Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: ihavenet-Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.12.2012, 15:04   #1
Stieg
 
ihavenet-Virus - Standard

ihavenet-Virus



Hallo,

ich habe seit einiger Zeit den "ihavenet-Virus" auf dem PC und will den jezt langsam mal loswerden.

Habe mir hier einige Beiträge angeguckt und habe die dort angegebenen Schritte versucht ordnungsgemäß zu erledigen.

Schritt 1:
AdwCleaner: Werbeprogramme suchen und löschen erledigt.

Schritt 2:
Adware entfernen mit JRT erledigt.



Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.2.1 (12.20.2012:1)
OS: Windows 7 Home Premium x64
Ran by Stieg on 21.12.2012 at 15:47:58,46
Blog: hxxp://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Stieg\AppData\Roaming\dvdvideosoftiehelpers"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.12.2012 at 15:52:51,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Schritt 3:
Kontrollscan mit OTL erledigt.


Code:
ATTFilter
OTL logfile created on: 21.12.2012 16:00:08 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Stieg\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,90 Gb Total Physical Memory | 2,62 Gb Available Physical Memory | 67,19% Memory free
7,79 Gb Paging File | 6,03 Gb Available in Paging File | 77,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,53 Gb Total Space | 19,65 Gb Free Space | 33,00% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 429,00 Gb Free Space | 92,11% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Stieg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.12.21 15:59:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stieg\Desktop\OTL.exe
PRC - [2012.12.17 23:29:50 | 029,428,448 | ---- | M] (Dropbox, Inc.) -- C:\Users\Stieg\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.12.11 22:11:45 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.12.11 22:11:19 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.12.11 22:11:19 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.05 18:35:21 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.09.29 18:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- G:\Programme\Malewarebytes\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- G:\Programme\Malewarebytes\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- G:\Programme\Malewarebytes\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.02.07 16:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.02.07 16:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.02.07 16:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.02.07 16:27:24 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012.02.05 12:22:44 | 001,763,328 | ---- | M] (Software Security System) -- C:\Programme\Lucidlogix Technologies\VIRTU MVP\Ekag20nt.exe
PRC - [2012.01.26 18:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.11.29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.11.29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.12.05 18:35:21 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.11.15 18:46:25 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4a443c775f768ede71bde8e10f50ec0b\IAStorUtil.ni.dll
MOD - [2012.11.15 18:46:25 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e88f87e9200afb5ede994c89c92e22b8\IAStorCommon.ni.dll
MOD - [2012.11.15 17:46:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012.11.15 17:46:08 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012.11.15 17:46:03 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012.11.15 17:45:54 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012.11.15 17:45:51 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012.11.15 17:45:49 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012.11.15 17:45:48 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012.11.15 17:45:45 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.08.27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.08.27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.04.12 08:43:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.09.28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.12.11 23:20:49 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.11 22:11:45 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.12.11 22:11:19 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.12.05 18:35:21 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.10 02:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.09.29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- G:\Programme\Malewarebytes\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- G:\Programme\Malewarebytes\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.02.09 15:26:48 | 000,133,632 | ---- | M] () [Auto | Running] -- C:\Programme\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV - [2012.02.07 16:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.02.07 16:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.02.07 16:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.02.07 16:27:24 | 000,121,344 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012.02.02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2011.11.29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.26 18:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- G:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.12.21 15:46:18 | 000,034,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2012.12.11 22:11:56 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.12.11 22:11:56 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.10.10 02:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.09.29 18:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.09.28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.09.28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.09.24 08:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.05.14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.09 15:24:16 | 000,044,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012.02.09 15:24:16 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2012.02.09 15:24:14 | 000,025,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2012.02.05 12:36:12 | 000,066,336 | ---- | M] (Lucidlogix Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VirtuWDDM.sys -- (VirtuWDDM)
DRV:64bit: - [2012.01.26 18:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.26 18:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.26 18:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011.12.05 20:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.11.29 18:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.09.21 16:56:24 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011.08.23 14:57:24 | 000,565,352 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.10 15:28:48 | 000,017,192 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.11.18 00:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.08.13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-735380003-689412922-4239967661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-735380003-689412922-4239967661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-735380003-689412922-4239967661-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 42 57 F8 B3 DB CD 01  [binary data]
IE - HKU\S-1-5-21-735380003-689412922-4239967661-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-735380003-689412922-4239967661-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-735380003-689412922-4239967661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-735380003-689412922-4239967661-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.4
FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.2.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: G:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: G:\Programme\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Users\Stieg\VLC Media Player\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.05 18:35:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.05 18:35:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.09.29 17:54:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\Extensions
[2012.12.18 16:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\Firefox\Profiles\frd9w31o.default\extensions
[2012.11.23 11:04:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Stieg\AppData\Roaming\mozilla\Firefox\Profiles\frd9w31o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.09.29 18:19:42 | 000,093,748 | ---- | M] () (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\firefox\profiles\frd9w31o.default\extensions\addictive_typing_lessons@tomkennedy.net.xpi
[2012.10.22 19:02:04 | 000,183,174 | ---- | M] () (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\firefox\profiles\frd9w31o.default\extensions\stealthyextension@gmail.com.xpi
[2012.09.29 18:23:47 | 000,004,404 | ---- | M] () (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\firefox\profiles\frd9w31o.default\extensions\youtubeunblocker@unblocker.yt.xpi
