Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 21.12.2012, 11:45   #1
ohneBrille
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hallo liebe Helfer,
ich habe folgendes Problem:
Vor zwei Wochen wurde mein Firefox-Browser immer langsamer, hängte sich schließlich dauernd nach rund einer Minute auf und brachte ein Fenster mit dem Hinweis, sinngemäß: Sie haben zu viel Datentransfer.
Darauf hin habe ich einen Scan mit Avira gemacht. Die Funde (ADWARE/InstallMat.D und TR/Barys.443.5) wurden von Avira gelöscht.
Siehe Avira Reportdatei vom 14. Dezember 2012 im Anhang.
Danach war das Problem, zumindest sichtbar, behoben.

Nun ging es gestern wieder los. Avira fand: ADWARE/Adware.Gen6
Auch diese Datei wurde gelöscht.
Siehe Avira Reportdatei vom 20. Dezember 2012 im Anhang.

Firefox hab ich neu installiert, half aber nichts.

Daraufhin habe ich, in der Hoffnung, dass mir hier jemand helfen kann, einfach schon mal eure Checkliste abgearbeitet (Malwarebytes Scan, defogger, OTL) und hoffentlich alles richtig gemacht.
Die Protokolldateien als zip sind im Anhang.

Vielen Dank schon mal im Voraus!
Angehängte Dateien
Dateityp: 7z Virus.7z (33,3 KB, 178x aufgerufen)

Geändert von ohneBrille (21.12.2012 um 11:51 Uhr)

Alt 21.12.2012, 12:48   #2
markusg
/// Malware-holic
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



hi
falls du deinen Nutzernamen im Log geendert hast, passe ihn im Script an.

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - Startup: C:\Users\Vorname Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pointofix.exe ()
O4 - HKCU..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun File not found
 :Files
:Commands
[EMPTYFLASH] 
[emptytemp]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________

__________________

Alt 21.12.2012, 14:17   #3
ohneBrille
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hallo Markusg,

prima, dass Du mir helfen möchtest.

Hab alles wie beschrieben gemacht. Hat geklappt.
Auch der upload funktionierte.

Hier der Inhalt des OTL-Textdokuments


All processes killed
========== OTL ==========
C:\Users\Vorname Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pointofix.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Boxoft Tools not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Vorname Name
->Flash cache emptied: 0 bytes

User: Nachwuchs
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Vorname Name
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 146728221 bytes
->Java cache emptied: 50421 bytes
->FireFox cache emptied: 79568250 bytes
->Flash cache emptied: 0 bytes

User: Nachwuchs
->Temp folder emptied: 242592016 bytes
->Temporary Internet Files folder emptied: 8928865 bytes
->Java cache emptied: 32038227 bytes
->FireFox cache emptied: 1187247882 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170902788 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1.782,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12212012_135759

Files\Folders moved on Reboot...
File\Folder C:\Users\Vorname Name\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
__________________

Geändert von ohneBrille (21.12.2012 um 14:25 Uhr)

Alt 21.12.2012, 15:12   #4
markusg
/// Malware-holic
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hi,
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 21.12.2012, 15:24   #5
ohneBrille
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hi,

schon erledigt.

Das ist der Inhalt der Datei:


