIOS - ok
14:57:30.0199 3744 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:57:30.0202 3744 NetBT - ok
14:57:30.0217 3744 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:57:30.0218 3744 Netlogon - ok
14:57:30.0258 3744 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:57:30.0261 3744 Netman - ok
14:57:30.0282 3744 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:57:30.0287 3744 netprofm - ok
14:57:30.0311 3744 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:57:30.0313 3744 NetTcpPortSharing - ok
14:57:30.0344 3744 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:57:30.0345 3744 nfrd960 - ok
14:57:30.0380 3744 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:57:30.0384 3744 NlaSvc - ok
14:57:30.0433 3744 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe
14:57:30.0434 3744 NMSAccess - ok
14:57:30.0436 3744 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:57:30.0437 3744 Npfs - ok
14:57:30.0443 3744 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:57:30.0444 3744 nsi - ok
14:57:30.0451 3744 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:57:30.0451 3744 nsiproxy - ok
14:57:30.0493 3744 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:57:30.0508 3744 Ntfs - ok
14:57:30.0520 3744 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:57:30.0521 3744 Null - ok
14:57:30.0558 3744 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:57:30.0559 3744 nvraid - ok
14:57:30.0574 3744 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:57:30.0576 3744 nvstor - ok
14:57:30.0606 3744 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:57:30.0608 3744 nv_agp - ok
14:57:30.0629 3744 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:57:30.0630 3744 ohci1394 - ok
14:57:30.0661 3744 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:57:30.0662 3744 ose - ok
14:57:30.0766 3744 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:57:30.0845 3744 osppsvc - ok
14:57:30.0887 3744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:57:30.0891 3744 p2pimsvc - ok
14:57:30.0906 3744 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:57:30.0911 3744 p2psvc - ok
14:57:30.0928 3744 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:57:30.0929 3744 Parport - ok
14:57:30.0952 3744 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:57:30.0953 3744 partmgr - ok
14:57:30.0967 3744 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:57:30.0969 3744 PcaSvc - ok
14:57:30.0983 3744 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:57:30.0985 3744 pci - ok
14:57:30.0988 3744 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:57:30.0988 3744 pciide - ok
14:57:30.0999 3744 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:57:31.0001 3744 pcmcia - ok
14:57:31.0004 3744 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:57:31.0005 3744 pcw - ok
14:57:31.0023 3744 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:57:31.0029 3744 PEAUTH - ok
14:57:31.0166 3744 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:57:31.0167 3744 PerfHost - ok
14:57:31.0234 3744 [ AE0B94363DA0F60D42B9D05B352F61ED ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
14:57:31.0276 3744 PID_PEPI - ok
14:57:31.0315 3744 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:57:31.0328 3744 pla - ok
14:57:31.0366 3744 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:57:31.0371 3744 PlugPlay - ok
14:57:31.0387 3744 PnkBstrA - ok
14:57:31.0401 3744 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:57:31.0403 3744 PNRPAutoReg - ok
14:57:31.0407 3744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:57:31.0410 3744 PNRPsvc - ok
14:57:31.0429 3744 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:57:31.0434 3744 PolicyAgent - ok
14:57:31.0465 3744 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:57:31.0468 3744 Power - ok
14:57:31.0489 3744 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:57:31.0490 3744 PptpMiniport - ok
14:57:31.0512 3744 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:57:31.0513 3744 Processor - ok
14:57:31.0540 3744 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:57:31.0543 3744 ProfSvc - ok
14:57:31.0550 3744 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:57:31.0551 3744 ProtectedStorage - ok
14:57:31.0578 3744 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:57:31.0580 3744 Psched - ok
14:57:31.0612 3744 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:57:31.0613 3744 PxHlpa64 - ok
14:57:31.0647 3744 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:57:31.0660 3744 ql2300 - ok
14:57:31.0677 3744 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:57:31.0678 3744 ql40xx - ok
14:57:31.0690 3744 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:57:31.0693 3744 QWAVE - ok
14:57:31.0703 3744 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:57:31.0704 3744 QWAVEdrv - ok
14:57:31.0721 3744 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:57:31.0721 3744 RasAcd - ok
14:57:31.0738 3744 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:57:31.0739 3744 RasAgileVpn - ok
14:57:31.0752 3744 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:57:31.0754 3744 RasAuto - ok
14:57:31.0772 3744 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:57:31.0774 3744 Rasl2tp - ok
14:57:31.0787 3744 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:57:31.0791 3744 RasMan - ok
14:57:31.0795 3744 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:57:31.0797 3744 RasPppoe - ok
14:57:31.0800 3744 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:57:31.0801 3744 RasSstp - ok
14:57:31.0815 3744 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:57:31.0818 3744 rdbss - ok
14:57:31.0829 3744 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:57:31.0830 3744 rdpbus - ok
14:57:31.0844 3744 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:57:31.0845 3744 RDPCDD - ok
14:57:31.0849 3744 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:57:31.0849 3744 RDPENCDD - ok
14:57:31.0853 3744 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:57:31.0853 3744 RDPREFMP - ok
14:57:31.0883 3744 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:57:31.0886 3744 RDPWD - ok
14:57:31.0897 3744 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:57:31.0899 3744 rdyboost - ok
14:57:31.0917 3744 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:57:31.0919 3744 RemoteAccess - ok
14:57:31.0936 3744 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:57:31.0939 3744 RemoteRegistry - ok
14:57:31.0980 3744 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:57:31.0982 3744 RpcEptMapper - ok
14:57:31.0999 3744 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:57:32.0000 3744 RpcLocator - ok
14:57:32.0029 3744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:57:32.0032 3744 RpcSs - ok
14:57:32.0044 3744 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:57:32.0046 3744 rspndr - ok
14:57:32.0078 3744 [ F79635BEA5EA518A25CBC6271169C0B3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:57:32.0081 3744 RTL8167 - ok