[2012.10.18 17:28:30 | 000,158,191 | ---- | M] () (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\firefox\profiles\frd9w31o.default\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}.xpi
[2012.12.18 16:50:04 | 000,532,971 | ---- | M] () (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\firefox\profiles\frd9w31o.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.12.06 12:48:13 | 000,109,804 | ---- | M] () (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\firefox\profiles\frd9w31o.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012.12.11 22:24:53 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\firefox\profiles\frd9w31o.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2012.11.25 00:37:22 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\firefox\profiles\frd9w31o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.29 18:23:47 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Stieg\AppData\Roaming\mozilla\firefox\profiles\frd9w31o.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012.12.05 18:35:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.12.05 18:35:21 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.09.06 03:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 03:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.09.06 03:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 03:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 03:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 03:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - G:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Programme\Java\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Programme\Java\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VIRTU_MVP_AUTORUN] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [GrooveMonitor] G:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Stieg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Stieg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Stieg\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - G:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Stieg\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - G:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A834EBC-BB60-463F-889E-01DA73515E54}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - G:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\appinit_dll.dll) - C:\Windows\SysNative\appinit_dll.dll (Lucidlogix Inc.)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\appinit_dll.dll) - C:\Windows\SysWOW64\appinit_dll.dll (Lucidlogix Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - G:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{22c35993-03f9-11e2-8a82-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{22c35993-03f9-11e2-8a82-806e6f6e6963}\Shell\AutoRun\command - "" = D:\ASRSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.21 15:59:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Stieg\Desktop\OTL.exe
[2012.12.21 15:47:57 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2012.12.21 15:47:48 | 000,000,000 | ---D | C] -- C:\JRT
[2012.12.21 15:44:53 | 000,495,874 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Stieg\Desktop\JRT.exe
[2012.12.21 00:24:06 | 000,000,000 | R--D | C] -- C:\Users\Stieg\Dropbox
[2012.12.21 00:23:11 | 000,000,000 | ---D | C] -- C:\Users\Stieg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012.12.21 00:22:58 | 000,000,000 | ---D | C] -- C:\Users\Stieg\AppData\Roaming\Dropbox
[2012.12.21 00:21:54 | 020,132,536 | ---- | C] (Dropbox, Inc.) -- C:\Users\Stieg\Desktop\Dropbox 1.6.6.exe
[2012.12.18 17:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.12.18 17:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.12.18 17:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.12.18 17:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.12.18 17:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2012.12.16 19:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.12.16 19:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.12.16 19:12:32 | 000,000,000 | ---D | C] -- C:\Users\Stieg\AppData\Local\Diagnostics
[2012.12.16 19:04:06 | 000,000,000 | ---D | C] -- C:\Users\Stieg\Documents\Remote Assistance Logs
[2012.12.16 18:43:22 | 000,000,000 | ---D | C] -- C:\Users\Stieg\Desktop\Neuer Ordner
[2012.12.16 17:59:29 | 000,000,000 | ---D | C] -- C:\Users\Stieg\AppData\Local\ElevatedDiagnostics
[2012.12.05 18:35:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.12.02 16:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
[2012.11.23 11:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.11.23 11:05:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.11.23 11:05:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.21 15:59:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stieg\Desktop\OTL.exe
[2012.12.21 15:53:29 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.21 15:53:29 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.21 15:52:52 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.21 15:52:52 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.21 15:52:52 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.21 15:52:52 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.21 15:52:52 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.21 15:48:55 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\fvfowu.job
[2012.12.21 15:46:18 | 000,034,752 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2012.12.21 15:46:17 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.12.21 15:46:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.21 15:46:12 | 3137,126,400 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.21 15:45:01 | 000,495,874 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Stieg\Desktop\JRT.exe
[2012.12.21 15:44:48 | 000,547,175 | ---- | M] () -- C:\Users\Stieg\Desktop\adwcleaner.exe
[2012.12.21 15:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.21 03:15:38 | 000,418,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.21 00:24:06 | 000,001,001 | ---- | M] () -- C:\Users\Stieg\Desktop\Dropbox.lnk
[2012.12.21 00:23:18 | 000,001,011 | ---- | M] () -- C:\Users\Stieg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.12.21 00:22:47 | 020,132,536 | ---- | M] (Dropbox, Inc.) -- C:\Users\Stieg\Desktop\Dropbox 1.6.6.exe
[2012.12.18 17:08:38 | 000,001,557 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.16 19:39:55 | 000,000,206 | ---- | M] () -- C:\Users\Stieg\Documents\cc_20121216_193953.reg
[2012.12.16 19:39:00 | 000,006,920 | ---- | M] () -- C:\Users\Stieg\Documents\cc_20121216_193856.reg
[2012.12.16 19:36:24 | 000,039,492 | ---- | M] () -- C:\Users\Stieg\Documents\cc_20121216_193618.reg
[2012.12.16 19:35:48 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.15 14:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012.12.11 22:11:56 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.12.11 22:11:56 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.12.10 19:54:09 | 000,122,880 | RHS- | M] () -- C:\Windows\SysWow64\takeownd.dll
[2012.12.02 16:37:24 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\Metin2.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.12.21 15:44:46 | 000,547,175 | ---- | C] () -- C:\Users\Stieg\Desktop\adwcleaner.exe
[2012.12.21 00:24:06 | 000,001,001 | ---- | C] () -- C:\Users\Stieg\Desktop\Dropbox.lnk
[2012.12.21 00:23:18 | 000,001,011 | ---- | C] () -- C:\Users\Stieg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.12.18 17:08:38 | 000,001,557 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.12.16 19:39:54 | 000,000,206 | ---- | C] () -- C:\Users\Stieg\Documents\cc_20121216_193953.reg
[2012.12.16 19:38:57 | 000,006,920 | ---- | C] () -- C:\Users\Stieg\Documents\cc_20121216_193856.reg
[2012.12.16 19:36:21 | 000,039,492 | ---- | C] () -- C:\Users\Stieg\Documents\cc_20121216_193618.reg
[2012.12.16 19:35:48 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.10 19:54:09 | 000,122,880 | RHS- | C] () -- C:\Windows\SysWow64\takeownd.dll
[2012.12.10 19:54:09 | 000,000,306 | ---- | C] () -- C:\Windows\tasks\fvfowu.job
[2012.12.02 16:37:24 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\Metin2.lnk
[2012.10.10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.10.10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.10.10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.09.21 15:51:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.21 15:37:50 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.09.21 15:37:50 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.09.21 15:37:50 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.07.28 02:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.07.28 02:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.12.21 15:46:26 | 000,000,000 | ---D | M] -- C:\Users\Stieg\AppData\Roaming\Dropbox
[2012.11.08 20:20:51 | 000,000,000 | ---D | M] -- C:\Users\Stieg\AppData\Roaming\DVDVideoSoft
[2012.12.02 10:52:39 | 000,000,000 | ---D | M] -- C:\Users\Stieg\AppData\Roaming\Origin
[2012.12.10 21:37:32 | 000,000,000 | ---D | M] -- C:\Users\Stieg\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 

