Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Pc spielt verrückt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.02.2013, 20:40   #1
Aligator4820
 
Pc spielt verrückt - Standard

Pc spielt verrückt



Hallo,
Ich habe folgendes Problem : Alle Programme die ich offen habe z.b Skype oder den Internet Explorer werden automatisch nach einer Zeit in den Hintergrund verschoben . Ich hab alles probiert, ich hab Virus Programm mal laufen lassen ( Avira ) , Ich hab FixWin mal durch laufen lassen, aber nichts will funktionieren. Kann mir da jemand helfen ? Das nervt nämlich richtig vor allem wenn ich mal am schreiben oder so bin und dann einfach das Programm verschoben wird.

Und mein zweites Problem : Meint Internet trennt sich nach einer Weile einfach automatisch und ich muss den WLAN-Schlüssel neu eingeben.

Ist dass ein Virus ? Wenn ja wie kann ich den Löschen?

Mfg
Samuel

Alt 06.02.2013, 20:41   #2
markusg
/// Malware-holic
 
Pc spielt verrückt - Standard

Pc spielt verrückt



hi
schaun wir mal

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 06.02.2013, 21:12   #3
Aligator4820
 
Pc spielt verrückt - Standard

Pc spielt verrückt



Zitat:
Zitat von Aligator4820 Beitrag anzeigen
Hallo,
Ich habe folgendes Problem : Alle Programme die ich offen habe z.b Skype oder den Internet Explorer werden automatisch nach einer Zeit in den Hintergrund verschoben . Ich hab alles probiert, ich hab Virus Programm mal laufen lassen ( Avira ) , Ich hab FixWin mal durch laufen lassen, aber nichts will funktionieren. Kann mir da jemand helfen ? Das nervt nämlich richtig vor allem wenn ich mal am schreiben oder so bin und dann einfach das Programm verschoben wird.

Und mein zweites Problem : Meint Internet trennt sich nach einer Weile einfach automatisch und ich muss den WLAN-Schlüssel neu eingeben.

Ist dass ein Virus ? Wenn ja wie kann ich den Löschen?

Mfg
Samuel
Also in dem OTL.Txt stand :OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 06.02.2013 21:04:38 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Samuel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,62 Gb Available Physical Memory | 82,89% Memory free
19,70 Gb Paging File | 18,19 Gb Available in Paging File | 92,33% Paging File free
Paging file location(s): c:\pagefile.sys 12000 16000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,75 Gb Total Space | 768,27 Gb Free Space | 83,35% Space Free | Partition Type: NTFS
Drive D: | 162,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: SAMUEL-PC | User Name: Samuel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Samuel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\Samuel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRtl.dll ()
MOD - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (RTL8192cu) -- C:\Windows\SysNative\drivers\RTL8192cu.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (GameKB) -- C:\Windows\SysNative\drivers\GameKB.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (AODDriver4.2) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=109727&tt=4912_6&babsrc=HP_ss&mntrId=9a3e01ef000000000000940c6d8bcd0e
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109727&tt=4912_6&babsrc=SP_ss&mntrId=9a3e01ef000000000000940c6d8bcd0e
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Samuel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
[2012.12.08 15:55:10 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.babylon.com/?affID=109727&tt=4912_6&babsrc=HP_ss&mntrId=9a3e01ef000000000000940c6d8bcd0e
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://search.babylon.com/?affID=109727&tt=4912_6&babsrc=HP_ss&mntrId=9a3e01ef000000000000940c6d8bcd0e
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Samuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Samuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: Google Drive = C:\Users\Samuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Samuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Samuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Samuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.58_0\
CHR - Extension: Google Mail = C:\Users\Samuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [GamingKeyboard] C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe (Game Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Samuel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Clownfish]  File not found
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D93129A-3CD3-4142-BB8A-A41960F1A603}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50CA3084-32C1-4BFB-90AE-9B10E394D570}: DhcpNameServer = 192.168.2.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3C7FA21-77FD-47D5-8B9E-944575150FA5}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.13 02:48:04 | 000,385,024 | R--- | M] (TP-LINK TECHNOLOGIES CO., LTD.) - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.02.07 09:10:22 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{10379bf9-9522-11e1-bfbe-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{10379bf9-9522-11e1-bfbe-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.03.13 02:48:04 | 000,385,024 | R--- | M] (TP-LINK TECHNOLOGIES CO., LTD.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.06 20:59:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.02.06 20:45:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Samuel\Desktop\OTL.exe
[2013.02.06 16:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.02.06 16:16:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.02.06 16:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.02.06 16:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.02.06 16:16:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.02.06 16:16:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2013.02.06 16:15:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.02.06 16:15:17 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.02.05 16:41:56 | 000,000,000 | ---D | C] -- C:\Users\Samuel\Desktop\Launchpad.libs
[2013.02.04 17:45:11 | 000,000,000 | ---D | C] -- C:\Users\Samuel\Desktop\FixWin
[2013.02.02 17:58:16 | 000,000,000 | ---D | C] -- C:\Users\Samuel\AppData\Roaming\TP-LINK
[2013.02.02 17:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
[2013.02.02 17:57:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TP-LINK
[2013.02.02 17:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK
[2013.02.01 22:10:31 | 000,000,000 | ---D | C] -- C:\Users\Samuel\AppData\Local\Oblivion
[2013.02.01 22:08:25 | 000,000,000 | ---D | C] -- C:\Users\Samuel\Desktop\Games
[2013.02.01 21:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2013.02.01 21:58:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2013.01.26 20:27:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belkin
[2013.01.24 18:42:30 | 000,000,000 | ---D | C] -- C:\Users\Samuel\AppData\Roaming\Unity
[2013.01.24 17:49:26 | 000,000,000 | ---D | C] -- C:\Users\Samuel\AppData\Local\Unity
[2013.01.16 14:51:37 | 000,000,000 | ---D | C] -- C:\Users\Samuel\AppData\Roaming\LibreOffice
[2013.01.16 14:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.6
[2013.01.16 14:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LibreOffice 3.6
[2013.01.14 19:44:20 | 000,000,000 | ---D | C] -- C:\Users\Samuel\AppData\Roaming\TS3Client
[2013.01.14 19:44:13 | 000,000,000 | ---D | C] -- C:\Users\Samuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2013.01.12 22:46:47 | 000,000,000 | ---D | C] -- C:\Users\Samuel\AppData\Local\HonorbuddyMeshes
[2013.01.11 14:20:44 | 000,000,000 | ---D | C] -- C:\Users\Samuel\AppData\Local\CrashDumps
[2013.01.11 14:20:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
[2013.01.11 14:20:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Clownfish
[2012.08.24 01:31:14 | 000,062,464 | ---- | C] (CrypticForce) -- C:\Users\Samuel\AppData\Roaming\Update.Net.exe
[2012.05.12 15:24:28 | 008,088,120 | ---- | C] (慄獲⁨〲㈱䈠灹獡敳⁤䕃.) -- C:\Users\Samuel\AppData\Local\Tempcheatengine-x86_64.exe
[2012.05.12 15:24:27 | 006,290,944 | ---- | C] (Darsh 2012 Bypassed CE) -- C:\Users\Samuel\AppData\Local\Tempcheatengine-i386.exe
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.06 21:06:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.06 21:02:52 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.06 21:02:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.06 21:02:36 | 2133,417,983 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.06 21:00:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.06 20:59:54 | 001,630,840 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.02.06 20:59:54 | 000,712,356 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.06 20:59:54 | 000,665,442 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.06 20:59:54 | 000,155,818 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.06 20:59:54 | 000,127,606 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.06 20:59:43 | 001,630,840 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.06 20:45:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Samuel\Desktop\OTL.exe
[2013.02.06 16:19:05 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.06 16:19:05 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.02 17:58:02 | 000,002,265 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2013.02.02 17:58:02 | 000,002,233 | ---- | M] () -- C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
[2013.02.01 22:06:19 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\Oblivion.lnk
[2013.01.24 21:38:33 | 000,001,011 | ---- | M] () -- C:\Users\Samuel\SciTE.session
[2013.01.17 10:00:10 | 000,314,392 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.12 12:30:28 | 000,002,221 | ---- | M] () -- C:\Users\Samuel\Desktop\Google Chrome.lnk
[5 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.02 17:58:02 | 000,002,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
[2013.02.02 17:58:02 | 000,002,233 | ---- | C] () -- C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
[2013.02.02 17:57:31 | 000,016,219 | ---- | C] () -- C:\Windows\SysNative\net8192cu.inf
[2013.02.02 17:57:31 | 000,007,540 | ---- | C] () -- C:\Windows\SysNative\net8192cu.cat
[2013.02.01 21:58:19 | 000,002,130 | ---- | C] () -- C:\Users\Public\Desktop\Oblivion.lnk
[2013.01.26 20:27:34 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.12.17 19:16:43 | 000,007,605 | ---- | C] () -- C:\Users\Samuel\AppData\Local\Resmon.ResmonCfg
[2012.11.26 19:52:14 | 000,000,094 | ---- | C] () -- C:\Users\Samuel\AppData\Local\fusioncache.dat
[2012.11.26 15:50:04 | 000,000,189 | ---- | C] () -- C:\Windows\steinsgate.ini
[2012.09.08 22:23:02 | 001,630,840 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.24 01:31:14 | 000,049,152 | ---- | C] ( ) -- C:\Users\Samuel\AppData\Roaming\Interop.Shell32.dll
[2012.08.24 01:31:10 | 000,016,042 | ---- | C] () -- C:\Users\Samuel\AppData\Roaming\n.sis
[2012.08.06 22:19:34 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.07.17 08:33:15 | 000,000,062 | ---- | C] () -- C:\Windows\projectx7.ini
[2012.07.15 20:51:37 | 000,000,059 | ---- | C] () -- C:\Users\Samuel\SciTEUser.properties
[2012.07.15 20:51:35 | 000,000,038 | ---- | C] () -- C:\Users\Samuel\abbrev.save.properties
[2012.07.15 20:17:48 | 000,001,011 | ---- | C] () -- C:\Users\Samuel\SciTE.session
[2012.05.12 11:07:37 | 000,007,168 | ---- | C] () -- C:\Users\Samuel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.06 01:34:54 | 000,270,240 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.05.06 01:34:54 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.05.03 14:36:50 | 000,017,408 | ---- | C] () -- C:\Users\Samuel\AppData\Local\WebpageIcons.db
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.05.02 09:47:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.08 20:44:54 | 000,000,000 | ---- | C] () -- C:\Windows\ItemConf.ini
[2012.04.06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.04.06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.02.17 16:14:06 | 000,000,038 | ---- | C] () -- C:\Users\Samuel\abbrev.properties
[2012.02.17 15:02:02 | 000,000,000 | ---- | C] () -- C:\Users\Samuel\au3.keywords.user.abbreviations.properties
[2012.02.14 21:52:12 | 000,000,027 | ---- | C] () -- C:\Users\Samuel\au3UserAbbrev.properties
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.12.02 14:15:51 | 000,018,904 | ---- | C] () -- C:\Users\Samuel\AppData\Local\TempGUIPic.JPG
[2010.03.27 16:22:54 | 000,014,905 | ---- | C] () -- C:\Users\Samuel\au3abbrev.properties
[2010.01.02 22:16:12 | 000,000,111 | ---- | C] () -- C:\Users\Samuel\au3.UserUdfs.properties
[2010.01.02 22:15:50 | 000,000,000 | ---- | C] () -- C:\Users\Samuel\au3.user.calltips.api
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.12.28 18:43:18 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\.minecraft
[2012.12.03 15:18:07 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Audacity
[2012.12.10 17:40:20 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Awesomium
[2013.01.23 22:57:11 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\BitTorrent
[2012.05.22 17:13:19 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.12.09 12:44:42 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\DAEMON Tools Lite
[2012.12.08 15:56:14 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\DesktopIconForAmazon
[2012.08.19 14:19:42 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Hive Cluster
[2013.01.16 14:51:37 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\LibreOffice
[2012.05.03 16:28:46 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\LolClient
[2012.05.25 20:24:28 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\LolClient2
[2012.11.28 17:06:19 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Minecraft Version Changer
[2012.11.29 18:38:26 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\MTE
[2012.05.17 14:56:36 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Notepad++
[2012.08.23 22:35:33 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Origin
[2012.08.08 02:35:50 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\PE Explorer
[2012.11.11 12:07:20 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Play withSIX
[2012.05.06 12:16:37 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Publish Providers
[2012.12.08 19:32:26 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Screaming Bee
[2012.07.06 15:06:14 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\six-zsync
[2012.07.26 23:27:54 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Sony
[2012.08.23 18:24:33 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Spirited Machine
[2012.05.23 12:57:34 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\SplitMediaLabs
[2012.05.19 08:37:47 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\TeamViewer
[2013.01.04 20:25:37 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\TechSmith
[2012.08.17 14:20:26 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Teeworlds
[2013.02.04 18:09:53 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\TP-LINK
[2013.02.06 15:25:15 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\TS3Client
[2012.09.17 17:15:37 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\ts3overlay
[2012.12.18 20:13:28 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Ubisoft
[2013.01.24 18:42:30 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\Unity
[2012.12.20 15:22:13 | 000,000,000 | ---D | M] -- C:\Users\Samuel\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---
__________________