-
15:17:54.0683 3956 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:17:54.0948 3956 ============================================================
15:17:54.0948 3956 Current date / time: 2012/12/21 15:17:54.0948
15:17:54.0948 3956 SystemInfo:
15:17:54.0948 3956
15:17:54.0948 3956 OS Version: 6.1.7601 ServicePack: 1.0
15:17:54.0948 3956 Product type: Workstation
15:17:54.0948 3956 ComputerName: VornameName-PC
15:17:54.0948 3956 UserName: Vorname Name
15:17:54.0948 3956 Windows directory: C:\Windows
15:17:54.0948 3956 System windows directory: C:\Windows
15:17:54.0948 3956 Running under WOW64
15:17:54.0948 3956 Processor architecture: Intel x64
15:17:54.0948 3956 Number of processors: 2
15:17:54.0948 3956 Page size: 0x1000
15:17:54.0948 3956 Boot type: Normal boot
15:17:54.0948 3956 ============================================================
15:17:55.0541 3956 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:17:55.0557 3956 ============================================================
15:17:55.0557 3956 \Device\Harddisk0\DR0:
15:17:55.0557 3956 MBR partitions:
15:17:55.0557 3956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
15:17:55.0557 3956 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x390E7000
15:17:55.0557 3956 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B519800, BlocksNum 0x391EC800
15:17:55.0557 3956 ============================================================
15:17:55.0603 3956 C: <-> \Device\Harddisk0\DR0\Partition2
15:17:55.0635 3956 D: <-> \Device\Harddisk0\DR0\Partition3
15:17:55.0635 3956 ============================================================
15:17:55.0635 3956 Initialize success
15:17:55.0635 3956 ============================================================
15:18:26.0240 4656 ============================================================
15:18:26.0240 4656 Scan started
15:18:26.0240 4656 Mode: Manual; SigCheck; TDLFS;
15:18:26.0240 4656 ============================================================
15:18:26.0590 4656 ================ Scan system memory ========================
15:18:26.0590 4656 System memory - ok
15:18:26.0590 4656 ================ Scan services =============================
15:18:26.0687 4656 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:18:26.0795 4656 1394ohci - ok
15:18:26.0817 4656 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:18:26.0830 4656 ACPI - ok
15:18:26.0835 4656 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:18:26.0882 4656 AcpiPmi - ok
15:18:26.0935 4656 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:18:26.0965 4656 AdobeARMservice - ok
15:18:26.0992 4656 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:18:27.0022 4656 adp94xx - ok
15:18:27.0047 4656 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:18:27.0065 4656 adpahci - ok
15:18:27.0075 4656 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:18:27.0087 4656 adpu320 - ok
15:18:27.0102 4656 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:18:27.0217 4656 AeLookupSvc - ok
15:18:27.0242 4656 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:18:27.0270 4656 AFD - ok
15:18:27.0290 4656 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:18:27.0305 4656 agp440 - ok
15:18:27.0312 4656 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:18:27.0350 4656 ALG - ok
15:18:27.0360 4656 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:18:27.0372 4656 aliide - ok
15:18:27.0395 4656 [ 5EC60409BD50953BD4F892B18840039E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:18:27.0432 4656 AMD External Events Utility - ok
15:18:27.0435 4656 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:18:27.0445 4656 amdide - ok
15:18:27.0465 4656 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:18:27.0490 4656 AmdK8 - ok
15:18:27.0627 4656 [ 322E5C178990F116F00E3D923F4E6B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:18:27.0845 4656 amdkmdag - ok
15:18:27.0862 4656 [ 961A81A84FDD700E361E8294528A37BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:18:27.0887 4656 amdkmdap - ok
15:18:27.0897 4656 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:18:27.0915 4656 AmdPPM - ok
15:18:27.0935 4656 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:18:27.0947 4656 amdsata - ok
15:18:27.0957 4656 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:18:27.0972 4656 amdsbs - ok
15:18:27.0982 4656 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:18:27.0992 4656 amdxata - ok
15:18:28.0050 4656 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:18:28.0080 4656 AntiVirSchedulerService - ok
15:18:28.0125 4656 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:18:28.0137 4656 AntiVirService - ok
15:18:28.0150 4656 [ 255527AB98293EA390352A8C53B0042A ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:18:28.0170 4656 AntiVirWebService - ok
15:18:28.0190 4656 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:18:28.0290 4656 AppID - ok
15:18:28.0307 4656 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:18:28.0350 4656 AppIDSvc - ok
15:18:28.0370 4656 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:18:28.0425 4656 Appinfo - ok
15:18:28.0447 4656 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:18:28.0462 4656 arc - ok
15:18:28.0470 4656 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:18:28.0485 4656 arcsas - ok
15:18:28.0492 4656 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:18:28.0532 4656 AsyncMac - ok
15:18:28.0562 4656 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:18:28.0580 4656 atapi - ok
15:18:28.0622 4656 [ 230CF51113CD4B830B3BFD09B0D4C066 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:18:28.0652 4656 AtiHDAudioService - ok
15:18:28.0677 4656 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:18:28.0735 4656 AudioEndpointBuilder - ok
15:18:28.0747 4656 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:18:28.0777 4656 AudioSrv - ok
15:18:28.0797 4656 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:18:28.0810 4656 avgntflt - ok
15:18:28.0840 4656 [ BFD698CC6E1DE2E0D23155DECC513D2F ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
15:18:28.0852 4656 avgtp - ok
15:18:28.0862 4656 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:18:28.0877 4656 avipbb - ok
15:18:28.0895 4656 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:18:28.0905 4656 avkmgr - ok
15:18:28.0927 4656 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:18:28.0975 4656 AxInstSV - ok
15:18:28.0987 4656 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:18:29.0017 4656 b06bdrv - ok
15:18:29.0027 4656 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:18:29.0050 4656 b57nd60a - ok
15:18:29.0082 4656 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:18:29.0110 4656 BDESVC - ok
15:18:29.0122 4656 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:18:29.0160 4656 Beep - ok
15:18:29.0182 4656 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:18:29.0217 4656 BFE - ok
15:18:29.0240 4656 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:18:29.0282 4656 BITS - ok
15:18:29.0302 4656 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:18:29.0327 4656 blbdrive - ok
15:18:29.0340 4656 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:18:29.0375 4656 bowser - ok
15:18:29.0390 4656 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:18:29.0405 4656 BrFiltLo - ok
15:18:29.0407 4656 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:18:29.0420 4656 BrFiltUp - ok
15:18:29.0447 4656 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:18:29.0465 4656 Browser - ok
15:18:29.0480 4656 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:18:29.0507 4656 Brserid - ok
15:18:29.0520 4656 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:18:29.0537 4656 BrSerWdm - ok
15:18:29.0560 4656 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:18:29.0575 4656 BrUsbMdm - ok
15:18:29.0577 4656 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:18:29.0590 4656 BrUsbSer - ok
15:18:29.0605 4656 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:18:29.0630 4656 BTHMODEM - ok
15:18:29.0645 4656 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:18:29.0677 4656 bthserv - ok
15:18:29.0690 4656 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:18:29.0722 4656 cdfs - ok
15:18:29.0735 4656 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:18:29.0745 4656 cdrom - ok
15:18:29.0755 4656 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:18:29.0785 4656 CertPropSvc - ok
15:18:29.0795 4656 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:18:29.0812 4656 circlass - ok
15:18:29.0827 4656 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:18:29.0840 4656 CLFS - ok
15:18:29.0885 4656 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:18:29.0912 4656 clr_optimization_v2.0.50727_32 - ok
15:18:29.0930 4656 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:18:29.0950 4656 clr_optimization_v2.0.50727_64 - ok
15:18:30.0002 4656 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:18:30.0022 4656 clr_optimization_v4.0.30319_32 - ok
15:18:30.0060 4656 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:18:30.0072 4656 clr_optimization_v4.0.30319_64 - ok
15:18:30.0087 4656 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:18:30.0110 4656 CmBatt - ok
15:18:30.0112 4656 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:18:30.0127 4656 cmdide - ok
15:18:30.0177 4656 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:18:30.0205 4656 CNG - ok
15:18:30.0225 4656 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:18:30.0237 4656 Compbatt - ok
15:18:30.0257 4656 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:18:30.0275 4656 CompositeBus - ok
15:18:30.0277 4656 COMSysApp - ok
15:18:30.0292 4656 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:18:30.0305 4656 crcdisk - ok
15:18:30.0325 4656 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:18:30.0365 4656 CryptSvc - ok
15:18:30.0430 4656 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:18:30.0460 4656 cvhsvc - ok
15:18:30.0487 4656 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:18:30.0530 4656 DcomLaunch - ok
15:18:30.0542 4656 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:18:30.0580 4656 defragsvc - ok
15:18:30.0590 4656 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:18:30.0630 4656 DfsC - ok
15:18:30.0642 4656 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:18:30.0670 4656 Dhcp - ok
15:18:30.0680 4656 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:18:30.0717 4656 discache - ok
15:18:30.0727 4656 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:18:30.0742 4656 Disk - ok
15:18:30.0750 4656 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:18:30.0777 4656 Dnscache - ok
15:18:30.0787 4656 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:18:30.0825 4656 dot3svc - ok
15:18:30.0835 4656 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:18:30.0875 4656 DPS - ok
15:18:30.0887 4656 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:18:30.0902 4656 drmkaud - ok
15:18:30.0922 4656 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:18:30.0952 4656 DXGKrnl - ok
15:18:30.0977 4656 [ 03F4C5C12FC1C69F838DA723475EF650 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
15:18:30.0995 4656 e1cexpress - ok
15:18:31.0002 4656 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:18:31.0032 4656 EapHost - ok
15:18:31.0080 4656 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:18:31.0165 4656 ebdrv - ok
15:18:31.0180 4656 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:18:31.0200 4656 EFS - ok
15:18:31.0242 4656 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:18:31.0297 4656 ehRecvr - ok
15:18:31.0305 4656 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:18:31.0327 4656 ehSched - ok
15:18:31.0355 4656 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:18:31.0387 4656 elxstor - ok
15:18:31.0397 4656 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:18:31.0410 4656 ErrDev - ok
15:18:31.0432 4656 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:18:31.0465 4656 EventSystem - ok
15:18:31.0475 4656 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:18:31.0507 4656 exfat - ok
15:18:31.0517 4656 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:18:31.0552 4656 fastfat - ok
15:18:31.0570 4656 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:18:31.0605 4656 Fax - ok
15:18:31.0607 4656 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:18:31.0620 4656 fdc - ok
15:18:31.0642 4656 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:18:31.0692 4656 fdPHost - ok
15:18:31.0705 4656 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:18:31.0737 4656 FDResPub - ok
15:18:31.0742 4656 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:18:31.0755 4656 FileInfo - ok
15:18:31.0757 4656 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:18:31.0795 4656 Filetrace - ok
15:18:31.0797 4656 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:18:31.0810 4656 flpydisk - ok
15:18:31.0822 4656 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:18:31.0840 4656 FltMgr - ok
15:18:31.0862 4656 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:18:31.0897 4656 FontCache - ok
15:18:31.0927 4656 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:18:31.0940 4656 FontCache3.0.0.0 - ok
15:18:32.0000 4656 [ 8D3B3AD7F9B6EE8AC96B1AD293BB0FB0 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
15:18:32.0020 4656 FreemakeVideoCapture ( UnsignedFile.Multi.Generic ) - warning
15:18:32.0020 4656 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic (1)
15:18:32.0032 4656 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:18:32.0052 4656 FsDepends - ok
15:18:32.0067 4656 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:18:32.0080 4656 Fs_Rec - ok
15:18:32.0092 4656 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:18:32.0115 4656 fvevol - ok
15:18:32.0125 4656 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:18:32.0140 4656 gagp30kx - ok
15:18:32.0187 4656 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:18:32.0230 4656 GamesAppService - ok
15:18:32.0250 4656 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:18:32.0297 4656 gpsvc - ok
15:18:32.0327 4656 [ 32096F187020A54D29C95B3A1467D963 ] GREGService C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
15:18:32.0345 4656 GREGService - ok
15:18:32.0360 4656 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:18:32.0387 4656 hcw85cir - ok
15:18:32.0400 4656 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:18:32.0435 4656 HdAudAddService - ok
15:18:32.0442 4656 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:18:32.0462 4656 HDAudBus - ok
15:18:32.0472 4656 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:18:32.0487 4656 HidBatt - ok
15:18:32.0497 4656 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:18:32.0512 4656 HidBth - ok
15:18:32.0522 4656 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:18:32.0540 4656 HidIr - ok
15:18:32.0545 4656 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:18:32.0587 4656 hidserv - ok
15:18:32.0610 4656 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:18:32.0622 4656 HidUsb - ok
15:18:32.0640 4656 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:18:32.0675 4656 hkmsvc - ok
15:18:32.0690 4656 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:18:32.0715 4656 HomeGroupListener - ok
15:18:32.0727 4656 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:18:32.0740 4656 HomeGroupProvider - ok
15:18:32.0747 4656 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:18:32.0760 4656 HpSAMD - ok
15:18:32.0780 4656 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:18:32.0832 4656 HTTP - ok
15:18:32.0845 4656 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:18:32.0855 4656 hwpolicy - ok
15:18:32.0860 4656 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:18:32.0872 4656 i8042prt - ok
15:18:32.0890 4656 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:18:32.0900 4656 iaStor - ok
15:18:32.0940 4656 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:18:32.0950 4656 IAStorDataMgrSvc - ok
15:18:32.0965 4656 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:18:32.0992 4656 iaStorV - ok
15:18:33.0052 4656 [ 5D4C5F3799739FFB9CD6314AF0D350FD ] IBUpdaterService C:\ProgramData\IBUpdaterService\ibsvc.exe
15:18:33.0072 4656 IBUpdaterService - ok
15:18:33.0100 4656 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:18:33.0140 4656 idsvc - ok
15:18:33.0147 4656 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:18:33.0160 4656 iirsp - ok
15:18:33.0185 4656 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:18:33.0235 4656 IKEEXT - ok
15:18:33.0315 4656 [ B3137FD9C696544E405699BBD66B1E65 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:18:33.0457 4656 IntcAzAudAddService - ok
15:18:33.0505 4656 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:18:33.0530 4656 Intel(R) Capability Licensing Service Interface - ok
15:18:33.0532 4656 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:18:33.0547 4656 intelide - ok
15:18:33.0565 4656 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:18:33.0585 4656 intelppm - ok
15:18:33.0600 4656 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:18:33.0642 4656 IPBusEnum - ok
15:18:33.0655 4656 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:18:33.0687 4656 IpFilterDriver - ok
15:18:33.0712 4656 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:18:33.0740 4656 iphlpsvc - ok
15:18:33.0750 4656 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:18:33.0765 4656 IPMIDRV - ok
15:18:33.0775 4656 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:18:33.0820 4656 IPNAT - ok
15:18:33.0822 4656 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:18:33.0837 4656 IRENUM - ok
15:18:33.0840 4656 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:18:33.0852 4656 isapnp - ok
15:18:33.0862 4656 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:18:33.0880 4656 iScsiPrt - ok
15:18:33.0907 4656 [ 468F7516B4030603BA9D1427CCEACDF9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:18:33.0922 4656 jhi_service - ok
15:18:33.0940 4656 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:18:33.0952 4656 kbdclass - ok
15:18:33.0962 4656 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:18:33.0982 4656 kbdhid - ok
15:18:33.0990 4656 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:18:34.0000 4656 KeyIso - ok
15:18:34.0015 4656 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:18:34.0027 4656 KSecDD - ok
15:18:34.0037 4656 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:18:34.0052 4656 KSecPkg - ok
15:18:34.0065 4656 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:18:34.0102 4656 ksthunk - ok
15:18:34.0115 4656 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:18:34.0160 4656 KtmRm - ok
15:18:34.0192 4656 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:18:34.0235 4656 LanmanServer - ok
15:18:34.0255 4656 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:18:34.0285 4656 LanmanWorkstation - ok
15:18:34.0310 4656 [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
15:18:34.0320 4656 Live Updater Service - ok
15:18:34.0335 4656 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:18:34.0380 4656 lltdio - ok
15:18:34.0400 4656 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:18:34.0437 4656 lltdsvc - ok
15:18:34.0447 4656 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:18:34.0482 4656 lmhosts - ok
15:18:34.0505 4656 [ B114B200CCDEBC7EBD8EF5D783819386 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:18:34.0515 4656 LMS - ok
15:18:34.0525 4656 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:18:34.0540 4656 LSI_FC - ok
15:18:34.0545 4656 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:18:34.0565 4656 LSI_SAS - ok
15:18:34.0582 4656 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:18:34.0595 4656 LSI_SAS2 - ok
15:18:34.0605 4656 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:18:34.0620 4656 LSI_SCSI - ok
15:18:34.0635 4656 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:18:34.0667 4656 luafv - ok
15:18:34.0685 4656 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:18:34.0697 4656 MBAMProtector - ok
15:18:34.0727 4656 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:18:34.0760 4656 MBAMScheduler - ok
15:18:34.0780 4656 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:18:34.0817 4656 MBAMService - ok
15:18:34.0837 4656 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:18:34.0865 4656 Mcx2Svc - ok
15:18:34.0870 4656 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:18:34.0882 4656 megasas - ok
15:18:34.0897 4656 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:18:34.0915 4656 MegaSR - ok
15:18:34.0925 4656 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:18:34.0937 4656 MEIx64 - ok
15:18:34.0950 4656 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:18:34.0982 4656 MMCSS - ok
15:18:34.0990 4656 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:18:35.0022 4656 Modem - ok
15:18:35.0032 4656 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:18:35.0055 4656 monitor - ok
15:18:35.0065 4656 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:18:35.0077 4656 mouclass - ok
15:18:35.0082 4656 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:18:35.0095 4656 mouhid - ok
15:18:35.0102 4656 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:18:35.0117 4656 mountmgr - ok
15:18:35.0132 4656 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:18:35.0157 4656 MozillaMaintenance - ok
15:18:35.0180 4656 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:18:35.0197 4656 mpio - ok
15:18:35.0210 4656 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:18:35.0242 4656 mpsdrv - ok
15:18:35.0260 4656 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:18:35.0307 4656 MpsSvc - ok
15:18:35.0317 4656 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:18:35.0342 4656 MRxDAV - ok
15:18:35.0355 4656 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:18:35.0382 4656 mrxsmb - ok
15:18:35.0397 4656 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:18:35.0412 4656 mrxsmb10 - ok
15:18:35.0422 4656 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:18:35.0435 4656 mrxsmb20 - ok
15:18:35.0442 4656 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:18:35.0455 4656 msahci - ok
15:18:35.0467 4656 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:18:35.0480 4656 msdsm - ok
15:18:35.0487 4656 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:18:35.0505 4656 MSDTC - ok
15:18:35.0517 4656 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:18:35.0545 4656 Msfs - ok
15:18:35.0557 4656 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:18:35.0587 4656 mshidkmdf - ok
15:18:35.0595 4656 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:18:35.0605 4656 msisadrv - ok
15:18:35.0620 4656 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:18:35.0657 4656 MSiSCSI - ok
15:18:35.0660 4656 msiserver - ok
15:18:35.0677 4656 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:18:35.0707 4656 MSKSSRV - ok
15:18:35.0710 4656 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:18:35.0747 4656 MSPCLOCK - ok
15:18:35.0750 4656 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:18:35.0782 4656 MSPQM - ok
15:18:35.0792 4656 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:18:35.0810 4656 MsRPC - ok
15:18:35.0817 4656 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:18:35.0825 4656 mssmbios - ok
15:18:35.0832 4656 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:18:35.0862 4656 MSTEE - ok
15:18:35.0865 4656 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:18:35.0877 4656 MTConfig - ok
