Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Internet sehr langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 04.04.2012, 14:33   #1
Enigma91
 
Internet sehr langsam - Standard

Internet sehr langsam



Hallo zusammen,

seit ca 2 Tagen ist mein Internet extrem langsam geworden. Alles angefangen hat es als ich auf Youtube ein Video angeschaut habe und plötzlich das Internet komplett weg war. Nach einiger zeit ging es dann wieder jedoch als ich auf Google ging kam eine Meldung das versucht wurde meinen Standartsuchanbieter zu wechseln.

Oft komme ich erst nach gut 2-3 Versuchen auf Seiten und es dauert ewig bis sie laden.

Wäre super wenn mir da jemand helfen kann.

MFG
Enigma91

DDS Log:


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Domse at 14:00:19 on 2012-04-04
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3326.2313 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
uURLSearchHooks: SearchHook Class: {bc86e1ab-eda5-4059-938f-ce307b0c6f0a} - c:\program files\devicevm\browser configuration utility\AddressBarSearch.dll
BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - c:\program files\amd\steadyvideo\SteadyVideo.dll
uRun: [Google Update] "c:\users\domse\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [BCU] "c:\program files\devicevm\browser configuration utility\BCU.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Malwarebytes' Anti-Malware] "d:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\amldev~1.lnk - c:\program files\amd avt\bin\kdbsync.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{EB0C5AE0-A2FA-49C7-B05E-986AF89CEB30} : DhcpNameServer = 192.168.178.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\program files\amd\steadyvideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\program files\amd\steadyvideo\VideoMIMEFilter.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2012-3-15 19496]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-3-15 36000]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-2-15 163328]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-2-14 291840]
R2 AntiVirSchedulerService;Avira Planer;c:\program files\avira\antivir desktop\sched.exe [2012-3-15 86224]
R2 AntiVirService;Avira Echtzeit Scanner;c:\program files\avira\antivir desktop\avguard.exe [2012-3-15 110032]
R2 AODDriver4.1;AODDriver4.1;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-2-1 46720]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-3-15 74640]
R2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\BCUService.exe [2009-10-15 223464]
R2 MBAMService;MBAMService;d:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-15 652360]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2012-3-15 37944]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2012-2-15 9182208]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2012-2-15 264704]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-5 86032]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-15 20464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 StorSvc;Speicherdienst;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-3-16 52224]
.
=============== Created Last 30 ================
.
2012-03-21 16:41:18 -------- d-----w- c:\users\domse\appdata\local\Diagnostics
2012-03-19 13:10:00 159608 ----a-w- c:\windows\system32\mfevtps.exe.b721.deleteme
2012-03-18 17:44:38 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f9eed824-5bbf-4a7c-9a0d-524dd7296269}\offreg.dll
2012-03-17 20:53:16 159608 ----a-w- c:\windows\system32\mfevtps.exe.7dc6.deleteme
2012-03-17 20:02:57 159608 ----a-w- c:\windows\system32\mfevtps.exe.7efa.deleteme
2012-03-17 20:02:29 -------- d-----w- c:\program files\stinger
2012-03-16 18:55:41 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-03-16 16:44:02 -------- d-----w- c:\program files\common files\Blizzard Entertainment
2012-03-16 16:34:57 -------- d-----r- c:\program files\Skype
2012-03-16 15:41:42 -------- d-----w- c:\users\domse\appdata\local\SWTOR
2012-03-16 14:50:14 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-16 14:50:14 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-16 14:29:42 -------- d-----w- c:\windows\system32\SPReview
2012-03-16 14:29:10 -------- d-----w- c:\windows\system32\EventProviders
2012-03-16 14:27:07 1130824 ----a-w- c:\windows\system32\dfshim.dll
2012-03-16 14:27:04 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-03-16 14:27:04 3215872 ----a-w- c:\windows\system32\mstscax.dll
2012-03-16 14:27:04 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-03-16 14:27:02 954752 ----a-w- c:\windows\system32\mfc40.dll
2012-03-16 14:27:02 954288 ----a-w- c:\windows\system32\mfc40u.dll
2012-03-16 14:27:02 1171456 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-16 14:27:01 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2012-03-16 14:27:01 1159168 ----a-w- c:\windows\system32\sysmain.dll
2012-03-16 14:27:00 428032 ----a-w- c:\windows\system32\secproc.dll
2012-03-16 14:27:00 327168 ----a-w- c:\windows\system32\RMActivate_isv.exe
2012-03-16 14:25:55 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2012-03-16 14:25:55 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2012-03-16 14:03:42 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-03-16 14:03:39 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f9eed824-5bbf-4a7c-9a0d-524dd7296269}\mpengine.dll
2012-03-15 18:06:37 293376 ----a-w- c:\windows\system32\browserchoice.exe
2012-03-15 18:03:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-03-15 18:02:59 534528 ----a-w- c:\windows\system32\EncDec.dll
2012-03-15 17:56:55 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2012-03-15 17:56:55 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-03-15 17:56:55 107520 ----a-w- c:\windows\system32\cdd.dll
2012-03-15 17:20:06 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-03-15 17:07:51 -------- d-----w- c:\users\domse\appdata\local\AMD
2012-03-15 17:07:48 -------- d-----w- c:\users\domse\appdata\roaming\Avira
2012-03-15 17:07:44 -------- d-----w- c:\users\domse\appdata\local\ATI
2012-03-15 17:07:36 -------- d-----w- c:\users\domse\appdata\roaming\Malwarebytes
2012-03-15 17:07:31 -------- d-----w- c:\programdata\Malwarebytes
2012-03-15 17:07:30 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-15 17:01:46 0 ----a-w- c:\windows\ativpsrm.bin
2012-03-15 17:01:01 -------- d-----w- c:\windows\system32\wbem\en-US
2012-03-15 16:59:34 -------- d-----w- c:\users\domse\appdata\local\Google
2012-03-15 16:58:47 -------- d-----w- c:\users\domse\appdata\local\Deployment
2012-03-15 16:58:47 -------- d-----w- c:\users\domse\appdata\local\Apps
2012-03-15 16:55:01 -------- d-----w- c:\program files\AMD AVT
2012-03-15 16:55:00 -------- d-----w- c:\program files\AMD
2012-03-15 16:54:58 -------- d-----w- c:\program files\AMD APP
2012-03-15 16:54:54 -------- d-----w- c:\program files\common files\ATI Technologies
2012-03-15 16:54:21 -------- d-----w- c:\programdata\AMD
2012-03-15 16:54:17 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2012-03-15 16:53:47 -------- d-----w- c:\program files\ATI Technologies
2012-03-15 16:53:45 -------- d-----w- c:\program files\ATI
2012-03-15 16:53:17 -------- d-----w- C:\AMD
2012-03-15 16:51:24 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-03-15 16:51:24 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-03-15 16:51:24 -------- d-----w- c:\programdata\Avira
2012-03-15 16:51:24 -------- d-----w- c:\program files\Avira
2012-03-15 16:49:53 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-15 16:49:49 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-15 16:49:49 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-15 16:49:49 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys
2012-03-15 16:49:49 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-15 15:35:57 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2012-03-15 14:52:04 -------- d-----w- c:\program files\common files\BioWare
2012-03-15 14:45:09 372840 ----a-w- c:\windows\system32\nvraiins.dll
2012-03-15 14:34:58 -------- d-----w- c:\windows\system32\RTCOM
2012-03-15 14:33:53 -------- d--h--w- c:\program files\DeviceVM
2012-03-15 14:33:50 -------- d-sh--w- c:\windows\Installer
2012-03-15 14:33:27 -------- d-----w- c:\windows\system32\wbem\Performance
2012-03-15 14:23:57 -------- d-----w- c:\windows\Panther
.
==================== Find3M ====================
.
2012-03-16 14:39:35 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-02-15 03:47:12 9182208 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-02-15 03:18:56 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-02-15 03:18:40 791040 ----a-w- c:\windows\system32\aticfx32.dll
2012-02-15 03:13:56 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-02-15 03:13:20 405504 ----a-w- c:\windows\system32\atieclxx.exe
2012-02-15 03:12:48 163328 ----a-w- c:\windows\system32\atiesrxx.exe
2012-02-15 03:11:34 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2012-02-15 03:10:58 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-02-15 03:10:48 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-02-15 03:07:44 6200320 ----a-w- c:\windows\system32\atidxx32.dll
2012-02-15 02:58:56 19392000 ----a-w- c:\windows\system32\atioglxx.dll
2012-02-15 02:40:54 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2012-02-15 02:34:54 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-02-15 02:34:44 44032 ----a-w- c:\windows\system32\aticalcl.dll
2012-02-15 02:34:36 5954048 ----a-w- c:\windows\system32\atiumdag.dll
2012-02-15 02:29:52 5062656 ----a-w- c:\windows\system32\atiumdva.dll
2012-02-15 02:29:50 11561984 ----a-w- c:\windows\system32\aticaldd.dll
2012-02-15 02:16:34 51200 ----a-w- c:\windows\system32\coinst.dll
2012-02-15 02:13:48 356352 ----a-w- c:\windows\system32\atiadlxx.dll
2012-02-15 02:13:32 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2012-02-15 02:13:20 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-02-15 02:12:48 264704 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-02-15 02:12:14 33280 ----a-w- c:\windows\system32\atiuxpag.dll
2012-02-15 02:12:00 30208 ----a-w- c:\windows\system32\atiu9pag.dll
2012-02-15 02:11:22 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-02-15 02:11:10 53760 ----a-w- c:\windows\system32\atimpc32.dll
2012-02-15 02:11:10 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2012-02-14 21:05:26 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2012-02-14 21:05:16 54784 ----a-w- c:\windows\system32\OVDecode.dll
2012-02-14 21:04:26 13238272 ----a-w- c:\windows\system32\amdocl.dll
2012-02-14 21:03:38 48128 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-10 05:38:43 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-02-03 03:54:27 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 05:00:24 16896 ----a-w- c:\windows\system32\kdbsdk32.dll
.
============= FINISH: 14:01:01,72 ===============




Attach und GMER Logs sind als Anhang
Angehängte Dateien
Dateityp: zip Desktop.zip (2,4 KB, 44x aufgerufen)

Alt 04.04.2012, 16:28   #2
markusg
/// Malware-holic
 
Internet sehr langsam - Standard

Internet sehr langsam



hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 04.04.2012, 20:42   #3
Enigma91
 
Internet sehr langsam - Standard

Internet sehr langsam



Hi, erstmal danke für die schnelle Antwort

Hier die Logs

OTL LogOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.04.2012 20:33:20 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\Domse\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 73,46% Memory free
6,50 Gb Paging File | 5,51 Gb Available in Paging File | 84,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 244,04 Gb Total Space | 218,69 Gb Free Space | 89,61% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 644,15 Gb Free Space | 93,71% Space Free | Partition Type: NTFS
 