< End of report >
         

Ich hoffe, dass Ihr mir anhand dessen schon helfen könnt bzw. mir die weiteren Schritte erklärt.
Vielen Dank im Voraus.

Gruß
Stieg

Alt 21.12.2012, 15:34   #2
markusg
/// Malware-holic
 
ihavenet-Virus - Standard

ihavenet-Virus



hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
[2012.12.10 19:54:09 | 000,122,880 | RHS- | M] () -- C:\Windows\SysWow64\takeownd.dll
[2012.12.21 15:48:55 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\fvfowu.job
 :Files
:Commands
[EMPTYFLASH] 
[emptytemp]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
downloade get info:
http://markusg.trojaner-board.de/GetInfo.exe
doppelklicke die .exe
im selben ordner wird nun eine .txt erstellt:
summary-info.txt
diese doppelklicken und deren inhalt posten.

Frage:
hast du zum infektionszeitpunkt, bzw evtl. einen tag davor, etwas runtergeladen und instaliert bzw ausgeführt?
wurdest du beim besuch einer seite aufgefordert etwas zu instalieren bzw runterzuladen? diese infos hätte ich auch gern als private nachicht.
__________________

__________________

Alt 23.12.2012, 02:22   #3
Stieg
 
ihavenet-Virus - Standard

ihavenet-Virus



Oh, das wusste ich nicht, werde ich bei dem nächsten Problem (was hoffentlich dann noch lange auf sich warten lässt) beachten.

Code:
ATTFilter
All processes killed
========== OTL ==========
File C:\Windows\SysWow64\takeownd.dll not found.
File C:\Windows\tasks\fvfowu.job not found.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: Stieg
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Stieg
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 327814 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 1857708 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 2,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 12232012_031530

Files\Folders moved on Reboot...
File\Folder C:\Users\Stieg\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         

Upload der Datei hat einwandfrei funktioniert.

Code:
ATTFilter
Datei: MovedFiles.zip_1 empfangen

Vorgang erfolgreich abgeschlossen.
         

Eine private Mail werde ich dir gleich noch schreiben.

Gruß
__________________

Alt 27.12.2012, 14:32   #4
markusg
/// Malware-holic
 
ihavenet-Virus - Standard

ihavenet-Virus



Hi,
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.01.2013, 22:36   #5
Stieg
 
ihavenet-Virus - Standard

ihavenet-Virus



Hey,

hab ich erledigt, hier ist der log.