Alt 06.02.2013, 21:20   #4
markusg
/// Malware-holic
 
Pc spielt verrückt - Standard

Pc spielt verrückt



hi
otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


danach avira Fundmeldungen posten
http://www.trojaner-board.de/125889-...en-posten.html
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Geändert von markusg (06.02.2013 um 21:40 Uhr)

Alt 06.02.2013, 21:31   #5
Aligator4820
 
Pc spielt verrückt - Standard

Pc spielt verrückt



Zitat:
Zitat von markusg Beitrag anzeigen
otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

http://www.trojaner-board.de/125889-...en-posten.html


Wenn Quick Scan mache und das Fertig geladen hat steht da nichts im Benutzerdefinierte Scans/Fixes.

Und wenn ich auf Fix drücke steht da Es wurde keinen Fix vorgesehen !
Klicke auf Ok um einem Fix von einer Datei zu laden oder Abbrechen um den Fix abzubrechen.


Alt 06.02.2013, 21:40   #6
markusg
/// Malware-holic
 
Pc spielt verrückt - Standard

Pc spielt verrückt



du sollst ja auch das aus der codebox einfügensiehe überarbeiteten post
__________________
--> Pc spielt verrückt

Alt 07.02.2013, 11:39   #7
Aligator4820
 
Pc spielt verrückt - Standard

Pc spielt verrückt



Zitat:
Zitat von markusg Beitrag anzeigen
du sollst ja auch das aus der codebox einfügensiehe überarbeiteten post
Also ich hab das jetzt so gemacht wie du es gesagt hast du dann stand in dem Textdokument :

All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Samuel
->Temp folder emptied: 165241323 bytes
->Temporary Internet Files folder emptied: 8371582 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 371151404 bytes
->Flash cache emptied: 57469 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 2628960 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26778861 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 403388 bytes

Total Files Cleaned = 548,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02072013_113357

Files\Folders moved on Reboot...
C:\Users\Samuel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Alt 07.02.2013, 11:41   #8
markusg
/// Malware-holic
 
Pc spielt verrückt - Standard

Pc spielt verrückt



ok weiter:
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.02.2013, 11:48   #9
Aligator4820
 