Computer Name: DOMSE-PC | User Name: Domse | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.04.04 20:31:24 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Domse\Desktop\OTL.exe
PRC - [2012.02.15 05:13:20 | 000,405,504 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.02.15 05:12:48 | 000,163,328 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.02.14 23:15:30 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012.01.31 09:56:34 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.31 09:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.01.13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 15:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.10.15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.15 15:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.03.16 17:17:53 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012.03.16 17:17:34 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012.03.16 17:17:29 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012.03.16 17:17:12 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012.03.16 17:17:07 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.06.27 11:11:12 | 000,503,202 | ---- | M] () -- C:\Programme\DeviceVM\Browser Configuration Utility\sqlite3.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.02.29 09:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.15 05:12:48 | 000,163,328 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.02.14 23:15:30 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.01.31 09:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.31 09:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.01.13 15:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009.10.15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.02.15 05:47:12 | 009,182,208 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.02.15 04:12:48 | 000,264,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.02.01 15:18:10 | 000,046,720 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012.01.31 09:56:33 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.01.31 09:56:33 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.12.10 16:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.12.05 21:47:16 | 000,086,032 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.12 13:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010.04.27 12:56:44 | 000,019,496 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010.04.08 20:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2010.02.18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 B2 B5 62 CB 02 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Programme\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {B7673C19-D763-40ca-87B4-61990C935DC4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{703D65E0-ED20-4917-BF62-7DB0F8471BA7}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
IE - HKCU\..\SearchScopes\{B7673C19-D763-40ca-87B4-61990C935DC4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKCU\..\SearchScopes\{EC51E516-2BC7-4246-87AD-3FC92FFF91AF}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Domse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Domse\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Domse\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Domse\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Domse\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Domse\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: WOT = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.2.12_0\
CHR - Extension: YouTube = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google-Suche = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Domse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB0C5AE0-A2FA-49C7-B05E-986AF89CEB30}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.04.04 20:31:22 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Domse\Desktop\OTL.exe
[2012.04.04 01:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.04.04 01:42:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.04.04 01:41:02 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Domse\Desktop\dds.com
[2012.03.21 18:41:18 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Diagnostics
[2012.03.19 15:10:00 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.b721.deleteme
[2012.03.17 22:53:16 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.7dc6.deleteme
[2012.03.17 22:02:57 | 000,159,608 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.7efa.deleteme
[2012.03.17 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012.03.16 20:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012.03.16 18:44:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012.03.16 18:35:07 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Skype
[2012.03.16 18:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.03.16 18:34:57 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.03.16 18:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.03.16 18:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.03.16 17:41:42 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\SWTOR
[2012.03.16 17:41:42 | 000,000,000 | ---D | C] -- C:\Users\Domse\Documents\HeroBlade Logs
[2012.03.16 16:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.03.16 16:29:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012.03.16 16:29:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.03.16 16:26:24 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012.03.15 19:07:51 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\AMD
[2012.03.15 19:07:48 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Avira
[2012.03.15 19:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012.03.15 19:07:44 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\ATI
[2012.03.15 19:07:44 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\ATI
[2012.03.15 19:07:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.03.15 19:07:36 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Malwarebytes
[2012.03.15 19:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.15 19:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.15 19:07:30 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.03.15 19:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.03.15 19:04:01 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Macromedia
[2012.03.15 19:04:01 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Adobe
[2012.03.15 19:00:06 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.03.15 18:59:34 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Google
[2012.03.15 18:58:47 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Deployment
[2012.03.15 18:58:47 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Apps
[2012.03.15 18:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT
[2012.03.15 18:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2012.03.15 18:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012.03.15 18:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012.03.15 18:54:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012.03.15 18:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012.03.15 18:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012.03.15 18:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012.03.15 18:53:17 | 000,000,000 | ---D | C] -- C:\AMD
[2012.03.15 18:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.03.15 18:51:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.03.15 18:51:24 | 000,137,416 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.03.15 18:51:24 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.03.15 18:51:24 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.03.15 18:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.03.15 18:51:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.03.15 17:35:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2012.03.15 16:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2012.03.15 16:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2012.03.15 16:46:45 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2012.03.15 16:34:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012.03.15 16:34:50 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012.03.15 16:34:49 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012.03.15 16:34:49 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012.03.15 16:34:49 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012.03.15 16:34:49 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012.03.15 16:34:41 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012.03.15 16:34:41 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012.03.15 16:34:41 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012.03.15 16:34:41 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012.03.15 16:34:41 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012.03.15 16:34:41 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012.03.15 16:34:40 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012.03.15 16:34:39 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012.03.15 16:34:39 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012.03.15 16:34:36 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012.03.15 16:34:33 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012.03.15 16:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.03.15 16:34:32 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012.03.15 16:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012.03.15 16:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.03.15 16:33:53 | 000,000,000 | -H-D | C] -- C:\Program Files\DeviceVM
[2012.03.15 16:33:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.03.15 16:30:26 | 000,000,000 | R--D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.03.15 16:30:26 | 000,000,000 | R--D | C] -- C:\Users\Domse\Searches
[2012.03.15 16:30:26 | 000,000,000 | R--D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.03.15 16:30:19 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Identities
[2012.03.15 16:30:18 | 000,000,000 | R--D | C] -- C:\Users\Domse\Contacts
[2012.03.15 16:30:12 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\VirtualStore
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Vorlagen
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\AppData\Local\Verlauf
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\AppData\Local\Temporary Internet Files
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Startmenü
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\SendTo
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Recent
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Netzwerkumgebung
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Lokale Einstellungen
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Documents\Eigene Videos
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Documents\Eigene Musik
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Eigene Dateien
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Documents\Eigene Bilder
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Druckumgebung
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Cookies
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\AppData\Local\Anwendungsdaten
[2012.03.15 16:30:10 | 000,000,000 | -HSD | C] -- C:\Users\Domse\Anwendungsdaten
[2012.03.15 16:30:09 | 000,000,000 | --SD | C] -- C:\Users\Domse\AppData\Roaming\Microsoft
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Videos
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Saved Games
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Pictures
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Music
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Links
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Favorites
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Downloads
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Documents
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\Desktop
[2012.03.15 16:30:09 | 000,000,000 | R--D | C] -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.03.15 16:30:09 | 000,000,000 | -H-D | C] -- C:\Users\Domse\AppData
[2012.03.15 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Temp
[2012.03.15 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Local\Microsoft
[2012.03.15 16:30:09 | 000,000,000 | ---D | C] -- C:\Users\Domse\AppData\Roaming\Media Center Programs
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.03.15 16:30:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.03.15 16:30:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.03.15 16:24:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.03.15 16:24:25 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.03.15 16:23:57 | 000,000,000 | ---D | C] -- C:\Windows\Panther
 
========== Files - Modified Within 30 Days ==========
 
[2012.04.04 20:35:20 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.04 20:35:20 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.04 20:32:26 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.04 20:32:26 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.04 20:32:26 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.04 20:32:26 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.04 20:31:24 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Domse\Desktop\OTL.exe
[2012.04.04 20:28:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.04 20:27:59 | 2616,037,376 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.04 14:28:01 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000UA.job
[2012.04.04 14:24:19 | 000,002,442 | ---- | M] () -- C:\Users\Domse\Desktop\Desktop.zip
[2012.04.04 13:59:41 | 000,000,000 | ---- | M] () -- C:\Users\Domse\defogger_reenable
[2012.04.04 01:44:54 | 000,302,592 | ---- | M] () -- C:\Users\Domse\Desktop\1psdcsm3.exe
[2012.04.04 01:42:55 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.04.04 01:41:08 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Domse\Desktop\dds.com
[2012.04.04 01:39:15 | 000,050,477 | ---- | M] () -- C:\Users\Domse\Desktop\Defogger.exe
[2012.04.04 00:39:33 | 000,002,574 | ---- | M] () -- C:\Users\Domse\Documents\cc_20120404_003930.reg
[2012.04.03 23:10:24 | 000,000,657 | ---- | M] () -- C:\Users\Domse\Desktop\World of Warcraft.lnk
[2012.04.03 22:29:35 | 000,002,397 | ---- | M] () -- C:\Users\Domse\Desktop\Google Chrome.lnk
[2012.04.03 13:28:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000Core.job
[2012.04.02 16:20:37 | 000,008,490 | ---- | M] () -- C:\Users\Domse\Documents\cc_20120402_162034.reg
[2012.03.22 17:49:15 | 000,003,110 | ---- | M] () -- C:\Users\Domse\Documents\cc_20120322_164912.reg
[2012.03.19 15:09:58 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.b721.deleteme
[2012.03.18 19:50:04 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.03.17 22:53:14 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.7dc6.deleteme
[2012.03.17 22:02:54 | 000,159,608 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe.7efa.deleteme
[2012.03.16 18:34:58 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.03.16 17:40:34 | 000,006,486 | ---- | M] () -- C:\Users\Domse\Documents\cc_20120316_164032.reg
[2012.03.16 16:55:26 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.15 19:07:31 | 000,000,756 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.15 19:04:36 | 000,000,682 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.15 19:01:46 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012.03.15 18:55:02 | 000,002,005 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AML Device Install.lnk
[2012.03.15 18:51:34 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.03.15 18:50:14 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.03.15 17:35:43 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012.03.15 16:46:19 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2012.03.15 16:27:19 | 000,057,035 | ---- | M] () -- C:\Windows\System32\license.rtf
 
========== Files Created - No Company Name ==========
 
[2012.04.04 14:24:19 | 000,002,442 | ---- | C] () -- C:\Users\Domse\Desktop\Desktop.zip
[2012.04.04 13:59:41 | 000,000,000 | ---- | C] () -- C:\Users\Domse\defogger_reenable
[2012.04.04 01:44:51 | 000,302,592 | ---- | C] () -- C:\Users\Domse\Desktop\1psdcsm3.exe
[2012.04.04 01:39:14 | 000,050,477 | ---- | C] () -- C:\Users\Domse\Desktop\Defogger.exe
[2012.04.04 00:39:32 | 000,002,574 | ---- | C] () -- C:\Users\Domse\Documents\cc_20120404_003930.reg
[2012.04.02 16:20:36 | 000,008,490 | ---- | C] () -- C:\Users\Domse\Documents\cc_20120402_162034.reg
[2012.03.22 17:49:14 | 000,003,110 | ---- | C] () -- C:\Users\Domse\Documents\cc_20120322_164912.reg
[2012.03.19 22:29:50 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012.03.18 19:50:04 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.03.16 18:38:35 | 000,000,657 | ---- | C] () -- C:\Users\Domse\Desktop\World of Warcraft.lnk
[2012.03.16 18:34:58 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.03.16 17:40:33 | 000,006,486 | ---- | C] () -- C:\Users\Domse\Documents\cc_20120316_164032.reg
[2012.03.16 16:26:54 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012.03.16 16:26:16 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.03.16 16:26:12 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012.03.16 16:26:08 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012.03.15 19:07:31 | 000,000,756 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.15 19:04:36 | 000,000,682 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.15 19:01:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.15 19:00:06 | 000,002,397 | ---- | C] () -- C:\Users\Domse\Desktop\Google Chrome.lnk
[2012.03.15 18:59:35 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000UA.job
[2012.03.15 18:59:34 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000Core.job
[2012.03.15 18:55:02 | 000,002,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AML Device Install.lnk
[2012.03.15 18:51:34 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.03.15 18:50:14 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.03.15 17:35:43 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
[2012.03.15 16:46:45 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2012.03.15 16:46:45 | 000,019,496 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2012.03.15 16:34:09 | 000,010,084 | R--- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012.03.15 16:33:57 | 000,001,204 | ---- | C] () -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
[2012.03.15 16:33:28 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.03.15 16:30:28 | 000,001,409 | ---- | C] () -- C:\Users\Domse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.03.15 16:27:12 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.03.15 16:27:04 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.03.15 16:24:26 | 2616,037,376 | -HS- | C] () -- C:\hiberfil.sys
[2012.02.15 04:28:34 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.02.15 04:28:32 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.02.14 23:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.01.10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
 
========== LOP Check ==========
 
[2009.07.14 06:53:46 | 000,013,984 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.03.15 16:30:18 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.03.15 18:53:17 | 000,000,000 | ---D | M] -- C:\AMD
[2012.04.04 13:54:14 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.03.15 16:30:03 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.04.04 13:54:26 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.03.16 20:55:41 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.03.15 16:30:03 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.03.15 16:30:03 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.04.04 20:34:24 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.03.15 16:30:09 | 000,000,000 | R--D | M] -- C:\Users
[2012.04.04 13:54:23 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2010.04.08 20:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\drivers\nvstor32.sys
[2010.04.08 20:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_42c5f57853db3f80\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2012.02.15 05:13:56 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
 
< %USERPROFILE%\*.* >
[2012.04.04 13:59:41 | 000,000,000 | ---- | M] () -- C:\Users\Domse\defogger_reenable
[2012.04.04 20:34:24 | 000,786,432 | -HS- | M] () -- C:\Users\Domse\NTUSER.DAT
[2012.04.04 20:34:25 | 000,262,144 | -HS- | M] () -- C:\Users\Domse\ntuser.dat.LOG1
[2012.03.15 16:30:09 | 000,000,000 | -HS- | M] () -- C:\Users\Domse\ntuser.dat.LOG2
[2012.03.15 16:35:07 | 000,065,536 | -HS- | M] () -- C:\Users\Domse\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012.03.15 16:35:07 | 000,524,288 | -HS- | M] () -- C:\Users\Domse\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012.03.15 16:35:07 | 000,524,288 | -HS- | M] () -- C:\Users\Domse\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012.03.15 16:30:10 | 000,000,020 | -HS- | M] () -- C:\Users\Domse\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---


Extras LogOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.04.2012 20:33:20 - Run 1
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\Domse\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,39 Gb Available Physical Memory | 73,46% Memory free
6,50 Gb Paging File | 5,51 Gb Available in Paging File | 84,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 244,04 Gb Total Space | 218,69 Gb Free Space | 89,61% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 644,15 Gb Free Space | 93,71% Space Free | Partition Type: NTFS
 