Code:
ATTFilter
23:32:41.0143 3916  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:32:41.0703 3916  ============================================================
23:32:41.0703 3916  Current date / time: 2013/01/02 23:32:41.0703
23:32:41.0703 3916  SystemInfo:
23:32:41.0703 3916  
23:32:41.0703 3916  OS Version: 6.1.7601 ServicePack: 1.0
23:32:41.0703 3916  Product type: Workstation
23:32:41.0704 3916  ComputerName: PC
23:32:41.0704 3916  UserName: Stieg
23:32:41.0704 3916  Windows directory: C:\Windows
23:32:41.0704 3916  System windows directory: C:\Windows
23:32:41.0704 3916  Running under WOW64
23:32:41.0704 3916  Processor architecture: Intel x64
23:32:41.0704 3916  Number of processors: 4
23:32:41.0704 3916  Page size: 0x1000
23:32:41.0704 3916  Boot type: Normal boot
23:32:41.0704 3916  ============================================================
23:32:41.0947 3916  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:32:41.0948 3916  Drive \Device\Harddisk1\DR1 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:32:41.0950 3916  ============================================================
23:32:41.0950 3916  \Device\Harddisk0\DR0:
23:32:41.0950 3916  MBR partitions:
23:32:41.0950 3916  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
23:32:41.0950 3916  \Device\Harddisk1\DR1:
23:32:41.0951 3916  MBR partitions:
23:32:41.0951 3916  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:32:41.0951 3916  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x770D800
23:32:41.0951 3916  ============================================================
23:32:41.0951 3916  C: <-> \Device\Harddisk1\DR1\Partition2
23:32:41.0968 3916  G: <-> \Device\Harddisk0\DR0\Partition1
23:32:41.0968 3916  ============================================================
23:32:41.0968 3916  Initialize success
23:32:41.0968 3916  ============================================================
23:32:57.0291 6048  ============================================================
23:32:57.0291 6048  Scan started
23:32:57.0291 6048  Mode: Manual; SigCheck; TDLFS; 
23:32:57.0291 6048  ============================================================
23:32:57.0385 6048  ================ Scan system memory ========================
23:32:57.0385 6048  System memory - ok
23:32:57.0386 6048  ================ Scan services =============================
23:32:57.0412 6048  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:32:57.0464 6048  1394ohci - ok
23:32:57.0470 6048  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:32:57.0485 6048  ACPI - ok
23:32:57.0488 6048  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:32:57.0509 6048  AcpiPmi - ok
23:32:57.0514 6048  [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:32:57.0529 6048  AdobeARMservice - ok
23:32:57.0547 6048  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:32:57.0557 6048  AdobeFlashPlayerUpdateSvc - ok
23:32:57.0565 6048  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:32:57.0586 6048  adp94xx - ok
23:32:57.0591 6048  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:32:57.0606 6048  adpahci - ok
23:32:57.0609 6048  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:32:57.0622 6048  adpu320 - ok
23:32:57.0626 6048  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:32:57.0667 6048  AeLookupSvc - ok
23:32:57.0674 6048  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:32:57.0688 6048  AFD - ok
23:32:57.0691 6048  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:32:57.0701 6048  agp440 - ok
23:32:57.0704 6048  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:32:57.0717 6048  ALG - ok
23:32:57.0720 6048  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:32:57.0729 6048  aliide - ok
23:32:57.0734 6048  [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:32:57.0758 6048  AMD External Events Utility - ok
23:32:57.0762 6048  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:32:57.0771 6048  amdide - ok
23:32:57.0774 6048  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:32:57.0785 6048  AmdK8 - ok
23:32:57.0859 6048  [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:32:58.0003 6048  amdkmdag - ok
23:32:58.0012 6048  [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:32:58.0031 6048  amdkmdap - ok
23:32:58.0035 6048  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:32:58.0048 6048  AmdPPM - ok
23:32:58.0052 6048  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:32:58.0063 6048  amdsata - ok
23:32:58.0067 6048  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:32:58.0081 6048  amdsbs - ok
23:32:58.0085 6048  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:32:58.0097 6048  amdxata - ok
23:32:58.0103 6048  [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:32:58.0114 6048  AntiVirSchedulerService - ok
23:32:58.0117 6048  [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:32:58.0129 6048  AntiVirService - ok
23:32:58.0132 6048  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:32:58.0174 6048  AppID - ok
23:32:58.0177 6048  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:32:58.0208 6048  AppIDSvc - ok
23:32:58.0211 6048  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:32:58.0239 6048  Appinfo - ok
23:32:58.0244 6048  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:32:58.0257 6048  Apple Mobile Device - ok
23:32:58.0261 6048  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
23:32:58.0272 6048  arc - ok
23:32:58.0275 6048  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:32:58.0288 6048  arcsas - ok
23:32:58.0291 6048  [ 4DFF4312661F54EE87DC9A13CAEE60E0 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
23:32:58.0306 6048  asahci64 - ok
23:32:58.0309 6048  [ E1AFEE1584C74050DE0DD16DE2A54BF3 ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys
23:32:58.0319 6048  AsrAppCharger - ok
23:32:58.0322 6048  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:32:58.0352 6048  AsyncMac - ok
23:32:58.0355 6048  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:32:58.0368 6048  atapi - ok
23:32:58.0372 6048  [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:32:58.0382 6048  AtiHDAudioService - ok
23:32:58.0391 6048  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:32:58.0435 6048  AudioEndpointBuilder - ok
23:32:58.0442 6048  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:32:58.0474 6048  AudioSrv - ok
23:32:58.0478 6048  [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:32:58.0488 6048  avgntflt - ok
23:32:58.0492 6048  [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:32:58.0506 6048  avipbb - ok
23:32:58.0508 6048  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:32:58.0518 6048  avkmgr - ok
23:32:58.0522 6048  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:32:58.0541 6048  AxInstSV - ok
23:32:58.0548 6048  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:32:58.0566 6048  b06bdrv - ok
23:32:58.0572 6048  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:32:58.0589 6048  b57nd60a - ok
23:32:58.0594 6048  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:32:58.0606 6048  BDESVC - ok
23:32:58.0609 6048  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:32:58.0640 6048  Beep - ok
23:32:58.0649 6048  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:32:58.0690 6048  BFE - ok
23:32:58.0699 6048  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
23:32:58.0743 6048  BITS - ok