15:18:35.0890 4656 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:18:35.0902 4656 Mup - ok
15:18:35.0917 4656 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:18:35.0955 4656 napagent - ok
15:18:35.0970 4656 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:18:35.0992 4656 NativeWifiP - ok
15:18:36.0040 4656 [ 13AA2130F2A104DD775EAD0F0EE5417B ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:18:36.0062 4656 NAUpdate - ok
15:18:36.0095 4656 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:18:36.0127 4656 NDIS - ok
15:18:36.0137 4656 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:18:36.0170 4656 NdisCap - ok
15:18:36.0185 4656 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:18:36.0215 4656 NdisTapi - ok
15:18:36.0225 4656 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:18:36.0255 4656 Ndisuio - ok
15:18:36.0265 4656 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:18:36.0300 4656 NdisWan - ok
15:18:36.0305 4656 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:18:36.0335 4656 NDProxy - ok
15:18:36.0347 4656 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:18:36.0382 4656 NetBIOS - ok
15:18:36.0397 4656 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:18:36.0432 4656 NetBT - ok
15:18:36.0435 4656 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:18:36.0445 4656 Netlogon - ok
15:18:36.0455 4656 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:18:36.0487 4656 Netman - ok
15:18:36.0495 4656 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:18:36.0537 4656 netprofm - ok
15:18:36.0552 4656 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:18:36.0572 4656 NetTcpPortSharing - ok
15:18:36.0587 4656 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:18:36.0600 4656 nfrd960 - ok
15:18:36.0625 4656 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:18:36.0647 4656 NlaSvc - ok
15:18:36.0720 4656 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
15:18:36.0830 4656 NOBU - ok
15:18:36.0877 4656 [ 351533ACC2A069B94E80BBFC177E8FDF ] npf C:\Windows\system32\drivers\npf.sys
15:18:36.0895 4656 npf - ok
15:18:36.0907 4656 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:18:36.0952 4656 Npfs - ok
15:18:36.0962 4656 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:18:37.0002 4656 nsi - ok
15:18:37.0007 4656 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:18:37.0042 4656 nsiproxy - ok
15:18:37.0082 4656 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:18:37.0135 4656 Ntfs - ok
15:18:37.0145 4656 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:18:37.0172 4656 Null - ok
15:18:37.0185 4656 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:18:37.0200 4656 nvraid - ok
15:18:37.0210 4656 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:18:37.0225 4656 nvstor - ok
15:18:37.0242 4656 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:18:37.0255 4656 nv_agp - ok
15:18:37.0265 4656 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:18:37.0280 4656 ohci1394 - ok
15:18:37.0312 4656 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:18:37.0345 4656 ose - ok
15:18:37.0425 4656 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:18:37.0522 4656 osppsvc - ok
15:18:37.0537 4656 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:18:37.0567 4656 p2pimsvc - ok
15:18:37.0582 4656 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:18:37.0600 4656 p2psvc - ok
15:18:37.0615 4656 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:18:37.0630 4656 Parport - ok
15:18:37.0650 4656 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:18:37.0662 4656 partmgr - ok
15:18:37.0675 4656 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:18:37.0697 4656 PcaSvc - ok
15:18:37.0712 4656 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:18:37.0725 4656 pci - ok
15:18:37.0737 4656 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:18:37.0747 4656 pciide - ok
15:18:37.0762 4656 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:18:37.0777 4656 pcmcia - ok
15:18:37.0787 4656 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:18:37.0800 4656 pcw - ok
15:18:37.0810 4656 PDNMp50 - ok
15:18:37.0812 4656 PDNSp50 - ok
15:18:37.0832 4656 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:18:37.0877 4656 PEAUTH - ok
15:18:37.0915 4656 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:18:37.0935 4656 PerfHost - ok
15:18:37.0965 4656 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:18:38.0027 4656 pla - ok
15:18:38.0060 4656 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:18:38.0095 4656 PlugPlay - ok
15:18:38.0105 4656 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:18:38.0122 4656 PNRPAutoReg - ok
15:18:38.0127 4656 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:18:38.0140 4656 PNRPsvc - ok
15:18:38.0162 4656 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:18:38.0210 4656 PolicyAgent - ok
15:18:38.0220 4656 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:18:38.0252 4656 Power - ok
15:18:38.0270 4656 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:18:38.0307 4656 PptpMiniport - ok
15:18:38.0320 4656 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:18:38.0340 4656 Processor - ok
15:18:38.0362 4656 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:18:38.0390 4656 ProfSvc - ok
15:18:38.0397 4656 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:18:38.0407 4656 ProtectedStorage - ok
15:18:38.0427 4656 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:18:38.0467 4656 Psched - ok
15:18:38.0495 4656 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:18:38.0540 4656 ql2300 - ok
15:18:38.0557 4656 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:18:38.0572 4656 ql40xx - ok
15:18:38.0580 4656 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:18:38.0602 4656 QWAVE - ok
15:18:38.0610 4656 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:18:38.0625 4656 QWAVEdrv - ok
15:18:38.0637 4656 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:18:38.0667 4656 RasAcd - ok
15:18:38.0672 4656 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:18:38.0700 4656 RasAgileVpn - ok
15:18:38.0712 4656 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:18:38.0747 4656 RasAuto - ok
15:18:38.0755 4656 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:18:38.0795 4656 Rasl2tp - ok
15:18:38.0805 4656 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:18:38.0835 4656 RasMan - ok
15:18:38.0845 4656 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:18:38.0877 4656 RasPppoe - ok
15:18:38.0885 4656 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:18:38.0917 4656 RasSstp - ok
15:18:38.0925 4656 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:18:38.0962 4656 rdbss - ok
15:18:38.0967 4656 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:18:38.0982 4656 rdpbus - ok
15:18:38.0990 4656 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:18:39.0020 4656 RDPCDD - ok
15:18:39.0027 4656 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:18:39.0062 4656 RDPENCDD - ok
15:18:39.0072 4656 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:18:39.0110 4656 RDPREFMP - ok
15:18:39.0137 4656 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:18:39.0160 4656 RDPWD - ok
15:18:39.0172 4656 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:18:39.0190 4656 rdyboost - ok
15:18:39.0205 4656 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:18:39.0240 4656 RemoteAccess - ok
15:18:39.0250 4656 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:18:39.0287 4656 RemoteRegistry - ok
15:18:39.0295 4656 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:18:39.0337 4656 RpcEptMapper - ok
15:18:39.0347 4656 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:18:39.0362 4656 RpcLocator - ok
15:18:39.0380 4656 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:18:39.0410 4656 RpcSs - ok
15:18:39.0425 4656 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:18:39.0457 4656 rspndr - ok
15:18:39.0465 4656 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:18:39.0472 4656 SamSs - ok
15:18:39.0485 4656 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:18:39.0497 4656 sbp2port - ok
15:18:39.0507 4656 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:18:39.0542 4656 SCardSvr - ok
15:18:39.0547 4656 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:18:39.0587 4656 scfilter - ok
15:18:39.0610 4656 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:18:39.0677 4656 Schedule - ok
15:18:39.0695 4656 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:18:39.0722 4656 SCPolicySvc - ok
15:18:39.0742 4656 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:18:39.0765 4656 SDRSVC - ok
15:18:39.0830 4656 [ 0F4A80438E7286A0E623582F5F2395BD ] SearchAnonymizer C:\Users\Vorname Name\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
15:18:39.0847 4656 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - warning
15:18:39.0847 4656 SearchAnonymizer - detected UnsignedFile.Multi.Generic (1)
15:18:39.0860 4656 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:18:39.0912 4656 secdrv - ok
15:18:39.0920 4656 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:18:39.0950 4656 seclogon - ok
15:18:39.0962 4656 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:18:39.0990 4656 SENS - ok
15:18:40.0005 4656 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:18:40.0022 4656 SensrSvc - ok
15:18:40.0035 4656 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:18:40.0050 4656 Serenum - ok
15:18:40.0057 4656 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:18:40.0072 4656 Serial - ok
15:18:40.0077 4656 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:18:40.0095 4656 sermouse - ok
15:18:40.0107 4656 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:18:40.0150 4656 SessionEnv - ok
15:18:40.0152 4656 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:18:40.0182 4656 sffdisk - ok
15:18:40.0187 4656 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:18:40.0200 4656 sffp_mmc - ok
15:18:40.0202 4656 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:18:40.0220 4656 sffp_sd - ok
15:18:40.0222 4656 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:18:40.0235 4656 sfloppy - ok
15:18:40.0270 4656 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:18:40.0295 4656 Sftfs - ok
15:18:40.0320 4656 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:18:40.0355 4656 sftlist - ok
15:18:40.0360 4656 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:18:40.0377 4656 Sftplay - ok
15:18:40.0392 4656 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:18:40.0405 4656 Sftredir - ok
15:18:40.0410 4656 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:18:40.0420 4656 Sftvol - ok
15:18:40.0430 4656 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:18:40.0460 4656 sftvsa - ok
15:18:40.0482 4656 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:18:40.0525 4656 SharedAccess - ok
15:18:40.0542 4656 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:18:40.0575 4656 ShellHWDetection - ok
15:18:40.0582 4656 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:18:40.0595 4656 SiSRaid2 - ok
15:18:40.0602 4656 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:18:40.0615 4656 SiSRaid4 - ok
15:18:40.0622 4656 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:18:40.0655 4656 Smb - ok
15:18:40.0665 4656 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:18:40.0680 4656 SNMPTRAP - ok
15:18:40.0682 4656 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:18:40.0695 4656 spldr - ok
15:18:40.0720 4656 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:18:40.0742 4656 Spooler - ok
15:18:40.0795 4656 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:18:40.0912 4656 sppsvc - ok
15:18:40.0922 4656 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:18:40.0967 4656 sppuinotify - ok
15:18:40.0985 4656 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:18:41.0015 4656 srv - ok
15:18:41.0027 4656 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:18:41.0057 4656 srv2 - ok
15:18:41.0070 4656 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:18:41.0085 4656 srvnet - ok
15:18:41.0100 4656 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:18:41.0142 4656 SSDPSRV - ok
15:18:41.0155 4656 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:18:41.0185 4656 SstpSvc - ok
15:18:41.0192 4656 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:18:41.0205 4656 stexstor - ok
15:18:41.0230 4656 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:18:41.0265 4656 stisvc - ok
15:18:41.0275 4656 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:18:41.0285 4656 swenum - ok
15:18:41.0300 4656 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:18:41.0340 4656 swprv - ok
15:18:41.0367 4656 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:18:41.0420 4656 SysMain - ok
15:18:41.0432 4656 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:18:41.0455 4656 TabletInputService - ok
15:18:41.0472 4656 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:18:41.0502 4656 TapiSrv - ok
15:18:41.0507 4656 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:18:41.0540 4656 TBS - ok
15:18:41.0582 4656 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:18:41.0657 4656 Tcpip - ok
15:18:41.0692 4656 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:18:41.0725 4656 TCPIP6 - ok
15:18:41.0740 4656 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:18:41.0752 4656 tcpipreg - ok
15:18:41.0760 4656 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:18:41.0780 4656 TDPIPE - ok
15:18:41.0795 4656 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:18:41.0807 4656 TDTCP - ok
15:18:41.0822 4656 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:18:41.0850 4656 tdx - ok
15:18:41.0855 4656 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:18:41.0867 4656 TermDD - ok
15:18:41.0882 4656 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:18:41.0920 4656 TermService - ok
15:18:41.0930 4656 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:18:41.0942 4656 Themes - ok
15:18:41.0950 4656 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:18:41.0980 4656 THREADORDER - ok
15:18:41.0987 4656 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:18:42.0017 4656 TrkWks - ok
15:18:42.0055 4656 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:18:42.0082 4656 TrustedInstaller - ok
15:18:42.0097 4656 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:18:42.0137 4656 tssecsrv - ok
15:18:42.0147 4656 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:18:42.0167 4656 TsUsbFlt - ok
15:18:42.0177 4656 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:18:42.0190 4656 TsUsbGD - ok
15:18:42.0210 4656 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:18:42.0250 4656 tunnel - ok
15:18:42.0260 4656 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:18:42.0272 4656 uagp35 - ok
15:18:42.0287 4656 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:18:42.0330 4656 udfs - ok
15:18:42.0340 4656 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:18:42.0362 4656 UI0Detect - ok
15:18:42.0382 4656 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:18:42.0395 4656 uliagpkx - ok
15:18:42.0400 4656 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:18:42.0422 4656 umbus - ok
15:18:42.0435 4656 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:18:42.0447 4656 UmPass - ok
15:18:42.0467 4656 [ 6617E7CC9DC6729A11BFF54C47CEA7D0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:18:42.0480 4656 UNS - ok
15:18:42.0495 4656 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:18:42.0532 4656 upnphost - ok
15:18:42.0537 4656 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:18:42.0562 4656 usbccgp - ok
15:18:42.0575 4656 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:18:42.0592 4656 usbcir - ok
15:18:42.0612 4656 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:18:42.0632 4656 usbehci - ok
15:18:42.0642 4656 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:18:42.0670 4656 usbhub - ok
15:18:42.0677 4656 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:18:42.0690 4656 usbohci - ok
15:18:42.0702 4656 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:18:42.0722 4656 usbprint - ok
15:18:42.0745 4656 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:18:42.0760 4656 usbscan - ok
15:18:42.0770 4656 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:18:42.0797 4656 USBSTOR - ok
15:18:42.0807 4656 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:18:42.0830 4656 usbuhci - ok
15:18:42.0852 4656 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:18:42.0882 4656 UxSms - ok
15:18:42.0887 4656 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:18:42.0897 4656 VaultSvc - ok
15:18:42.0915 4656 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:18:42.0925 4656 vdrvroot - ok
15:18:42.0937 4656 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:18:42.0987 4656 vds - ok
15:18:42.0995 4656 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:18:43.0010 4656 vga - ok
15:18:43.0020 4656 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:18:43.0050 4656 VgaSave - ok
15:18:43.0060 4656 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:18:43.0075 4656 vhdmp - ok
15:18:43.0085 4656 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:18:43.0095 4656 viaide - ok
15:18:43.0102 4656 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:18:43.0117 4656 volmgr - ok
15:18:43.0130 4656 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:18:43.0150 4656 volmgrx - ok
15:18:43.0162 4656 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:18:43.0180 4656 volsnap - ok
15:18:43.0190 4656 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:18:43.0202 4656 vsmraid - ok
15:18:43.0230 4656 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:18:43.0285 4656 VSS - ok
15:18:43.0337 4656 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
15:18:43.0377 4656 vToolbarUpdater13.2.0 - ok
15:18:43.0395 4656 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:18:43.0412 4656 vwifibus - ok
15:18:43.0432 4656 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:18:43.0465 4656 W32Time - ok
15:18:43.0475 4656 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:18:43.0492 4656 WacomPen - ok
15:18:43.0505 4656 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:18:43.0532 4656 WANARP - ok
15:18:43.0537 4656 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:18:43.0565 4656 Wanarpv6 - ok
15:18:43.0587 4656 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:18:43.0637 4656 wbengine - ok
15:18:43.0650 4656 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:18:43.0672 4656 WbioSrvc - ok
15:18:43.0677 4656 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:18:43.0702 4656 wcncsvc - ok
15:18:43.0712 4656 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:18:43.0737 4656 WcsPlugInService - ok
15:18:43.0752 4656 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:18:43.0762 4656 Wd - ok
15:18:43.0787 4656 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:18:43.0815 4656 Wdf01000 - ok
15:18:43.0822 4656 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:18:43.0895 4656 WdiServiceHost - ok
15:18:43.0897 4656 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:18:43.0917 4656 WdiSystemHost - ok
15:18:43.0927 4656 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:18:43.0952 4656 WebClient - ok
15:18:43.0965 4656 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:18:44.0007 4656 Wecsvc - ok
15:18:44.0027 4656 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:18:44.0055 4656 wercplsupport - ok
15:18:44.0062 4656 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:18:44.0092 4656 WerSvc - ok
15:18:44.0100 4656 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:18:44.0127 4656 WfpLwf - ok
15:18:44.0135 4656 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:18:44.0145 4656 WIMMount - ok
15:18:44.0167 4656 WinDefend - ok
15:18:44.0170 4656 WinHttpAutoProxySvc - ok
15:18:44.0212 4656 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:18:44.0242 4656 Winmgmt - ok
15:18:44.0272 4656 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:18:44.0342 4656 WinRM - ok
15:18:44.0365 4656 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:18:44.0402 4656 Wlansvc - ok
15:18:44.0440 4656 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:18:44.0460 4656 wlcrasvc - ok
15:18:44.0502 4656 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:18:44.0560 4656 wlidsvc - ok
15:18:44.0567 4656 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:18:44.0585 4656 WmiAcpi - ok
15:18:44.0595 4656 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:18:44.0612 4656 wmiApSrv - ok
15:18:44.0615 4656 WMPNetworkSvc - ok
15:18:44.0627 4656 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:18:44.0650 4656 WPCSvc - ok
15:18:44.0655 4656 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:18:44.0685 4656 WPDBusEnum - ok
15:18:44.0692 4656 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:18:44.0722 4656 ws2ifsl - ok
15:18:44.0730 4656 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:18:44.0745 4656 wscsvc - ok
15:18:44.0747 4656 WSearch - ok
15:18:44.0787 4656 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:18:44.0837 4656 wuauserv - ok
15:18:44.0862 4656 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:18:44.0897 4656 WudfPf - ok
15:18:44.0910 4656 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:18:44.0937 4656 WUDFRd - ok
15:18:44.0947 4656 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:18:44.0970 4656 wudfsvc - ok
15:18:44.0980 4656 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:18:45.0000 4656 WwanSvc - ok
15:18:45.0005 4656 ================ Scan global ===============================
15:18:45.0022 4656 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:18:45.0050 4656 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:18:45.0057 4656 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:18:45.0080 4656 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:18:45.0097 4656 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:18:45.0102 4656 [Global] - ok
15:18:45.0102 4656 ================ Scan MBR ==================================
15:18:45.0125 4656 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:18:45.0355 4656 \Device\Harddisk0\DR0 - ok
15:18:45.0357 4656 ================ Scan VBR ==================================
15:18:45.0360 4656 [ 5CA625DFA66C5A5933F29B89BFDFD085 ] \Device\Harddisk0\DR0\Partition1
15:18:45.0360 4656 \Device\Harddisk0\DR0\Partition1 - ok
15:18:45.0375 4656 [ AF6B1CAEA233C9EBFABB321EE3450976 ] \Device\Harddisk0\DR0\Partition2
15:18:45.0377 4656 \Device\Harddisk0\DR0\Partition2 - ok
15:18:45.0397 4656 [ 609E9AA73DE24F63A70BE7B1FE172F6E ] \Device\Harddisk0\DR0\Partition3
15:18:45.0400 4656 \Device\Harddisk0\DR0\Partition3 - ok
15:18:45.0402 4656 ============================================================
15:18:45.0402 4656 Scan finished
15:18:45.0402 4656 ============================================================
15:18:45.0412 4264 Detected object count: 2
15:18:45.0412 4264 Actual detected object count: 2
15:19:21.0348 4264 FreemakeVideoCapture ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:21.0348 4264 FreemakeVideoCapture ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:21.0351 4264 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:21.0351 4264 SearchAnonymizer ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alt 21.12.2012, 15:31   #6
markusg
/// Malware-holic
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hi,
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
--> Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6