Computer Name: DOMSE-PC | User Name: Domse | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{030C0401-52A9-BE86-D8A7-52C0DA203275}" = CCC Help Swedish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{283153BB-CEE6-EE9C-81E8-4350D73354BA}" = CCC Help Turkish
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{39445575-7D3A-52AA-152B-7F9423D1AE69}" = CCC Help German
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C9A3282-9DAE-F492-13F4-6D4D664AC15F}" = CCC Help Spanish
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0427.1
"{4F198874-3C7D-5983-02EB-9E234C43F174}" = AMD Steady Video Plug-In 
"{5236FA8C-4B70-E30E-93EF-F7D3A5E468C7}" = CCC Help Greek
"{586F0E27-0BC5-34DE-AA0B-96D14397910E}" = CCC Help Russian
"{5AF7EA0B-F009-CC00-E446-C2286AF80471}" = CCC Help Czech
"{5FC116F2-4508-A6FC-15FB-C64F05AB0F26}" = CCC Help Chinese Traditional
"{685ACA56-004C-4F80-2BC0-951BF278C03F}" = CCC Help Chinese Standard
"{6D1AFFC2-AC60-BC3B-2DC9-0D80A1E9CB16}" = CCC Help Thai
"{79CFDE3C-4602-85B2-ACF6-83D897B8B33A}" = CCC Help Korean
"{8972B1C8-B899-0AA0-8596-BFC9AE3311F1}" = CCC Help Finnish
"{92BE4E1B-AEFD-DA72-B805-948290A4BB13}" = CCC Help Hungarian
"{943B2619-0E00-E9F1-73E3-03090965484E}" = AMD Media Foundation Decoders
"{9526B61A-1C35-96D1-531B-C8DB1D36C336}" = CCC Help Danish
"{9A295F81-04C8-FB18-2D1C-A33AA8A442CA}" = CCC Help French
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DB7A055-0C66-C319-9613-CACDC50DDB38}" = ccc-utility
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}" = Browser Configuration Utility
"{A994E9F7-A748-FFB1-01C2-9D64ADE870B4}" = AMD Accelerated Video Transcoding
"{B3C8C8EF-77E0-1C0D-1CFA-A39E2E898311}" = CCC Help Italian
"{B5AD9952-F716-9862-7ED7-734E0328CF7C}" = AMD VISION Engine Control Center
"{C0E69600-E8D1-784D-829C-788D91D65051}" = CCC Help Polish
"{C37B1C57-DD9B-D1E0-B933-8EA8D56E2222}" = CCC Help Norwegian
"{C4100721-2D71-CC80-8877-0A7855B6EEFB}" = AMD Catalyst Install Manager
"{CA3A3F20-566B-ABB1-A541-3D93C0D09EE5}" = CCC Help Japanese
"{CBAE26C1-B3B1-66FC-81A0-FA1774CF2B20}" = AMD Fuel
"{D4C4485B-16EB-31A8-C2DE-D778E8E4628B}" = Catalyst Control Center Localization All
"{DAF650C8-AFE5-3460-E1C4-B9716D2DA5D2}" = Catalyst Control Center InstallProxy
"{E0C6F271-FE15-B2D5-FF42-BCA40700DC51}" = CCC Help English
"{E1D0A4DC-97BD-CE37-3E89-87D3337E55CA}" = CCC Help Dutch
"{E6FA341F-8840-6B18-5BCE-C7CCEBDFE516}" = Catalyst Control Center Graphics Previews Common
"{ED15763E-A6ED-56D2-B0B5-C7D22D4CE248}" = CCC Help Portuguese
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46AB543-90D1-86D7-99EE-4F94C1D206C8}" = AMD Drag and Drop Transcoding
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"7-Zip" = 7-Zip 9.20
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 15.03.2012 10:46:38 | Computer Name = Domse-PC | Source = VSS | ID = 8194
Description = 
 
Error - 15.03.2012 11:35:46 | Computer Name = Domse-PC | Source = VSS | ID = 8194
Description = 
 
Error - 16.03.2012 10:50:50 | Computer Name = Domse-PC | Source = ESENT | ID = 215
Description = WinMail (3760) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 16.03.2012 11:00:56 | Computer Name = Domse-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description = 
 
Error - 21.03.2012 15:20:07 | Computer Name = Domse-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
 security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\microsoft security client\MSESysprep.dll" in Zeile 10.  Das imaging-Element
 wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
 angezeigt, das von dieser Windows-Version nicht unterstützt wird.
 
Error - 26.03.2012 10:01:00 | Computer Name = Domse-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
 security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\microsoft security client\MSESysprep.dll" in Zeile 10.  Das imaging-Element
 wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
 angezeigt, das von dieser Windows-Version nicht unterstützt wird.
 
Error - 03.04.2012 06:36:22 | Computer Name = Domse-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
 security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\microsoft security client\MSESysprep.dll" in Zeile 10.  Das imaging-Element
 wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
 angezeigt, das von dieser Windows-Version nicht unterstützt wird.
 
[ System Events ]
Error - 15.03.2012 14:17:55 | Computer Name = Domse-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler 
beendet:   %%16405
 
Error - 28.03.2012 08:27:49 | Computer Name = Domse-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von 
der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte
 Firmware verfügbar ist.
 
Error - 28.03.2012 08:56:12 | Computer Name = Domse-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst Netman erreicht.
 
Error - 28.03.2012 08:56:12 | Computer Name = Domse-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 03.04.2012 06:10:49 | Computer Name = Domse-PC | Source = Microsoft Antimalware | ID = 2001
Description = 
 
Error - 04.04.2012 08:09:19 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy1" den Befehl "chkdsk" aus.
 
Error - 04.04.2012 08:09:19 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy2" den Befehl "chkdsk" aus.
 
Error - 04.04.2012 08:09:20 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy5" den Befehl "chkdsk" aus.
 
Error - 04.04.2012 08:09:21 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy9" den Befehl "chkdsk" aus.
 
Error - 04.04.2012 08:09:23 | Computer Name = Domse-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy10" den Befehl "chkdsk" aus.
 
 
< End of report >
         
--- --- ---
__________________

Alt 04.04.2012, 20:49   #4
markusg
/// Malware-holic
 
Internet sehr langsam - Standard

Internet sehr langsam



öffne malwarebytes, logdateien, poste alle berichte.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.04.2012, 21:11   #5
Enigma91
 