23:32:58.0746 6048  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:32:58.0760 6048  blbdrive - ok
23:32:58.0766 6048  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:32:58.0783 6048  Bonjour Service - ok
23:32:58.0787 6048  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:32:58.0799 6048  bowser - ok
23:32:58.0803 6048  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:32:58.0818 6048  BrFiltLo - ok
23:32:58.0821 6048  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:32:58.0833 6048  BrFiltUp - ok
23:32:58.0837 6048  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
23:32:58.0851 6048  Browser - ok
23:32:58.0857 6048  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:32:58.0872 6048  Brserid - ok
23:32:58.0875 6048  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:32:58.0890 6048  BrSerWdm - ok
23:32:58.0893 6048  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:32:58.0908 6048  BrUsbMdm - ok
23:32:58.0911 6048  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:32:58.0921 6048  BrUsbSer - ok
23:32:58.0924 6048  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:32:58.0939 6048  BTHMODEM - ok
23:32:58.0944 6048  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:32:58.0974 6048  bthserv - ok
23:32:58.0978 6048  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:32:59.0010 6048  cdfs - ok
23:32:59.0014 6048  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:32:59.0029 6048  cdrom - ok
23:32:59.0033 6048  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:32:59.0063 6048  CertPropSvc - ok
23:32:59.0067 6048  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
23:32:59.0082 6048  circlass - ok
23:32:59.0088 6048  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:32:59.0101 6048  CLFS - ok
23:32:59.0107 6048  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:32:59.0120 6048  clr_optimization_v2.0.50727_32 - ok
23:32:59.0126 6048  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:32:59.0138 6048  clr_optimization_v2.0.50727_64 - ok
23:32:59.0144 6048  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:32:59.0158 6048  clr_optimization_v4.0.30319_32 - ok
23:32:59.0164 6048  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:32:59.0172 6048  clr_optimization_v4.0.30319_64 - ok
23:32:59.0174 6048  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:32:59.0184 6048  CmBatt - ok
23:32:59.0187 6048  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:32:59.0196 6048  cmdide - ok
23:32:59.0202 6048  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
23:32:59.0224 6048  CNG - ok
23:32:59.0227 6048  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:32:59.0237 6048  Compbatt - ok
23:32:59.0239 6048  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:32:59.0253 6048  CompositeBus - ok
23:32:59.0255 6048  COMSysApp - ok
23:32:59.0261 6048  [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
23:32:59.0276 6048  cphs - ok
23:32:59.0279 6048  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:32:59.0288 6048  crcdisk - ok
23:32:59.0293 6048  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:32:59.0308 6048  CryptSvc - ok
23:32:59.0315 6048  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:32:59.0366 6048  DcomLaunch - ok
23:32:59.0371 6048  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:32:59.0399 6048  defragsvc - ok
23:32:59.0402 6048  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:32:59.0444 6048  DfsC - ok
23:32:59.0450 6048  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:32:59.0469 6048  Dhcp - ok
23:32:59.0473 6048  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:32:59.0503 6048  discache - ok
23:32:59.0506 6048  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
23:32:59.0520 6048  Disk - ok
23:32:59.0524 6048  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:32:59.0542 6048  Dnscache - ok
23:32:59.0546 6048  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:32:59.0582 6048  dot3svc - ok
23:32:59.0586 6048  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:32:59.0616 6048  DPS - ok
23:32:59.0619 6048  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:32:59.0631 6048  drmkaud - ok
23:32:59.0642 6048  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:32:59.0668 6048  DXGKrnl - ok
23:32:59.0671 6048  EagleX64 - ok
23:32:59.0675 6048  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:32:59.0709 6048  EapHost - ok
23:32:59.0734 6048  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:32:59.0782 6048  ebdrv - ok
23:32:59.0787 6048  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:32:59.0799 6048  EFS - ok
23:32:59.0809 6048  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:32:59.0830 6048  ehRecvr - ok
23:32:59.0833 6048  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:32:59.0846 6048  ehSched - ok
23:32:59.0853 6048  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:32:59.0871 6048  elxstor - ok
23:32:59.0873 6048  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:32:59.0884 6048  ErrDev - ok
23:32:59.0892 6048  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:32:59.0920 6048  EventSystem - ok
23:32:59.0924 6048  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:32:59.0953 6048  exfat - ok
23:32:59.0957 6048  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:32:59.0988 6048  fastfat - ok
23:32:59.0996 6048  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:33:00.0011 6048  Fax - ok
23:33:00.0014 6048  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
23:33:00.0024 6048  fdc - ok
23:33:00.0027 6048  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:33:00.0052 6048  fdPHost - ok
23:33:00.0055 6048  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:33:00.0079 6048  FDResPub - ok
23:33:00.0082 6048  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:33:00.0093 6048  FileInfo - ok
23:33:00.0096 6048  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:33:00.0123 6048  Filetrace - ok
23:33:00.0125 6048  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:33:00.0135 6048  flpydisk - ok
23:33:00.0142 6048  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:33:00.0157 6048  FltMgr - ok
23:33:00.0169 6048  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
23:33:00.0188 6048  FontCache - ok
23:33:00.0192 6048  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:33:00.0201 6048  FontCache3.0.0.0 - ok
23:33:00.0204 6048  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:33:00.0214 6048  FsDepends - ok
23:33:00.0217 6048  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:33:00.0226 6048  Fs_Rec - ok
23:33:00.0231 6048  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:33:00.0243 6048  fvevol - ok
23:33:00.0246 6048  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:33:00.0256 6048  gagp30kx - ok
23:33:00.0259 6048  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:33:00.0267 6048  GEARAspiWDM - ok
23:33:00.0276 6048  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:33:00.0315 6048  gpsvc - ok
23:33:00.0321 6048  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:33:00.0333 6048  hcw85cir - ok
23:33:00.0342 6048  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:33:00.0360 6048  HdAudAddService - ok
23:33:00.0366 6048  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:33:00.0377 6048  HDAudBus - ok
23:33:00.0379 6048  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:33:00.0390 6048  HidBatt - ok