14:57:32.0104 3744 [ EA268BCE30691C2DD24F02E617FD2EB5 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
14:57:32.0105 3744 s0016bus - ok
14:57:32.0139 3744 [ F5F9DEB89996D333EF976624D37E24E3 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
14:57:32.0140 3744 s0016mdfl - ok
14:57:32.0176 3744 [ C17CE2AEE67480FEBCC36ECCB54C0BE8 ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
14:57:32.0178 3744 s0016mdm - ok
14:57:32.0208 3744 [ CC267F04C54C5EC5B7BD658D7628469F ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
14:57:32.0210 3744 s0016mgmt - ok
14:57:32.0232 3744 [ 30A35BBCE09D9FE67482FD62C61911FC ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
14:57:32.0233 3744 s0016nd5 - ok
14:57:32.0245 3744 [ CA394DCC38579C7AD82E83EE64D798A0 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
14:57:32.0247 3744 s0016obex - ok
14:57:32.0272 3744 [ EB267CCEA84E6E8598D92F73332AC67B ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
14:57:32.0274 3744 s0016unic - ok
14:57:32.0284 3744 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:57:32.0285 3744 SamSs - ok
14:57:32.0291 3744 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:57:32.0293 3744 sbp2port - ok
14:57:32.0375 3744 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:57:32.0385 3744 SBSDWSCService - ok
14:57:32.0398 3744 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:57:32.0400 3744 SCardSvr - ok
14:57:32.0432 3744 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:57:32.0433 3744 scfilter - ok
14:57:32.0458 3744 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:57:32.0468 3744 Schedule - ok
14:57:32.0493 3744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:57:32.0494 3744 SCPolicySvc - ok
14:57:32.0533 3744 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:57:32.0536 3744 SDRSVC - ok
14:57:32.0570 3744 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:57:32.0571 3744 secdrv - ok
14:57:32.0597 3744 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:57:32.0598 3744 seclogon - ok
14:57:32.0605 3744 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:57:32.0607 3744 SENS - ok
14:57:32.0618 3744 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:57:32.0620 3744 SensrSvc - ok
14:57:32.0635 3744 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:57:32.0636 3744 Serenum - ok
14:57:32.0656 3744 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:57:32.0658 3744 Serial - ok
14:57:32.0671 3744 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:57:32.0672 3744 sermouse - ok
14:57:32.0700 3744 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:57:32.0703 3744 SessionEnv - ok
14:57:32.0724 3744 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:57:32.0725 3744 sffdisk - ok
14:57:32.0739 3744 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:57:32.0740 3744 sffp_mmc - ok
14:57:32.0754 3744 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:57:32.0755 3744 sffp_sd - ok
14:57:32.0766 3744 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:57:32.0767 3744 sfloppy - ok
14:57:32.0803 3744 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
14:57:32.0810 3744 Sftfs - ok
14:57:32.0857 3744 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:57:32.0861 3744 sftlist - ok
14:57:32.0874 3744 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:57:32.0877 3744 Sftplay - ok
14:57:32.0881 3744 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:57:32.0882 3744 Sftredir - ok
14:57:32.0895 3744 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
14:57:32.0896 3744 Sftvol - ok
14:57:32.0907 3744 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:57:32.0909 3744 sftvsa - ok
14:57:32.0945 3744 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:57:32.0949 3744 SharedAccess - ok
14:57:32.0976 3744 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:57:32.0981 3744 ShellHWDetection - ok
14:57:33.0011 3744 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:57:33.0012 3744 SiSRaid2 - ok
14:57:33.0023 3744 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:57:33.0024 3744 SiSRaid4 - ok
14:57:33.0057 3744 [ 01ACB9228C303DE1FFF82B807D28B2B0 ] skfiltv C:\Windows\system32\drivers\skfiltv.sys
14:57:33.0058 3744 skfiltv - ok
14:57:33.0120 3744 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:57:33.0122 3744 SkypeUpdate - ok
14:57:33.0147 3744 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:57:33.0148 3744 Smb - ok
14:57:33.0178 3744 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:57:33.0179 3744 SNMPTRAP - ok
14:57:33.0182 3744 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:57:33.0183 3744 spldr - ok
14:57:33.0208 3744 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:57:33.0214 3744 Spooler - ok
14:57:33.0288 3744 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:57:33.0342 3744 sppsvc - ok
14:57:33.0388 3744 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:57:33.0389 3744 sppuinotify - ok
14:57:33.0416 3744 [ 992741053BC674F638589FFD31AC328B ] sptd C:\Windows\system32\Drivers\sptd.sys
14:57:33.0416 3744 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 992741053BC674F638589FFD31AC328B
14:57:33.0417 3744 sptd ( LockedFile.Multi.Generic ) - warning
14:57:33.0417 3744 sptd - detected LockedFile.Multi.Generic (1)
14:57:33.0449 3744 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:57:33.0453 3744 srv - ok
14:57:33.0459 3744 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:57:33.0464 3744 srv2 - ok
14:57:33.0467 3744 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:57:33.0469 3744 srvnet - ok
14:57:33.0505 3744 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:57:33.0508 3744 SSDPSRV - ok
14:57:33.0523 3744 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:57:33.0524 3744 SstpSvc - ok
14:57:33.0538 3744 Steam Client Service - ok
14:57:33.0555 3744 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:57:33.0556 3744 stexstor - ok
14:57:33.0589 3744 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:57:33.0595 3744 stisvc - ok
14:57:33.0624 3744 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:57:33.0625 3744 swenum - ok
14:57:33.0708 3744 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:57:33.0713 3744 SwitchBoard - ok
14:57:33.0731 3744 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:57:33.0737 3744 swprv - ok
14:57:33.0782 3744 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:57:33.0806 3744 SysMain - ok
14:57:33.0837 3744 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:57:33.0839 3744 TabletInputService - ok
14:57:33.0858 3744 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:57:33.0862 3744 TapiSrv - ok
14:57:33.0871 3744 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:57:33.0872 3744 TBS - ok
14:57:33.0930 3744 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:57:33.0954 3744 Tcpip - ok
14:57:33.0982 3744 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:57:33.0990 3744 TCPIP6 - ok
14:57:34.0028 3744 [ 1A95043750E359F993154EF8559BE518 ] tcpipBM C:\Windows\system32\drivers\tcpipBM.sys
14:57:34.0029 3744 tcpipBM - ok