Internet sehr langsam - Standard

Internet sehr langsam



Combofix Logfile:
Code:
ATTFilter
ComboFix 12-04-04.02 - Domse 04.04.2012  20:56:40.1.4 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.3326.2307 [GMT 2:00]
ausgeführt von:: c:\users\Domse\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-04 bis 2012-04-04  ))))))))))))))))))))))))))))))
.
.
2012-04-04 18:59 . 2012-04-04 18:59	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-04 14:49 . 2012-03-14 02:15	6582328	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{65BDE6F3-B127-4416-A41D-6D0E8757DE03}\mpengine.dll
2012-03-19 13:10 . 2012-03-19 13:09	159608	----a-w-	c:\windows\system32\mfevtps.exe.b721.deleteme
2012-03-17 20:53 . 2012-03-17 20:53	159608	----a-w-	c:\windows\system32\mfevtps.exe.7dc6.deleteme
2012-03-17 20:02 . 2012-03-17 20:02	159608	----a-w-	c:\windows\system32\mfevtps.exe.7efa.deleteme
2012-03-17 20:02 . 2012-04-03 23:47	--------	d-----w-	c:\program files\stinger
2012-03-16 18:55 . 2012-03-16 18:55	--------	d-----w-	c:\programdata\Blizzard Entertainment
2012-03-16 16:44 . 2012-03-16 16:44	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2012-03-16 16:34 . 2012-03-16 16:34	--------	d-----r-	c:\program files\Skype
2012-03-16 16:34 . 2012-03-16 16:34	--------	d-----w-	c:\program files\Common Files\Skype
2012-03-16 16:34 . 2012-03-16 16:34	--------	d-----w-	c:\programdata\Skype
2012-03-16 14:58 . 2012-03-16 14:58	--------	d-----w-	c:\program files\Microsoft.NET
2012-03-16 14:50 . 2012-01-25 05:32	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-16 14:50 . 2012-01-25 05:32	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-16 14:29 . 2012-03-16 14:29	--------	d-----w-	c:\windows\system32\SPReview
2012-03-16 14:29 . 2012-03-16 14:29	--------	d-----w-	c:\windows\system32\EventProviders
2012-03-16 14:27 . 2010-11-05 01:58	1130824	----a-w-	c:\windows\system32\dfshim.dll
2012-03-16 14:27 . 2010-11-20 12:21	11776	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-03-16 14:27 . 2010-11-20 12:19	3215872	----a-w-	c:\windows\system32\mstscax.dll
2012-03-16 14:27 . 2010-11-20 10:24	52224	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2012-03-16 14:27 . 2010-11-20 12:19	954752	----a-w-	c:\windows\system32\mfc40.dll
2012-03-16 14:27 . 2010-11-20 12:19	954288	----a-w-	c:\windows\system32\mfc40u.dll
2012-03-16 14:27 . 2010-11-20 12:18	1171456	----a-w-	c:\windows\system32\d3d10warp.dll
2012-03-16 14:27 . 2010-11-20 12:21	1159168	----a-w-	c:\windows\system32\sysmain.dll
2012-03-16 14:27 . 2010-11-20 12:21	423936	----a-w-	c:\windows\system32\secproc_isv.dll
2012-03-16 14:27 . 2010-11-20 12:20	428032	----a-w-	c:\windows\system32\secproc.dll
2012-03-16 14:27 . 2010-11-20 12:17	327168	----a-w-	c:\windows\system32\RMActivate_isv.exe
2012-03-16 14:25 . 2010-11-20 12:21	363008	----a-w-	c:\windows\system32\wbemcomn.dll
2012-03-16 14:25 . 2010-11-20 12:19	606208	----a-w-	c:\windows\system32\wbem\fastprox.dll
2012-03-15 18:06 . 2010-02-11 07:10	293376	----a-w-	c:\windows\system32\browserchoice.exe
2012-03-15 18:03 . 2011-07-16 04:15	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-03-15 18:02 . 2011-10-15 05:38	534528	----a-w-	c:\windows\system32\EncDec.dll
2012-03-15 17:56 . 2011-02-03 05:54	219008	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2012-03-15 17:56 . 2010-11-20 12:29	728448	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2012-03-15 17:56 . 2010-11-20 11:56	107520	----a-w-	c:\windows\system32\cdd.dll
2012-03-15 17:20 . 2012-02-23 07:18	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-03-15 17:07 . 2012-04-04 11:54	--------	d-----w-	c:\programdata\McAfee
2012-03-15 17:07 . 2012-03-15 17:07	--------	d-----w-	c:\programdata\ATI
2012-03-15 17:07 . 2012-03-15 17:07	--------	d-----w-	c:\programdata\Malwarebytes
2012-03-15 17:07 . 2011-12-10 14:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-15 17:01 . 2012-03-15 17:01	0	----a-w-	c:\windows\ativpsrm.bin
2012-03-15 17:01 . 2012-03-15 17:01	--------	d-----w-	c:\windows\system32\wbem\en-US
2012-03-15 16:55 . 2012-03-15 16:55	--------	d-----w-	c:\program files\AMD AVT
2012-03-15 16:55 . 2012-03-15 16:55	--------	d-----w-	c:\program files\AMD
2012-03-15 16:54 . 2012-03-15 16:54	--------	d-----w-	c:\program files\AMD APP
2012-03-15 16:54 . 2012-03-15 16:54	--------	d-----w-	c:\program files\Common Files\ATI Technologies
2012-03-15 16:54 . 2012-03-15 16:55	--------	d-----w-	c:\programdata\AMD
2012-03-15 16:54 . 2010-02-18 08:18	37944	----a-w-	c:\windows\system32\drivers\amdiox86.sys
2012-03-15 16:53 . 2012-03-15 16:54	--------	d-----w-	c:\program files\ATI Technologies
2012-03-15 16:53 . 2012-03-15 16:53	--------	d-----w-	c:\program files\ATI
2012-03-15 16:53 . 2012-03-15 16:53	--------	d-----w-	C:\AMD
2012-03-15 16:51 . 2012-03-15 16:51	--------	d-----w-	c:\programdata\Avira
2012-03-15 16:51 . 2012-03-15 16:51	--------	d-----w-	c:\program files\Avira
2012-03-15 16:51 . 2012-01-31 07:56	74640	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-03-15 16:51 . 2012-01-31 07:56	137416	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-03-15 16:51 . 2011-09-16 15:08	36000	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-03-15 16:49 . 2012-01-25 05:27	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-15 16:49 . 2012-02-17 05:34	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-15 16:49 . 2012-02-17 04:14	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-15 16:49 . 2012-02-17 04:13	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-15 16:49 . 2010-11-20 10:21	18432	----a-w-	c:\windows\system32\drivers\tdpipe.sys
2012-03-15 15:35 . 2008-05-30 13:11	3850760	----a-w-	c:\windows\system32\D3DX9_38.dll
2012-03-15 14:52 . 2012-03-15 15:35	--------	d-----w-	c:\program files\Common Files\BioWare
2012-03-15 14:46 . 2012-03-15 14:46	--------	d-----w-	c:\programdata\InstallShield
2012-03-15 14:46 . 2012-03-15 14:46	--------	d-----w-	c:\program files\GIGABYTE
2012-03-15 14:46 . 2010-04-27 10:56	19496	----a-w-	c:\windows\system32\drivers\AppleCharger.sys
2012-03-15 14:46 . 2010-04-06 15:30	31272	----a-w-	c:\windows\system32\AppleChargerSrv.exe
2012-03-15 14:46 . 2005-02-17 06:15	73728	----a-w-	c:\windows\system32\ISUSPM.cpl
2012-03-15 14:34 . 2012-03-15 14:34	--------	d-----w-	c:\windows\system32\RTCOM
2012-03-15 14:33 . 2012-03-15 14:33	--------	d--h--w-	c:\program files\DeviceVM
2012-03-15 14:33 . 2012-04-03 23:42	--------	d-sh--w-	c:\windows\Installer
2012-03-15 14:33 . 2012-04-04 18:32	--------	d-----w-	c:\windows\system32\wbem\Performance
2012-03-15 14:23 . 2012-03-16 14:54	--------	d-----w-	c:\windows\Panther
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-16 14:39 . 2009-07-14 02:05	152576	----a-w-	c:\windows\system32\msclmd.dll
2012-02-15 03:47 . 2012-02-15 03:47	9182208	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2012-02-15 03:18 . 2012-02-15 03:18	159744	----a-w-	c:\windows\system32\atiapfxx.exe
2012-02-15 03:18 . 2012-02-15 03:18	791040	----a-w-	c:\windows\system32\aticfx32.dll
2012-02-15 03:13 . 2012-02-15 03:13	442368	----a-w-	c:\windows\system32\ATIDEMGX.dll
2012-02-15 03:13 . 2012-02-15 03:13	405504	----a-w-	c:\windows\system32\atieclxx.exe
2012-02-15 03:12 . 2012-02-15 03:12	163328	----a-w-	c:\windows\system32\atiesrxx.exe
2012-02-15 03:11 . 2012-02-15 03:11	159744	----a-w-	c:\windows\system32\atitmmxx.dll
2012-02-15 03:10 . 2012-02-15 03:10	20992	----a-w-	c:\windows\system32\atimuixx.dll
2012-02-15 03:10 . 2012-02-15 03:10	43520	----a-w-	c:\windows\system32\ati2edxx.dll
2012-02-15 03:07 . 2012-02-15 03:07	6200320	----a-w-	c:\windows\system32\atidxx32.dll
2012-02-15 02:58 . 2012-02-15 02:58	19392000	----a-w-	c:\windows\system32\atioglxx.dll
2012-02-15 02:40 . 2012-02-15 02:40	1828864	----a-w-	c:\windows\system32\atiumdmv.dll
2012-02-15 02:34 . 2012-02-15 02:34	46080	----a-w-	c:\windows\system32\aticalrt.dll
2012-02-15 02:34 . 2012-02-15 02:34	44032	----a-w-	c:\windows\system32\aticalcl.dll
2012-02-15 02:34 . 2012-02-15 02:34	5954048	----a-w-	c:\windows\system32\atiumdag.dll
2012-02-15 02:29 . 2012-02-15 02:29	5062656	----a-w-	c:\windows\system32\atiumdva.dll
2012-02-15 02:29 . 2012-02-15 02:29	11561984	----a-w-	c:\windows\system32\aticaldd.dll
2012-02-15 02:16 . 2012-02-15 02:16	51200	----a-w-	c:\windows\system32\coinst.dll
2012-02-15 02:13 . 2012-02-15 02:13	356352	----a-w-	c:\windows\system32\atiadlxx.dll
2012-02-15 02:13 . 2012-02-15 02:13	14336	----a-w-	c:\windows\system32\atiglpxx.dll
2012-02-15 02:13 . 2012-02-15 02:13	33280	----a-w-	c:\windows\system32\atigktxx.dll
2012-02-15 02:12 . 2012-02-15 02:12	264704	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2012-02-15 02:12 . 2012-02-15 02:12	33280	----a-w-	c:\windows\system32\atiuxpag.dll
2012-02-15 02:12 . 2012-02-15 02:12	30208	----a-w-	c:\windows\system32\atiu9pag.dll
2012-02-15 02:11 . 2012-02-15 02:11	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2012-02-15 02:11 . 2012-02-15 02:11	53760	----a-w-	c:\windows\system32\atimpc32.dll
2012-02-15 02:11 . 2012-02-15 02:11	53760	----a-w-	c:\windows\system32\amdpcom32.dll
2012-02-14 21:05 . 2012-02-14 21:05	59904	----a-w-	c:\windows\system32\OpenVideo.dll
2012-02-14 21:05 . 2012-02-14 21:05	54784	----a-w-	c:\windows\system32\OVDecode.dll
2012-02-14 21:04 . 2012-02-14 21:04	13238272	----a-w-	c:\windows\system32\amdocl.dll
2012-02-14 21:03 . 2012-02-14 21:03	48128	----a-w-	c:\windows\system32\OpenCL.dll
2012-01-31 05:00 . 2012-01-31 05:00	16896	----a-w-	c:\windows\system32\kdbsdk32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
2012-02-13 15:44	69760	----a-w-	c:\program files\AMD\SteadyVideo\SteadyVideo.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-01-31 258512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-02-14 636032]
"Malwarebytes' Anti-Malware"="d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AML Device Install.lnk - c:\program files\AMD AVT\bin\kdbsync.exe [2012-1-31 10752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-02-29 07:55	17148552	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 19496]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-02-15 163328]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-02-14 291840]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2012-01-31 86224]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-02-01 46720]
S2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-02-15 9182208]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-02-15 264704]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-12-05 86032]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000Core.job
- c:\users\Domse\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-15 16:59]
.
2012-04-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2251812068-459523399-642319988-1000UA.job
- c:\users\Domse\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-15 16:59]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
TCP: DhcpNameServer = 192.168.178.1
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-04  20:59:45
ComboFix-quarantined-files.txt  2012-04-04 18:59
.
Vor Suchlauf: 6 Verzeichnis(se), 234.532.880.384 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 234.438.668.288 Bytes frei
.
- - End Of File - - D66B7ED8DB677437731C9B9B8F02B483
         
--- --- ---


Malwarebytes Logs

Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.15.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

16.03.2012 18:47:41
mbam-log-2012-03-16 (18-47-41).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 258278
Laufzeit: 24 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.17.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [limitiert]

Schutz: Aktiviert

17.03.2012 20:59:35
mbam-log-2012-03-17 (20-59-35).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 83629
Laufzeit: 14 Minute(n), 32 Sekunde(n) [Abgebrochen]

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.17.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

17.03.2012 21:56:29
mbam-log-2012-03-17 (21-56-29).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 258309
Laufzeit: 21 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.19.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

19.03.2012 15:05:01
mbam-log-2012-03-19 (15-05-01).txt

Art des Suchlaufs: Flash-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: Registrierung | Dateisystem | P2P
Durchsuchte Objekte: 135173
Laufzeit: 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.19.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

19.03.2012 15:06:13
mbam-log-2012-03-19 (15-06-13).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 259040
Laufzeit: 21 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.21.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

21.03.2012 16:47:34
mbam-log-2012-03-21 (16-47-34).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 260487
Laufzeit: 25 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.22.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

22.03.2012 16:49:57
mbam-log-2012-03-22 (16-49-57).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 260598
Laufzeit: 27 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.26.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

26.03.2012 15:12:45
mbam-log-2012-03-26 (15-12-45).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 255155
Laufzeit: 24 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.26.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [limitiert]

Schutz: Aktiviert

26.03.2012 16:43:16
mbam-log-2012-03-26 (16-43-16).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 255133
Laufzeit: 26 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.28.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [limitiert]

Schutz: Aktiviert

28.03.2012 13:55:55
mbam-log-2012-03-28 (13-55-55).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 230872
Laufzeit: 27 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.29.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

29.03.2012 15:58:14
mbam-log-2012-03-29 (15-58-14).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 231209
Laufzeit: 27 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.03.29.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

31.03.2012 14:14:35
mbam-log-2012-03-31 (14-14-35).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 231151
Laufzeit: 26 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Malwarebytes Anti-Malware 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.04.03.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Domse :: DOMSE-PC [Administrator]