23:33:00.0393 6048  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:33:00.0408 6048  HidBth - ok
23:33:00.0411 6048  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:33:00.0424 6048  HidIr - ok
23:33:00.0426 6048  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
23:33:00.0454 6048  hidserv - ok
23:33:00.0457 6048  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:33:00.0468 6048  HidUsb - ok
23:33:00.0471 6048  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:33:00.0499 6048  hkmsvc - ok
23:33:00.0504 6048  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:33:00.0520 6048  HomeGroupListener - ok
23:33:00.0524 6048  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:33:00.0539 6048  HomeGroupProvider - ok
23:33:00.0542 6048  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:33:00.0553 6048  HpSAMD - ok
23:33:00.0562 6048  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:33:00.0595 6048  HTTP - ok
23:33:00.0597 6048  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:33:00.0604 6048  hwpolicy - ok
23:33:00.0607 6048  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:33:00.0621 6048  i8042prt - ok
23:33:00.0630 6048  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
23:33:00.0641 6048  iaStor - ok
23:33:00.0646 6048  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:33:00.0652 6048  IAStorDataMgrSvc - ok
23:33:00.0658 6048  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:33:00.0673 6048  iaStorV - ok
23:33:00.0677 6048  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:33:00.0687 6048  IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:33:00.0687 6048  IDriverT - detected UnsignedFile.Multi.Generic (1)
23:33:00.0697 6048  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:33:00.0729 6048  idsvc - ok
23:33:00.0769 6048  [ A1CF07D24EDCDC6870535471654D957C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:33:00.0842 6048  igfx - ok
23:33:00.0845 6048  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:33:00.0856 6048  iirsp - ok
23:33:00.0858 6048  [ 67999A9D34A0B2479381E7A61AFC37AB ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
23:33:00.0867 6048  ikbevent - ok
23:33:00.0876 6048  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:33:00.0916 6048  IKEEXT - ok
23:33:00.0919 6048  [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4 ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
23:33:00.0927 6048  imsevent - ok
23:33:00.0951 6048  [ F2744FD54BE1580BE05916D1C755C92A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:33:01.0006 6048  IntcAzAudAddService - ok
23:33:01.0011 6048  [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
23:33:01.0021 6048  IntcDAud ( UnsignedFile.Multi.Generic ) - warning
23:33:01.0022 6048  IntcDAud - detected UnsignedFile.Multi.Generic (1)
23:33:01.0031 6048  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:33:01.0051 6048  Intel(R) Capability Licensing Service Interface - ok
23:33:01.0055 6048  [ 709C8623721A1F1EF388EA75A07EC33B ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
23:33:01.0064 6048  Intel(R) ME Service ( UnsignedFile.Multi.Generic ) - warning
23:33:01.0064 6048  Intel(R) ME Service - detected UnsignedFile.Multi.Generic (1)
23:33:01.0066 6048  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:33:01.0076 6048  intelide - ok
23:33:01.0079 6048  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:33:01.0087 6048  intelppm - ok
23:33:01.0090 6048  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:33:01.0120 6048  IPBusEnum - ok
23:33:01.0122 6048  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:33:01.0149 6048  IpFilterDriver - ok
23:33:01.0156 6048  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:33:01.0170 6048  iphlpsvc - ok
23:33:01.0174 6048  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:33:01.0186 6048  IPMIDRV - ok
23:33:01.0189 6048  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:33:01.0218 6048  IPNAT - ok
23:33:01.0226 6048  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:33:01.0240 6048  iPod Service - ok
23:33:01.0242 6048  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:33:01.0256 6048  IRENUM - ok
23:33:01.0258 6048  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:33:01.0267 6048  isapnp - ok
23:33:01.0272 6048  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:33:01.0287 6048  iScsiPrt - ok
23:33:01.0290 6048  [ 970995B7C36F4408ED31C3BF204FE1F5 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
23:33:01.0299 6048  ISCT - ok
23:33:01.0303 6048  [ 6F60B7AD044924B8C1E32D692C593612 ] ISCTAgent       C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
23:33:01.0314 6048  ISCTAgent - ok
23:33:01.0317 6048  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
23:33:01.0325 6048  iusb3hcs - ok
23:33:01.0331 6048  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
23:33:01.0347 6048  iusb3hub - ok
23:33:01.0356 6048  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
23:33:01.0380 6048  iusb3xhc - ok
23:33:01.0383 6048  [ C44B44E24B929631D9D7368F5B2B40CF ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:33:01.0395 6048  jhi_service - ok
23:33:01.0398 6048  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:33:01.0408 6048  kbdclass - ok
23:33:01.0411 6048  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:33:01.0422 6048  kbdhid - ok
23:33:01.0424 6048  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:33:01.0432 6048  KeyIso - ok
23:33:01.0436 6048  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:33:01.0449 6048  KSecDD - ok
23:33:01.0456 6048  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:33:01.0469 6048  KSecPkg - ok
23:33:01.0472 6048  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:33:01.0499 6048  ksthunk - ok
23:33:01.0505 6048  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:33:01.0539 6048  KtmRm - ok
23:33:01.0543 6048  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:33:01.0575 6048  LanmanServer - ok
23:33:01.0578 6048  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:33:01.0608 6048  LanmanWorkstation - ok
23:33:01.0612 6048  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:33:01.0639 6048  lltdio - ok
23:33:01.0644 6048  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:33:01.0674 6048  lltdsvc - ok
23:33:01.0677 6048  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:33:01.0704 6048  lmhosts - ok
23:33:01.0709 6048  [ 75F29D77B0540FCF47EE3BE000BBABDA ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:33:01.0718 6048  LMS - ok
23:33:01.0723 6048  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:33:01.0734 6048  LSI_FC - ok
23:33:01.0737 6048  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:33:01.0748 6048  LSI_SAS - ok
23:33:01.0752 6048  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:33:01.0762 6048  LSI_SAS2 - ok
23:33:01.0765 6048  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:33:01.0777 6048  LSI_SCSI - ok
23:33:01.0780 6048  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:33:01.0808 6048  luafv - ok
23:33:01.0811 6048  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:33:01.0820 6048  MBAMProtector - ok
23:33:01.0854 6048  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   G:\Programme\Malewarebytes\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:33:01.0873 6048  MBAMScheduler - ok
23:33:01.0895 6048  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     G:\Programme\Malewarebytes\Malwarebytes' Anti-Malware\mbamservice.exe