14:57:34.0061 3744 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:57:34.0062 3744 tcpipreg - ok
14:57:34.0090 3744 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:57:34.0091 3744 TDPIPE - ok
14:57:34.0124 3744 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:57:34.0125 3744 TDTCP - ok
14:57:34.0169 3744 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:57:34.0171 3744 tdx - ok
14:57:34.0213 3744 [ 654236EBBA5D6C7FE33F19829D226FD2 ] TeamViewer5 C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
14:57:34.0215 3744 TeamViewer5 - ok
14:57:34.0239 3744 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:57:34.0240 3744 TermDD - ok
14:57:34.0269 3744 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:57:34.0276 3744 TermService - ok
14:57:34.0289 3744 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:57:34.0291 3744 Themes - ok
14:57:34.0311 3744 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:57:34.0312 3744 THREADORDER - ok
14:57:34.0320 3744 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:57:34.0323 3744 TrkWks - ok
14:57:34.0361 3744 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:57:34.0363 3744 TrustedInstaller - ok
14:57:34.0388 3744 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:57:34.0389 3744 tssecsrv - ok
14:57:34.0436 3744 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:57:34.0438 3744 TsUsbFlt - ok
14:57:34.0521 3744 [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
14:57:34.0551 3744 TuneUp.UtilitiesSvc - ok
14:57:34.0589 3744 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
14:57:34.0589 3744 TuneUpUtilitiesDrv - ok
14:57:34.0611 3744 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:57:34.0612 3744 tunnel - ok
14:57:34.0624 3744 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:57:34.0625 3744 uagp35 - ok
14:57:34.0649 3744 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:57:34.0653 3744 udfs - ok
14:57:34.0662 3744 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:57:34.0664 3744 UI0Detect - ok
14:57:34.0684 3744 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:57:34.0686 3744 uliagpkx - ok
14:57:34.0714 3744 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:57:34.0715 3744 umbus - ok
14:57:34.0727 3744 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:57:34.0728 3744 UmPass - ok
14:57:34.0750 3744 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:57:34.0755 3744 upnphost - ok
14:57:34.0778 3744 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:57:34.0779 3744 USBAAPL64 - ok
14:57:34.0795 3744 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:57:34.0797 3744 usbaudio - ok
14:57:34.0822 3744 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:57:34.0823 3744 usbccgp - ok
14:57:34.0850 3744 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:57:34.0852 3744 usbcir - ok
14:57:34.0867 3744 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:57:34.0868 3744 usbehci - ok
14:57:34.0878 3744 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:57:34.0881 3744 usbhub - ok
14:57:34.0892 3744 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:57:34.0893 3744 usbohci - ok
14:57:34.0919 3744 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:57:34.0919 3744 usbprint - ok
14:57:34.0946 3744 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:57:34.0947 3744 usbscan - ok
14:57:34.0959 3744 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:57:34.0960 3744 USBSTOR - ok
14:57:34.0980 3744 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:57:34.0980 3744 usbuhci - ok
14:57:34.0996 3744 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:57:34.0997 3744 UxSms - ok
14:57:35.0006 3744 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:57:35.0007 3744 VaultSvc - ok
14:57:35.0016 3744 [ 84BB306B7863883018D7F3EB0C453BD5 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
14:57:35.0017 3744 VClone - ok
14:57:35.0026 3744 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:57:35.0026 3744 vdrvroot - ok
14:57:35.0047 3744 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:57:35.0053 3744 vds - ok
14:57:35.0071 3744 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:57:35.0072 3744 vga - ok
14:57:35.0087 3744 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:57:35.0088 3744 VgaSave - ok
14:57:35.0115 3744 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:57:35.0117 3744 vhdmp - ok
14:57:35.0181 3744 [ 627270F2103D41086BAB9675A3315DAB ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:57:35.0192 3744 VIAHdAudAddService - ok
14:57:35.0201 3744 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:57:35.0202 3744 viaide - ok
14:57:35.0205 3744 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:57:35.0206 3744 volmgr - ok
14:57:35.0222 3744 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:57:35.0226 3744 volmgrx - ok
14:57:35.0231 3744 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:57:35.0234 3744 volsnap - ok
14:57:35.0260 3744 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:57:35.0262 3744 vsmraid - ok
14:57:35.0315 3744 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:57:35.0329 3744 VSS - ok
14:57:35.0347 3744 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:57:35.0348 3744 vwifibus - ok
14:57:35.0364 3744 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:57:35.0369 3744 W32Time - ok
14:57:35.0386 3744 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:57:35.0387 3744 WacomPen - ok
14:57:35.0405 3744 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:57:35.0407 3744 WANARP - ok
14:57:35.0409 3744 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:57:35.0410 3744 Wanarpv6 - ok
14:57:35.0454 3744 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:57:35.0468 3744 wbengine - ok
14:57:35.0482 3744 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:57:35.0485 3744 WbioSrvc - ok
14:57:35.0501 3744 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:57:35.0505 3744 wcncsvc - ok
14:57:35.0515 3744 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:57:35.0517 3744 WcsPlugInService - ok
14:57:35.0535 3744 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:57:35.0535 3744 Wd - ok
14:57:35.0571 3744 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:57:35.0578 3744 Wdf01000 - ok
14:57:35.0595 3744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:57:35.0597 3744 WdiServiceHost - ok
14:57:35.0600 3744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:57:35.0601 3744 WdiSystemHost - ok
14:57:35.0629 3744 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:57:35.0633 3744 WebClient - ok
14:57:35.0651 3744 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:57:35.0655 3744 Wecsvc - ok
14:57:35.0666 3744 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:57:35.0668 3744 wercplsupport - ok
14:57:35.0688 3744 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:57:35.0690 3744 WerSvc - ok
14:57:35.0698 3744 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:57:35.0699 3744 WfpLwf - ok
14:57:35.0709 3744 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:57:35.0709 3744 WIMMount - ok