Alt 21.12.2012, 16:05   #7
ohneBrille
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hi,

hat bisher alles geklappt. Sind prima Anweisungen.

Leider hängt sich jetzt aber auch der IE sofort nach dem Start auf.

Details dazu:
Problemsignatur:
Problemereignisname: APPCRASH
Anwendungsname: iexplore.exe
Anwendungsversion: 9.0.8112.16455
Anwendungszeitstempel: 507284ba
Fehlermodulname: KERNELBASE.dll
Fehlermodulversion: 6.1.7601.17932
Fehlermodulzeitstempel: 50327672
Ausnahmecode: e06d7363
Ausnahmeoffset: 0000c41f
Betriebsystemversion: 6.1.7601.2.1.0.768.3
Gebietsschema-ID: 1031
Zusatzinformation 1: 6cf5
Zusatzinformation 2: 6cf5663b2e9f3e21edfe1ef5176c69e6
Zusatzinformation 3: 2fcc
Zusatzinformation 4: 2fcc6ee14d59cd546e14f45b86067fb4

Die Combofix-Logfile hat folgenden Inhalt:

--------------

Combofix Logfile:
Code:
ATTFilter
ComboFix 12-12-20.02 - Vorname Name 21.12.2012  15:39:59.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4060.2571 [GMT 1:00]
ausgeführt von:: c:\users\Vorname Name\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ChatZum Toolbar\tbunsx14FB.tmp\tbHElper.dll
c:\program files (x86)\Savings Sidekick
c:\program files (x86)\Savings Sidekick\ButtonUtil.dll
c:\program files (x86)\Savings Sidekick\Savings Sidekick-bg.exe
c:\program files (x86)\Savings Sidekick\Savings Sidekick.dll
c:\program files (x86)\Savings Sidekick\Savings Sidekick.exe
c:\program files (x86)\Savings Sidekick\Savings Sidekick.ico
c:\program files (x86)\Savings Sidekick\Savings Sidekick.ini
c:\program files (x86)\Savings Sidekick\Savings SidekickInstaller.log
c:\program files (x86)\Savings Sidekick\Uninstall.exe
c:\program files (x86)\smartdl
c:\program files (x86)\smartdl\dler.exe
c:\program files (x86)\smartdl\gunzip.exe
c:\program files (x86)\smartdl\header.bmp
c:\program files (x86)\smartdl\header2.bmp
c:\program files (x86)\smartdl\header3.bmp
c:\program files (x86)\smartdl\next.bmp
c:\program files (x86)\smartdl\skip.bmp
c:\program files (x86)\smartdl\status-o
C:\torrent.exe
c:\users\Vorname Name\AppData\Local\Savings Sidekick
c:\users\Vorname Name\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx
c:\users\Vorname Name\AppData\Local\Temp\{67E568B7-DEA7-4315-8199-D9281791E7FB}\fpb.tmp
c:\users\Vorname~1\AppData\Local\Temp\{67E568B7-DEA7-4315-8199-D9281791E7FB}\fpb.tmp
c:\windows\IsUn0407.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-21 bis 2012-12-21  ))))))))))))))))))))))))))))))
.
.
2012-12-21 12:55 . 2012-12-21 13:04	--------	d-----w-	C:\_OTL
2012-12-20 21:27 . 2012-12-20 21:27	--------	d-----w-	c:\program files (x86)\7-Zip
2012-12-20 19:49 . 2012-12-20 19:49	--------	d-----w-	c:\users\Vorname Name\AppData\Roaming\Malwarebytes
2012-12-20 19:49 . 2012-12-20 19:49	--------	d-----w-	c:\programdata\Malwarebytes
2012-12-20 19:49 . 2012-12-20 19:49	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-20 19:49 . 2012-09-29 18:54	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-12-20 17:04 . 2012-11-29 09:19	892008	----a-w-	c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2012-12-20 16:27 . 2012-12-20 16:27	--------	d-----w-	c:\users\Vorname Name\AppData\Local\Deployment
2012-12-20 16:27 . 2012-12-20 16:27	--------	d-----w-	c:\users\Vorname Name\AppData\Local\Apps
2012-12-04 17:12 . 2012-12-04 17:12	--------	d-----w-	c:\program files (x86)\Convar
2012-12-02 20:01 . 2012-12-02 20:01	--------	d-----w-	c:\program files (x86)\wxDownload Fast
2012-12-02 20:01 . 2012-12-02 20:01	--------	d-----w-	c:\programdata\Premium
2012-12-02 20:01 . 2012-12-02 20:01	--------	d-----w-	c:\program files (x86)\WxDownload
2012-12-02 20:01 . 2012-12-02 20:02	--------	d-----w-	c:\programdata\wxDownload
2012-12-02 20:00 . 2012-12-02 20:01	--------	d-----w-	c:\programdata\InstallMate
2012-11-21 16:28 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-21 16:28 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-11-21 16:28 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-11-21 16:28 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-11-21 16:20 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2012-11-21 16:20 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-11-21 16:20 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2012-11-21 16:20 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-11-21 16:20 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-11-21 16:20 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-11-21 16:20 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-11-21 16:15 . 2012-05-05 08:36	503808	----a-w-	c:\windows\system32\srcore.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-11 16:33 . 2012-11-04 21:01	99912	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-12-11 16:33 . 2012-11-04 21:01	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-11-08 18:58 . 2012-11-08 18:58	30568	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2012-11-03 11:03 . 2012-03-29 11:40	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-03 11:03 . 2012-03-29 11:40	696760	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-29 20:04 . 2012-08-12 18:37	66395536	----a-w-	c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-29 19:58	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-29 19:58	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-29 19:58	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-11 20:20 . 2012-10-11 20:20	821736	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2012-10-11 20:20 . 2012-10-11 20:20	746984	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-10-11 20:20 . 2012-10-11 20:20	95208	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-24 08:58 . 2012-11-04 21:01	27800	----a-w-	c:\windows\system32\drivers\avkmgr.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
2011-05-09 09:49	176936	----a-w-	c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-11-11 11:44	1796552	----a-w-	c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-04 18:20	1514152	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-04 1514152]
"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
"{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}"= "c:\program files (x86)\ChatZum Toolbar\tbunsx14FB.tmp\tbcore3.dll" [2012-08-29 2665984]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll" [2012-11-11 1796552]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_CLASSES_ROOT\clsid\{37d48d9c-3f7e-412f-b5bf-611be7ccfca1}]
[HKEY_CLASSES_ROOT\TBSB09850.TBSB09850.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB09850.TBSB09850]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"Hotkey Utility"="c:\program files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe" [2012-02-07 636520]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-01-04 1391272]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2012-02-28 1679360]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-11-11 997320]
"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-11-08 1020512]
.
c:\users\Nachwuchs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Nachwuchs - Verknüpfung.lnk - d:\lotus\work\organize\Nachwuchs.or6 [2012-8-30 163840]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\users\Vorname Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2011-11-28 1000288]
Media.url [2012-10-31 178]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\BROWSE~1\23787~1.43\{16CDF~1\browsemngr.dll c:\progra~2\WXDOWN~1\sprotector.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 PDNMp50;PDNMp50 NDIS Protocol Driver;c:\windows\system32\drivers\PDNMp50.sys [x]
R3 PDNSp50;PDNSp50 NDIS Protocol Driver;c:\windows\system32\drivers\PDNSp50.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-08 30568]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-12-11 565024]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2012-09-07 8704]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2012-02-29 28264]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe [2012-10-04 567232]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2012-02-07 255376]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Vorname Name\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2012-08-11 40960]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-08 711112]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-21 c:\windows\Tasks\OptimizerProUpdaterTask{AE49B397-11E2-44BC-9DD0-AD3C1700CB3B}.job
- c:\programdata\Premium\OptimizerPro\OptimizerPro.exe [2012-12-02 14:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-05 13374568]
"Ocs_SM"="c:\users\Vorname Name\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2012-08-11 106496]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-11-01 2710856]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-03 767312]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://packardbell.msn.com
mStart Page = hxxp://search.chatzum.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Vorname Name\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Vorname Name\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {{B4E30F61-16D9-11D3-85D1-005004229569} - {85E0B172-04FA-11D1-B7DA-00A0C90348D6} - d:\lotus\organize\bandobjs.dll
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: Interfaces\{D7EAA561-C1DF-4716-96F3-D45D39A1EAD3}: NameServer = 62.109.123.196 213.191.74.18
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS - Deutsch
FF - prefs.js: browser.startup.homepage - www.startpage.com/
FF - prefs.js: keyword.URL - 
FF - ExtSQL: 2012-11-08 19:58; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.5
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=c840db6b000000000000000000000000&q=
FF - user.js: extensions.BabylonToolbar.id - c840db6b000000000000000000000000
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15599
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1214:53
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110823&tt=120912_ccp_3712_7
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{11111111-1111-1111-1111-110011501160} - c:\program files (x86)\Savings Sidekick\Savings Sidekick.dll
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
WebBrowser-{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - (no file)
WebBrowser-{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
AddRemove-Lohn & Gehalt - c:\windows\IsUn0407.exe
AddRemove-Praxiswissen BWL - c:\windows\IsUn0407.exe
AddRemove-Savings Sidekick - c:\program files (x86)\Savings Sidekick\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
   d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}"=hex:51,66,7a,6c,4c,1d,38,12,43,d9,34,
   04,c0,87,65,0e,d1,13,a1,8d,1e,85,28,eb
"{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}"=hex:51,66,7a,6c,4c,1d,38,12,f2,8e,c7,
   33,4c,71,41,04,ca,a9,22,5b,e2,92,b8,b5
"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}"=hex:51,66,7a,6c,4c,1d,38,12,e8,9b,8e,
   71,5d,42,f6,01,c5,a0,09,1f,42,98,83,3b
"{11111111-1111-1111-1111-110011501160}"=hex:51,66,7a,6c,4c,1d,38,12,7f,12,02,
   15,23,5f,7f,54,6e,07,52,40,14,0e,55,74
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}"=hex:51,66,7a,6c,4c,1d,38,12,c3,d3,96,
   33,cd,f1,98,02,c0,4d,e6,c7,c4,3c,ba,cd
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
   b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{CE7C3CF0-4B15-11D1-ABED-709549C10000}"=hex:51,66,7a,6c,4c,1d,38,12,9e,3f,6f,
   ca,27,05,bf,54,d4,fb,33,d5,4c,9f,44,14
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FCBCCB87-9224-4B8D-B117-F56D924BEB18}"=hex:51,66,7a,6c,4c,1d,38,12,e9,c8,af,
   f8,16,dc,e3,0e,ce,01,b6,2d,97,15,af,0c
"{21347690-EC41-4F9A-8887-1F4AEE672439}"=hex:51,66,7a,6c,4c,1d,38,12,fe,75,27,
   25,73,a2,f4,0a,f7,91,5c,0a,eb,39,60,2d
"{85E0B172-04FA-11D1-B7DA-00A0C90348D6}"=hex:51,66,7a,6c,4c,1d,38,12,1c,b2,f3,
   81,c8,4a,bf,54,c8,cc,43,e0,cc,5d,0c,c2
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:6d,7f,77,51,cf,ba,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,23,68,57,1b,bc,1f,b0,45,84,1b,15,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,23,68,57,1b,bc,1f,b0,45,84,1b,15,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_222_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_222_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_222.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_222.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_222.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_222.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-12-21  15:51:41 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-12-21 14:51
.
Vor Suchlauf: 10 Verzeichnis(se), 414.075.121.664 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 413.342.273.536 Bytes frei
.
- - End Of File - - 8D88B7074190374D0693999AD132C650
         