23:33:01.0924 6048  MBAMService - ok
23:33:01.0926 6048  [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
23:33:01.0935 6048  MBfilt - ok
23:33:01.0938 6048  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:33:01.0952 6048  Mcx2Svc - ok
23:33:01.0955 6048  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:33:01.0965 6048  megasas - ok
23:33:01.0971 6048  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:33:01.0985 6048  MegaSR - ok
23:33:01.0988 6048  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:33:01.0998 6048  MEIx64 - ok
23:33:02.0033 6048  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service G:\Programme\Microsoft Office\Office12\GrooveAuditService.exe
23:33:02.0053 6048  Microsoft Office Groove Audit Service - ok
23:33:02.0058 6048  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:33:02.0088 6048  MMCSS - ok
23:33:02.0091 6048  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:33:02.0118 6048  Modem - ok
23:33:02.0120 6048  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:33:02.0130 6048  monitor - ok
23:33:02.0133 6048  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:33:02.0143 6048  mouclass - ok
23:33:02.0146 6048  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:33:02.0157 6048  mouhid - ok
23:33:02.0161 6048  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:33:02.0169 6048  mountmgr - ok
23:33:02.0172 6048  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:33:02.0184 6048  MozillaMaintenance - ok
23:33:02.0188 6048  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:33:02.0200 6048  mpio - ok
23:33:02.0203 6048  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:33:02.0230 6048  mpsdrv - ok
23:33:02.0240 6048  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:33:02.0280 6048  MpsSvc - ok
23:33:02.0284 6048  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:33:02.0300 6048  MRxDAV - ok
23:33:02.0306 6048  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:33:02.0319 6048  mrxsmb - ok
23:33:02.0324 6048  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:33:02.0338 6048  mrxsmb10 - ok
23:33:02.0342 6048  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:33:02.0353 6048  mrxsmb20 - ok
23:33:02.0356 6048  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:33:02.0365 6048  msahci - ok
23:33:02.0369 6048  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:33:02.0381 6048  msdsm - ok
23:33:02.0386 6048  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:33:02.0399 6048  MSDTC - ok
23:33:02.0405 6048  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:33:02.0431 6048  Msfs - ok
23:33:02.0434 6048  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:33:02.0459 6048  mshidkmdf - ok
23:33:02.0461 6048  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:33:02.0470 6048  msisadrv - ok
23:33:02.0474 6048  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:33:02.0503 6048  MSiSCSI - ok
23:33:02.0505 6048  msiserver - ok
23:33:02.0508 6048  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:33:02.0533 6048  MSKSSRV - ok
23:33:02.0536 6048  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:33:02.0562 6048  MSPCLOCK - ok
23:33:02.0564 6048  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:33:02.0590 6048  MSPQM - ok
23:33:02.0596 6048  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:33:02.0611 6048  MsRPC - ok
23:33:02.0615 6048  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:33:02.0622 6048  mssmbios - ok
23:33:02.0624 6048  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:33:02.0650 6048  MSTEE - ok
23:33:02.0652 6048  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:33:02.0663 6048  MTConfig - ok
23:33:02.0665 6048  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:33:02.0676 6048  Mup - ok
23:33:02.0682 6048  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:33:02.0711 6048  napagent - ok
23:33:02.0717 6048  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:33:02.0737 6048  NativeWifiP - ok
23:33:02.0748 6048  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:33:02.0767 6048  NDIS - ok
23:33:02.0770 6048  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:33:02.0796 6048  NdisCap - ok
23:33:02.0799 6048  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:33:02.0825 6048  NdisTapi - ok
23:33:02.0828 6048  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:33:02.0855 6048  Ndisuio - ok
23:33:02.0859 6048  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:33:02.0888 6048  NdisWan - ok
23:33:02.0890 6048  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:33:02.0917 6048  NDProxy - ok
23:33:02.0920 6048  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:33:02.0947 6048  NetBIOS - ok
23:33:02.0951 6048  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:33:02.0977 6048  NetBT - ok
23:33:02.0980 6048  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:33:02.0988 6048  Netlogon - ok
23:33:02.0993 6048  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:33:03.0022 6048  Netman - ok
23:33:03.0028 6048  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:33:03.0065 6048  netprofm - ok
23:33:03.0068 6048  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:33:03.0080 6048  NetTcpPortSharing - ok
23:33:03.0082 6048  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:33:03.0093 6048  nfrd960 - ok
23:33:03.0098 6048  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:33:03.0114 6048  NlaSvc - ok
23:33:03.0117 6048  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:33:03.0144 6048  Npfs - ok
23:33:03.0147 6048  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:33:03.0174 6048  nsi - ok
23:33:03.0177 6048  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:33:03.0202 6048  nsiproxy - ok
23:33:03.0218 6048  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:33:03.0255 6048  Ntfs - ok
23:33:03.0257 6048  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:33:03.0283 6048  Null - ok
23:33:03.0287 6048  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:33:03.0299 6048  nvraid - ok
23:33:03.0303 6048  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:33:03.0316 6048  nvstor - ok
23:33:03.0320 6048  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:33:03.0331 6048  nv_agp - ok
23:33:03.0339 6048  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:33:03.0358 6048  odserv - ok
23:33:03.0361 6048  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:33:03.0374 6048  ohci1394 - ok
23:33:03.0377 6048  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:33:03.0389 6048  ose - ok
23:33:03.0396 6048  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:33:03.0407 6048  p2pimsvc - ok
23:33:03.0413 6048  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:33:03.0430 6048  p2psvc - ok
23:33:03.0434 6048  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
23:33:03.0446 6048  Parport - ok
23:33:03.0448 6048  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:33:03.0460 6048  partmgr - ok
23:33:03.0464 6048  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:33:03.0483 6048  PcaSvc - ok
23:33:03.0487 6048  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:33:03.0496 6048  pci - ok
23:33:03.0498 6048  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:33:03.0507 6048  pciide - ok
23:33:03.0511 6048  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:33:03.0525 6048  pcmcia - ok