14:57:35.0723 3744 WinDefend - ok
14:57:35.0727 3744 WinHttpAutoProxySvc - ok
14:57:35.0770 3744 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:57:35.0773 3744 Winmgmt - ok
14:57:35.0825 3744 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:57:35.0853 3744 WinRM - ok
14:57:35.0887 3744 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:57:35.0888 3744 WinUsb - ok
14:57:35.0971 3744 [ EE5619C43CB3940A4471BD7596B04B7A ] WireHelpSvc C:\Program Files\Common Files\WireHelpSvc.exe
14:57:35.0973 3744 WireHelpSvc - ok
14:57:36.0003 3744 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:57:36.0012 3744 Wlansvc - ok
14:57:36.0066 3744 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:57:36.0094 3744 wlidsvc - ok
14:57:36.0106 3744 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:57:36.0107 3744 WmiAcpi - ok
14:57:36.0120 3744 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:57:36.0177 3744 wmiApSrv - ok
14:57:36.0223 3744 WMPNetworkSvc - ok
14:57:36.0262 3744 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:57:36.0309 3744 WPCSvc - ok
14:57:36.0359 3744 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:57:36.0362 3744 WPDBusEnum - ok
14:57:36.0393 3744 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:57:36.0394 3744 ws2ifsl - ok
14:57:36.0406 3744 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:57:36.0409 3744 wscsvc - ok
14:57:36.0411 3744 WSearch - ok
14:57:36.0462 3744 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:57:36.0505 3744 wuauserv - ok
14:57:36.0525 3744 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:57:36.0526 3744 WudfPf - ok
14:57:36.0565 3744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:57:36.0568 3744 WUDFRd - ok
14:57:36.0603 3744 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:57:36.0605 3744 wudfsvc - ok
14:57:36.0621 3744 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:57:36.0625 3744 WwanSvc - ok
14:57:36.0641 3744 ================ Scan global ===============================
14:57:36.0652 3744 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:57:36.0671 3744 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:57:36.0677 3744 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:57:36.0702 3744 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:57:36.0729 3744 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:57:36.0732 3744 [Global] - ok
14:57:36.0733 3744 ================ Scan MBR ==================================
14:57:36.0742 3744 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:57:36.0895 3744 \Device\Harddisk0\DR0 - ok
14:57:36.0895 3744 ================ Scan VBR ==================================
14:57:36.0897 3744 [ 55D9035B28A195C6637F46960FEB7091 ] \Device\Harddisk0\DR0\Partition1
14:57:36.0898 3744 \Device\Harddisk0\DR0\Partition1 - ok
14:57:36.0907 3744 [ D7F47D57117EDCFE2A4AD68355BC4FDD ] \Device\Harddisk0\DR0\Partition2
14:57:36.0908 3744 \Device\Harddisk0\DR0\Partition2 - ok
14:57:36.0923 3744 [ BFBF35491AC129CA2997904ADA9DCB49 ] \Device\Harddisk0\DR0\Partition3
14:57:36.0925 3744 \Device\Harddisk0\DR0\Partition3 - ok
14:57:36.0925 3744 ============================================================
14:57:36.0925 3744 Scan finished
14:57:36.0925 3744 ============================================================
14:57:36.0930 1012 Detected object count: 1
14:57:36.0930 1012 Actual detected object count: 1
14:58:01.0512 1012 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
14:58:01.0513 1012 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
|
|
19.11.2012, 08:18
| #2 |
| /// the machine /// TB-Ausbilder    | Claro-Search als Startseite Hi,
__________________Downloade Dir bitte AdwCleaner auf deinen Desktop.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /5
%localappdata%\*. /5
CREATERESTOREPOINT
__________________ |
|
19.11.2012, 12:34
| #3 |
| | Claro-Search als Startseite Hallo,
__________________danke das du dich meinem problem annimmst. hier die berichte. AdWCleaner bericht nach suchlauf. Code:
ATTFilter # AdwCleaner v2.008 - Datei am 19/11/2012 um 12:24:19 erstellt
# Aktualisiert am 17/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Ivan - IVAN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Ivan\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
Gefunden : Browser Manager
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\searchplugins\icqplugin.xml
Datei Gefunden : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\searchplugins\icqplugin-2.xml
Datei Gefunden : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\searchplugins\icqplugin-3.xml
Ordner Gefunden : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gefunden : C:\Program Files (x86)\vShare.tv plugin
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Ordner Gefunden : C:\Users\Ivan\AppData\LocalLow\boost_interprocess
Ordner Gefunden : C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Ordner Gefunden : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Ordner Gefunden : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\vshare@toolbar
Ordner Gefunden : C:\Users\Ivan\AppData\Roaming\pdfforge
***** [Registrierungsdatenbank] *****
Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23796~1.11\{16cdf~1\browsemngr.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\StartSearch
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Schlüssel Gefunden : HKU\S-1-5-21-491133632-1940398900-2917465562-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-491133632-1940398900-2917465562-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.claro-search.com/?affID=116198&tt=4612_2&babsrc=HP_ss&mntrId=10c9a38c00000000000000ff01000001
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\prefs.js
Gefunden : user_pref("vshare.install.date", "1285113600000");
Gefunden : user_pref("vshare.install.finished", "1.0.0");
Gefunden : user_pref("vshare.install.guid", "{9223ba4c-5309-47c9-a2db-e1e7f892512e}");
Gefunden : user_pref("vshare.install.isHidden", true);
Gefunden : user_pref("vshare.install.laststatreq", "1304812800000");
Gefunden : user_pref("vshare.install.newtab", false);
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gefunden [l.196] : homepage = "hxxp://www.claro-search.com/?affID=116198&tt=4612_2&babsrc=HP_ss&mntrId=10c9a38c00000000000000ff01000001",
Gefunden [l.226] : urls_to_restore_on_startup ="session": {"restore_on_startup": 4, [ "hxxp://www.claro-search.com/?affID=116198&tt=4612_2&babsrc=HP_ss&mntrId=10c9a38c00000000000000ff01000001" ]}
*************************
AdwCleaner[R1].txt - [6363 octets] - [19/11/2012 12:24:19]
########## EOF - C:\AdwCleaner[R1].txt - [6423 octets] ##########
Code:
ATTFilter # AdwCleaner v2.008 - Datei am 19/11/2012 um 12:26:24 erstellt
# Aktualisiert am 17/11/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Ivan - IVAN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Ivan\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : Browser Manager
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\searchplugins\icqplugin-3.xml