Pc spielt verrückt - Standard

Pc spielt verrückt



Zitat:
Zitat von markusg Beitrag anzeigen
ok weiter:
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
In dem Textdokument stand :
11:46:12.0081 4500 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:46:12.0143 4500 ============================================================
11:46:12.0143 4500 Current date / time: 2013/02/07 11:46:12.0143
11:46:12.0143 4500 SystemInfo:
11:46:12.0143 4500
11:46:12.0143 4500 OS Version: 6.1.7601 ServicePack: 1.0
11:46:12.0143 4500 Product type: Workstation
11:46:12.0144 4500 ComputerName: SAMUEL-PC
11:46:12.0144 4500 UserName: Samuel
11:46:12.0144 4500 Windows directory: C:\Windows
11:46:12.0144 4500 System windows directory: C:\Windows
11:46:12.0144 4500 Running under WOW64
11:46:12.0144 4500 Processor architecture: Intel x64
11:46:12.0144 4500 Number of processors: 4
11:46:12.0144 4500 Page size: 0x1000
11:46:12.0144 4500 Boot type: Normal boot
11:46:12.0144 4500 ============================================================
11:46:12.0583 4500 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:46:12.0588 4500 ============================================================
11:46:12.0588 4500 \Device\Harddisk0\DR0:
11:46:12.0588 4500 MBR partitions:
11:46:12.0588 4500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x7337D800
11:46:12.0588 4500 ============================================================
11:46:12.0625 4500 C: <-> \Device\Harddisk0\DR0\Partition1
11:46:12.0625 4500 ============================================================
11:46:12.0625 4500 Initialize success
11:46:12.0625 4500 ============================================================
11:46:40.0589 3984 ============================================================
11:46:40.0589 3984 Scan started
11:46:40.0589 3984 Mode: Manual; SigCheck; TDLFS;
11:46:40.0589 3984 ============================================================
11:46:40.0742 3984 ================ Scan system memory ========================
11:46:40.0742 3984 System memory - ok
11:46:40.0742 3984 ================ Scan services =============================
11:46:40.0907 3984 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:46:40.0997 3984 1394ohci - ok
11:46:41.0027 3984 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:46:41.0059 3984 ACPI - ok
11:46:41.0070 3984 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:46:41.0117 3984 AcpiPmi - ok
11:46:41.0217 3984 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:46:41.0261 3984 AdobeFlashPlayerUpdateSvc - ok
11:46:41.0300 3984 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:46:41.0325 3984 adp94xx - ok
11:46:41.0346 3984 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:46:41.0365 3984 adpahci - ok
11:46:41.0369 3984 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:46:41.0385 3984 adpu320 - ok
11:46:41.0406 3984 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:46:41.0457 3984 AeLookupSvc - ok
11:46:41.0498 3984 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:46:41.0542 3984 AFD - ok
11:46:41.0569 3984 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:46:41.0600 3984 agp440 - ok
11:46:42.0658 3984 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll
11:46:42.0658 3984 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
11:46:42.0665 3984 Akamai ( HiddenFile.Multi.Generic ) - warning
11:46:42.0665 3984 Akamai - detected HiddenFile.Multi.Generic (1)
11:46:42.0788 3984 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:46:42.0952 3984 ALG - ok
11:46:43.0081 3984 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:46:43.0105 3984 aliide - ok
11:46:43.0438 3984 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:46:43.0534 3984 AMD External Events Utility - ok
11:46:43.0590 3984 AMD FUEL Service - ok
11:46:43.0604 3984 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:46:43.0633 3984 amdide - ok
11:46:43.0660 3984 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
11:46:43.0681 3984 amdiox64 - ok
11:46:43.0709 3984 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:46:43.0762 3984 AmdK8 - ok
11:46:43.0939 3984 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:46:44.0142 3984 amdkmdag - ok
11:46:44.0166 3984 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:46:44.0205 3984 amdkmdap - ok
11:46:44.0238 3984 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:46:44.0292 3984 AmdPPM - ok
11:46:44.0329 3984 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:46:44.0360 3984 amdsata - ok
11:46:44.0387 3984 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:46:44.0404 3984 amdsbs - ok
11:46:44.0419 3984 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:46:44.0430 3984 amdxata - ok
11:46:44.0451 3984 [ 80A508D0C7A21BC13C01D4C671541203 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
11:46:44.0459 3984 amd_sata - ok
11:46:44.0470 3984 [ 2BE940F3A632A1A301B22B096BF221F1 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
11:46:44.0480 3984 amd_xata - ok
11:46:44.0540 3984 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
11:46:44.0576 3984 AntiVirSchedulerService - ok
11:46:44.0600 3984 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
11:46:44.0614 3984 AntiVirService - ok
11:46:44.0645 3984 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
11:46:44.0656 3984 AODDriver4.01 - ok
11:46:44.0679 3984 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
11:46:44.0687 3984 AODDriver4.2 - ok
11:46:44.0717 3984 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:46:44.0790 3984 AppID - ok
11:46:44.0814 3984 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:46:44.0865 3984 AppIDSvc - ok
11:46:44.0907 3984 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:46:44.0972 3984 Appinfo - ok
11:46:44.0999 3984 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:46:45.0014 3984 arc - ok
11:46:45.0024 3984 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:46:45.0038 3984 arcsas - ok
11:46:45.0136 3984 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:46:45.0172 3984 aspnet_state - ok
11:46:45.0212 3984 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:46:45.0280 3984 AsyncMac - ok
11:46:45.0295 3984 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:46:45.0306 3984 atapi - ok
11:46:45.0326 3984 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:46:45.0352 3984 AtiHDAudioService - ok
11:46:45.0417 3984 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
11:46:45.0433 3984 atksgt - ok
11:46:45.0452 3984 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:46:45.0503 3984 AudioEndpointBuilder - ok
11:46:45.0511 3984 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:46:45.0544 3984 AudioSrv - ok
11:46:45.0573 3984 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
11:46:45.0586 3984 avgntflt - ok
11:46:45.0593 3984 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
11:46:45.0607 3984 avipbb - ok
11:46:45.0613 3984 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
11:46:45.0624 3984 avkmgr - ok
11:46:45.0647 3984 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:46:45.0689 3984 AxInstSV - ok
11:46:45.0727 3984 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:46:45.0790 3984 b06bdrv - ok
11:46:45.0811 3984 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:46:45.0848 3984 b57nd60a - ok
11:46:45.0874 3984 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:46:45.0906 3984 BDESVC - ok
11:46:45.0936 3984 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:46:46.0009 3984 Beep - ok
11:46:46.0055 3984 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:46:46.0114 3984 BFE - ok
11:46:46.0143 3984 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:46:46.0197 3984 BITS - ok
11:46:46.0221 3984 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:46:46.0246 3984 blbdrive - ok
11:46:46.0288 3984 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:46:46.0331 3984 bowser - ok
11:46:46.0346 3984 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:46:46.0383 3984 BrFiltLo - ok
11:46:46.0403 3984 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:46:46.0422 3984 BrFiltUp - ok
11:46:46.0456 3984 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:46:46.0479 3984 Browser - ok
11:46:46.0497 3984 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:46:46.0570 3984 Brserid - ok
11:46:46.0592 3984 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:46:46.0625 3984 BrSerWdm - ok
11:46:46.0642 3984 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:46:46.0670 3984 BrUsbMdm - ok
11:46:46.0674 3984 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:46:46.0692 3984 BrUsbSer - ok
11:46:46.0731 3984 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
11:46:46.0778 3984 BthEnum - ok
11:46:46.0804 3984 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:46:46.0847 3984 BTHMODEM - ok
11:46:46.0865 3984 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:46:46.0895 3984 BthPan - ok
11:46:46.0927 3984 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
11:46:46.0970 3984 BTHPORT - ok
11:46:46.0989 3984 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:46:47.0025 3984 bthserv - ok
11:46:47.0054 3984 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
11:46:47.0067 3984 BTHUSB - ok
11:46:47.0092 3984 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:46:47.0143 3984 cdfs - ok
11:46:47.0178 3984 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:46:47.0230 3984 cdrom - ok
11:46:47.0257 3984 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:46:47.0313 3984 CertPropSvc - ok
11:46:47.0353 3984 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:46:47.0372 3984 circlass - ok
11:46:47.0397 3984 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:46:47.0412 3984 CLFS - ok
11:46:47.0464 3984 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:46:47.0494 3984 clr_optimization_v2.0.50727_32 - ok
11:46:47.0519 3984 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:46:47.0533 3984 clr_optimization_v2.0.50727_64 - ok
11:46:47.0584 3984 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:46:47.0624 3984 clr_optimization_v4.0.30319_32 - ok
11:46:47.0640 3984 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:46:47.0657 3984 clr_optimization_v4.0.30319_64 - ok
11:46:47.0673 3984 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:46:47.0702 3984 CmBatt - ok
11:46:47.0734 3984 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:46:47.0748 3984 cmdide - ok
11:46:47.0777 3984 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:46:47.0842 3984 CNG - ok
11:46:47.0854 3984 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:46:47.0867 3984 Compbatt - ok
11:46:47.0878 3984 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:46:47.0909 3984 CompositeBus - ok
11:46:47.0929 3984 COMSysApp - ok
11:46:47.0996 3984 cpuz130 - ok
11:46:48.0015 3984 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:46:48.0027 3984 crcdisk - ok
11:46:48.0047 3984 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:46:48.0099 3984 CryptSvc - ok
11:46:48.0140 3984 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:46:48.0212 3984 DcomLaunch - ok
11:46:48.0244 3984 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:46:48.0276 3984 defragsvc - ok
11:46:48.0298 3984 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:46:48.0342 3984 DfsC - ok
11:46:48.0365 3984 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:46:48.0433 3984 Dhcp - ok
11:46:48.0456 3984 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:46:48.0503 3984 discache - ok
11:46:48.0537 3984 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:46:48.0550 3984 Disk - ok