Schutz: Aktiviert

03.04.2012 23:58:25
mbam-log-2012-04-03 (23-58-25).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 232471
Laufzeit: 28 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
2012/03/15 18:08:29 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/15 18:08:30 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/15 18:08:33 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/15 18:08:36 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/15 18:10:33 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/15 18:10:34 +0100 DOMSE-PC Domse MESSAGE Database already up-to-date
2012/03/15 19:19:36 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/15 19:19:38 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/15 19:19:41 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/15 19:19:43 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/16 14:47:19 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/16 14:47:20 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/16 14:47:23 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/16 14:47:26 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/16 14:54:11 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/16 14:54:11 +0100 DOMSE-PC Domse ERROR Scheduled update failed: No address found failed with error code 11004
2012/03/16 15:50:52 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/16 15:50:54 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/16 15:50:57 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/16 15:51:00 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/16 15:57:34 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/16 15:57:36 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/16 15:57:39 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/16 15:57:41 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/16 16:18:30 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/16 16:18:32 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/16 16:18:35 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/16 16:18:37 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/16 19:51:56 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/16 19:51:57 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/16 19:52:00 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/16 19:52:03 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/18 13:04:47 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/18 13:04:49 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/18 13:04:52 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/18 13:04:54 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/18 13:09:33 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/18 13:09:38 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.17.04 to version v2012.03.18.02
2012/03/18 13:09:38 +0100 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/18 13:09:38 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/18 13:12:00 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/18 13:12:02 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/18 13:12:02 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/18 13:12:05 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/18 16:44:58 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/18 16:44:59 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/18 16:45:02 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/18 16:45:05 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/19 13:36:40 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/19 13:36:41 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/19 13:36:44 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/19 13:36:47 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/19 13:48:58 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/19 13:49:03 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.18.02 to version v2012.03.19.02
2012/03/19 13:49:03 +0100 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/19 13:49:03 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/19 13:51:17 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/19 13:51:18 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/19 13:51:18 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/19 13:51:21 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/19 21:25:30 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/19 21:25:32 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/19 21:25:35 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/19 21:25:37 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/20 13:25:46 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/20 13:25:48 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/20 13:25:51 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/20 13:25:54 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/20 13:37:56 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/20 13:38:01 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.19.02 to version v2012.03.20.03
2012/03/20 13:38:01 +0100 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/20 13:38:01 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/20 13:40:28 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/20 13:40:30 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/20 13:40:30 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/20 13:40:33 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/20 19:31:43 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/20 19:31:44 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/20 19:31:47 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/20 19:31:50 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/21 07:50:02 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/21 07:50:04 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/21 07:50:07 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/21 07:50:09 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/21 12:16:20 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/21 12:16:21 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/21 12:16:22 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/21 12:16:25 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/21 12:16:27 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/21 12:16:27 +0100 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/21 12:16:27 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.20.03 to version v2012.03.21.02
2012/03/21 12:16:27 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/21 12:18:42 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/21 12:18:44 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/21 12:18:44 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/21 12:18:46 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/21 15:53:15 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/21 15:53:16 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/21 15:53:19 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/21 15:53:22 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/22 15:24:39 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/22 15:24:41 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/22 15:24:41 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/22 15:24:44 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/22 15:24:46 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/22 15:24:47 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.21.02 to version v2012.03.22.03
2012/03/22 15:24:47 +0100 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/22 15:24:47 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/22 15:27:02 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/22 15:27:03 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/22 15:27:03 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/22 15:27:06 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/23 15:51:08 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/23 15:51:10 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/23 15:51:13 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/23 15:51:15 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/23 15:59:11 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/23 15:59:17 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.22.03 to version v2012.03.23.01
2012/03/23 15:59:17 +0100 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/23 15:59:17 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/23 16:01:42 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/23 16:01:44 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/23 16:01:44 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/23 16:01:46 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/23 20:44:54 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/23 20:44:56 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/23 20:44:59 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/23 20:45:01 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/24 12:15:53 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/24 12:15:54 +0100 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/24 12:15:55 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/24 12:15:58 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/24 12:16:00 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/24 12:16:00 +0100 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.23.01 to version v2012.03.23.05
2012/03/24 12:16:00 +0100 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/24 12:16:00 +0100 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/24 12:18:17 +0100 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/24 12:18:18 +0100 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/24 12:18:18 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/24 12:18:21 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/24 18:24:34 +0100 DOMSE-PC Domse MESSAGE Starting protection
2012/03/24 18:24:36 +0100 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/24 18:24:39 +0100 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/24 18:24:41 +0100 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/26 14:15:19 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/26 14:15:21 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/26 14:15:21 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/26 14:15:24 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/26 14:15:27 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/26 14:15:30 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.23.05 to version v2012.03.26.03
2012/03/26 14:15:30 +0200 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/26 14:15:30 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/26 14:17:43 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/26 14:17:44 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/26 14:17:44 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/26 14:17:47 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/26 14:21:25 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/26 14:21:27 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/26 14:21:30 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/26 14:21:32 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/27 16:06:20 +0200 DOMSE-PC (null) MESSAGE Executing scheduled update: Daily
2012/03/27 16:06:27 +0200 DOMSE-PC (null) MESSAGE Scheduled update executed successfully: database updated from version v2012.03.26.03 to version v2012.03.27.03
2012/03/27 16:17:38 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/27 16:17:39 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/27 16:17:42 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/27 16:17:45 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/27 16:17:45 +0200 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/27 16:17:45 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/27 16:19:59 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/27 16:20:01 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/27 16:20:01 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/27 16:20:03 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/28 13:24:32 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/28 13:24:33 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/28 13:24:36 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/28 13:24:39 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/28 13:40:12 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/28 13:40:18 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.27.03 to version v2012.03.28.02
2012/03/28 13:40:18 +0200 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/28 13:40:18 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/28 13:42:38 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/28 13:42:39 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/28 13:42:39 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/28 13:42:42 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/28 18:47:02 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/28 18:47:04 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/28 18:47:07 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/28 18:47:09 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/29 15:29:23 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/29 15:29:24 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/03/29 15:29:25 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/29 15:29:28 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/29 15:29:30 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/29 15:29:31 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.28.02 to version v2012.03.29.04
2012/03/29 15:29:31 +0200 DOMSE-PC Domse MESSAGE Starting database refresh
2012/03/29 15:29:31 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/03/29 15:32:02 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/03/29 15:32:03 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/03/29 15:32:03 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/29 15:32:06 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/29 19:23:57 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/29 19:23:59 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/29 19:24:02 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/29 19:24:04 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/30 13:21:03 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/30 13:21:04 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/30 13:21:07 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/30 13:21:10 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/30 21:23:33 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/30 21:23:34 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/30 21:23:37 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/30 21:23:40 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/31 14:15:36 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/31 14:15:38 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/31 14:15:41 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/31 14:15:43 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/03/31 17:41:57 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/03/31 17:41:59 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/03/31 17:42:02 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/03/31 17:42:04 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/01 20:42:48 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/04/01 20:42:49 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/04/01 20:42:52 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/01 20:42:55 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/01 20:57:51 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/04/01 20:57:57 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.03.29.04 to version v2012.04.01.03
2012/04/01 20:57:57 +0200 DOMSE-PC Domse MESSAGE Starting database refresh
2012/04/01 20:57:57 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/04/01 21:00:23 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/04/01 21:00:24 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/04/01 21:00:24 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/01 21:00:27 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/02 15:57:46 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/04/02 15:57:48 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/04/02 15:57:51 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/02 15:57:53 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/02 16:06:15 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/04/02 16:06:21 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.04.01.03 to version v2012.04.02.04
2012/04/02 16:06:21 +0200 DOMSE-PC Domse MESSAGE Starting database refresh
2012/04/02 16:06:21 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/04/02 16:08:46 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/04/02 16:08:48 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/04/02 16:08:48 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/02 16:08:50 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/02 17:36:56 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/04/02 17:36:58 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/04/02 17:37:01 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/02 17:37:03 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/03 12:01:42 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/04/03 12:01:42 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/04/03 12:01:44 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/04/03 12:01:47 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/03 12:01:50 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/03 12:01:50 +0200 DOMSE-PC Domse MESSAGE Scheduled update executed successfully: database updated from version v2012.04.02.04 to version v2012.04.03.05
2012/04/03 12:01:50 +0200 DOMSE-PC Domse MESSAGE Starting database refresh
2012/04/03 12:01:50 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/04/03 12:04:16 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/04/03 12:04:18 +0200 DOMSE-PC Domse MESSAGE Database refreshed successfully
2012/04/03 12:04:18 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/03 12:04:20 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/03 21:59:53 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/04/03 21:59:54 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/04/03 21:59:57 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/03 22:00:00 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/04 13:56:35 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/04/04 13:56:37 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/04/04 13:56:40 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/04 13:56:42 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/04 14:03:11 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/04/04 14:05:26 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/04/04 14:06:41 +0200 DOMSE-PC Domse MESSAGE Executing scheduled update: Daily
2012/04/04 14:06:42 +0200 DOMSE-PC Domse ERROR Scheduled update failed: No address found failed with error code 11004
2012/04/04 14:19:10 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/04 14:19:13 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/04 16:46:46 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/04/04 16:46:48 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/04/04 16:46:51 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/04 16:46:53 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/04 20:30:19 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/04/04 20:30:20 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/04/04 20:30:23 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/04 20:30:26 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully
2012/04/04 20:55:03 +0200 DOMSE-PC Domse MESSAGE Stopping IP protection
2012/04/04 20:57:26 +0200 DOMSE-PC Domse MESSAGE IP Protection stopped
2012/04/04 21:04:06 +0200 DOMSE-PC Domse MESSAGE Starting protection
2012/04/04 21:04:08 +0200 DOMSE-PC Domse MESSAGE Protection started successfully
2012/04/04 21:04:11 +0200 DOMSE-PC Domse MESSAGE Starting IP protection
2012/04/04 21:04:13 +0200 DOMSE-PC Domse MESSAGE IP Protection started successfully

hoffe das das richtig ist ( ja ist ne ganzschöne menge)


Alt 05.04.2012, 11:20   #6
markusg
/// Malware-holic
 
Internet sehr langsam - Standard

Internet sehr langsam



1. gibt es bereits ne besserung?
2. schon ma versucht router und modem neu zu starten?
3.
tdss killer ausführen, bei aktion bitte skip wählen log posten
http://www.trojaner-board.de/82358-t...entfernen.html
__________________
--> Internet sehr langsam

Alt 05.04.2012, 15:26   #7
Enigma91
 
Internet sehr langsam - Standard

Internet sehr langsam



hey,

also ist bereits wieder etwas besser geworden. (er lädt die seiten wieder beim ersten mal dauert nur eine zeit)

router und modem bereits mehrmals neugestartet.

vielleicht gibt oder gab es eine kleine störung mit der Leitung zu unserem haus oder generell zu unserem bereich vom Anbieter