--- --- ---

Alt 21.12.2012, 16:26   #8
markusg
/// Malware-holic
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Wir müssen deinen PC entschlacken, wie du an die ganzen toolbars kommst...
lade den CCleaner standard:
CCleaner Download - CCleaner 3.25.1872
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools,uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 21.12.2012, 18:17   #9
ohneBrille
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hallo,
bei den unbekannten sind bestimmt ein paar wichtige dabei.

Hier die Liste:

7-Zip 9.20 20.12.2012 notwendig
Adobe AIR Adobe Systems Incorporated 29.03.2012 2.6.0.19120 unbekannt
Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 12.06.2012 6,00MB 11.2.202.222 notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 03.11.2012 6,00MB 11.4.402.287 notwendig
Adobe Reader X (10.1.4) MUI Adobe Systems Incorporated 15.11.2012 480MB 10.1.4 notwendig
Alice-Installationsdateien entfernen 09.08.2012 unbekannt
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 12.06.2012 26,2MB 3.0.855.0 unbekannt
Ask Toolbar Ask.com 11.08.2012 3,38MB 1.14.1.0 unnötig
Ask Toolbar Updater Ask.com 11.08.2012 1.2.0.20064 unnötig
AVG Security Toolbar AVG Technologies 11.11.2012 13.2.0.5 unbekannt
Avira Free Antivirus Avira 11.12.2012 124MB 13.0.0.2890 notwendig
AVS Audio Converter 7 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Audio Editor 7.1 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Audio Recorder version 4.0 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Cover Editor 2.0.1.3 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Disc Creator 5 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Document Converter 2.2.3 Online Media Technologies Ltd. 25.09.2012 17,0MB notwendig
AVS DVD Copy 4.1.2.283 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Image Converter 2.2.2.218 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Media Player 4.1.9.95 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Photo Editor Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Registry Cleaner version 2.2 Online Media Technologies Ltd. 25.09.2012 unnötig
AVS Ringtone Maker version 1.6 Online Media Technologies Ltd. 25.09.2012 unnötig
AVS Screen Capture version 2.0.1 Online Media Technologies Ltd. 25.09.2012 unnötig
AVS Update Manager 1.0 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Video Converter 8 Online Media Technologies Ltd. 25.09.2012 notwendig
AVS Video Editor 6 Online Media Technologies Ltd. 25.09.2012 unnötig
AVS Video Recorder 2.5 Online Media Technologies Ltd. 25.09.2012 unnötig
AVS Video ReMaker 4.1.1.144 Online Media Technologies Ltd. 25.09.2012 unnötig
AVS4YOU Software Navigator 1.4 Online Media Technologies Ltd. 25.09.2012 notwendig
BabylonObjectInstaller Babylon Ltd 16.09.2012 2,10MB 2.0.0.4 unbekannt
Biquanda VESCON GmbH 30.08.2012 49,5MB 1.75.0006 unnötig
Boxoft PDF to PowerPoint (freeware) Boxoft Solution 04.10.2012 4,54MB notwendig
Browser Manager 10.10.2012 unbekannt
Canon Easy-WebPrint EX 17.10.2012 notwendig
Canon Kurzwahlprogramm 07.10.2012 notwendig
Canon MP Navigator EX 3.1 07.10.2012 notwendig
Canon MX870 series Benutzerregistrierung 07.10.2012 notwendig
Canon MX870 series MP Drivers 09.08.2012 notwendig
Canon Utilities Easy-PhotoPrint EX 07.10.2012 notwendig
Canon Utilities My Printer 07.10.2012 notwendig
Canon Utilities Solution Menu 07.10.2012 notwendig
CCleaner Piriform 25.11.2012 3.25 notwendig
ChatZum Toolbar ChatZum 23.09.2012 1.0.14 unnötig
CyberLink MediaEspresso CyberLink Corp. 29.03.2012 164MB 6.5.1720_38230 unbekannt
Desktop Icon für Amazon 11.08.2012 1.0.1 (de) unnötig
DVDVideoSoftTB DE Toolbar DVDVideoSoftTB DE 11.08.2012 6.9.0.16 unnötig
eBay Worldwide OEM 09.08.2012 100KB 2.2.0409 unnötig
ElsterFormular Landesfinanzdirektion Thüringen 26.08.2012 240MB 13.0.0.8086k notwendig
Evernote v. 4.5.2 Evernote Corp. 29.03.2012 170MB 4.5.2.5866 notwendig
FireJump FireJump.net 11.08.2012 4,28MB 1.0.2.5 unbekannt
Fooz Kids FUHU, Inc. 29.03.2012 3.1.2 unbekannt
Fooz Kids Platform FUHU, Inc. 29.03.2012 2.1 unbekannt
Free YouTube Download version 3.1.38.1005 DVDVideoSoft Ltd. 11.10.2012 55,9MB 3.1.38.1005 unnötig
Free YouTube to MP3 Converter version 3.11.26.706 DVDVideoSoft Ltd. 11.08.2012 92,0MB 3.11.26.706 unnötig
Freemake Video Downloader Ellora Assets Corporation 21.10.2012 38,7MB 3.3.0 notwendig
Hex-Editor MX NEXT-Soft 19.11.2012 6.0 notwendig
Hotkey Utility Packard Bell 12.06.2012 2.05.3510 unbekannt
Identity Card Packard Bell 12.06.2012 1.00.3501 unbekannt
Incomedia WebSite X5 v9 - Evolution Demo Incomedia s.r.l. 03.10.2012 72,8MB 9.1.4.1939 unnötig
Intel(R) Control Center Intel Corporation 12.06.2012 1.2.1.1007 unbekannt
Intel(R) Management Engine Components Intel Corporation 12.06.2012 8.0.2.1410 unbekannt
Intel(R) Rapid Storage Technology Intel Corporation 12.06.2012 10.0.0.1046 unbekannt
Intel® Trusted Connect Service Client Intel Corporation 12.06.2012 10,6MB 1.23.605.1 unbekannt
Java 7 Update 7 Oracle 11.10.2012 128MB 7.0.70 unbekannt
JLohn 2.0 Klaus Gotthardt 08.11.2012 6,36MB unnötig
Kobo Kobo Inc. 09.08.2012 2.1.5 unnötig
Lohn & Gehalt 08.11.2012 unnötig
Lotus Organizer 6.0 30.08.2012 unnötig
Malwarebytes Anti-Malware Version 1.65.1.1000 Malwarebytes Corporation 20.12.2012 19,4MB 1.65.1.1000 notwendig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 29.03.2012 38,8MB 4.0.30319 notwendig
Microsoft Office Home and Student 2010 Microsoft Corporation 11.08.2012 14.0.6029.1000 notwendig
Microsoft Office Klick-und-Los 2010 Microsoft Corporation 09.08.2012 14.0.4763.1000 notwendig
Microsoft Silverlight Microsoft Corporation 12.08.2012 40,3MB 4.1.10329.0 notwendig
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 29.03.2012 1,69MB 3.1.0000 notwendig
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 14.08.2012 2,38MB 8.0.61001 notwendig
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 25.09.2012 572KB 8.0.61000 notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 29.03.2012 784KB 9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 12.08.2012 788KB 9.0.30729.6161 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 29.03.2012 596KB 9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 29.03.2012 592KB 9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 12.08.2012 600KB 9.0.30729.6161 notwendig
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 12.06.2012 13,6MB 10.0.30319 notwendig
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.08.2012 12,2MB 10.0.40219 notwendig
Mozilla Firefox 17.0.1 (x86 de) Mozilla 20.12.2012 41,0MB 17.0.1 notwendig
Mozilla Maintenance Service Mozilla 20.12.2012 216KB 17.0.1 unbekannt
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 12.08.2012 1,27MB 4.20.9870.0 unbekannt
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 12.08.2012 1,33MB 4.20.9876.0 unbekannt
Nero BackItUp 10 Nero AG 29.03.2012 118MB 5.8.11100.9.100 notwendig
Nero DiscSpeed 10 Nero AG 29.03.2012 7,21MB 6.4.10500.1.100 notwendig
Nero Express 10 Nero AG 29.03.2012 165MB 10.6.10700.5.100 notwendig
Nero Multimedia Suite 10 Essentials Nero AG 29.03.2012 352MB 10.6.10300 notwendig
Nero RescueAgent 10 Nero AG 29.03.2012 6,53MB 3.6.10500.3.100 notwendig
Nero StartSmart 10 Nero AG 29.03.2012 143MB 10.6.10600.4.100 notwendig
Nero Update Nero AG 29.03.2012 1,46MB 1.0.10900.31.0 notwendig
Norton Online Backup Symantec Corporation 29.03.2012 6,19MB 2.1.17869 unnötig
OptimizerPro PC Utilities Pro 02.12.2011 1.0 unbekannt
Packard Bell Games WildTangent 29.03.2012 1.0.2.5 unnötig
Packard Bell Recovery Management Packard Bell 29.03.2012 5.00.3507 notwendig
Packard Bell Registration Packard Bell 12.06.2012 1.04.3506 notwendig
Packard Bell ScreenSaver Packard Bell 12.06.2012 1.1.0225.2011 notwendig
Packard Bell Updater Packard Bell 29.03.2012 1.02.3501 notwendig
PandaPDFConverter PandaPDFConverter 04.10.2012 unnötig
PC Rambazamba Langmeier Software GmbH 11.08.2012 6,95MB 1.00.0000 unnötig
PDF blätterbare Kataloge 1 09.08.2012 notwendig
Praxiswissen BWL 07.10.2012 notwendig
Preispilot für Firefox Preispilot 11.08.2012 1,75MB 2.0 unnötig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 12.06.2012 6.0.1.6521 unbekannt
Savings Sidekick 215 Apps 04.10.2012 1.23.151.151 unbekannt
Schließfach 2 09.08.2012 notwendig
SearchAnonymizer 11.08.2012 1.0.1 (de) unbekannt
shopping-preise.de AddOn Firefox shopping-preise.de 11.08.2012 1,52MB 2.81 unnötig
Skype™ 5.5 Skype Technologies S.A. 29.03.2012 17,0MB 5.5.117 unnötig
SmartPCFixer 4.2 LionSea Software 10.08.2012 34,7MB 4.2 unbekannt
sv.net ITSG GmbH 25.11.2012 12.0 notwendig
Updater Service 04.10.2012 14,12,8,9 unbekannt
Video Converter 16.09.2012 unnötig
WEB.DE Club SmartFax WEB.DE GmbH 11.08.2012 2.00.223 notwendig
Welcome Center Packard Bell 12.06.2012 1.02.3507 unbekannt
Win LohnInfo 2012 16.03 easy softway 08.11.2012 16.03 unnötig
Windows Live Essentials Microsoft Corporation 29.03.2012 15.4.3538.0513 unbekannt
WinPcap 4.1.2 CACE Technologies 21.10.2012 4.1.0.2001 unbekannt
Wondershare PDF to PowerPoint (Build 3.0.0) Wondershare Software 06.09.2012 17,5MB 3.0.0 notwendig
Wondershare PDF to Word (Build 2.0.1) Wondershare Software 20.09.2012 notwendig
WxDownload Expansion Premium Software 02.12.2011 1.0 unbekannt
wxDownload Fast 0.6.0 Max Velasques 02.12.2012 unbekannt