11:46:48.0567 3984 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:46:48.0616 3984 Dnscache - ok
11:46:48.0655 3984 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:46:48.0719 3984 dot3svc - ok
11:46:48.0740 3984 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:46:48.0786 3984 DPS - ok
11:46:48.0822 3984 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:46:48.0866 3984 drmkaud - ok
11:46:48.0899 3984 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:46:48.0924 3984 DXGKrnl - ok
11:46:48.0948 3984 EagleX64 - ok
11:46:48.0974 3984 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:46:49.0004 3984 EapHost - ok
11:46:49.0073 3984 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:46:49.0159 3984 ebdrv - ok
11:46:49.0180 3984 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:46:49.0203 3984 EFS - ok
11:46:49.0264 3984 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:46:49.0342 3984 ehRecvr - ok
11:46:49.0381 3984 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:46:49.0420 3984 ehSched - ok
11:46:49.0471 3984 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:46:49.0511 3984 elxstor - ok
11:46:49.0526 3984 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:46:49.0557 3984 ErrDev - ok
11:46:49.0580 3984 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:46:49.0635 3984 EventSystem - ok
11:46:49.0658 3984 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:46:49.0693 3984 exfat - ok
11:46:49.0707 3984 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:46:49.0741 3984 fastfat - ok
11:46:49.0756 3984 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:46:49.0806 3984 Fax - ok
11:46:49.0821 3984 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:46:49.0850 3984 fdc - ok
11:46:49.0868 3984 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:46:49.0916 3984 fdPHost - ok
11:46:49.0937 3984 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:46:49.0987 3984 FDResPub - ok
11:46:50.0009 3984 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:46:50.0022 3984 FileInfo - ok
11:46:50.0028 3984 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:46:50.0102 3984 Filetrace - ok
11:46:50.0120 3984 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:46:50.0134 3984 flpydisk - ok
11:46:50.0158 3984 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:46:50.0178 3984 FltMgr - ok
11:46:50.0217 3984 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:46:50.0277 3984 FontCache - ok
11:46:50.0317 3984 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:46:50.0329 3984 FontCache3.0.0.0 - ok
11:46:50.0343 3984 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:46:50.0356 3984 FsDepends - ok
11:46:50.0392 3984 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:46:50.0419 3984 Fs_Rec - ok
11:46:50.0436 3984 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:46:50.0458 3984 fvevol - ok
11:46:50.0492 3984 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:46:50.0507 3984 gagp30kx - ok
11:46:50.0536 3984 [ F5D15F93007259AFD6FC2DEC420132A1 ] GameKB C:\Windows\system32\drivers\GameKB.sys
11:46:50.0566 3984 GameKB - ok
11:46:50.0610 3984 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:46:50.0670 3984 gpsvc - ok
11:46:50.0749 3984 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:46:50.0769 3984 gupdate - ok
11:46:50.0788 3984 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:46:50.0799 3984 gupdatem - ok
11:46:50.0816 3984 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
11:46:50.0831 3984 hamachi - ok
11:46:50.0922 3984 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
11:46:50.0971 3984 Hamachi2Svc - ok
11:46:50.0986 3984 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:46:51.0030 3984 hcw85cir - ok
11:46:51.0056 3984 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:46:51.0092 3984 HdAudAddService - ok
11:46:51.0130 3984 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:46:51.0155 3984 HDAudBus - ok
11:46:51.0187 3984 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:46:51.0221 3984 HidBatt - ok
11:46:51.0242 3984 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:46:51.0277 3984 HidBth - ok
11:46:51.0292 3984 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:46:51.0308 3984 HidIr - ok
11:46:51.0331 3984 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:46:51.0397 3984 hidserv - ok
11:46:51.0432 3984 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:46:51.0446 3984 HidUsb - ok
11:46:51.0463 3984 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:46:51.0519 3984 hkmsvc - ok
11:46:51.0536 3984 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:46:51.0567 3984 HomeGroupListener - ok
11:46:51.0590 3984 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:46:51.0625 3984 HomeGroupProvider - ok
11:46:51.0643 3984 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:46:51.0658 3984 HpSAMD - ok
11:46:51.0692 3984 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:46:51.0756 3984 HTTP - ok
11:46:51.0773 3984 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:46:51.0784 3984 hwpolicy - ok
11:46:51.0806 3984 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:46:51.0820 3984 i8042prt - ok
11:46:51.0836 3984 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:46:51.0856 3984 iaStorV - ok
11:46:51.0890 3984 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:46:51.0932 3984 idsvc - ok
11:46:51.0954 3984 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:46:51.0967 3984 iirsp - ok
11:46:51.0993 3984 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:46:52.0042 3984 IKEEXT - ok
11:46:52.0047 3984 IntcAzAudAddService - ok
11:46:52.0065 3984 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:46:52.0076 3984 intelide - ok
11:46:52.0096 3984 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
11:46:52.0121 3984 intelppm - ok
11:46:52.0149 3984 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:46:52.0199 3984 IPBusEnum - ok
11:46:52.0214 3984 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:46:52.0245 3984 IpFilterDriver - ok
11:46:52.0272 3984 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:46:52.0307 3984 iphlpsvc - ok
11:46:52.0331 3984 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:46:52.0364 3984 IPMIDRV - ok
11:46:52.0396 3984 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:46:52.0445 3984 IPNAT - ok
11:46:52.0470 3984 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:46:52.0520 3984 IRENUM - ok
11:46:52.0548 3984 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:46:52.0564 3984 isapnp - ok
11:46:52.0580 3984 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:46:52.0605 3984 iScsiPrt - ok
11:46:52.0630 3984 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:46:52.0642 3984 kbdclass - ok
11:46:52.0646 3984 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:46:52.0676 3984 kbdhid - ok
11:46:52.0691 3984 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:46:52.0700 3984 KeyIso - ok
11:46:52.0725 3984 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:46:52.0742 3984 KSecDD - ok
11:46:52.0757 3984 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:46:52.0773 3984 KSecPkg - ok
11:46:52.0779 3984 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:46:52.0826 3984 ksthunk - ok
11:46:52.0855 3984 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:46:52.0912 3984 KtmRm - ok
11:46:52.0948 3984 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:46:52.0998 3984 LanmanServer - ok
11:46:53.0023 3984 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:46:53.0052 3984 LanmanWorkstation - ok
11:46:53.0098 3984 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
11:46:53.0122 3984 lirsgt - ok
11:46:53.0143 3984 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:46:53.0191 3984 lltdio - ok
11:46:53.0210 3984 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:46:53.0268 3984 lltdsvc - ok
11:46:53.0285 3984 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:46:53.0347 3984 lmhosts - ok
11:46:53.0378 3984 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:46:53.0392 3984 LSI_FC - ok
11:46:53.0407 3984 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:46:53.0421 3984 LSI_SAS - ok
11:46:53.0437 3984 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:46:53.0450 3984 LSI_SAS2 - ok
11:46:53.0473 3984 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:46:53.0487 3984 LSI_SCSI - ok
11:46:53.0490 3984 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:46:53.0531 3984 luafv - ok
11:46:53.0572 3984 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
11:46:53.0614 3984 ManyCam - ok
11:46:53.0645 3984 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
11:46:53.0705 3984 mcaudrv_simple - ok
11:46:53.0724 3984 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:46:53.0744 3984 Mcx2Svc - ok
11:46:53.0761 3984 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:46:53.0773 3984 megasas - ok
11:46:53.0786 3984 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:46:53.0804 3984 MegaSR - ok
11:46:53.0830 3984 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:46:53.0877 3984 MMCSS - ok
11:46:53.0910 3984 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:46:53.0943 3984 Modem - ok
11:46:53.0949 3984 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:46:53.0990 3984 monitor - ok
11:46:54.0018 3984 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:46:54.0034 3984 mouclass - ok
11:46:54.0059 3984 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:46:54.0087 3984 mouhid - ok
11:46:54.0108 3984 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:46:54.0122 3984 mountmgr - ok
11:46:54.0136 3984 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:46:54.0152 3984 mpio - ok
11:46:54.0155 3984 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:46:54.0186 3984 mpsdrv - ok
11:46:54.0206 3984 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:46:54.0255 3984 MpsSvc - ok
11:46:54.0278 3984 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:46:54.0309 3984 MRxDAV - ok
11:46:54.0332 3984 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:46:54.0363 3984 mrxsmb - ok
11:46:54.0388 3984 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:46:54.0420 3984 mrxsmb10 - ok
11:46:54.0441 3984 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:46:54.0455 3984 mrxsmb20 - ok
11:46:54.0464 3984 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:46:54.0476 3984 msahci - ok
11:46:54.0486 3984 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:46:54.0502 3984 msdsm - ok
11:46:54.0510 3984 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:46:54.0538 3984 MSDTC - ok
11:46:54.0556 3984 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:46:54.0604 3984 Msfs - ok
11:46:54.0620 3984 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:46:54.0652 3984 mshidkmdf - ok
11:46:54.0675 3984 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:46:54.0686 3984 msisadrv - ok
11:46:54.0716 3984 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:46:54.0748 3984 MSiSCSI - ok
11:46:54.0751 3984 msiserver - ok
11:46:54.0764 3984 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:46:54.0812 3984 MSKSSRV - ok
11:46:54.0828 3984 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:46:54.0872 3984 MSPCLOCK - ok
11:46:54.0893 3984 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:46:54.0935 3984 MSPQM - ok
11:46:54.0954 3984 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:46:54.0973 3984 MsRPC - ok
11:46:54.0995 3984 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:46:55.0004 3984 mssmbios - ok
11:46:55.0013 3984 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:46:55.0051 3984 MSTEE - ok