hier mal der TDSS Log


15:21:59.0281 2480 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
15:21:59.0343 2480 ============================================================
15:21:59.0343 2480 Current date / time: 2012/04/05 15:21:59.0343
15:21:59.0343 2480 SystemInfo:
15:21:59.0343 2480
15:21:59.0343 2480 OS Version: 6.1.7601 ServicePack: 1.0
15:21:59.0343 2480 Product type: Workstation
15:21:59.0343 2480 ComputerName: DOMSE-PC
15:21:59.0343 2480 UserName: Domse
15:21:59.0343 2480 Windows directory: C:\Windows
15:21:59.0343 2480 System windows directory: C:\Windows
15:21:59.0343 2480 Processor architecture: Intel x86
15:21:59.0343 2480 Number of processors: 4
15:21:59.0343 2480 Page size: 0x1000
15:21:59.0343 2480 Boot type: Normal boot
15:21:59.0343 2480 ============================================================
15:22:00.0123 2480 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
15:22:00.0123 2480 \Device\Harddisk0\DR0:
15:22:00.0123 2480 MBR used
15:22:00.0123 2480 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:22:00.0123 2480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E816000
15:22:00.0123 2480 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x55EBD800
15:22:00.0170 2480 Initialize success
15:22:00.0170 2480 ============================================================
15:22:03.0025 1824 ============================================================
15:22:03.0025 1824 Scan started
15:22:03.0025 1824 Mode: Manual;
15:22:03.0025 1824 ============================================================
15:22:03.0602 1824 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
15:22:03.0602 1824 1394ohci - ok
15:22:03.0633 1824 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
15:22:03.0633 1824 ACPI - ok
15:22:03.0664 1824 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
15:22:03.0664 1824 AcpiPmi - ok
15:22:03.0696 1824 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:22:03.0696 1824 adp94xx - ok
15:22:03.0711 1824 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:22:03.0711 1824 adpahci - ok
15:22:03.0727 1824 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:22:03.0727 1824 adpu320 - ok
15:22:03.0758 1824 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:22:03.0758 1824 AeLookupSvc - ok
15:22:03.0805 1824 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
15:22:03.0805 1824 AFD - ok
15:22:03.0836 1824 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
15:22:03.0852 1824 agp440 - ok
15:22:03.0867 1824 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:22:03.0867 1824 aic78xx - ok
15:22:03.0883 1824 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:22:03.0883 1824 ALG - ok
15:22:03.0898 1824 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
15:22:03.0898 1824 aliide - ok
15:22:03.0930 1824 AMD External Events Utility (cde41d99db840ff9454fc981ebd0ec50) C:\Windows\system32\atiesrxx.exe
15:22:03.0930 1824 AMD External Events Utility - ok
15:22:03.0976 1824 AMD FUEL Service - ok
15:22:03.0992 1824 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
15:22:03.0992 1824 amdagp - ok
15:22:04.0008 1824 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
15:22:04.0008 1824 amdide - ok
15:22:04.0023 1824 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
15:22:04.0023 1824 amdiox86 - ok
15:22:04.0039 1824 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:22:04.0054 1824 AmdK8 - ok
15:22:04.0195 1824 amdkmdag (ffd082f1f1d4ff5c87f66df62486bcfa) C:\Windows\system32\DRIVERS\atikmdag.sys
15:22:04.0288 1824 amdkmdag - ok
15:22:04.0320 1824 amdkmdap (c541da5b72fa638469e8dc1e66079330) C:\Windows\system32\DRIVERS\atikmpag.sys
15:22:04.0320 1824 amdkmdap - ok
15:22:04.0351 1824 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:22:04.0351 1824 AmdPPM - ok
15:22:04.0366 1824 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
15:22:04.0366 1824 amdsata - ok
15:22:04.0382 1824 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:22:04.0382 1824 amdsbs - ok
15:22:04.0398 1824 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
15:22:04.0398 1824 amdxata - ok
15:22:04.0429 1824 AntiVirSchedulerService (a122d68ea2541453f787f341877cb40b) C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:22:04.0429 1824 AntiVirSchedulerService - ok
15:22:04.0444 1824 AntiVirService (2fe359edeb34efcf42574752f8aebd3f) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:22:04.0460 1824 AntiVirService - ok
15:22:04.0491 1824 AODDriver4.1 (df6de9e8e4b6994853ccf038bfae964b) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
15:22:04.0491 1824 AODDriver4.1 - ok
15:22:04.0522 1824 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
15:22:04.0522 1824 AppID - ok
15:22:04.0538 1824 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:22:04.0554 1824 AppIDSvc - ok
15:22:04.0585 1824 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
15:22:04.0585 1824 Appinfo - ok
15:22:04.0616 1824 AppleCharger (75a8b998eb259dd512f01ea25bec7f3b) C:\Windows\system32\DRIVERS\AppleCharger.sys
15:22:04.0632 1824 AppleCharger - ok
15:22:04.0632 1824 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
15:22:04.0632 1824 AppleChargerSrv - ok
15:22:04.0678 1824 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
15:22:04.0678 1824 AppMgmt - ok
15:22:04.0710 1824 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:22:04.0710 1824 arc - ok
15:22:04.0725 1824 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:22:04.0741 1824 arcsas - ok
15:22:04.0756 1824 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:22:04.0756 1824 AsyncMac - ok
15:22:04.0788 1824 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
15:22:04.0788 1824 atapi - ok
15:22:04.0803 1824 AtiHDAudioService (4d201d8b576be4473405b2a86a2d28b3) C:\Windows\system32\drivers\AtihdW73.sys
15:22:04.0803 1824 AtiHDAudioService - ok
15:22:04.0866 1824 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:22:04.0866 1824 AudioEndpointBuilder - ok
15:22:04.0897 1824 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:22:04.0897 1824 Audiosrv - ok
15:22:04.0928 1824 avgntflt (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
15:22:04.0944 1824 avgntflt - ok
15:22:04.0959 1824 avipbb (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
15:22:04.0959 1824 avipbb - ok
15:22:04.0975 1824 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
15:22:04.0975 1824 avkmgr - ok
15:22:05.0022 1824 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
15:22:05.0022 1824 AxInstSV - ok
15:22:05.0053 1824 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:22:05.0053 1824 b06bdrv - ok
15:22:05.0084 1824 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:22:05.0100 1824 b57nd60x - ok
15:22:05.0146 1824 BCUService (382b151daffe4a9ce9da9f564b66761e) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
15:22:05.0146 1824 BCUService - ok
15:22:05.0178 1824 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:22:05.0178 1824 BDESVC - ok
15:22:05.0193 1824 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:22:05.0193 1824 Beep - ok
15:22:05.0224 1824 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
15:22:05.0224 1824 BFE - ok
15:22:05.0256 1824 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
15:22:05.0271 1824 BITS - ok
15:22:05.0287 1824 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:22:05.0287 1824 blbdrive - ok
15:22:05.0318 1824 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
15:22:05.0318 1824 bowser - ok
15:22:05.0334 1824 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:22:05.0334 1824 BrFiltLo - ok
15:22:05.0349 1824 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:22:05.0349 1824 BrFiltUp - ok
15:22:05.0380 1824 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
15:22:05.0396 1824 BridgeMP - ok
15:22:05.0412 1824 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
15:22:05.0412 1824 Browser - ok
15:22:05.0443 1824 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:22:05.0443 1824 Brserid - ok
15:22:05.0458 1824 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:22:05.0458 1824 BrSerWdm - ok
15:22:05.0474 1824 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:22:05.0474 1824 BrUsbMdm - ok
15:22:05.0490 1824 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:22:05.0490 1824 BrUsbSer - ok
15:22:05.0505 1824 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:22:05.0505 1824 BTHMODEM - ok
15:22:05.0521 1824 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:22:05.0521 1824 bthserv - ok
15:22:05.0568 1824 catchme - ok
15:22:05.0599 1824 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:22:05.0599 1824 cdfs - ok
15:22:05.0630 1824 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
15:22:05.0630 1824 cdrom - ok
15:22:05.0661 1824 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:22:05.0661 1824 CertPropSvc - ok
15:22:05.0677 1824 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:22:05.0692 1824 circlass - ok
15:22:05.0708 1824 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:22:05.0708 1824 CLFS - ok
15:22:05.0755 1824 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:22:05.0755 1824 clr_optimization_v2.0.50727_32 - ok
15:22:05.0802 1824 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:22:05.0802 1824 clr_optimization_v4.0.30319_32 - ok
15:22:05.0817 1824 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:22:05.0817 1824 CmBatt - ok
15:22:05.0848 1824 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
15:22:05.0848 1824 cmdide - ok
15:22:05.0864 1824 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
15:22:05.0864 1824 CNG - ok
15:22:05.0880 1824 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:22:05.0880 1824 Compbatt - ok
15:22:05.0926 1824 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
15:22:05.0926 1824 CompositeBus - ok
15:22:05.0926 1824 COMSysApp - ok
15:22:05.0942 1824 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:22:05.0942 1824 crcdisk - ok
15:22:05.0989 1824 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
15:22:05.0989 1824 CryptSvc - ok
15:22:06.0020 1824 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
15:22:06.0036 1824 CSC - ok
15:22:06.0051 1824 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
15:22:06.0051 1824 CscService - ok
15:22:06.0067 1824 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:22:06.0082 1824 DcomLaunch - ok
15:22:06.0098 1824 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:22:06.0098 1824 defragsvc - ok
15:22:06.0129 1824 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
15:22:06.0129 1824 DfsC - ok
15:22:06.0145 1824 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
15:22:06.0160 1824 Dhcp - ok
15:22:06.0160 1824 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:22:06.0160 1824 discache - ok
15:22:06.0176 1824 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:22:06.0176 1824 Disk - ok
15:22:06.0207 1824 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
15:22:06.0207 1824 Dnscache - ok
15:22:06.0238 1824 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
15:22:06.0238 1824 dot3svc - ok
15:22:06.0270 1824 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
15:22:06.0270 1824 DPS - ok
15:22:06.0301 1824 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:22:06.0301 1824 drmkaud - ok
15:22:06.0332 1824 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
15:22:06.0348 1824 DXGKrnl - ok
15:22:06.0363 1824 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:22:06.0363 1824 EapHost - ok
15:22:06.0441 1824 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:22:06.0457 1824 ebdrv - ok
15:22:06.0488 1824 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
15:22:06.0488 1824 EFS - ok
15:22:06.0535 1824 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
15:22:06.0535 1824 ehRecvr - ok
15:22:06.0566 1824 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:22:06.0566 1824 ehSched - ok
15:22:06.0597 1824 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:22:06.0613 1824 elxstor - ok
15:22:06.0628 1824 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
15:22:06.0628 1824 ErrDev - ok
15:22:06.0675 1824 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:22:06.0675 1824 EventSystem - ok
15:22:06.0691 1824 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:22:06.0706 1824 exfat - ok
15:22:06.0738 1824 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:22:06.0738 1824 fastfat - ok
15:22:06.0769 1824 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
15:22:06.0769 1824 Fax - ok
15:22:06.0800 1824 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:22:06.0800 1824 fdc - ok
15:22:06.0800 1824 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:22:06.0816 1824 fdPHost - ok
15:22:06.0816 1824 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:22:06.0831 1824 FDResPub - ok
15:22:06.0831 1824 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:22:06.0847 1824 FileInfo - ok
15:22:06.0847 1824 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:22:06.0847 1824 Filetrace - ok
15:22:06.0862 1824 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:22:06.0862 1824 flpydisk - ok
15:22:06.0894 1824 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:22:06.0894 1824 FltMgr - ok
15:22:06.0925 1824 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
15:22:06.0925 1824 FontCache - ok
15:22:06.0956 1824 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:22:06.0972 1824 FontCache3.0.0.0 - ok
15:22:06.0972 1824 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:22:06.0972 1824 FsDepends - ok
15:22:06.0987 1824 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
15:22:06.0987 1824 Fs_Rec - ok
15:22:07.0018 1824 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
15:22:07.0018 1824 fvevol - ok
15:22:07.0034 1824 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:22:07.0034 1824 gagp30kx - ok
15:22:07.0050 1824 gdrv - ok
15:22:07.0081 1824 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
15:22:07.0081 1824 gpsvc - ok
15:22:07.0112 1824 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:22:07.0112 1824 hcw85cir - ok
15:22:07.0143 1824 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
15:22:07.0143 1824 HdAudAddService - ok
15:22:07.0159 1824 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
15:22:07.0159 1824 HDAudBus - ok
15:22:07.0190 1824 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:22:07.0190 1824 HidBatt - ok
15:22:07.0206 1824 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:22:07.0206 1824 HidBth - ok
15:22:07.0237 1824 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:22:07.0237 1824 HidIr - ok
15:22:07.0268 1824 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
15:22:07.0268 1824 hidserv - ok
15:22:07.0284 1824 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
15:22:07.0284 1824 HidUsb - ok
15:22:07.0315 1824 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
15:22:07.0315 1824 hkmsvc - ok
15:22:07.0346 1824 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
15:22:07.0346 1824 HomeGroupListener - ok
15:22:07.0377 1824 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
15:22:07.0377 1824 HomeGroupProvider - ok
15:22:07.0393 1824 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
15:22:07.0393 1824 HpSAMD - ok
15:22:07.0424 1824 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
15:22:07.0424 1824 HTTP - ok
15:22:07.0455 1824 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
15:22:07.0455 1824 hwpolicy - ok
15:22:07.0486 1824 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
15:22:07.0486 1824 i8042prt - ok
15:22:07.0502 1824 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
15:22:07.0518 1824 iaStorV - ok
15:22:07.0580 1824 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:22:07.0596 1824 idsvc - ok
15:22:07.0627 1824 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:22:07.0627 1824 iirsp - ok
15:22:07.0658 1824 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
15:22:07.0658 1824 IKEEXT - ok
15:22:07.0752 1824 IntcAzAudAddService (f42f2f88017a2e2b6f783acef6c2c149) C:\Windows\system32\drivers\RTKVHDA.sys
15:22:07.0783 1824 IntcAzAudAddService - ok
15:22:07.0814 1824 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
15:22:07.0814 1824 intelide - ok
15:22:07.0830 1824 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:22:07.0830 1824 intelppm - ok
15:22:07.0861 1824 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:22:07.0861 1824 IPBusEnum - ok
15:22:07.0876 1824 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:22:07.0892 1824 IpFilterDriver - ok
15:22:07.0908 1824 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
15:22:07.0923 1824 iphlpsvc - ok
15:22:07.0954 1824 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
15:22:07.0954 1824 IPMIDRV - ok
15:22:07.0970 1824 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:22:07.0970 1824 IPNAT - ok
15:22:07.0986 1824 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:22:08.0001 1824 IRENUM - ok
15:22:08.0001 1824 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
15:22:08.0017 1824 isapnp - ok
15:22:08.0032 1824 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
15:22:08.0032 1824 iScsiPrt - ok
15:22:08.0048 1824 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:22:08.0064 1824 kbdclass - ok
15:22:08.0079 1824 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
15:22:08.0095 1824 kbdhid - ok
15:22:08.0110 1824 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:22:08.0110 1824 KeyIso - ok
15:22:08.0126 1824 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
15:22:08.0126 1824 KSecDD - ok
15:22:08.0142 1824 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
15:22:08.0142 1824 KSecPkg - ok
15:22:08.0173 1824 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:22:08.0173 1824 KtmRm - ok
15:22:08.0220 1824 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
15:22:08.0220 1824 LanmanServer - ok
15:22:08.0251 1824 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
15:22:08.0251 1824 LanmanWorkstation - ok
15:22:08.0266 1824 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:22:08.0282 1824 lltdio - ok
15:22:08.0298 1824 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:22:08.0298 1824 lltdsvc - ok
15:22:08.0313 1824 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:22:08.0313 1824 lmhosts - ok
15:22:08.0329 1824 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:22:08.0329 1824 LSI_FC - ok
15:22:08.0344 1824 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:22:08.0344 1824 LSI_SAS - ok
15:22:08.0360 1824 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:22:08.0360 1824 LSI_SAS2 - ok
15:22:08.0376 1824 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:22:08.0376 1824 LSI_SCSI - ok
15:22:08.0391 1824 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:22:08.0391 1824 luafv - ok
15:22:08.0422 1824 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
15:22:08.0422 1824 MBAMProtector - ok
15:22:08.0547 1824 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:22:08.0563 1824 MBAMService - ok
15:22:08.0578 1824 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
15:22:08.0578 1824 Mcx2Svc - ok
15:22:08.0594 1824 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:22:08.0594 1824 megasas - ok
15:22:08.0610 1824 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:22:08.0610 1824 MegaSR - ok
15:22:08.0625 1824 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:22:08.0625 1824 MMCSS - ok
15:22:08.0641 1824 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:22:08.0656 1824 Modem - ok
15:22:08.0672 1824 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:22:08.0672 1824 monitor - ok
15:22:08.0703 1824 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:22:08.0719 1824 mouclass - ok
15:22:08.0734 1824 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:22:08.0734 1824 mouhid - ok
15:22:08.0766 1824 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
15:22:08.0766 1824 mountmgr - ok
15:22:08.0781 1824 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
15:22:08.0781 1824 mpio - ok
15:22:08.0797 1824 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:22:08.0812 1824 mpsdrv - ok
15:22:08.0844 1824 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
15:22:08.0859 1824 MpsSvc - ok
15:22:08.0890 1824 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
15:22:08.0890 1824 MRxDAV - ok
15:22:08.0922 1824 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:22:08.0922 1824 mrxsmb - ok
15:22:08.0937 1824 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:22:08.0953 1824 mrxsmb10 - ok
15:22:08.0968 1824 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:22:08.0968 1824 mrxsmb20 - ok
15:22:09.0000 1824 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
15:22:09.0000 1824 msahci - ok
15:22:09.0031 1824 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
15:22:09.0031 1824 msdsm - ok
15:22:09.0062 1824 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:22:09.0062 1824 MSDTC - ok
15:22:09.0093 1824 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:22:09.0109 1824 Msfs - ok
15:22:09.0124 1824 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:22:09.0124 1824 mshidkmdf - ok
15:22:09.0140 1824 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
15:22:09.0140 1824 msisadrv - ok
15:22:09.0171 1824 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:22:09.0171 1824 MSiSCSI - ok
15:22:09.0171 1824 msiserver - ok
15:22:09.0202 1824 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:22:09.0202 1824 MSKSSRV - ok
15:22:09.0218 1824 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:22:09.0218 1824 MSPCLOCK - ok
15:22:09.0234 1824 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:22:09.0234 1824 MSPQM - ok
15:22:09.0249 1824 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:22:09.0265 1824 MsRPC - ok
15:22:09.0280 1824 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
15:22:09.0280 1824 mssmbios - ok
15:22:09.0296 1824 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:22:09.0296 1824 MSTEE - ok
15:22:09.0312 1824 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:22:09.0312 1824 MTConfig - ok
15:22:09.0327 1824 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:22:09.0327 1824 Mup - ok
15:22:09.0358 1824 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
15:22:09.0358 1824 napagent - ok
15:22:09.0390 1824 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:22:09.0390 1824 NativeWifiP - ok