Alt 21.12.2012, 18:25   #10
markusg
/// Malware-holic
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
Ask : alle
AVG Security
AVS : alle für dich unnötigen.
BabylonObjectInstaller
Biquanda
ChatZum
CyberLink
Desktop Icon
DVDVideoSoftTB
eBay
Free YouTube : alle
Incomedia
Java
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
JLohn
Kobo
Lohn & Gehalt
Lotus
Norton
OptimizerPro
Packard Bell Games
PandaPDFConverter
PC Rambazamba
Preispilot
Savings Sidekick
SearchAnonymizer
shopping-preise
Skype™
SmartPCFixer
Updater Service
Video Converter
Win LohnInfo
Windows Live
WinPcap
wxDownload : beide
PC neustarten.
Lade und führe den AVG Remover aus:
AVG Tools-Download
Starte neu.
Öffne CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste
    mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 21.12.2012, 21:11   #11
ohneBrille
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hallo, ich bins nochmal.

deinstallationen und neuinstallationen sind erfolgreich beendet.

die logfile vom adwcleaner hat folgenden Inhalt:

# AdwCleaner v2.101 - Datei am 21/12/2012 um 21:04:55 erstellt
# Aktualisiert am 16/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Vorname Name - VornameName-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Vorname Name\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\user.js
Datei Gefunden : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\bprotector_extensions.sqlite
Datei Gefunden : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\bprotector_prefs.js
Datei Gefunden : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\searchplugins\BabylonMngr.xml
Datei Gefunden : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\searchplugins\search-safer.xml
Datei Gefunden : C:\Users\Vorname~1\AppData\Local\Temp\Uninstall.exe
Datei Gefunden : C:\Users\Nachwuchs\AppData\Roaming\Mozilla\Firefox\Profiles\c5zme3yb.default\bprotector_extensions.sqlite
Datei Gefunden : C:\Users\Nachwuchs\AppData\Roaming\Mozilla\Firefox\Profiles\c5zme3yb.default\bprotector_prefs.js
Datei Gefunden : C:\Users\Nachwuchs\AppData\Roaming\Mozilla\Firefox\Profiles\c5zme3yb.default\BrowserMngr_extensions.sqlite
Datei Gefunden : C:\Users\Nachwuchs\AppData\Roaming\Mozilla\Firefox\Profiles\c5zme3yb.default\browsermngr_prefs.js
Datei Gefunden : C:\Users\Nachwuchs\AppData\Roaming\Mozilla\Firefox\Profiles\c5zme3yb.default\searchplugins\search-safer.xml
Ordner Gefunden : C:\Program Files (x86)\ChatZum Toolbar
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\yourfiledownloader
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Browser Manager
Ordner Gefunden : C:\ProgramData\InstallMate
Ordner Gefunden : C:\ProgramData\Premium
Ordner Gefunden : C:\Users\Vorname Name\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Vorname Name\AppData\Local\Wajam
Ordner Gefunden : C:\Users\Vorname Name\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Vorname Name\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Vorname Name\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\CT2625848
Ordner Gefunden : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
Ordner Gefunden : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\extensions\ffxtlbr@babylon.com
Ordner Gefunden : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\Smartbar
Ordner Gefunden : C:\Users\Vorname Name\AppData\Roaming\OpenCandy
Ordner Gefunden : C:\Users\Vorname Name\AppData\Roaming\yourfiledownloader
Ordner Gefunden : C:\Users\Nachwuchs\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Nachwuchs\AppData\Roaming\Mozilla\Firefox\Profiles\c5zme3yb.default\extensions\crossriderapp5060@crossrider.com

***** [Registrierungsdatenbank] *****

Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\23787~1.43\{16cdf~1\browsemngr.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\BrowserMngr
Schlüssel Gefunden : HKCU\Software\ChatZum Toolbar
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\SweetIM
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\Software\BrowserMngr
Schlüssel Gefunden : HKLM\Software\ChatZum Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2625848
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\Software\SweetIM
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gefunden : HKU\S-1-5-21-1056152921-675492545-3389992532-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-1056152921-675492545-3389992532-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16455

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848
[HKCU\Software\Microsoft\Internet Explorer\Main - BrowserMngr Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=110823&tt=120912_ccp_3712_7&babsrc=NT_ss&mntrId=c840db6b000000000000000000000000
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.chatzum.com/

-\\ Mozilla Firefox v17.0.1 (de)

Profilname : default
Datei : C:\Users\Vorname Name\AppData\Roaming\Mozilla\Firefox\Profiles\5q9b5m5a.default\prefs.js

Gefunden : user_pref("CT2625848.1000082.isPlayDisplay", "true");
Gefunden : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Gefunden : user_pref("CT2625848.2625848a129894023611240511000000paramsGK1", "{\"updateReqTime\":1350713704471,\[...]
Gefunden : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gefunden : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gefunden : user_pref("CT2625848.FirstTime", "true");
Gefunden : user_pref("CT2625848.FirstTimeFF3", "true");
Gefunden : user_pref("CT2625848.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT262[...]
Gefunden : user_pref("CT2625848.UserID", "UN83168026369382149");
Gefunden : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");
Gefunden : user_pref("CT2625848.autoDisableScopes", -1);
Gefunden : user_pref("CT2625848.browser.search.defaultthis.engineName", true);
Gefunden : user_pref("CT2625848.defaultSearch", "true");
Gefunden : user_pref("CT2625848.embeddedsData", "[{\"appId\":\"129181467799155027\",\"apiPermissions\":{\"cross[...]
Gefunden : user_pref("CT2625848.enableAlerts", "false");
Gefunden : user_pref("CT2625848.enableSearchFromAddressBar", "true");
Gefunden : user_pref("CT2625848.firstTimeDialogOpened", "true");
Gefunden : user_pref("CT2625848.fixPageNotFoundError", "false");
Gefunden : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");
Gefunden : user_pref("CT2625848.fixUrls", true);
Gefunden : user_pref("CT2625848.installId", "ConduitNSISIntegration");
Gefunden : user_pref("CT2625848.installType", "ConduitNSISIntegration");
Gefunden : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gefunden : user_pref("CT2625848.isNewTabEnabled", false);
Gefunden : user_pref("CT2625848.isPerformedSmartBarTransition", "true");
Gefunden : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gefunden : user_pref("CT2625848.keyword", true);
Gefunden : user_pref("CT2625848.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fassist.babylon.c[...]
Gefunden : user_pref("CT2625848.openThankYouPage", "false");
Gefunden : user_pref("CT2625848.openUninstallPage", "true");
Gefunden : user_pref("CT2625848.search.searchAppId", "129181467799155027");
Gefunden : user_pref("CT2625848.search.searchCount", "0");
Gefunden : user_pref("CT2625848.searchInNewTabEnabled", "false");
Gefunden : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");
Gefunden : user_pref("CT2625848.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gefunden : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gefunden : user_pref("CT2625848.sendUsageEnabled", "false");
Gefunden : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gefunden : user_pref("CT2625848.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Gefunden : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1344684172669");
Gefunden : user_pref("CT2625848.serviceLayer_services_appTracking_lastUpdate", "1344684172934");
Gefunden : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1344684172544");
Gefunden : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1344684172905");
Gefunden : user_pref("CT2625848.serviceLayer_services_login_10.10.20.14_lastUpdate", "1345575568726");
Gefunden : user_pref("CT2625848.serviceLayer_services_login_10.10.27.6_lastUpdate", "1351179421855");
Gefunden : user_pref("CT2625848.serviceLayer_services_optimizer_lastUpdate", "1344684172663");
Gefunden : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1344684172908");
Gefunden : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1344684171426");
Gefunden : user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1351179421500");
Gefunden : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1344684172901");
Gefunden : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1351179421801");
Gefunden : user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1351179422022");
Gefunden : user_pref("CT2625848.settingsINI", true);
Gefunden : user_pref("CT2625848.shouldFirstTimeDialog", "false");
Gefunden : user_pref("CT2625848.smartbar.CTID", "CT2625848");
Gefunden : user_pref("CT2625848.smartbar.Uninstall", "0");
Gefunden : user_pref("CT2625848.smartbar.homepage", true);
Gefunden : user_pref("CT2625848.smartbar.isHidden", true);
Gefunden : user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE ");
Gefunden : user_pref("CT2625848.startPage", "userChanged");
Gefunden : user_pref("CT2625848.toolbarBornServerTime", "11-8-2012");
Gefunden : user_pref("CT2625848.toolbarCurrentServerTime", "25-10-2012");
Gefunden : user_pref("Smartbar.ConduitHomepagesList", "");
Gefunden : user_pref("Smartbar.ConduitSearchEngineList", "DVDVideoSoftTB DE Customized Web Search");
Gefunden : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848[...]
Gefunden : user_pref("aol_toolbar.default.homepage.check", false);
Gefunden : user_pref("aol_toolbar.default.search.check", false);
Gefunden : user_pref("browser.newtab.url", "search.chatzum.com");
Gefunden : user_pref("browser.search.order.1", "Search the web (Babylon)");
Gefunden : user_pref("extensions.50bbb3ef504b6.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Gefunden : user_pref("extensions.BabylonToolbar.admin", false);
Gefunden : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gefunden : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gefunden : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Gefunden : user_pref("extensions.BabylonToolbar.babExt", "");
Gefunden : user_pref("extensions.BabylonToolbar.babTrack", "affID=110823&tt=120912_ccp_3712_7");
Gefunden : user_pref("extensions.BabylonToolbar.babext", "babExt");
Gefunden : user_pref("extensions.BabylonToolbar.babtrack", "babTrack");
Gefunden : user_pref("extensions.BabylonToolbar.bbDpng", "25");
Gefunden : user_pref("extensions.BabylonToolbar.bbdpng", 1);
Gefunden : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gefunden : user_pref("extensions.BabylonToolbar.dfltlng", "en");
Gefunden : user_pref("extensions.BabylonToolbar.dfltsrch", "false");
Gefunden : user_pref("extensions.BabylonToolbar.dp_alert", "0");
Gefunden : user_pref("extensions.BabylonToolbar.dpk", "a239ee63432785bc9c5f6d9c56596c52");
Gefunden : user_pref("extensions.BabylonToolbar.envrmnt", "production");
Gefunden : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gefunden : user_pref("extensions.BabylonToolbar.firstrun", false);
Gefunden : user_pref("extensions.BabylonToolbar.hdrMd5", "981A4EA4638E18BACBF0A5FAD7CBB6A2");
Gefunden : user_pref("extensions.BabylonToolbar.hmpg", false);
Gefunden : user_pref("extensions.BabylonToolbar.hrdid", "c840db6b000000000000000000000000");
Gefunden : user_pref("extensions.BabylonToolbar.id", "c840db6b000000000000000000000000");
Gefunden : user_pref("extensions.BabylonToolbar.instlDay", "15599");
Gefunden : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gefunden : user_pref("extensions.BabylonToolbar.instlday", "15599");
Gefunden : user_pref("extensions.BabylonToolbar.instlref", "sst");
Gefunden : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false");
Gefunden : user_pref("extensions.BabylonToolbar.keywordurl", "");
Gefunden : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1214:53:08");
Gefunden : user_pref("extensions.BabylonToolbar.lastdp", 20);
Gefunden : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1");
Gefunden : user_pref("extensions.BabylonToolbar.newTab", false);
Gefunden : user_pref("extensions.BabylonToolbar.newtab", "false");
Gefunden : user_pref("extensions.BabylonToolbar.newtaburl", "");
Gefunden : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"26\",\"lastVrsn\":\"26\",\"vrsnLoad\[...]
Gefunden : user_pref("extensions.BabylonToolbar.pnu_tb9", "{\"newVrsn\":\"2\",\"lastVrsn\":\"2\",\"vrsnLoad\":\[...]
Gefunden : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gefunden : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Gefunden : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Gefunden : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gefunden : user_pref("extensions.BabylonToolbar.prtnrid", "babylon");
Gefunden : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1");
Gefunden : user_pref("extensions.BabylonToolbar.sg", "tzb");
Gefunden : user_pref("extensions.BabylonToolbar.smplGrp", "tzb");
Gefunden : user_pref("extensions.BabylonToolbar.smplgrp", "tzb");
Gefunden : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Gefunden : user_pref("extensions.BabylonToolbar.srcext", "ss");
Gefunden : user_pref("extensions.BabylonToolbar.srch", "");
Gefunden : user_pref("extensions.BabylonToolbar.srchprvdr", "");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gefunden : user_pref("extensions.BabylonToolbar.tlbrid", "tb9");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gefunden : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");
Gefunden : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1214:53:08");
Gefunden : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");
Gefunden : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1214:53:08");
Gefunden : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gefunden : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110823&tt=120912_ccp_3712_7");
Gefunden : user_pref("extensions.BabylonToolbar_i.newTab", false);
Gefunden : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gefunden : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1214:53:08");
Gefunden : user_pref("id_chatzum.firstlaunch", "0");
Gefunden : user_pref("id_chatzum.guid", "%7B2C7D4E79-3587-D8CA-45BB-DCAD5645C699%7D");
Gefunden : user_pref("id_chatzum.hiddenvisual", 0);
Gefunden : user_pref("id_chatzum.openSearchEngineName", "Search%20Safer");
Gefunden : user_pref("id_chatzum.popupblockedcnt", "2");
Gefunden : user_pref("id_chatzum.searchengine", "Search%20the%20web%20%28Babylon%29");
Gefunden : user_pref("id_chatzum.variables.SVar1", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar10", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar2", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar3", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar4", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar5", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar6", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar7", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar8", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar9", "%13");
Gefunden : user_pref("id_chatzum.variables.Var1", "0");
Gefunden : user_pref("id_chatzum.variables.Var10", "0");
Gefunden : user_pref("id_chatzum.variables.Var2", "0");
Gefunden : user_pref("id_chatzum.variables.Var3", "0");
Gefunden : user_pref("id_chatzum.variables.Var4", "0");
Gefunden : user_pref("id_chatzum.variables.Var5", "0");
Gefunden : user_pref("id_chatzum.variables.Var6", "0");
Gefunden : user_pref("id_chatzum.variables.Var7", "0");
Gefunden : user_pref("id_chatzum.variables.Var8", "0");
Gefunden : user_pref("id_chatzum.variables.Var9", "0");
Gefunden : user_pref("id_chatzum_installed_version", "1.0.17");
Gefunden : user_pref("id_chatzum_tabpage", "hxxp%3A//searchsafer.com/");
Gefunden : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Gefunden : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Gefunden : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Gefunden : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Gefunden : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Gefunden : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Gefunden : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Gefunden : user_pref("sweetim.toolbar.searchguard.enable", "");
Gefunden : user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.babylon.com/?affID=110823&tt=120912_ccp_37[...]