11:46:55.0066 3984 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:46:55.0078 3984 MTConfig - ok
11:46:55.0081 3984 [ 6936198F2CC25B39CF5262436C80DF46 ] MTsensor C:\Windows\system32\drivers\ASACPI.sys
11:46:55.0091 3984 MTsensor - ok
11:46:55.0106 3984 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:46:55.0118 3984 Mup - ok
11:46:55.0145 3984 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:46:55.0193 3984 napagent - ok
11:46:55.0226 3984 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:46:55.0258 3984 NativeWifiP - ok
11:46:55.0300 3984 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:46:55.0322 3984 NDIS - ok
11:46:55.0331 3984 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:46:55.0362 3984 NdisCap - ok
11:46:55.0382 3984 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:46:55.0413 3984 NdisTapi - ok
11:46:55.0423 3984 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:46:55.0473 3984 Ndisuio - ok
11:46:55.0495 3984 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:46:55.0547 3984 NdisWan - ok
11:46:55.0564 3984 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:46:55.0606 3984 NDProxy - ok
11:46:55.0625 3984 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:46:55.0695 3984 NetBIOS - ok
11:46:55.0718 3984 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:46:55.0753 3984 NetBT - ok
11:46:55.0762 3984 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:46:55.0772 3984 Netlogon - ok
11:46:55.0805 3984 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:46:55.0853 3984 Netman - ok
11:46:55.0887 3984 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:46:55.0913 3984 NetMsmqActivator - ok
11:46:55.0931 3984 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:46:55.0942 3984 NetPipeActivator - ok
11:46:55.0957 3984 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:46:56.0014 3984 netprofm - ok
11:46:56.0045 3984 [ 81B8D0C1CE44A7FDBD596B693783950C ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
11:46:56.0092 3984 netr7364 - ok
11:46:56.0095 3984 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:46:56.0107 3984 NetTcpActivator - ok
11:46:56.0110 3984 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:46:56.0122 3984 NetTcpPortSharing - ok
11:46:56.0161 3984 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:46:56.0174 3984 nfrd960 - ok
11:46:56.0189 3984 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:46:56.0216 3984 NlaSvc - ok
11:46:56.0234 3984 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:46:56.0265 3984 Npfs - ok
11:46:56.0284 3984 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:46:56.0313 3984 nsi - ok
11:46:56.0316 3984 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:46:56.0365 3984 nsiproxy - ok
11:46:56.0409 3984 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:46:56.0453 3984 Ntfs - ok
11:46:56.0466 3984 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:46:56.0514 3984 Null - ok
11:46:56.0543 3984 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:46:56.0558 3984 nvraid - ok
11:46:56.0573 3984 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:46:56.0589 3984 nvstor - ok
11:46:56.0613 3984 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:46:56.0628 3984 nv_agp - ok
11:46:56.0642 3984 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:46:56.0669 3984 ohci1394 - ok
11:46:56.0700 3984 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:46:56.0728 3984 p2pimsvc - ok
11:46:56.0748 3984 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:46:56.0768 3984 p2psvc - ok
11:46:56.0790 3984 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:46:56.0815 3984 Parport - ok
11:46:56.0839 3984 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:46:56.0852 3984 partmgr - ok
11:46:56.0864 3984 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:46:56.0894 3984 PcaSvc - ok
11:46:56.0918 3984 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:46:56.0929 3984 pci - ok
11:46:56.0934 3984 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:46:56.0944 3984 pciide - ok
11:46:56.0955 3984 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:46:56.0972 3984 pcmcia - ok
11:46:56.0975 3984 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:46:56.0987 3984 pcw - ok
11:46:57.0003 3984 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:46:57.0048 3984 PEAUTH - ok
11:46:57.0095 3984 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:46:57.0132 3984 PerfHost - ok
11:46:57.0184 3984 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:46:57.0254 3984 pla - ok
11:46:57.0299 3984 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:46:57.0339 3984 PlugPlay - ok
11:46:57.0378 3984 PnkBstrA - ok
11:46:57.0394 3984 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:46:57.0431 3984 PNRPAutoReg - ok
11:46:57.0438 3984 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:46:57.0456 3984 PNRPsvc - ok
11:46:57.0489 3984 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:46:57.0556 3984 PolicyAgent - ok
11:46:57.0592 3984 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:46:57.0623 3984 Power - ok
11:46:57.0657 3984 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:46:57.0708 3984 PptpMiniport - ok
11:46:57.0725 3984 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:46:57.0751 3984 Processor - ok
11:46:57.0794 3984 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:46:57.0833 3984 ProfSvc - ok
11:46:57.0840 3984 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:46:57.0850 3984 ProtectedStorage - ok
11:46:57.0869 3984 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:46:57.0912 3984 Psched - ok
11:46:57.0967 3984 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:46:58.0015 3984 ql2300 - ok
11:46:58.0028 3984 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:46:58.0045 3984 ql40xx - ok
11:46:58.0066 3984 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:46:58.0089 3984 QWAVE - ok
11:46:58.0109 3984 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:46:58.0126 3984 QWAVEdrv - ok
11:46:58.0136 3984 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:46:58.0166 3984 RasAcd - ok
11:46:58.0184 3984 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:46:58.0215 3984 RasAgileVpn - ok
11:46:58.0224 3984 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:46:58.0275 3984 RasAuto - ok
11:46:58.0297 3984 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:46:58.0357 3984 Rasl2tp - ok
11:46:58.0377 3984 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:46:58.0416 3984 RasMan - ok
11:46:58.0429 3984 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:46:58.0478 3984 RasPppoe - ok
11:46:58.0495 3984 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:46:58.0528 3984 RasSstp - ok
11:46:58.0541 3984 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:46:58.0577 3984 rdbss - ok
11:46:58.0591 3984 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:46:58.0634 3984 rdpbus - ok
11:46:58.0655 3984 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:46:58.0687 3984 RDPCDD - ok
11:46:58.0710 3984 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:46:58.0774 3984 RDPENCDD - ok
11:46:58.0778 3984 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:46:58.0807 3984 RDPREFMP - ok
11:46:58.0835 3984 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:46:58.0892 3984 RDPWD - ok
11:46:58.0908 3984 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:46:58.0927 3984 rdyboost - ok
11:46:58.0950 3984 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:46:58.0987 3984 RemoteAccess - ok
11:46:58.0996 3984 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:46:59.0044 3984 RemoteRegistry - ok
11:46:59.0091 3984 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:46:59.0108 3984 RFCOMM - ok
11:46:59.0125 3984 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:46:59.0170 3984 RpcEptMapper - ok
11:46:59.0189 3984 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:46:59.0213 3984 RpcLocator - ok
11:46:59.0241 3984 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:46:59.0273 3984 RpcSs - ok
11:46:59.0285 3984 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:46:59.0317 3984 rspndr - ok
11:46:59.0356 3984 [ 6CF9DB101A75360E98659F823852E540 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:46:59.0378 3984 RTL8167 - ok
11:46:59.0432 3984 [ 7461D3DA1AABB5F703504E958455A900 ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
11:46:59.0472 3984 RTL8192cu - ok
11:46:59.0488 3984 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:46:59.0497 3984 SamSs - ok
11:46:59.0513 3984 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:46:59.0527 3984 sbp2port - ok
11:46:59.0542 3984 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:46:59.0593 3984 SCardSvr - ok
11:46:59.0635 3984 [ C81EB41E9FFC35560E5025891DC01A6E ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
11:46:59.0663 3984 SCDEmu - ok
11:46:59.0676 3984 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:46:59.0738 3984 scfilter - ok
11:46:59.0768 3984 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:46:59.0820 3984 Schedule - ok
11:46:59.0850 3984 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:46:59.0878 3984 SCPolicySvc - ok
11:46:59.0912 3984 [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
11:46:59.0923 3984 ScreamBAudioSvc - ok
11:46:59.0936 3984 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:46:59.0960 3984 SDRSVC - ok
11:46:59.0968 3984 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:47:00.0012 3984 secdrv - ok
11:47:00.0031 3984 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:47:00.0075 3984 seclogon - ok
11:47:00.0097 3984 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:47:00.0148 3984 SENS - ok
11:47:00.0177 3984 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:47:00.0230 3984 SensrSvc - ok
11:47:00.0243 3984 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:47:00.0289 3984 Serenum - ok
11:47:00.0312 3984 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:47:00.0333 3984 Serial - ok
11:47:00.0358 3984 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:47:00.0396 3984 sermouse - ok
11:47:00.0425 3984 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:47:00.0479 3984 SessionEnv - ok
11:47:00.0505 3984 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:47:00.0520 3984 sffdisk - ok
11:47:00.0543 3984 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:47:00.0583 3984 sffp_mmc - ok
11:47:00.0613 3984 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:47:00.0657 3984 sffp_sd - ok
11:47:00.0683 3984 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:47:00.0699 3984 sfloppy - ok
11:47:00.0722 3984 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:47:00.0772 3984 SharedAccess - ok
11:47:00.0801 3984 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:47:00.0833 3984 ShellHWDetection - ok
11:47:00.0854 3984 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:47:00.0866 3984 SiSRaid2 - ok
11:47:00.0882 3984 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:47:00.0895 3984 SiSRaid4 - ok
11:47:00.0923 3984 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:47:00.0932 3984 SkypeUpdate - ok
11:47:00.0965 3984 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:47:01.0030 3984 Smb - ok
11:47:01.0068 3984 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:47:01.0096 3984 SNMPTRAP - ok
11:47:01.0116 3984 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:47:01.0128 3984 spldr - ok
11:47:01.0154 3984 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:47:01.0180 3984 Spooler - ok