15:22:09.0436 1824 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
15:22:09.0452 1824 NDIS - ok
15:22:09.0468 1824 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:22:09.0468 1824 NdisCap - ok
15:22:09.0483 1824 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:22:09.0499 1824 NdisTapi - ok
15:22:09.0514 1824 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
15:22:09.0514 1824 Ndisuio - ok
15:22:09.0530 1824 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
15:22:09.0530 1824 NdisWan - ok
15:22:09.0577 1824 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
15:22:09.0577 1824 NDProxy - ok
15:22:09.0592 1824 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:22:09.0592 1824 NetBIOS - ok
15:22:09.0624 1824 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
15:22:09.0624 1824 NetBT - ok
15:22:09.0655 1824 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:22:09.0655 1824 Netlogon - ok
15:22:09.0702 1824 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:22:09.0702 1824 Netman - ok
15:22:09.0717 1824 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:22:09.0733 1824 netprofm - ok
15:22:09.0780 1824 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:22:09.0795 1824 NetTcpPortSharing - ok
15:22:09.0811 1824 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:22:09.0811 1824 nfrd960 - ok
15:22:09.0842 1824 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
15:22:09.0842 1824 NlaSvc - ok
15:22:09.0873 1824 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:22:09.0873 1824 Npfs - ok
15:22:09.0920 1824 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:22:09.0920 1824 nsi - ok
15:22:09.0951 1824 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:22:09.0951 1824 nsiproxy - ok
15:22:10.0014 1824 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
15:22:10.0076 1824 Ntfs - ok
15:22:10.0092 1824 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:22:10.0107 1824 Null - ok
15:22:10.0138 1824 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
15:22:10.0138 1824 NVENETFD - ok
15:22:10.0170 1824 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
15:22:10.0170 1824 NVNET - ok
15:22:10.0201 1824 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
15:22:10.0201 1824 nvraid - ok
15:22:10.0232 1824 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
15:22:10.0232 1824 nvstor - ok
15:22:10.0248 1824 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
15:22:10.0248 1824 nvstor32 - ok
15:22:10.0279 1824 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
15:22:10.0279 1824 nv_agp - ok
15:22:10.0294 1824 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
15:22:10.0294 1824 ohci1394 - ok
15:22:10.0326 1824 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:22:10.0341 1824 p2pimsvc - ok
15:22:10.0357 1824 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:22:10.0357 1824 p2psvc - ok
15:22:10.0388 1824 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:22:10.0388 1824 Parport - ok
15:22:10.0404 1824 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
15:22:10.0419 1824 partmgr - ok
15:22:10.0435 1824 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:22:10.0435 1824 Parvdm - ok
15:22:10.0450 1824 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:22:10.0450 1824 PcaSvc - ok
15:22:10.0466 1824 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
15:22:10.0466 1824 pci - ok
15:22:10.0482 1824 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
15:22:10.0482 1824 pciide - ok
15:22:10.0497 1824 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:22:10.0497 1824 pcmcia - ok
15:22:10.0513 1824 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:22:10.0513 1824 pcw - ok
15:22:10.0544 1824 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:22:10.0544 1824 PEAUTH - ok
15:22:10.0575 1824 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
15:22:10.0591 1824 PeerDistSvc - ok
15:22:10.0653 1824 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
15:22:10.0669 1824 pla - ok
15:22:10.0700 1824 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
15:22:10.0700 1824 PlugPlay - ok
15:22:10.0716 1824 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:22:10.0716 1824 PNRPAutoReg - ok
15:22:10.0731 1824 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:22:10.0731 1824 PNRPsvc - ok
15:22:10.0762 1824 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
15:22:10.0762 1824 PolicyAgent - ok
15:22:10.0794 1824 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
15:22:10.0794 1824 Power - ok
15:22:10.0809 1824 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:22:10.0809 1824 PptpMiniport - ok
15:22:10.0825 1824 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:22:10.0825 1824 Processor - ok
15:22:10.0856 1824 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
15:22:10.0856 1824 ProfSvc - ok
15:22:10.0887 1824 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:22:10.0887 1824 ProtectedStorage - ok
15:22:10.0903 1824 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:22:10.0918 1824 Psched - ok
15:22:10.0950 1824 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:22:10.0950 1824 ql2300 - ok
15:22:10.0965 1824 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:22:10.0965 1824 ql40xx - ok
15:22:10.0996 1824 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:22:10.0996 1824 QWAVE - ok
15:22:11.0028 1824 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:22:11.0028 1824 QWAVEdrv - ok
15:22:11.0043 1824 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:22:11.0059 1824 RasAcd - ok
15:22:11.0074 1824 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:22:11.0074 1824 RasAgileVpn - ok
15:22:11.0106 1824 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:22:11.0106 1824 RasAuto - ok
15:22:11.0121 1824 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:22:11.0137 1824 Rasl2tp - ok
15:22:11.0168 1824 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
15:22:11.0184 1824 RasMan - ok
15:22:11.0199 1824 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:22:11.0199 1824 RasPppoe - ok
15:22:11.0215 1824 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:22:11.0215 1824 RasSstp - ok
15:22:11.0246 1824 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
15:22:11.0246 1824 rdbss - ok
15:22:11.0262 1824 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:22:11.0262 1824 rdpbus - ok
15:22:11.0293 1824 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:22:11.0293 1824 RDPCDD - ok
15:22:11.0324 1824 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
15:22:11.0324 1824 RDPDR - ok
15:22:11.0355 1824 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:22:11.0355 1824 RDPENCDD - ok
15:22:11.0355 1824 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:22:11.0371 1824 RDPREFMP - ok
15:22:11.0386 1824 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
15:22:11.0402 1824 RDPWD - ok
15:22:11.0433 1824 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
15:22:11.0433 1824 rdyboost - ok
15:22:11.0464 1824 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:22:11.0464 1824 RemoteAccess - ok
15:22:11.0480 1824 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:22:11.0480 1824 RemoteRegistry - ok
15:22:11.0511 1824 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:22:11.0511 1824 RpcEptMapper - ok
15:22:11.0527 1824 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:22:11.0527 1824 RpcLocator - ok
15:22:11.0558 1824 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:22:11.0574 1824 RpcSs - ok
15:22:11.0589 1824 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:22:11.0605 1824 rspndr - ok
15:22:11.0620 1824 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
15:22:11.0636 1824 s3cap - ok
15:22:11.0652 1824 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:22:11.0652 1824 SamSs - ok
15:22:11.0683 1824 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
15:22:11.0698 1824 sbp2port - ok
15:22:11.0730 1824 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:22:11.0730 1824 SCardSvr - ok
15:22:11.0761 1824 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
15:22:11.0761 1824 scfilter - ok
15:22:11.0808 1824 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
15:22:11.0823 1824 Schedule - ok
15:22:11.0854 1824 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:22:11.0854 1824 SCPolicySvc - ok
15:22:11.0901 1824 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
15:22:11.0901 1824 SDRSVC - ok
15:22:11.0917 1824 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:22:11.0932 1824 secdrv - ok
15:22:11.0964 1824 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:22:11.0964 1824 seclogon - ok
15:22:11.0995 1824 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
15:22:11.0995 1824 SENS - ok
15:22:12.0026 1824 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:22:12.0026 1824 SensrSvc - ok
15:22:12.0042 1824 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:22:12.0042 1824 Serenum - ok
15:22:12.0073 1824 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:22:12.0073 1824 Serial - ok
15:22:12.0104 1824 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:22:12.0104 1824 sermouse - ok
15:22:12.0135 1824 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
15:22:12.0151 1824 SessionEnv - ok
15:22:12.0166 1824 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
15:22:12.0166 1824 sffdisk - ok
15:22:12.0182 1824 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
15:22:12.0182 1824 sffp_mmc - ok
15:22:12.0198 1824 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
15:22:12.0198 1824 sffp_sd - ok
15:22:12.0229 1824 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:22:12.0229 1824 sfloppy - ok
15:22:12.0260 1824 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:22:12.0260 1824 SharedAccess - ok
15:22:12.0291 1824 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
15:22:12.0307 1824 ShellHWDetection - ok
15:22:12.0322 1824 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
15:22:12.0322 1824 sisagp - ok
15:22:12.0322 1824 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:22:12.0338 1824 SiSRaid2 - ok
15:22:12.0338 1824 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:22:12.0338 1824 SiSRaid4 - ok
15:22:12.0385 1824 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
15:22:12.0385 1824 SkypeUpdate - ok
15:22:12.0400 1824 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:22:12.0400 1824 Smb - ok
15:22:12.0432 1824 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:22:12.0447 1824 SNMPTRAP - ok
15:22:12.0447 1824 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:22:12.0447 1824 spldr - ok
15:22:12.0478 1824 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
15:22:12.0478 1824 Spooler - ok
15:22:12.0556 1824 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
15:22:12.0572 1824 sppsvc - ok
15:22:12.0603 1824 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
15:22:12.0603 1824 sppuinotify - ok
15:22:12.0634 1824 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
15:22:12.0666 1824 srv - ok
15:22:12.0681 1824 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
15:22:12.0712 1824 srv2 - ok
15:22:12.0744 1824 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
15:22:12.0759 1824 srvnet - ok
15:22:12.0806 1824 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:22:12.0822 1824 SSDPSRV - ok
15:22:12.0853 1824 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
15:22:12.0853 1824 ssmdrv - ok
15:22:12.0915 1824 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:22:12.0915 1824 SstpSvc - ok
15:22:12.0931 1824 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:22:12.0946 1824 stexstor - ok
15:22:12.0978 1824 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
15:22:12.0993 1824 StiSvc - ok
15:22:13.0024 1824 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
15:22:13.0024 1824 storflt - ok
15:22:13.0040 1824 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
15:22:13.0056 1824 StorSvc - ok
15:22:13.0071 1824 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
15:22:13.0071 1824 storvsc - ok
15:22:13.0087 1824 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
15:22:13.0102 1824 swenum - ok
15:22:13.0118 1824 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:22:13.0118 1824 swprv - ok
15:22:13.0165 1824 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
15:22:13.0196 1824 SysMain - ok
15:22:13.0196 1824 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
15:22:13.0212 1824 TabletInputService - ok
15:22:13.0227 1824 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
15:22:13.0227 1824 TapiSrv - ok
15:22:13.0243 1824 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:22:13.0243 1824 TBS - ok
15:22:13.0290 1824 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
15:22:13.0305 1824 Tcpip - ok
15:22:13.0336 1824 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
15:22:13.0352 1824 TCPIP6 - ok
15:22:13.0383 1824 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
15:22:13.0383 1824 tcpipreg - ok
15:22:13.0414 1824 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
15:22:13.0414 1824 TDPIPE - ok
15:22:13.0414 1824 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
15:22:13.0414 1824 TDTCP - ok
15:22:13.0446 1824 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
15:22:13.0446 1824 tdx - ok
15:22:13.0477 1824 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
15:22:13.0492 1824 TermDD - ok
15:22:13.0524 1824 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
15:22:13.0539 1824 TermService - ok
15:22:13.0617 1824 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:22:13.0617 1824 Themes - ok
15:22:13.0695 1824 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:22:13.0695 1824 THREADORDER - ok
15:22:13.0726 1824 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:22:13.0742 1824 TrkWks - ok
15:22:13.0773 1824 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
15:22:13.0773 1824 TrustedInstaller - ok
15:22:13.0804 1824 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:22:13.0804 1824 tssecsrv - ok
15:22:13.0836 1824 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
15:22:13.0836 1824 TsUsbFlt - ok
15:22:13.0867 1824 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
15:22:13.0867 1824 tunnel - ok
15:22:13.0898 1824 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:22:13.0898 1824 uagp35 - ok
15:22:13.0929 1824 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
15:22:13.0929 1824 udfs - ok
15:22:13.0960 1824 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:22:13.0976 1824 UI0Detect - ok
15:22:14.0007 1824 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
15:22:14.0007 1824 uliagpkx - ok
15:22:14.0038 1824 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
15:22:14.0054 1824 umbus - ok
15:22:14.0070 1824 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:22:14.0070 1824 UmPass - ok
15:22:14.0101 1824 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
15:22:14.0101 1824 UmRdpService - ok
15:22:14.0148 1824 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:22:14.0163 1824 upnphost - ok
15:22:14.0179 1824 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
15:22:14.0179 1824 usbccgp - ok
15:22:14.0210 1824 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
15:22:14.0226 1824 usbcir - ok
15:22:14.0241 1824 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
15:22:14.0241 1824 usbehci - ok
15:22:14.0257 1824 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
15:22:14.0257 1824 usbhub - ok
15:22:14.0288 1824 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
15:22:14.0288 1824 usbohci - ok
15:22:14.0304 1824 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:22:14.0304 1824 usbprint - ok
15:22:14.0319 1824 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
15:22:14.0319 1824 USBSTOR - ok
15:22:14.0335 1824 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
15:22:14.0335 1824 usbuhci - ok
15:22:14.0366 1824 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:22:14.0366 1824 UxSms - ok
15:22:14.0382 1824 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:22:14.0382 1824 VaultSvc - ok
15:22:14.0413 1824 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
15:22:14.0413 1824 vdrvroot - ok
15:22:14.0444 1824 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
15:22:14.0460 1824 vds - ok
15:22:14.0491 1824 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:22:14.0491 1824 vga - ok
15:22:14.0491 1824 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:22:14.0506 1824 VgaSave - ok
15:22:14.0522 1824 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
15:22:14.0522 1824 vhdmp - ok
15:22:14.0538 1824 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
15:22:14.0538 1824 viaagp - ok
15:22:14.0553 1824 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:22:14.0553 1824 ViaC7 - ok
15:22:14.0569 1824 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
15:22:14.0569 1824 viaide - ok
15:22:14.0600 1824 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
15:22:14.0600 1824 vmbus - ok
15:22:14.0616 1824 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
15:22:14.0616 1824 VMBusHID - ok
15:22:14.0647 1824 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
15:22:14.0647 1824 volmgr - ok
15:22:14.0662 1824 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:22:14.0662 1824 volmgrx - ok
15:22:14.0678 1824 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
15:22:14.0678 1824 volsnap - ok
15:22:14.0694 1824 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:22:14.0694 1824 vsmraid - ok
15:22:14.0740 1824 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
15:22:14.0756 1824 VSS - ok
15:22:14.0772 1824 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
15:22:14.0772 1824 vwifibus - ok
15:22:14.0787 1824 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:22:14.0787 1824 W32Time - ok
15:22:14.0818 1824 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:22:14.0818 1824 WacomPen - ok
15:22:14.0834 1824 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:22:14.0850 1824 WANARP - ok
15:22:14.0850 1824 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:22:14.0850 1824 Wanarpv6 - ok
15:22:14.0912 1824 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
15:22:14.0928 1824 wbengine - ok
15:22:14.0974 1824 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:22:14.0990 1824 WbioSrvc - ok
15:22:15.0006 1824 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
15:22:15.0006 1824 wcncsvc - ok
15:22:15.0037 1824 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:22:15.0037 1824 WcsPlugInService - ok
15:22:15.0052 1824 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:22:15.0052 1824 Wd - ok
15:22:15.0068 1824 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:22:15.0068 1824 Wdf01000 - ok
15:22:15.0084 1824 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:22:15.0084 1824 WdiServiceHost - ok
15:22:15.0099 1824 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:22:15.0099 1824 WdiSystemHost - ok
15:22:15.0130 1824 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
15:22:15.0130 1824 WebClient - ok
15:22:15.0162 1824 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:22:15.0177 1824 Wecsvc - ok
15:22:15.0193 1824 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:22:15.0208 1824 wercplsupport - ok
15:22:15.0240 1824 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:22:15.0255 1824 WerSvc - ok
15:22:15.0286 1824 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:22:15.0286 1824 WfpLwf - ok
15:22:15.0302 1824 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:22:15.0318 1824 WIMMount - ok
15:22:15.0364 1824 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:22:15.0380 1824 WinDefend - ok
15:22:15.0396 1824 WinHttpAutoProxySvc - ok
15:22:15.0427 1824 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:22:15.0427 1824 Winmgmt - ok
15:22:15.0458 1824 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
15:22:15.0474 1824 WinRM - ok
15:22:15.0520 1824 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
15:22:15.0520 1824 WinUsb - ok
15:22:15.0536 1824 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:22:15.0552 1824 Wlansvc - ok
15:22:15.0567 1824 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
15:22:15.0567 1824 WmiAcpi - ok
15:22:15.0598 1824 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:22:15.0598 1824 wmiApSrv - ok
15:22:15.0645 1824 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:22:15.0661 1824 WMPNetworkSvc - ok
15:22:15.0676 1824 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:22:15.0676 1824 WPCSvc - ok
15:22:15.0692 1824 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
15:22:15.0708 1824 WPDBusEnum - ok
15:22:15.0723 1824 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:22:15.0723 1824 ws2ifsl - ok
15:22:15.0754 1824 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
15:22:15.0754 1824 wscsvc - ok
15:22:15.0770 1824 WSearch - ok
15:22:15.0817 1824 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
15:22:15.0832 1824 wuauserv - ok
15:22:15.0864 1824 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
15:22:15.0864 1824 WudfPf - ok
15:22:15.0910 1824 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:22:15.0910 1824 WUDFRd - ok
15:22:15.0942 1824 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
15:22:15.0942 1824 wudfsvc - ok
15:22:15.0973 1824 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:22:15.0973 1824 WwanSvc - ok
15:22:16.0004 1824 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:22:16.0051 1824 \Device\Harddisk0\DR0 - ok
15:22:16.0066 1824 Boot (0x1200) (462264a5fcc4dadc45ea5d2284bc89ed) \Device\Harddisk0\DR0\Partition0
15:22:16.0066 1824 \Device\Harddisk0\DR0\Partition0 - ok
15:22:16.0082 1824 Boot (0x1200) (a464c592e29bddcfd0d6f77ef1cd47f4) \Device\Harddisk0\DR0\Partition1
15:22:16.0082 1824 \Device\Harddisk0\DR0\Partition1 - ok
15:22:16.0098 1824 Boot (0x1200) (2dc2aa62ddddcba23e969ceb98a64400) \Device\Harddisk0\DR0\Partition2
15:22:16.0113 1824 \Device\Harddisk0\DR0\Partition2 - ok
15:22:16.0113 1824 ============================================================
15:22:16.0113 1824 Scan finished
15:22:16.0113 1824 ============================================================
15:22:16.0129 2292 Detected object count: 0
15:22:16.0129 2292 Actual detected object count: 0