Gelöscht mit Neustart : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files (x86)\vShare.tv plugin
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Ordner Gelöscht : C:\Users\Ivan\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Ordner Gelöscht : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Ordner Gelöscht : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\vshare@toolbar
Ordner Gelöscht : C:\Users\Ivan\AppData\Roaming\pdfforge
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23796~1.11\{16cdf~1\browsemngr.dll
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Schlüssel Gelöscht : HKU\S-1-5-21-491133632-1940398900-2917465562-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Gelöscht : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page]
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\prefs.js
C:\Users\Ivan\AppData\Roaming\Mozilla\Firefox\Profiles\7gu0l9j6.default\use
|
|
19.11.2012, 12:36
| #4 |
| /// the machine /// TB-Ausbilder | Claro-Search als Startseite Jetzt noch OTL bitte 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.11.2012, 12:45
| #5 |
| | Claro-Search als Startseite OTL Scan. Code:
ATTFilter OTL logfile created on: 19.11.2012 12:36:15 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ivan\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,99 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 66,64% Memory free 7,98 Gb Paging File | 6,11 Gb Available in Paging File | 76,60% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 365,76 Gb Total Space | 66,60 Gb Free Space | 18,21% Space Free | Partition Type: NTFS Drive D: | 99,90 Gb Total Space | 99,53 Gb Free Space | 99,63% Space Free | Partition Type: NTFS Drive E: | 7,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: IVAN-PC | User Name: Ivan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Ivan\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd) PRC - C:\ProgramData\DataCardService\DCSHelper.exe (Huawei Technologies Co., Ltd.) PRC - C:\ProgramData\DataCardService\DCService.exe () PRC - C:\Programme\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe () ========== Modules (No Company Name) ========== MOD - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Programme\ASUS\TurboV EVO\pngio.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (ATKFUSService) -- C:\Windows\SysNative\ATKFUSService.exe (ASUSTeK COMPUTER INC.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (WireHelpSvc) -- C:\Programme\Common Files\WireHelpSvc.exe () SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (DCService.exe) -- C:\ProgramData\DataCardService\DCService.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (LVPrcS64) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (NMSAccess) -- C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe () ========== Driver Services (SafeList) ========== DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (ESLWireAC) -- C:\Windows\SysNative\drivers\ESLWireACD.sys (<Turtle Entertainment>) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (ESLvnic1) -- C:\Windows\SysNative\drivers\ESLvnic.sys (Turtle Entertainment GmbH) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (tcpipBM) -- C:\Windows\SysNative\drivers\tcpipBM.sys (Bytemobile, Inc.) DRV:64bit: - (BMLoad) -- C:\Windows\SysNative\drivers\BMLoad.sys (Bytemobile, Inc.) DRV:64bit: - (EIO64) -- C:\Windows\SysNative\drivers\EIO64.sys (ASUSTeK Computer Inc.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.) DRV:64bit: - (lvpepf64) -- C:\Windows\SysNative\drivers\lv302a64.sys (Logitech Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (atkdisplf) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys (ASUSTeK Computer Inc.) DRV:64bit: - (asusgsb) -- C:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.) DRV:64bit: - (skfiltv) -- C:\Windows\SysNative\drivers\skfiltv.sys (Creative Technology Ltd.) DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (s0016mdm) -- C:\Windows\SysNative\drivers\s0016mdm.sys (MCCI Corporation) DRV:64bit: - (s0016unic) -- C:\Windows\SysNative\drivers\s0016unic.sys (MCCI Corporation) DRV:64bit: - (s0016mgmt) -- C:\Windows\SysNative\drivers\s0016mgmt.sys (MCCI Corporation) DRV:64bit: - (s0016obex) -- C:\Windows\SysNative\drivers\s0016obex.sys (MCCI Corporation) DRV:64bit: - (s0016nd5) -- C:\Windows\SysNative\drivers\s0016nd5.sys (MCCI Corporation) DRV:64bit: - (s0016mdfl) -- C:\Windows\SysNative\drivers\s0016mdfl.sys (MCCI Corporation) DRV:64bit: - (s0016bus) -- C:\Windows\SysNative\drivers\s0016bus.sys (MCCI Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 12 93 A3 15 0F 7D CA 01 [binary data] IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{D91F16FC-5A9F-4068-830D-AAAB9A5FC74A}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.80 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.8 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 3 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {2458abc0-f443-11dd-87af-0800200c9a66}:3.6.3.1.03.04.10 FF - prefs.js..network.proxy.type: 2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ivan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ivan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.08 22:04:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.02.28 19:08:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.02.28 19:47:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 21:22:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.19 12:26:27 | 000,000,000 | ---D | M] [2012.06.18 14:27:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ivan\AppData\Roaming\mozilla\Extensions [2012.06.18 14:27:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ivan\AppData\Roaming\mozilla\Extensions\celtx@celtx.com [2012.11.19 12:26:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions [2012.10.24 19:01:48 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2010.10.23 21:05:03 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.06.28 22:45:57 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2010.09.25 15:31:34 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\firefox@tvunetworks.com [2012.07.24 22:22:50 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.11.17 13:35:23 | 000,001,018 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\facebook.xml [2011.03.06 00:00:58 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-11.xml [2011.03.25 18:59:01 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-12.xml [2011.04.30 09:54:59 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-13.xml [2011.05.08 10:18:54 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-14.xml [2011.08.17 21:37:46 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-15.xml [2011.09.01 17:59:23 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-16.xml [2011.09.07 18:49:50 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-17.xml [2011.10.03 14:01:03 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-18.xml [2011.11.12 17:32:51 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-19.xml [2012.01.02 00:58:28 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-20.xml [2012.01.02 19:45:50 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-21.xml [2012.02.04 16:04:09 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-22.xml [2012.02.11 13:16:02 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-23.xml [2012.02.18 14:28:47 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-24.xml [2012.03.18 20:12:35 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-25.xml [2012.05.08 11:34:27 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-26.xml [2012.05.15 12:05:39 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-27.xml [2012.06.08 00:19:24 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-28.xml [2012.06.23 01:08:38 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-29.xml [2012.07.24 09:42:08 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-30.xml [2012.09.06 17:57:10 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-31.xml [2012.09.13 18:01:42 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-32.xml [2012.10.20 15:55:24 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-33.xml [2012.11.02 21:35:29 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-34.xml [2010.07.22 20:10:45 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-4.xml [2010.07.25 23:03:55 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-5.xml [2010.09.09 18:25:24 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-6.xml [2010.09.18 15:23:56 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-7.xml [2010.11.01 19:31:40 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-8.xml [2010.12.10 23:03:14 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-9.xml [2012.10.27 21:22:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012.10.27 21:22:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.10.27 21:22:49 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 14:00:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.31 13:14:44 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.03 14:00:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.03 14:00:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.03 14:00:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.03 14:00:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - Extension: YouTube = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: YouTube = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google-Suche = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.11.17 13:49:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TurboV EVO] C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.) O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.9.2) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0EF3F65-A6F4-4F80-86D0-5715679DEF3A}: NameServer = 62.109.123.7 213.191.92.86 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF9E8A65-256F-4C88-B06C-8F742E573380}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\linkscanner - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll () O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.08.20 20:05:12 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2012.11.14 21:59:02 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX:64bit: {09A1999C-2DEF-BCAC-1587-B387D7C3E1B9} - Themes Setup ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {2ED76DA4-D45F-628D-E1E9-DD375F9D3E68} - Microsoft Windows Media Player ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {434F9E2F-AEE0-19F2-BDB4-A1587C4BDC79} - Microsoft Windows Media Player ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4D1DEE9B-2834-A3B8-7DD9-449F9264F6D7} - Browser Customizations ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {84CC6552-D980-9118-9BC4-2164870C47F5} - Internet Explorer ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {9857312C-F548-BF9D-DEA7-E4AD207C95D1} - Browser Customizations ActiveX:64bit: {B1CFEF0B-1DAA-D70B-A658-A5D10231F60F} - Browser Customizations ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {D635E2B7-C487-6D6D-9492-FE891A343E14} - Browser Customizations ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.0 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.0 ActiveX: {2AE69D6F-1046-8E05-467C-1BAA5FCDFC9A} - Microsoft Windows Media Player ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) MsConfig:64bit - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - File not found MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= - File not found MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: avgnt - hkey= - key= - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) MsConfig:64bit - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MsConfig:64bit - StartUpReg: ESL Wire - hkey= - key= - C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH) MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: Logitech Vid - hkey= - key= - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - File not found MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) MsConfig:64bit - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT System Restore Service not available. ========== Files/Folders - Created Within 30 Days ========== [2012.11.18 22:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.11.17 14:58:01 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012.11.17 14:07:51 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{C3737D0F-6004-4474-A9EC-50B6BB2DE5B3} [2012.11.17 13:56:24 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012.11.17 13:50:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012.11.17 13:38:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.11.17 13:38:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.11.17 13:38:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.11.17 13:27:32 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.11.17 13:27:16 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012.11.16 14:21:30 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Roaming\Malwarebytes [2012.11.16 14:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.11.16 14:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.11.16 14:21:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.11.16 14:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.11.14 22:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012.11.14 22:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.11.14 22:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012.11.14 21:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2012.11.13 13:12:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager [2012.11.13 13:12:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer [2012.11.08 19:02:45 | 000,000,000 | ---D | C] -- C:\Users\Ivan\Documents\FUSSBALL MANAGER 13 [2012.11.08 18:59:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 13 [2012.11.08 18:59:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2012.11.08 18:41:03 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Roaming\Origin [2012.11.08 18:41:02 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\Origin [2012.11.08 18:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012.11.08 18:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [2012.11.06 18:07:41 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{CE3BA3F5-3369-4AE0-91D9-24AAA94B3F44} [2012.10.31 16:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.10.31 16:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012.10.31 16:17:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012.10.31 16:17:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012.10.31 16:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012.10.27 21:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.10.26 17:05:23 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{3AB3823C-6B2F-4BF2-A17D-7772F2886978} [2012.10.24 18:32:39 | 000,000,000 | ---D | C] -- C:\Users\Ivan\Desktop\ae_übungen [2012.10.23 20:16:41 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{ADBB0833-8825-4568-A569-CA2430667EA5} [2012.10.22 18:21:10 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{74D47D37-FFD2-45CA-AE3B-D62633322D2C} [2012.10.21 12:41:06 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{995AE492-90C0-4E43-871E-5FA22E66B104} [2011.06.26 12:04:25 | 077,683,512 | ---- | C] (K2 Network, Inc.) -- C:\Users\Ivan\APB_Reloaded_Installer.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.19 12:36:05 | 000,015,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.19 12:36:05 | 000,015,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.19 12:27:52 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012.11.19 12:27:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.19 12:27:38 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys [2012.11.19 12:13:09 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.17 14:47:56 | 000,000,512 | ---- | M] () -- C:\Users\Ivan\Desktop\MBR.dat [2012.11.17 13:49:04 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012.11.16 15:01:26 | 143,747,176 | ---- | M] () -- C:\setup_11.0.0.1245.x01_2012_11_16_15_34.exe [2012.11.16 14:31:07 | 000,000,143 | ---- | M] () -- C:\Windows\wininit.ini [2012.11.16 14:21:09 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.11.15 20:20:30 | 004,880,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.11.15 00:52:04 | 001,550,348 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.11.15 00:52:04 | 000,665,070 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.11.15 00:52:04 | 000,625,252 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.11.15 00:52:04 | 000,134,980 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.11.15 00:52:04 | 000,110,632 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.11.14 22:54:31 | 000,001,218 | ---- | M] () -- C:\Users\Ivan\Desktop\Spybot - Search & Destroy.lnk [2012.11.14 21:59:02 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2012.11.08 18:59:58 | 000,001,201 | ---- | M] () -- C:\Users\Public\Desktop\FUSSBALL MANAGER 13.lnk [2012.10.30 16:25:05 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI [2012.10.30 16:25:05 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI [2012.10.22 19:30:09 | 000,002,060 | ---- | M] () -- C:\Users\Public\Desktop\BattleForge™.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.17 14:47:56 | 000,000,512 | ---- | C] () -- C:\Users\Ivan\Desktop\MBR.dat [2012.11.17 13:38:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.11.17 13:38:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.11.17 13:38:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.11.17 13:38:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.11.17 13:38:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.11.16 14:59:42 | 143,747,176 | ---- | C] () -- C:\setup_11.0.0.1245.x01_2012_11_16_15_34.exe [2012.11.16 14:21:09 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.11.15 00:51:12 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.15 00:47:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.11.14 23:57:10 | 000,000,143 | ---- | C] () -- C:\Windows\wininit.ini [2012.11.14 23:04:03 | 000,000,779 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroGrand Casino.lnk [2012.11.14 22:54:31 | 000,001,218 | ---- | C] () -- C:\Users\Ivan\Desktop\Spybot - Search & Destroy.lnk [2012.11.14 21:59:02 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2012.11.08 18:59:58 | 000,001,201 | ---- | C] () -- C:\Users\Public\Desktop\FUSSBALL MANAGER 13.lnk [2012.10.30 16:25:05 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2012.10.22 19:30:09 | 000,002,060 | ---- | C] () -- C:\Users\Public\Desktop\BattleForge™.lnk [2012.07.28 02:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.07.28 02:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.07.17 15:12:45 | 000,003,584 | ---- | C] () -- C:\Users\Ivan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.07.16 13:49:17 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.07.09 14:51:27 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI [2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.01.21 11:39:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2012.01.05 13:55:25 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\mp3Media2.dll [2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.08.28 16:34:17 | 000,000,092 | ---- | C] () -- C:\Users\Ivan\AppData\Local\fusioncache.dat [2011.08.17 21:37:36 | 000,017,408 | ---- | C] () -- C:\Users\Ivan\AppData\Local\WebpageIcons.db [2011.07.05 18:00:11 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe [2011.06.26 15:48:16 | 000,281,656 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.06.26 15:48:11 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.06.26 12:04:25 | 3805,508,496 | ---- | C] () -- C:\Users\Ivan\Client1.5.0.562750.7z [2011.06.23 17:45:44 | 000,007,605 | ---- | C] () -- C:\Users\Ivan\AppData\Local\resmon.resmoncfg [2011.02.15 19:06:41 | 000,000,094 | ---- | C] () -- C:\Windows\wiso.ini [2011.01.19 09:40:55 | 000,050,688 | ---- | C] () -- C:\Windows\SysWow64\dtsoftbusinst64.exe [2010.12.25 17:32:10 | 000,025,357 | ---- | C] () -- C:\Windows\War3Unin.dat [2010.08.01 18:07:56 | 000,004,081 | ---- | C] () -- C:\Users\Ivan\.recently-used.xbel [2010.04.17 13:58:56 | 000,012,412 | ---- | C] () -- C:\Users\Ivan\AppData\Roaming\PStrip.bk! [2010.04.17 13:58:04 | 000,012,412 | ---- | C] () -- C:\Users\Ivan\AppData\Roaming\PStrip.bko [2010.04.17 12:24:55 | 000,012,412 | ---- | C] () -- C:\Users\Ivan\AppData\Roaming\PStrip.bak [2010.04.17 12:24:49 | 000,012,412 | ---- | C] () -- C:\Users\Ivan\AppData\Roaming\PStrip.ini ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.11.15 23:21:46 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\.minecraft [2012.08.20 22:27:14 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Autodesk [2011.02.15 20:43:25 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Buhl Data Service [2012.08.11 14:12:47 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\BWIN [2012.03.01 19:46:39 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.01.19 22:58:36 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\com.adobe.ExMan [2012.03.01 19:11:56 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1 [2010.11.24 19:12:45 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\DAEMON Tools Pro [2010.10.23 21:05:03 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\DVDVideoSoftIEHelpers [2012.06.18 14:27:31 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Greyfirst [2010.08.01 18:07:56 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\gtk-2.0 [2011.04.17 19:41:12 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\HLSW [2011.06.05 19:41:45 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Leadertech [2011.06.02 13:03:25 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\LolClient [2012.05.24 18:33:50 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\LolClient2 [2010.02.16 19:16:06 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\MAGIX [2012.11.18 17:16:36 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Mumble [2010.08.07 12:52:58 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\MyPhoneExplorer [2010.01.08 12:59:19 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\OpenOffice.org [2012.11.12 12:49:17 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Origin [2012.07.09 14:51:26 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\PACE Anti-Piracy [2012.11.14 20:43:53 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\QuickScan [2012.11.12 15:34:38 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\SoftGrid Client [2012.07.09 14:53:45 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010.12.02 19:09:03 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Systweak [2009.12.15 01:10:50 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\TeamViewer [2012.10.06 00:15:02 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Telekom [2012.10.06 13:21:17 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Telekom Internet Manager [2010.08.07 12:46:29 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\TP [2012.11.05 01:26:18 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\TS3Client [2012.09.03 13:14:29 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\TuneUp Software [2010.12.10 22:45:16 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Windows Live Writer ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.11.17 13:50:58 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2010.06.25 23:24:34 | 000,000,000 | ---D | M] -- C:\6310ec2c-c611-479f-b4ea-2223b88aa609 [2012.02.28 17:38:41 | 000,000,000 | ---D | M] -- C:\adobe master [2012.09.17 15:26:08 | 000,000,000 | ---D | M] -- C:\AMD [2009.12.15 02:31:25 | 000,000,000 | ---D | M] -- C:\ATI [2012.08.20 20:05:12 | 000,000,000 | ---D | M] -- C:\Autodesk [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2009.12.14 23:32:12 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.10.19 19:46:25 | 000,000,000 | ---D | M] -- C:\FIFA_Manager_12-Razor1911 [2009.12.15 01:39:19 | 000,000,000 | ---D | M] -- C:\Intel [2010.09.13 19:47:11 | 000,000,000 | ---D | M] -- C:\moviez [2012.01.05 13:56:09 | 000,000,000 | ---D | M] -- C:\Mp3 Output [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.11.14 21:58:42 | 000,000,000 | R--D | M] -- C:\Program Files [2012.11.19 12:26:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86) [2012.11.16 14:21:08 | 000,000,000 | ---D | M] -- C:\ProgramData [2009.12.14 23:32:12 | 000,000,000 | -HSD | M] -- C:\Programme [2012.08.04 14:08:53 | 000,000,000 | ---D | M] -- C:\Programs [2012.11.17 13:56:24 | 000,000,000 | ---D | M] -- C:\Qoobox [2009.12.14 23:32:13 | 000,000,000 | ---D | M] -- C:\Recovery [2011.08.17 13:20:11 | 000,000,000 | ---D | M] -- C:\Riot Games [2012.09.14 16:08:15 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.11.17 14:58:01 | 000,000,000 | ---D | M] -- C:\TDSSKiller_Quarantine [2009.12.14 23:32:19 | 000,000,000 | R--D | M] -- C:\Users [2012.11.19 12:28:38 | 000,000,000 | ---D | M] -- C:\Windows [2012.09.27 18:52:23 | 000,000,000 | ---D | M] -- C:\World of Warcraft < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %windir%\installer\*. /5 > [2012.11.18 22:31:02 | 000,000,000 | ---D | M] -- C:\Windows\installer\{26A24AE4-039D-4CA4-87B4-2F83217009FF} < %localappdata%\*. /5 > [2012.11.19 12:35:54 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Local\Temp [2012.11.17 14:08:01 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Local\{C3737D0F-6004-4474-A9EC-50B6BB2DE5B3} < > [2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.04.07 20:09:39 | 000,001,102 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2012.04.07 20:09:40 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012.09.17 15:57:31 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job ========== Alternate Data Streams ========== @Alternate Data Stream - 1199 bytes -> C:\ProgramData\Microsoft:MH94D8cnzuss93HglYc @Alternate Data Stream - 1173 bytes -> C:\ProgramData\Microsoft:mV4apxHA8kFvEAe4SpsZMv < End of report > |
|
19.11.2012, 12:54
| #6 |
| /// the machine /// TB-Ausbilder | Claro-Search als Startseite Wer hat denn da schon mit Combofix rumgefrickelt? Immer noch Probleme mit Clarosearch?
__________________ --> Claro-Search als Startseite |
|
19.11.2012, 13:09
| #7 |
| | Claro-Search als Startseite ich hattte schonnmal vorher diverse sachen hier in den foren gelesen und dementprechende scans gemacht :-) auch Combofix. Allerdings habe ich mich irgendwann nicht weitergetraut :-) claro search ist verschwunden, zumindest ist es nicht mehr meine Startseite :-) Vielen dank dafür!!! ist da sonst noch was zu erkennen was dringend weg muss? :-) LG |
|
19.11.2012, 13:33
| #8 |
| /// the machine /// TB-Ausbilder | Claro-Search als Startseite Noch nen Onlinescan dann räumen wir auf ESET Online Scanner
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.11.2012, 22:33
| #9 |
| | Claro-Search als StartseiteCode:
ATTFilter C:\ProgramData\Spybot - Search & Destroy\Recovery\EuroGrandCasinoPT.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\PrestigeCasinoPT.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\EuroGrandCasinoPT.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\PrestigeCasinoPT.zip Win32/Bagle.gen.zip worm
|
|
20.11.2012, 07:11
| #10 |
| /// the machine /// TB-Ausbilder | Claro-Search als Startseite ESET kannst du deinstallieren. AdwCleaner öffnen > Uninstall OTL öffnen > Button Bereinigung drücken Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann. __________________
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.11.2012, 23:48
| #11 |
| | Claro-Search als Startseite hat alles wunderbar geklappt! Vielen Dank dafür!!! super job von dir! LG |
|
22.11.2012, 07:23
| #12 |
| /// the machine /// TB-Ausbilder | Claro-Search als Startseite Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Claro-Search als Startseite |
| als startseite, andere, anderen, anleitungen, browser manager, claro-search, classpnp.sys, diverse, dxgkrnl, firefox, fontcache, hal.dll, immer wieder, lanmanworkstation, leute, leuten, lockedfile.multi.generic, mehrfach, policyagent, problem, scans, seite, startseite, trustedinstaller, tunnel, wegbekomme, wlansvc, wsearch |
Textbox.
Linear-Darstellung