11:47:01.0243 3984 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:47:01.0319 3984 sppsvc - ok
11:47:01.0330 3984 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:47:01.0359 3984 sppuinotify - ok
11:47:01.0380 3984 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:47:01.0401 3984 srv - ok
11:47:01.0411 3984 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:47:01.0443 3984 srv2 - ok
11:47:01.0464 3984 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:47:01.0479 3984 srvnet - ok
11:47:01.0501 3984 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:47:01.0536 3984 SSDPSRV - ok
11:47:01.0556 3984 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:47:01.0590 3984 SstpSvc - ok
11:47:01.0622 3984 Steam Client Service - ok
11:47:01.0636 3984 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:47:01.0649 3984 stexstor - ok
11:47:01.0679 3984 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:47:01.0707 3984 stisvc - ok
11:47:01.0714 3984 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:47:01.0725 3984 swenum - ok
11:47:01.0739 3984 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:47:01.0774 3984 swprv - ok
11:47:01.0806 3984 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:47:01.0859 3984 SysMain - ok
11:47:01.0877 3984 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:47:01.0913 3984 TabletInputService - ok
11:47:01.0938 3984 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:47:01.0986 3984 TapiSrv - ok
11:47:02.0020 3984 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:47:02.0049 3984 TBS - ok
11:47:02.0089 3984 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:47:02.0136 3984 Tcpip - ok
11:47:02.0160 3984 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:47:02.0192 3984 TCPIP6 - ok
11:47:02.0209 3984 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:47:02.0221 3984 tcpipreg - ok
11:47:02.0233 3984 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:47:02.0288 3984 TDPIPE - ok
11:47:02.0313 3984 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:47:02.0348 3984 TDTCP - ok
11:47:02.0393 3984 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:47:02.0443 3984 tdx - ok
11:47:02.0553 3984 [ 851C5080261DFC1FCDC21DF0E5EA3BCB ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
11:47:02.0617 3984 TeamViewer8 - ok
11:47:02.0644 3984 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:47:02.0656 3984 TermDD - ok
11:47:02.0671 3984 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:47:02.0714 3984 TermService - ok
11:47:02.0724 3984 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:47:02.0738 3984 Themes - ok
11:47:02.0746 3984 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:47:02.0775 3984 THREADORDER - ok
11:47:02.0789 3984 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:47:02.0836 3984 TrkWks - ok
11:47:02.0877 3984 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:47:02.0906 3984 TrustedInstaller - ok
11:47:02.0915 3984 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:47:02.0962 3984 tssecsrv - ok
11:47:02.0978 3984 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:47:02.0999 3984 TsUsbFlt - ok
11:47:03.0018 3984 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:47:03.0048 3984 TsUsbGD - ok
11:47:03.0075 3984 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:47:03.0120 3984 tunnel - ok
11:47:03.0138 3984 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:47:03.0152 3984 uagp35 - ok
11:47:03.0166 3984 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:47:03.0217 3984 udfs - ok
11:47:03.0239 3984 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:47:03.0270 3984 UI0Detect - ok
11:47:03.0290 3984 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:47:03.0303 3984 uliagpkx - ok
11:47:03.0342 3984 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:47:03.0374 3984 umbus - ok
11:47:03.0404 3984 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:47:03.0429 3984 UmPass - ok
11:47:03.0453 3984 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:47:03.0505 3984 upnphost - ok
11:47:03.0546 3984 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:47:03.0584 3984 usbaudio - ok
11:47:03.0603 3984 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:47:03.0654 3984 usbccgp - ok
11:47:03.0674 3984 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:47:03.0701 3984 usbcir - ok
11:47:03.0705 3984 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:47:03.0731 3984 usbehci - ok
11:47:03.0749 3984 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
11:47:03.0785 3984 usbhub - ok
11:47:03.0805 3984 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:47:03.0830 3984 usbohci - ok
11:47:03.0859 3984 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:47:03.0910 3984 usbprint - ok
11:47:03.0932 3984 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:47:03.0979 3984 USBSTOR - ok
11:47:03.0992 3984 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:47:04.0082 3984 usbuhci - ok
11:47:04.0104 3984 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:47:04.0158 3984 UxSms - ok
11:47:04.0174 3984 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:47:04.0189 3984 VaultSvc - ok
11:47:04.0203 3984 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:47:04.0214 3984 vdrvroot - ok
11:47:04.0239 3984 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:47:04.0292 3984 vds - ok
11:47:04.0323 3984 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:47:04.0337 3984 vga - ok
11:47:04.0340 3984 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:47:04.0373 3984 VgaSave - ok
11:47:04.0388 3984 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:47:04.0406 3984 vhdmp - ok
11:47:04.0415 3984 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:47:04.0427 3984 viaide - ok
11:47:04.0443 3984 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:47:04.0456 3984 volmgr - ok
11:47:04.0476 3984 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:47:04.0495 3984 volmgrx - ok
11:47:04.0511 3984 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:47:04.0528 3984 volsnap - ok
11:47:04.0549 3984 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:47:04.0565 3984 vsmraid - ok
11:47:04.0592 3984 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:47:04.0653 3984 VSS - ok
11:47:04.0671 3984 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:47:04.0702 3984 vwifibus - ok
11:47:04.0732 3984 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:47:04.0789 3984 vwififlt - ok
11:47:04.0832 3984 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:47:04.0889 3984 vwifimp - ok
11:47:04.0918 3984 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:47:04.0954 3984 W32Time - ok
11:47:04.0971 3984 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:47:05.0002 3984 WacomPen - ok
11:47:05.0033 3984 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:47:05.0084 3984 WANARP - ok
11:47:05.0086 3984 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:47:05.0123 3984 Wanarpv6 - ok
11:47:05.0158 3984 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:47:05.0217 3984 wbengine - ok
11:47:05.0225 3984 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:47:05.0245 3984 WbioSrvc - ok
11:47:05.0257 3984 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:47:05.0293 3984 wcncsvc - ok
11:47:05.0310 3984 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:47:05.0325 3984 WcsPlugInService - ok
11:47:05.0332 3984 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:47:05.0343 3984 Wd - ok
11:47:05.0371 3984 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:47:05.0400 3984 Wdf01000 - ok
11:47:05.0413 3984 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:47:05.0503 3984 WdiServiceHost - ok
11:47:05.0509 3984 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:47:05.0526 3984 WdiSystemHost - ok
11:47:05.0536 3984 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:47:05.0578 3984 WebClient - ok
11:47:05.0583 3984 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:47:05.0627 3984 Wecsvc - ok
11:47:05.0649 3984 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:47:05.0714 3984 wercplsupport - ok
11:47:05.0741 3984 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:47:05.0771 3984 WerSvc - ok
11:47:05.0777 3984 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:47:05.0807 3984 WfpLwf - ok
11:47:05.0815 3984 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:47:05.0827 3984 WIMMount - ok
11:47:05.0847 3984 WinDefend - ok
11:47:05.0852 3984 WinHttpAutoProxySvc - ok
11:47:05.0908 3984 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:47:05.0955 3984 Winmgmt - ok
11:47:06.0010 3984 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:47:06.0079 3984 WinRM - ok
11:47:06.0109 3984 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:47:06.0146 3984 Wlansvc - ok
11:47:06.0201 3984 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:47:06.0214 3984 wlcrasvc - ok
11:47:06.0290 3984 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:47:06.0339 3984 wlidsvc - ok
11:47:06.0348 3984 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:47:06.0357 3984 WmiAcpi - ok
11:47:06.0368 3984 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:47:06.0404 3984 wmiApSrv - ok
11:47:06.0419 3984 WMPNetworkSvc - ok
11:47:06.0423 3984 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:47:06.0436 3984 WPCSvc - ok
11:47:06.0444 3984 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:47:06.0462 3984 WPDBusEnum - ok
11:47:06.0479 3984 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:47:06.0511 3984 ws2ifsl - ok
11:47:06.0521 3984 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:47:06.0541 3984 wscsvc - ok
11:47:06.0544 3984 WSearch - ok
11:47:06.0593 3984 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:47:06.0641 3984 wuauserv - ok
11:47:06.0658 3984 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:47:06.0684 3984 WudfPf - ok
11:47:06.0715 3984 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:47:06.0743 3984 WUDFRd - ok
11:47:06.0766 3984 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:47:06.0789 3984 wudfsvc - ok
11:47:06.0806 3984 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:47:06.0828 3984 WwanSvc - ok
11:47:06.0864 3984 X6va008 - ok
11:47:06.0891 3984 X6va009 - ok
11:47:06.0900 3984 X6va011 - ok
11:47:06.0939 3984 ================ Scan global ===============================
11:47:06.0962 3984 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:47:06.0985 3984 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:47:07.0012 3984 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:47:07.0039 3984 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:47:07.0076 3984 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:47:07.0097 3984 [Global] - ok
11:47:07.0098 3984 ================ Scan MBR ==================================
11:47:07.0117 3984 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:47:07.0361 3984 \Device\Harddisk0\DR0 - ok
11:47:07.0361 3984 ================ Scan VBR ==================================
11:47:07.0364 3984 [ 322E5AB444BD9A3195CEC628A6606960 ] \Device\Harddisk0\DR0\Partition1
11:47:07.0365 3984 \Device\Harddisk0\DR0\Partition1 - ok
11:47:07.0366 3984 ============================================================
11:47:07.0366 3984 Scan finished
11:47:07.0366 3984 ============================================================
11:47:07.0377 0824 Detected object count: 1
11:47:07.0377 0824 Actual detected object count: 1
11:47:13.0043 0824 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
11:47:13.0043 0824 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