Alt 05.04.2012, 15:27   #8
markusg
/// Malware-holic
 
Internet sehr langsam - Standard

Internet sehr langsam



ruf doch da mal die service hotline deines anbieters an, die müssten so was wissen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.04.2012, 15:52   #9
Enigma91
 
Internet sehr langsam - Standard

Internet sehr langsam



so grade mal da angerufen und die meinten das kurz bevor das problem auftrat in der nähe an den Leitungen gearbeitet wurde.

Und da auch die Logs wohl keine Anzeichen geben das ich einen Virus auf dem PC habe entschuldige ich mich dir unnötige Arbeit gemacht zu haben und wünsche dir ein Frohes Oster Fest

Alt 05.04.2012, 16:29   #10
markusg
/// Malware-holic
 
Internet sehr langsam - Standard

Internet sehr langsam



kein grund für ne entschuldigung.
aber das gerät sollten wir noch absichern:
lade den CCleaner standard:
CCleaner Download - CCleaner 3.17.1689
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.04.2012, 16:44   #11
Enigma91
 
Internet sehr langsam - Standard

Internet sehr langsam



7-Zip 9.20 03.04.2012 (unnötig)
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 14.03.2012 20,2MB 3.0.868.0 (notwendig)
Avira Free Antivirus Avira 14.03.2012 109,1MB 12.0.0.898 (notwendig)
Browser Configuration Utility DeviceVM Inc. 14.03.2012 2,83MB 1.1.18.0 (unbekannt)
CCleaner Piriform 04.04.2012 3.17 (notwendig)
Google Chrome Google Inc. 14.03.2012 18.0.1025.142 (notwendig)
Malwarebytes Anti-Malware Version 1.60.1.1000 Malwarebytes Corporation 14.03.2012 17,3MB 1.60.1.1000 (notwendig)
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 15.03.2012 38,8MB 4.0.30319 (notwendig)
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 15.03.2012 2,94MB 4.0.30319 (notwendig)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 14.03.2012 0,58MB 9.0.30729.4148 (notwendig)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 18.03.2012 0,59MB 9.0.30729.6161 (notwendig)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 18.03.2012 12,3MB 10.0.40219 (notwendig)
NVIDIA Drivers NVIDIA Corporation 14.03.2012 3,25MB 1.10.62.40 (notwenig)
ON_OFF Charge B10.0427.1 GIGABYTE 14.03.2012 1.00.0001 (unbekannt)
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 14.03.2012 6.0.1.6101 (notwendig)
Skype™ 5.8 Skype Technologies S.A. 15.03.2012 19,0MB 5.8.158 (notwendig)
Star Wars: The Old Republic Electronic Arts, Inc. 14.03.2012 19.849MB 1.00 (notwendig)

Alt 11.04.2012, 11:16   #12
markusg
/// Malware-holic
 
Internet sehr langsam - Standard

Internet sehr langsam



deinstaliere:
Browser Configuration
öffne otl, bereinigen neustart.
öffne CCleaner analysieren, ccleaner starten, pc neustarten, testen wie das system läuft
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Internet sehr langsam
amd, antivir, audio, avira, browser, defender, desktop, explorer, gmer, google, internet, internet sehr langsam, langsam, log, malwarebytes, realtek, scan, sehr langsam, seite, seiten, super, svchost.exe, system, system32, updates, windows, windows media player, wmp



Ähnliche Themen: Internet sehr langsam


  1. Nach Download läuft alles sehr sehr langsam, Internet funktioniert nicht, Programme lassen sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 02.09.2015 (3)
  2. Internet sehr langsam
    Log-Analyse und Auswertung - 26.10.2014 (19)
  3. Internet ist sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 29.12.2013 (9)
  4. Pc sehr langsam im Internet
    Plagegeister aller Art und deren Bekämpfung - 10.06.2013 (7)
  5. Internet ist sehr langsam
    Log-Analyse und Auswertung - 04.04.2012 (4)
  6. Internet ist sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 02.04.2012 (1)
  7. Internet sehr langsam
    Netzwerk und Hardware - 17.04.2011 (1)
  8. Internet sehr langsam
    Log-Analyse und Auswertung - 30.11.2009 (4)
  9. PC+ Internet sehr langsam
    Log-Analyse und Auswertung - 28.10.2009 (1)
  10. Internet sehr sehr langsam
    Mülltonne - 03.12.2008 (0)
  11. Internet sehr langsam
    Log-Analyse und Auswertung - 18.11.2008 (12)
  12. Internet sehr langsam
    Log-Analyse und Auswertung - 10.06.2008 (4)
  13. Internet sehr langsam
    Mülltonne - 09.04.2008 (0)
  14. Internet ist sehr langsam!!
    Log-Analyse und Auswertung - 23.03.2008 (2)
  15. Internet sehr langsam!!
    Log-Analyse und Auswertung - 14.03.2008 (2)
  16. Internet sehr langsam
    Log-Analyse und Auswertung - 05.07.2007 (1)
  17. Internet sehr sehr langsam..-> log
    Log-Analyse und Auswertung - 05.04.2005 (1)

Zum Thema Internet sehr langsam - Hallo zusammen, seit ca 2 Tagen ist mein Internet extrem langsam geworden. Alles angefangen hat es als ich auf Youtube ein Video angeschaut habe und plötzlich das Internet komplett weg - Internet sehr langsam...
Archiv
Du betrachtest: Internet sehr langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.