Profilname : default
Datei : C:\Users\Nachwuchs\AppData\Roaming\Mozilla\Firefox\Profiles\c5zme3yb.default\prefs.js

Gefunden : user_pref("aol_toolbar.default.homepage.check", false);
Gefunden : user_pref("aol_toolbar.default.search.check", false);
Gefunden : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\13.2.0.5");
Gefunden : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Gefunden : user_pref("browser.newtab.url", "search.chatzum.com");
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Gefunden : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Gefunden : user_pref("browser.search.order.1", "Search the web (Babylon)");
Gefunden : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Gefunden : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Gefunden : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1350319385);
Gefunden : user_pref("extensions.crossriderapp5060.5060.active", true);
Gefunden : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.backgroundver", 7);
Gefunden : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Gefunden : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1350319385");
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1350319385");
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Sun Dec 02 2012 18:[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Tue Dec 04 2012 [...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22DE%22");
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1354466212");
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2214019%22");
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1350319408054");
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221224%22");
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2293855%22");
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1350319394925");
Gefunden : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Gefunden : user_pref("extensions.crossriderapp5060.5060.domain", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Gefunden : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.group", 0);
Gefunden : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "38");
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Sun Dec 02[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.expiration", "Fri[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.value", "%7B%22re[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Gefunden : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 3);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 7);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 4);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 2);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 2);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.name", "FacebookFFIE");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.ver", 1);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 4);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 3);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 3);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 2);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 2);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 3);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 1);
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "17,14,16,47,1000015");
Gefunden : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Gefunden : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 16);
Gefunden : user_pref("extensions.crossriderapp5060.5060.publisher", "215 Apps");
Gefunden : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Gefunden : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Gefunden : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Gefunden : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Gefunden : user_pref("extensions.crossriderapp5060.5060.ver", 38);
Gefunden : user_pref("extensions.crossriderapp5060.apps", "5060");
Gefunden : user_pref("extensions.crossriderapp5060.bic", "13a654eaad6120b07adfaac0051e2f20");
Gefunden : user_pref("extensions.crossriderapp5060.cid", 5060);
Gefunden : user_pref("extensions.crossriderapp5060.firstrun", false);
Gefunden : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Gefunden : user_pref("extensions.crossriderapp5060.installationdate", 1350319385);
Gefunden : user_pref("extensions.crossriderapp5060.lastcheck", 22574437);
Gefunden : user_pref("extensions.crossriderapp5060.lastcheckitem", 22574464);
Gefunden : user_pref("extensions.crossriderapp5060.modetype", "production");
Gefunden : user_pref("extensions.crossriderapp5060.reportInstall", true);
Gefunden : user_pref("id_chatzum.firstlaunch", "0");
Gefunden : user_pref("id_chatzum.guid", "%7B579E2CC6-B0EA-41E3-3622-8234BBB5A584%7D");
Gefunden : user_pref("id_chatzum.hiddenvisual", 0);
Gefunden : user_pref("id_chatzum.openSearchEngineName", "Search%20Safer");
Gefunden : user_pref("id_chatzum.popupblockedcnt", "57");
Gefunden : user_pref("id_chatzum.searchengine", "Search%20the%20web%20%28Babylon%29");
Gefunden : user_pref("id_chatzum.variables.SVar1", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar10", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar2", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar3", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar4", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar5", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar6", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar7", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar8", "%13");
Gefunden : user_pref("id_chatzum.variables.SVar9", "%13");
Gefunden : user_pref("id_chatzum.variables.Var1", "0");
Gefunden : user_pref("id_chatzum.variables.Var10", "0");
Gefunden : user_pref("id_chatzum.variables.Var2", "0");
Gefunden : user_pref("id_chatzum.variables.Var3", "0");
Gefunden : user_pref("id_chatzum.variables.Var4", "0");
Gefunden : user_pref("id_chatzum.variables.Var5", "0");
Gefunden : user_pref("id_chatzum.variables.Var6", "0");
Gefunden : user_pref("id_chatzum.variables.Var7", "0");
Gefunden : user_pref("id_chatzum.variables.Var8", "0");
Gefunden : user_pref("id_chatzum.variables.Var9", "0");
Gefunden : user_pref("id_chatzum_installed_version", "1.0.19");
Gefunden : user_pref("id_chatzum_tabpage", "hxxp%3A//searchsafer.com/");
Gefunden : user_pref("keyword.URL", "hxxp://utils.chatzum.com/?url=");
Gefunden : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Gefunden : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Gefunden : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Gefunden : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Gefunden : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Gefunden : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Gefunden : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Gefunden : user_pref("sweetim.toolbar.searchguard.enable", "");

*************************

AdwCleaner[R1].txt - [40063 octets] - [21/12/2012 21:04:55]

########## EOF - C:\AdwCleaner[R1].txt - [40124 octets] ##########

mfg
ohneBrillle

Alt 27.12.2012, 16:46   #12
markusg
/// Malware-holic
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hi
lösche deine Kopie vom AdwCleaner, lade ihn erneut runter.


Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe
    alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein
    Rechner wird neu gestartet, je nach Schwere der Infektion auch mehrmals - das ist normal. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den
    Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x = fortlaufende Nummer)
[/QUOTE]
Starte dann neu, teste, wie das Gerät läuft + Programme wie Browser
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.12.2012, 17:26   #13
ohneBrille
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hi,
hab alles gemacht, wie beschrieben. Leider wurde keine Log-datei erstellt. Ist nur die vom 21.12. da AdwCleaner[R1].txt

Firefox stürzt weiterhin nach max 1 min. ab.

Alt 27.12.2012, 18:15   #14
markusg
/// Malware-holic
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Dann führe den noch mal aus:
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste
    mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
was ist mit dem Internet explorer, läuft der?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.12.2012, 19:19   #15
ohneBrille
 
Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Standard

Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6



Hi Markus,
hab das jetzt ein paarmal gemacht. Es kommt keine Datei adwcleaner*.txt unter C:\

Es kommt nur eine txt (bei jedem Neustart) mit folgendem Inhalt:

----------------

2012-12-21 19:44:33.803 Log opened. (Time zone: UTC+01:00)
2012-12-21 19:44:33.803 Setup version: Inno Setup version 5.4.3 (u)
2012-12-21 19:44:33.803 Original Uninstall EXE: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe
2012-12-21 19:44:33.803 Uninstall DAT: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.dat
2012-12-21 19:44:33.803 Uninstall command line: /SECONDPHASE="C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe" /FIRSTPHASEWND=$A01B8 /log=C:\Users\Vorname Name\AppData\Roaming\DVDVideoSoft\logs\FreeYouTubeToMP3Converter_uninstall.txt /silent
2012-12-21 19:44:33.803 Windows version: 6.1.7601 SP1 (NT platform: Yes)
2012-12-21 19:44:33.803 64-bit Windows: Yes
2012-12-21 19:44:33.803 Processor architecture: x64
2012-12-21 19:44:33.803 User privileges: Administrative
2012-12-21 19:44:33.803 64-bit install mode: No
2012-12-21 19:44:33.803 Created temporary directory: C:\Users\Vorname~1\AppData\Local\Temp\is-U07UA.tmp
2012-12-21 19:44:34.005 Starting the uninstallation process.
2012-12-21 19:44:34.037 Uninstalling from GAC: Newtonsoft.Json.Net20, Version=4.0.0.0, Culture=Neutral, PublicKeyToken=30ad4fe6b2a6aeed
2012-12-21 19:44:34.224 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\Microsoft.WindowsAPICodePack.Shell.dll
2012-12-21 19:44:34.224 Shared count reached zero.
2012-12-21 19:44:34.239 Uninstalling from GAC: Microsoft.WindowsAPICodePack.Shell, Version=1.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, ProcessorArchitecture=MSIL
2012-12-21 19:44:34.442 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\Microsoft.WindowsAPICodePack.dll
2012-12-21 19:44:34.442 Shared count reached zero.
2012-12-21 19:44:34.442 Uninstalling from GAC: Microsoft.WindowsAPICodePack, Version=1.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, ProcessorArchitecture=MSIL
2012-12-21 19:44:34.536 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\MediaTagsEditor.dll
2012-12-21 19:44:34.536 Shared count reached zero.
2012-12-21 19:44:34.536 Unregistering 32-bit DLL/OCX: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\MediaTagsEditor.dll
2012-12-21 19:44:34.536 Spawning 32-bit RegSvr32: "C:\Windows\system32\regsvr32.exe" /u /s "C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\MediaTagsEditor.dll"
2012-12-21 19:44:34.957 Unregistration successful.
2012-12-21 19:44:34.957 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\DVSiTunes.dll
2012-12-21 19:44:34.957 Shared count reached zero.
2012-12-21 19:44:34.957 Unregistering 32-bit DLL/OCX: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\DVSiTunes.dll
2012-12-21 19:44:34.957 Spawning 32-bit RegSvr32: "C:\Windows\system32\regsvr32.exe" /u /s "C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\DVSiTunes.dll"
2012-12-21 19:44:35.378 Unregistration successful.
2012-12-21 19:44:35.378 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\xmllite.dll
2012-12-21 19:44:35.378 Shared count reached zero.
2012-12-21 19:44:35.378 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\BrowserHelpersInstaller.exe
2012-12-21 19:44:35.394 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
2012-12-21 19:44:35.394 Shared count reached zero.
2012-12-21 19:44:35.394 Unregistering 32-bit DLL/OCX: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
2012-12-21 19:44:35.394 Spawning 32-bit RegSvr32: "C:\Windows\system32\regsvr32.exe" /u /s "C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll"
2012-12-21 19:44:35.799 Unregistration successful.
2012-12-21 19:44:35.799 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\tier0-pinv.dll
2012-12-21 19:44:35.799 Shared count reached zero.
2012-12-21 19:44:35.799 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\tier0.dll
2012-12-21 19:44:35.799 Shared count reached zero.
2012-12-21 19:44:35.799 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\rockid-pinv.dll
2012-12-21 19:44:35.799 Shared count reached zero.
2012-12-21 19:44:35.799 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\rockid.dll
2012-12-21 19:44:35.799 Shared count reached zero.
2012-12-21 19:44:35.799 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\libfftw3f-3.dll
2012-12-21 19:44:35.799 Shared count reached zero.
2012-12-21 19:44:35.799 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\libcurl.dll
2012-12-21 19:44:35.799 Shared count reached zero.
2012-12-21 19:44:35.799 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\CudaTranscoder.dll
2012-12-21 19:44:35.799 Shared count reached zero.
2012-12-21 19:44:35.815 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\VideoFileToIPOD.dll
2012-12-21 19:44:35.815 Shared count reached zero.
2012-12-21 19:44:35.815 Unregistering 32-bit DLL/OCX: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\VideoFileToIPOD.dll
2012-12-21 19:44:35.815 Spawning 32-bit RegSvr32: "C:\Windows\system32\regsvr32.exe" /u /s "C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\VideoFileToIPOD.dll"
2012-12-21 19:44:36.236 Unregistration successful.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avresample-0.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\ffmpeg.exe
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\libmp3lame.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\swresample-0.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\SDL.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\swscale-2.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avutil-51.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avformat-54.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avfilter-2.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avdevice-54.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avcodec-54.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\postproc-52.dll
2012-12-21 19:44:36.236 Shared count reached zero.
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DvsService.exe
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSUpdate.exe
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
2012-12-21 19:44:36.236 Decrementing shared count (32-bit): C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe
2012-12-21 19:44:37.235 Deleting file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Tools\Free YouTube Download Lite.lnk
2012-12-21 19:44:37.281 Deleting directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Tools
2012-12-21 19:44:37.281 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.359 Deleting file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube to MP3 Converter.lnk
2012-12-21 19:44:37.375 Deleting directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs
2012-12-21 19:44:37.375 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.437 Deleting file: C:\Users\Vorname Name\Desktop\Free YouTube to MP3 Converter.lnk
2012-12-21 19:44:37.547 Deleting file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Tools\System Report.lnk
2012-12-21 19:44:37.547 Deleting directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Tools
2012-12-21 19:44:37.547 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.547 Deleting directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2012-12-21 19:44:37.547 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.547 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.547 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.547 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.578 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.578 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.578 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.593 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.593 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.593 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.593 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.593 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.593 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.609 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.625 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.625 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.625 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.625 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.625 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.640 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.640 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.640 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.640 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.640 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.640 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.640 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.640 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.640 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\FreeYouTubeToMP3Converter.resources.dll
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\DVDVideoSoft.DialogForms.resources.dll
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3ConverterProfileD.xml
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3ConverterProfile.xml
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.xml
2012-12-21 19:44:37.656 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
2012-12-21 19:44:37.671 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.Presets.dll
2012-12-21 19:44:37.671 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.MediaTagsEditor.dll
2012-12-21 19:44:37.671 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
2012-12-21 19:44:37.671 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.DVSiTunes.dll
2012-12-21 19:44:37.671 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHT\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.671 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHT\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.671 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHS\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.671 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHS\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.687 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ru-RU\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.687 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ru-RU\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.687 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pt-PT\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.687 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pt-PT\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.703 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pl-PL\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.703 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pl-PL\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.703 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\nl-NL\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.703 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\nl-NL\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.718 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ja-JP\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.718 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ja-JP\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.718 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\it-IT\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.718 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\it-IT\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.734 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\fr-FR\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.734 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\fr-FR\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.734 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\es-ES\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.734 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\es-ES\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.749 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\de-DE\PrerequisiteCheck.resources.dll
2012-12-21 19:44:37.749 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\de-DE\DVDVideoSoft.AppFx.resources.dll
2012-12-21 19:44:37.749 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PrerequisiteCheck.exe
2012-12-21 19:44:37.749 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ytgroovlc.exe
2012-12-21 19:44:37.749 Deleting file: C:\Windows\system32\Newtonsoft.Json.Net20.dll
2012-12-21 19:44:37.749 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHT\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.749 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHS\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.749 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\tr-TR\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.765 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ru-RU\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.765 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pt-PT\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.765 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pt-BR\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.765 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pl-PL\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\nl-NL\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ja-JP\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\it-IT\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\fr-FR\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\es-ES\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\el-GR\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\de-DE\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVDVideoSoft.Resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\Microsoft.WindowsAPICodePack.Shell.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\Microsoft.WindowsAPICodePack.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.TaskbarManager.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.RockIdHelper.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\taglib-sharp.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\MediaTagsEditor.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\DVSiTunes.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\DVDVideoSoft.PresetEditor.resources.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.PresetEditor.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\xmllite.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\tier0-pinv.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\tier0.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\rockid-pinv.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\rockid.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\libfftw3f-3.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\libcurl.dll
2012-12-21 19:44:37.781 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.781 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHT
2012-12-21 19:44:37.796 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.796 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\zh-CHS
2012-12-21 19:44:37.796 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\tr-TR\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.796 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\tr-TR
2012-12-21 19:44:37.796 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.796 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ru-RU
2012-12-21 19:44:37.796 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.796 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-PT
2012-12-21 19:44:37.796 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-BR\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.796 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pt-BR
2012-12-21 19:44:37.796 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.796 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\pl-PL
2012-12-21 19:44:37.796 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.796 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\nl-NL
2012-12-21 19:44:37.796 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.796 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ja-JP
2012-12-21 19:44:37.812 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.812 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\it-IT
2012-12-21 19:44:37.812 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.812 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\fr-FR
2012-12-21 19:44:37.812 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.812 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\es-ES
2012-12-21 19:44:37.812 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\el-GR\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.812 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\el-GR
2012-12-21 19:44:37.812 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE\DVDVideoSoft.Resources.resources.dll
2012-12-21 19:44:37.812 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\de-DE
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.Resources.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.AVConverter.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.VideoFileToIPOD.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\CudaTranscoder.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\VideoFileToIPOD.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avresample-0.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\ffmpeg.exe
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\libmp3lame.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\swresample-0.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\SDL.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\swscale-2.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avutil-51.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avformat-54.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avfilter-2.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avdevice-54.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\avcodec-54.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\postproc-52.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnStub.exe
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnIC.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe
2012-12-21 19:44:37.827 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe
2012-12-21 19:44:37.827 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHT\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHS\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ru-RU\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pt-PT\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pl-PL\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\nl-NL\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ja-JP\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\it-IT\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.827 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\fr-FR\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\es-ES\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\de-DE\SubscriptionOffer.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\SubscriptionOffer.exe
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHT\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHS\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ru-RU\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pt-PT\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pl-PL\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\nl-NL\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ja-JP\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\it-IT\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\fr-FR\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\es-ES\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\de-DE\DVSSysReport.resources.dll
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe
2012-12-21 19:44:37.843 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\chimes.wav
2012-12-21 19:44:37.843 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHT
2012-12-21 19:44:37.843 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\zh-CHS
2012-12-21 19:44:37.843 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\tr-TR
2012-12-21 19:44:37.843 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.843 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ru-RU
2012-12-21 19:44:37.843 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pt-PT
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pt-BR
2012-12-21 19:44:37.859 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pl-PL
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\nl-NL
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\ja-JP
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\it-IT
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\fr-FR
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\es-ES
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\el-GR
2012-12-21 19:44:37.859 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\de-DE
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\wbrhelper.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\dvssyshelper.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\QtCore4.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\DvsServiceBridge.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\msvcr100.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\msvcp100.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\atl100.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\mfcm100u.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\mfc100u.dll
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin
2012-12-21 19:44:37.859 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\msvcr100.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\msvcp100.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\atl100.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\mfcm100u.dll
2012-12-21 19:44:37.859 Deleting file: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\mfc100u.dll
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft
2012-12-21 19:44:37.859 Failed to delete directory (32). Will retry later.
2012-12-21 19:44:37.859 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter
2012-12-21 19:44:37.874 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.874 Deleting directory: C:\Program Files (x86)\DVDVideoSoft
2012-12-21 19:44:37.874 Failed to delete directory (145). Will retry later.
2012-12-21 19:44:37.874 Deleting Uninstall data files.
2012-12-21 19:44:38.380 Deleting directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Tools
2012-12-21 19:44:38.380 Failed to delete directory (145).
2012-12-21 19:44:38.380 Deleting directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs
2012-12-21 19:44:38.380 Failed to delete directory (145).
2012-12-21 19:44:38.380 Deleting directory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2012-12-21 19:44:38.380 Failed to delete directory (145).
2012-12-21 19:44:38.380 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\tr-TR
2012-12-21 19:44:38.380 Failed to delete directory (145).
2012-12-21 19:44:38.380 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\pt-BR
2012-12-21 19:44:38.380 Failed to delete directory (145).
2012-12-21 19:44:38.380 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\el-GR
2012-12-21 19:44:38.380 Failed to delete directory (145).
2012-12-21 19:44:38.380 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft\bin
2012-12-21 19:44:38.380 Failed to delete directory (145).
2012-12-21 19:44:38.380 Deleting directory: C:\Program Files (x86)\Common Files\DVDVideoSoft
2012-12-21 19:44:38.380 Failed to delete directory (32).
2012-12-21 19:44:38.380 Deleting directory: C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter
2012-12-21 19:44:38.390 Deleting directory: C:\Program Files (x86)\DVDVideoSoft
2012-12-21 19:44:38.390 Failed to delete directory (145).
2012-12-21 19:44:38.693 Uninstallation process succeeded.
2012-12-21 19:44:38.693 Removed all? Yes
2012-12-21 19:44:38.693 Need to restart Windows? No
2012-12-21 19:44:41.108 Log closed.
-------------

Der Internet explorer läuft stabil. Sonstige Programme laufen auch, soweit ich das bisher überblicken kann.

mfg

Antwort

Themen zu Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6
absturz, adware/adware.gen, avira, checkliste, datei, daten, dezember, einfach, fenster, firefox, folge, folgendes, funde, hinweis, hoffe, hoffnung, installiert, langsamer, malwarebytes, minute, neu, problem, richtig, scan, sichtbar, woche, wochen




Ähnliche Themen: Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6


  1. Adware eingefangen! Sämtliche Viren/Adware-Scanner finden nichts.
    Log-Analyse und Auswertung - 23.03.2015 (18)
  2. Windows 8.1:Variant.Adware.Graftor.159320+Adware.Generic.1133960-Virenbefall?
    Log-Analyse und Auswertung - 13.01.2015 (32)
  3. Adware.Gen7 - Adware/Cherished.oia - Adware/InstallCore.Gen9 - TR/Trash.Gen bei Antivir gefunden
    Plagegeister aller Art und deren Bekämpfung - 03.12.2014 (13)
  4. Adware/Adware.gen von Antivir gefunden - Forsetzung-Thread wegen Noscript und WOT
    Plagegeister aller Art und deren Bekämpfung - 26.10.2014 (16)
  5. Windows 7: ADWARE/CrossRider.Gen4, ADWARE/EoRezo.Gen4 und ADWARE/MPlug 6.14 durch AntiVir gefunden
    Log-Analyse und Auswertung - 22.10.2014 (4)
  6. eBay-Fake eMail mit ZIP Anhang gespeichert, Windows 7- Avira: Enthält Erkennungsmuster der Adware ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 29.08.2014 (17)
  7. Win 7: Avira Funde: TR/Urausy.358451 & ADWARE/Adware.Gen2
    Log-Analyse und Auswertung - 07.07.2014 (9)
  8. Trojaner gefunden TR/Dldr.Agent.314440 und verschiedene Adwares ADWARE/EoRezo.AF, ADWARE/Adware.Gen7, ADWARE/AgentCV.A.2919
    Log-Analyse und Auswertung - 02.05.2014 (19)
  9. adware/browsefox.dac.1 (wie lässt sich diese lästige Adware entfernen?)
    Log-Analyse und Auswertung - 21.02.2014 (13)
  10. ADWARE/Adware.Gen2 8x gefunden: Schadsoftware? Dann ständig Farbfehler usw.
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (7)
  11. Antivir findet 3 infizierte Dateien 'EXP/Pidief.ej ; 'EXP/Java.HLP.A.1197; ADWARE/Adware.Gen
    Log-Analyse und Auswertung - 09.08.2013 (9)
  12. APPL/Downloader.Gen6 [program] & ADWARE/InstallCore.DA.19 [adware] Infektion
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (7)
  13. ADWARE/InstallCore.Gen, ADWARE/Yontoo.Gen und ADWARE/InstallCore.E von AVIRA gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (10)
  14. USB-Stick enthält Erkennungsmuster der Adware ADWARE/Adware.Gen
    Plagegeister aller Art und deren Bekämpfung - 29.07.2012 (25)
  15. Testbundle23w_1254[1].exe enthält Erkennungsmuster der Adware ADWARE/Adware.GEN
    Plagegeister aller Art und deren Bekämpfung - 22.04.2012 (5)
  16. PC von Adware.Agent.ZGen, Adware.ClickPotato, Adware.ShopperReports, Adware.Hotbar, Adwa angegriffen
    Mülltonne - 30.06.2011 (0)
  17. 70 ausgehende Verbindungen lt. Comodo o. Aktivität, div.Funde:Win32/Adware.ADON, Adware.F1 Organizer
    Plagegeister aller Art und deren Bekämpfung - 31.08.2010 (5)

Zum Thema Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 - Hallo liebe Helfer, ich habe folgendes Problem: Vor zwei Wochen wurde mein Firefox-Browser immer langsamer, hängte sich schließlich dauernd nach rund einer Minute auf und brachte ein Fenster mit dem - Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6...
Archiv
Du betrachtest: Absturz Firefox und Funde ADWARE/InstallMat.D, TR/Barys.443.5, ADWARE/Adware.Gen6 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.