Alt 07.02.2013, 11:54   #10
markusg
/// Malware-holic
 
Pc spielt verrückt - Standard

Pc spielt verrückt



bitte zitiere mich nicht dauernd ich weis was ich geschrieben hab.
Combofix:
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.02.2013, 12:14   #11
Aligator4820
 
Pc spielt verrückt - Standard

Pc spielt verrückt



Ok ich hab das Programm laufen lassen und dann stand dort in dem Textdokument :
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-07.01 - Samuel 07.02.2013  12:06:33.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8174.6644 [GMT 1:00]
ausgeführt von:: c:\users\Samuel\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\EPLog.txt
c:\users\Samuel\AppData\Local\Tempcheatengine-i386.exe
c:\users\Samuel\AppData\Local\Tempcheatengine-x86_64.exe
c:\users\Samuel\AppData\Roaming\Interop.Shell32.dll
c:\users\Samuel\AppData\Roaming\n.sis
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-07 bis 2013-02-07  ))))))))))))))))))))))))))))))
.
.
2013-02-07 11:10 . 2013-02-07 11:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-07 10:33 . 2013-02-07 10:33	--------	d-----w-	C:\_OTL
2013-02-06 15:16 . 2013-02-06 15:16	--------	d-----w-	c:\programdata\ATI
2013-02-06 15:16 . 2013-02-06 15:16	--------	d-----w-	c:\program files (x86)\AMD AVT
2013-02-06 15:16 . 2013-02-06 15:16	--------	d-----w-	c:\program files (x86)\AMD APP
2013-02-06 15:16 . 2013-02-06 15:16	--------	d-----w-	c:\program files\Common Files\ATI Technologies
2013-02-06 15:16 . 2013-02-06 15:16	--------	d-----w-	c:\program files (x86)\Common Files\ATI Technologies
2013-02-06 15:15 . 2013-02-06 15:15	--------	d-----w-	c:\program files (x86)\ATI Technologies
2013-02-06 15:15 . 2013-02-06 15:16	--------	d-----w-	c:\program files\ATI Technologies
2013-02-02 16:58 . 2013-02-04 17:09	--------	d-----w-	c:\users\Samuel\AppData\Roaming\TP-LINK
2013-02-02 16:57 . 2013-02-02 16:57	--------	d-----w-	c:\program files (x86)\TP-LINK
2013-02-02 16:57 . 2012-05-14 16:41	926824	----a-w-	c:\windows\system32\rtl8192cu.sys
2013-02-02 16:57 . 2012-05-14 16:41	926824	----a-w-	c:\windows\system32\drivers\RTL8192cu.sys
2013-02-02 16:56 . 2013-02-02 16:57	--------	d-----w-	c:\programdata\TP-LINK
2013-02-01 21:10 . 2013-02-01 21:10	--------	d-----w-	c:\users\Samuel\AppData\Local\Oblivion
2013-02-01 20:58 . 2013-02-01 20:58	--------	d-----w-	c:\program files (x86)\Bethesda Softworks
2013-02-01 20:57 . 2005-04-03 22:02	753664	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-02-01 20:57 . 2005-04-03 22:02	69714	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-02-01 20:57 . 2005-04-03 22:01	274432	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-02-01 20:57 . 2005-04-03 22:00	184320	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-02-01 20:57 . 2005-04-03 22:00	63488	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2013-02-01 20:57 . 2005-04-03 21:59	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-02-01 20:57 . 2013-02-01 20:57	331908	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-02-01 20:57 . 2013-02-01 20:57	200836	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-01-26 19:27 . 2013-01-26 19:27	--------	d-----w-	c:\program files (x86)\Belkin
2013-01-26 19:27 . 2009-02-05 01:49	451072	----a-w-	c:\windows\SysWow64\ISSRemoveSP.exe
2013-01-24 17:42 . 2013-01-24 17:42	--------	d-----w-	c:\users\Samuel\AppData\Roaming\Unity
2013-01-24 16:49 . 2013-01-24 16:49	--------	d-----w-	c:\users\Samuel\AppData\Local\Unity
2013-01-16 13:51 . 2013-01-16 13:51	--------	d-----w-	c:\users\Samuel\AppData\Roaming\LibreOffice
2013-01-16 13:13 . 2013-01-16 13:14	--------	d-----w-	c:\program files (x86)\LibreOffice 3.6
2013-01-14 18:44 . 2013-02-06 14:25	--------	d-----w-	c:\users\Samuel\AppData\Roaming\TS3Client
2013-01-12 21:46 . 2013-02-03 09:58	--------	d-----w-	c:\users\Samuel\AppData\Local\HonorbuddyMeshes
2013-01-11 13:20 . 2013-01-11 14:24	--------	d-----w-	c:\users\Samuel\AppData\Local\CrashDumps
2013-01-11 13:20 . 2013-01-11 13:20	--------	d-----w-	c:\program files (x86)\Clownfish
2013-01-09 18:27 . 2012-11-23 03:26	3149824	----a-w-	c:\windows\system32\win32k.sys
2013-01-09 18:23 . 2012-11-09 05:45	750592	----a-w-	c:\windows\system32\win32spl.dll
2013-01-09 18:23 . 2012-11-09 04:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-01-09 18:23 . 2012-11-01 05:43	2002432	----a-w-	c:\windows\system32\msxml6.dll
2013-01-09 18:23 . 2012-11-01 05:43	1882624	----a-w-	c:\windows\system32\msxml3.dll
2013-01-09 18:23 . 2012-11-01 04:47	1389568	----a-w-	c:\windows\SysWow64\msxml6.dll
2013-01-09 18:23 . 2012-11-01 04:47	1236992	----a-w-	c:\windows\SysWow64\msxml3.dll
2013-01-09 18:22 . 2012-11-22 05:44	800768	----a-w-	c:\windows\system32\usp10.dll
2013-01-09 18:22 . 2012-11-22 04:45	626688	----a-w-	c:\windows\SysWow64\usp10.dll
2013-01-09 18:22 . 2012-11-20 05:48	307200	----a-w-	c:\windows\system32\ncrypt.dll
2013-01-09 18:22 . 2012-11-20 04:51	220160	----a-w-	c:\windows\SysWow64\ncrypt.dll
2013-01-09 18:13 . 2012-11-23 03:13	68608	----a-w-	c:\windows\system32\taskhost.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 22:31 . 2012-05-03 17:37	67599240	----a-w-	c:\windows\system32\MRT.exe
2013-01-09 20:09 . 2012-05-03 15:57	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 20:09 . 2012-05-03 15:57	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-28 21:53 . 2012-07-17 07:33	11333	----a-w-	C:\XTrapd11.vxd
2012-12-19 20:50 . 2011-01-26 22:28	5630200	----a-w-	c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:48 . 2012-12-19 20:48	11278336	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2012-12-19 20:29 . 2012-12-19 20:29	23461376	----a-w-	c:\windows\system32\atio6axx.dll
2012-12-19 20:22 . 2012-12-19 20:22	70144	----a-w-	c:\windows\system32\coinst_9.012.dll
2012-12-19 20:19 . 2012-12-19 20:19	163840	----a-w-	c:\windows\system32\atiapfxx.exe
2012-12-19 20:18 . 2012-12-19 20:18	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2012-12-19 20:18 . 2012-12-19 20:18	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2012-12-19 20:17 . 2012-12-19 20:17	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2012-12-19 20:17 . 2012-12-19 20:17	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2012-12-19 20:17 . 2012-12-19 20:17	16082944	----a-w-	c:\windows\system32\aticaldd64.dll
2012-12-19 20:13 . 2012-12-19 20:13	13703168	----a-w-	c:\windows\SysWow64\aticaldd.dll
2012-12-19 20:12 . 2012-12-19 20:12	18982400	----a-w-	c:\windows\SysWow64\atioglxx.dll
2012-12-19 20:09 . 2011-01-26 23:00	960512	----a-w-	c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2011-01-26 22:59	1151488	----a-w-	c:\windows\system32\aticfx64.dll
2012-12-19 20:06 . 2012-12-19 20:06	6681088	----a-w-	c:\windows\SysWow64\atidxx32.dll
2012-12-19 19:59 . 2012-12-19 19:59	5087744	----a-w-	c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-12-19 19:57	442368	----a-w-	c:\windows\system32\atidemgy.dll
2012-12-19 19:56 . 2012-12-19 19:56	550912	----a-w-	c:\windows\system32\atieclxx.exe
2012-12-19 19:56 . 2012-12-19 19:56	240640	----a-w-	c:\windows\system32\atiesrxx.exe
2012-12-19 19:54 . 2012-12-19 19:54	120320	----a-w-	c:\windows\system32\atitmm64.dll
2012-12-19 19:54 . 2012-12-19 19:54	21504	----a-w-	c:\windows\system32\atimuixx.dll
2012-12-19 19:54 . 2012-12-19 19:54	59392	----a-w-	c:\windows\system32\atiedu64.dll
2012-12-19 19:54 . 2012-12-19 19:54	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2012-12-19 19:49 . 2011-01-26 22:40	7370752	----a-w-	c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2011-01-26 22:24	4162048	----a-w-	c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-12-19 19:44	6786560	----a-w-	c:\windows\system32\atiumd64.dll
2012-12-19 19:33 . 2012-12-19 19:33	56320	----a-w-	c:\windows\system32\atimpc64.dll
2012-12-19 19:33 . 2012-12-19 19:33	56320	----a-w-	c:\windows\system32\amdpcom64.dll
2012-12-19 19:33 . 2012-12-19 19:33	619008	----a-w-	c:\windows\system32\atiadlxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	56832	----a-w-	c:\windows\SysWow64\atimpc32.dll
2012-12-19 19:33 . 2012-12-19 19:33	56832	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2012-12-19 19:33 . 2012-12-19 19:33	421888	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2012-12-19 19:33 . 2012-12-19 19:33	17920	----a-w-	c:\windows\system32\atig6pxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	14848	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	14848	----a-w-	c:\windows\system32\atiglpxx.dll
2012-12-19 19:33 . 2012-12-19 19:33	41984	----a-w-	c:\windows\system32\atig6txx.dll
2012-12-19 19:33 . 2012-12-19 19:33	33280	----a-w-	c:\windows\SysWow64\atigktxx.dll
2012-12-19 19:32 . 2012-12-19 19:32	552960	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2012-12-19 19:31 . 2011-01-26 22:12	130048	----a-w-	c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2012-12-19 19:31	109568	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2012-12-19 19:31 . 2012-12-19 19:31	104448	----a-w-	c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2011-01-26 22:12	83968	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2012-12-19 19:30 . 2012-12-19 19:30	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2012-12-19 14:45 . 2012-12-19 14:45	222720	----a-w-	c:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44	76288	----a-w-	c:\windows\system32\OpenVideo64.dll
2012-12-19 14:44 . 2012-12-19 14:44	65536	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44	64000	----a-w-	c:\windows\system32\OVDecode64.dll
2012-12-19 14:44 . 2012-12-19 14:44	56320	----a-w-	c:\windows\SysWow64\OVDecode.dll
2012-12-19 14:44 . 2012-12-19 14:44	34518016	----a-w-	c:\windows\system32\amdocl64.dll
2012-12-19 14:38 . 2012-12-19 14:38	28732928	----a-w-	c:\windows\SysWow64\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34	54784	----a-w-	c:\windows\system32\OpenCL.dll
2012-12-19 14:34 . 2012-12-19 14:34	50176	----a-w-	c:\windows\SysWow64\OpenCL.dll
2012-12-16 17:11 . 2012-12-21 15:33	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 15:33	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 15:33	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 15:33	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-10 10:20 . 2012-12-21 21:46	4456904	----a-w-	c:\windows\system32\mfc110u.dll
2012-11-30 04:45 . 2013-01-09 18:28	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-11-27 13:37 . 2012-11-27 13:37	43680	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2012-11-27 13:37 . 2012-11-27 13:37	314016	----a-w-	c:\windows\system32\drivers\atksgt.sys
2012-11-27 07:52 . 2012-11-27 07:52	595456	----a-w-	c:\windows\SysWow64\tsccvid64.dll
2012-11-27 07:52 . 2012-11-27 07:52	571392	----a-w-	c:\windows\SysWow64\tsccvid.dll
2012-11-26 17:20 . 2012-11-26 17:20	270848	----a-w-	c:\windows\SysWow64\tsc2_codec64.dll
2012-11-26 17:20 . 2012-11-26 17:20	234496	----a-w-	c:\windows\SysWow64\tsc2_codec32.dll
2012-11-24 09:28 . 2012-11-24 09:28	289768	----a-w-	c:\windows\system32\javaws.exe
2012-11-24 09:28 . 2012-11-24 09:28	189416	----a-w-	c:\windows\system32\javaw.exe
2012-11-24 09:28 . 2012-11-24 09:28	188904	----a-w-	c:\windows\system32\java.exe
2012-11-24 09:28 . 2012-11-24 09:28	108008	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2012-11-24 09:28 . 2012-05-13 12:17	916456	----a-w-	c:\windows\system32\deployJava1.dll
2012-11-24 09:28 . 2012-05-13 12:17	1034216	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-11-14 07:06 . 2012-12-13 13:03	17811968	----a-w-	c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-13 13:03	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-13 13:04	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-13 13:04	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-13 13:04	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-13 13:04	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-13 13:04	237056	----a-w-	c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-13 13:04	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-13 13:04	816640	----a-w-	c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-13 13:04	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-13 13:04	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-13 13:04	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-13 13:04	729088	----a-w-	c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-13 13:04	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-13 13:04	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-13 13:04	248320	----a-w-	c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-13 13:04	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-13 13:04	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 13:04	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-13 13:04	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 13:04	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-13 13:04	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Samuel\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"GamingKeyboard"="c:\program files (x86)\SHARKOON Skiller\GameMon.exe" [2012-06-07 1803264]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2013-2-2 841216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 cpuz130;cpuz130;c:\users\Samuel\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-10-11 29696]
R3 netr7364;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-23 648808]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2009-12-01 38992]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2010-11-11 77952]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2010-11-11 37504]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-11-29 3463080]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 GameKB;SHARKOON Skiller;c:\windows\system32\drivers\GameKB.sys [2012-05-11 27648]
S3 RTL8192cu;300Mbps Wireless USB Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys [2012-05-14 926824]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 91550426
*Deregistered* - 91550426
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 17:57	1607120	----a-w-	c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 20:09]
.
2013-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17 21:50]
.
2013-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17 21:50]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=109727&tt=4912_6&babsrc=HP_ss&mntrId=9a3e01ef000000000000940c6d8bcd0e
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Clownfish - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-324662538-853307669-3321460319-1000\Software\SecuROM\License information*]
"datasecu"=hex:1a,e7,14,8c,0d,dd,d0,8b,04,87,dc,fb,d9,bb,77,e2,cc,c8,ee,15,fa,
   d2,a0,ea,10,4e,51,73,58,cb,cb,3f,18,0c,51,81,5a,56,0f,0c,b4,4f,2a,8a,b3,f1,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-07  12:12:33
ComboFix-quarantined-files.txt  2013-02-07 11:12
.
Vor Suchlauf: 16 Verzeichnis(se), 825.070.764.032 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 824.561.070.080 Bytes frei
.
- - End Of File - - 79291800EEC15D2397E32FDF3C7A7F0F
         
--- --- ---

Alt 07.02.2013, 12:50   #12
markusg
/// Malware-holic
 
Pc spielt verrückt - Standard

Pc spielt verrückt



hi
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.02.2013, 14:58   #13
Aligator4820
 
Pc spielt verrückt - Standard

Pc spielt verrückt



Ok hab laufen lassen und das hat eine Infizierte Datei gefunden die hab ich dann gelöscht und in dem Textdokument stand :

Malwarebytes Anti-Malware (Test) 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.02.07.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Samuel :: SAMUEL-PC [Administrator]

Schutz: Aktiviert

07.02.2013 13:12:33
mbam-log-2013-02-07 (13-12-33).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 419242
Laufzeit: 47 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Program Files (x86)\The Binding of Isaac\TDU.exe (Packer.ModifiedUPX) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Alt 07.02.2013, 21:10   #14
markusg
/// Malware-holic
 
Pc spielt verrückt - Standard

Pc spielt verrückt



hi
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.04.2013, 03:29   #15
Aligator4820
 
Pc spielt verrückt - Standard

Pc spielt verrückt



Zitat:
Zitat von markusg Beitrag anzeigen
hi
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
Sorry war eine weile afk ... aber hier :

3DMark06 Futuremark Corporation unbekannt
Adobe AIR Adobe Systems Incorporated unbekannt
Adobe Download Assistant Adobe Systems Incorporated unbekannt
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated unbekannt
Adobe Flash Player 11 Plugin Adobe Systems Incorporated unbekannt
Adobe Help Manager Adobe Systems Incorporated unbekannt
Adobe Widget Browser Adobe Systems Incorporated. unbekannt
Akamai NetSession Interface 10.05.2012 unbekannt
Akamai NetSession Interface Akamai Technologies, Inc unbekannt
AMD Catalyst Install Manager Advanced Micro Devices, Inc. unbekannt
Amnesia - The Dark Descent Frictional Games unbekannt
Assassin's Creed Ubisoft unnötig
Audacity 2.0.2 Audacity Team unbekannt
AutoIt v3.3.8.1 AutoIt Team notwenig
Avira Free Antivirus Avira notwenig
Belkin F7D1102 Surf Wireless Micro USB Adapter unbekannt
BitComet 1.35 64-bit CometNetwork notwenig
BlueStacks App Player BlueStack Systems, Inc. unbekannt
BlueStacks Notification Center BlueStack Systems, Inc. unbekannt
CCleaner Piriform notwenig
Clownfish for Skype unnötig
DC Universe Online Live unnötig
FileZilla Client 3.6.0.2 FileZilla Project notwenig
Fraps (remove only) notwenig
Freemake Video Converter Version 3.0.2 Ellora Assets Corporation unbekannt
Futuremark SystemInfo Futuremark Corporation unbekannt
Garena Plus Garena Online Pte Ltd. notwenig
Garry's Mod Team Garry notwenig
Google Chrome Google Inc. notwenig
Half-Life Dedicated Server Update Tool notwenig
Hotspot Shield 2.88 AnchorFree Inc. unbekannt
Hotspot Shield Toolbar Hotspot Shield unbekannt
Inno Setup Version 5.5.2 jrsoftware.org unbekannt
Java 7 Update 9 (64-bit) Oracle notwenig
League of Legends Riot Games notwenig
LogMeIn Hamachi LogMeIn, Inc. notwenig
LOLReplay www.leaguereplays.com notwenig
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation unbekannt
Microsoft .NET Framework 1.1 Microsoft unbekannt
Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation unbekannt
Microsoft .NET Framework 4.5 Microsoft Corporation unbekannt
Microsoft .NET Framework 4.5 DEU Language Pack Microsoft Corporation unbekannt
Microsoft Games for Windows - LIVE Microsoft Corporation unbekannt
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation unbekannt
Microsoft Help Viewer 1.0 Microsoft Corporation 06.02.2013 unbekannt
Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation unbekannt
Microsoft Office 2010 Microsoft Corporation unbekannt
Microsoft Silverlight Microsoft Corporation unbekannt
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation unbekannt
Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation unbekannt
Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation unbekannt
Microsoft SQL Server Compact 3.5 SP2 x64 DEU Microsoft Corporation unbekannt
Microsoft SQL Server System CLR Types Microsoft Corporation unbekannt
Microsoft Visual Basic 2010 Express - DEU Microsoft Corporation unbekannt
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Corporation unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation unbekannt
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation unbekannt
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Corporation unbekannt
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation unbekannt
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Corporation unbekannt
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Corporation unbekannt
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation unbekannt
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU Microsoft Corporation unbekannt
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation unbekannt
Minecraft Texturepack Editor unnötig
Notepad++ sehr notwenig!
NVIDIA PhysX NVIDIA Corporation unbekannt
Oblivion Bethesda Softworks unbekannt
OpenAL unbekannt
OpenOffice.org 3.4.1 Apache Software Foundation 20.02.2013 unnötig
Paint.NET v3.5.10 dotPDN LLC unnötig
Pando Media Booster Pando Networks Inc. unbekannt
PE Explorer 1.99 R6 Heaventools Software unbekannt
PunkBuster Services Even Balance, Inc. unbekannt
Resource Hacker Version 3.6.0 unbekannt
Risen Deep Silver unbekannt
S4 League_EU unnötig
S4 League_EU unnötig
SciTE4AutoIt3 6/10/2012 notwenig
SHARKOON Skiller notwenig
Skype™ 6.3 Skype Technologies S.A. notwenig
Steam Valve Corporation notwendig
TeamSpeak 3 Client TeamSpeak Systems GmbH notwenig
TeamViewer 8 TeamViewer notwenig
TP-LINK TL-WN821N Driver TP-LINK notwenig
TP-LINK Wireless Configuration Utility TP-LINK notwenig
Tunatic unbekannt
Unity Web Player Unity Technologies ApS unbekannt
Vegas Pro 10.0 Sony notwenig
Virtual Audio Cable 4.10 unbekannt
VirtualDJ Home FREE Atomix Productions unbekannt
Visual Studio 2008 x64 Redistributables AVG Technologies unbekannt
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation unbekannt
Warcraft III Blizzard Entertainment notwenig
Winamp Nullsoft, Inc unbekannt
Winamp Erkennungs-Plug-in Nullsoft, Inc unbekannt
Windows Live Essentials Microsoft Corporation unbekannt
Windows Live Mesh ActiveX control for remote connections Microsoft Corporation unbekannt
WinRAR 4.11 (64-Bit) win.rar GmbH notwenig
µTorrent BitTorrent Inc. 27.03.2013 unnötig

Antwort

Themen zu Pc spielt verrückt
automatisch, avira, einfach, eingebe, explorer, folge, folgendes, hintergrund, interne, internet, internet explorer, laufen, löschen, nervt, neu, nichts, offen, problem, programme, richtig, skype, spiel, verrückt, verschoben, virus, virus ?



Ähnliche Themen: Pc spielt verrückt


  1. Rechner spielt verrückt
    Log-Analyse und Auswertung - 27.09.2012 (5)
  2. Tastatur spielt verrückt !
    Netzwerk und Hardware - 28.10.2011 (5)
  3. Computer spielt verrückt!
    Alles rund um Windows - 10.11.2010 (1)
  4. google spielt verrückt
    Antiviren-, Firewall- und andere Schutzprogramme - 20.04.2010 (3)
  5. PC spielt verrückt
    Plagegeister aller Art und deren Bekämpfung - 25.10.2009 (1)
  6. Maus spielt verrückt
    Log-Analyse und Auswertung - 17.03.2009 (0)
  7. Pc spielt Verrückt.
    Log-Analyse und Auswertung - 21.02.2009 (6)
  8. PC spielt verrückt -.-
    Log-Analyse und Auswertung - 13.01.2009 (1)
  9. internet spielt verrückt
    Mülltonne - 23.08.2008 (0)
  10. IE spielt verrückt
    Mülltonne - 14.11.2007 (0)
  11. iexplore.exe spielt verrückt
    Plagegeister aller Art und deren Bekämpfung - 02.06.2007 (19)
  12. firefox spielt verrückt
    Log-Analyse und Auswertung - 09.06.2006 (3)
  13. Sound spielt verrückt
    Netzwerk und Hardware - 09.04.2006 (2)
  14. Browser spielt verrückt
    Log-Analyse und Auswertung - 09.03.2006 (1)
  15. Virus?PC spielt verrückt...
    Log-Analyse und Auswertung - 04.12.2005 (4)
  16. rad spielt verrückt?
    Alles rund um Windows - 23.03.2005 (4)
  17. ie spielt verrückt
    Plagegeister aller Art und deren Bekämpfung - 27.12.2003 (18)

Zum Thema Pc spielt verrückt - Hallo, Ich habe folgendes Problem : Alle Programme die ich offen habe z.b Skype oder den Internet Explorer werden automatisch nach einer Zeit in den Hintergrund verschoben . Ich hab - Pc spielt verrückt...
Archiv
Du betrachtest: Pc spielt verrückt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.