23:33:03.0528 6048  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:33:03.0538 6048  pcw - ok
23:33:03.0545 6048  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:33:03.0584 6048  PEAUTH - ok
23:33:03.0602 6048  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:33:03.0613 6048  PerfHost - ok
23:33:03.0631 6048  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:33:03.0676 6048  pla - ok
23:33:03.0682 6048  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:33:03.0701 6048  PlugPlay - ok
23:33:03.0704 6048  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:33:03.0715 6048  PNRPAutoReg - ok
23:33:03.0720 6048  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:33:03.0730 6048  PNRPsvc - ok
23:33:03.0737 6048  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:33:03.0765 6048  PolicyAgent - ok
23:33:03.0771 6048  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:33:03.0797 6048  Power - ok
23:33:03.0800 6048  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:33:03.0828 6048  PptpMiniport - ok
23:33:03.0831 6048  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
23:33:03.0843 6048  Processor - ok
23:33:03.0847 6048  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:33:03.0863 6048  ProfSvc - ok
23:33:03.0865 6048  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:33:03.0873 6048  ProtectedStorage - ok
23:33:03.0876 6048  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:33:03.0901 6048  Psched - ok
23:33:03.0916 6048  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:33:03.0947 6048  ql2300 - ok
23:33:03.0951 6048  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:33:03.0963 6048  ql40xx - ok
23:33:03.0967 6048  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:33:03.0986 6048  QWAVE - ok
23:33:03.0989 6048  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:33:04.0003 6048  QWAVEdrv - ok
23:33:04.0005 6048  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:33:04.0031 6048  RasAcd - ok
23:33:04.0035 6048  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:33:04.0062 6048  RasAgileVpn - ok
23:33:04.0065 6048  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:33:04.0094 6048  RasAuto - ok
23:33:04.0098 6048  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:33:04.0126 6048  Rasl2tp - ok
23:33:04.0131 6048  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:33:04.0163 6048  RasMan - ok
23:33:04.0166 6048  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:33:04.0195 6048  RasPppoe - ok
23:33:04.0198 6048  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:33:04.0226 6048  RasSstp - ok
23:33:04.0231 6048  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:33:04.0262 6048  rdbss - ok
23:33:04.0265 6048  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
23:33:04.0277 6048  rdpbus - ok
23:33:04.0280 6048  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:33:04.0304 6048  RDPCDD - ok
23:33:04.0308 6048  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:33:04.0333 6048  RDPENCDD - ok
23:33:04.0336 6048  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:33:04.0360 6048  RDPREFMP - ok
23:33:04.0366 6048  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:33:04.0375 6048  RdpVideoMiniport - ok
23:33:04.0380 6048  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:33:04.0393 6048  RDPWD - ok
23:33:04.0398 6048  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:33:04.0412 6048  rdyboost - ok
23:33:04.0415 6048  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:33:04.0444 6048  RemoteAccess - ok
23:33:04.0447 6048  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:33:04.0478 6048  RemoteRegistry - ok
23:33:04.0481 6048  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:33:04.0510 6048  RpcEptMapper - ok
23:33:04.0512 6048  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:33:04.0523 6048  RpcLocator - ok
23:33:04.0530 6048  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
23:33:04.0558 6048  RpcSs - ok
23:33:04.0565 6048  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:33:04.0593 6048  rspndr - ok
23:33:04.0601 6048  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:33:04.0617 6048  RTL8167 - ok
23:33:04.0620 6048  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:33:04.0628 6048  SamSs - ok
23:33:04.0631 6048  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:33:04.0642 6048  sbp2port - ok
23:33:04.0647 6048  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:33:04.0676 6048  SCardSvr - ok
23:33:04.0679 6048  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:33:04.0705 6048  scfilter - ok
23:33:04.0718 6048  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:33:04.0763 6048  Schedule - ok
23:33:04.0766 6048  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:33:04.0789 6048  SCPolicySvc - ok
23:33:04.0794 6048  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:33:04.0803 6048  SDRSVC - ok
23:33:04.0806 6048  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:33:04.0832 6048  secdrv - ok
23:33:04.0835 6048  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:33:04.0862 6048  seclogon - ok
23:33:04.0865 6048  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
23:33:04.0894 6048  SENS - ok
23:33:04.0897 6048  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:33:04.0908 6048  SensrSvc - ok
23:33:04.0911 6048  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:33:04.0921 6048  Serenum - ok
23:33:04.0924 6048  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:33:04.0936 6048  Serial - ok
23:33:04.0939 6048  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:33:04.0949 6048  sermouse - ok
23:33:04.0956 6048  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:33:04.0985 6048  SessionEnv - ok
23:33:04.0987 6048  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:33:04.0998 6048  sffdisk - ok
23:33:05.0001 6048  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:33:05.0013 6048  sffp_mmc - ok
23:33:05.0015 6048  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:33:05.0027 6048  sffp_sd - ok
23:33:05.0030 6048  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:33:05.0040 6048  sfloppy - ok
23:33:05.0045 6048  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:33:05.0077 6048  SharedAccess - ok
23:33:05.0083 6048  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:33:05.0115 6048  ShellHWDetection - ok
23:33:05.0118 6048  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:33:05.0128 6048  SiSRaid2 - ok
23:33:05.0131 6048  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:33:05.0142 6048  SiSRaid4 - ok
23:33:05.0145 6048  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:33:05.0174 6048  Smb - ok
23:33:05.0178 6048  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:33:05.0190 6048  SNMPTRAP - ok
23:33:05.0192 6048  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:33:05.0202 6048  spldr - ok
23:33:05.0209 6048  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
23:33:05.0229 6048  Spooler - ok
23:33:05.0258 6048  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:33:05.0317 6048  sppsvc - ok
23:33:05.0321 6048  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:33:05.0349 6048  sppuinotify - ok
23:33:05.0358 6048  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:33:05.0376 6048  srv - ok
23:33:05.0381 6048  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:33:05.0399 6048  srv2 - ok
23:33:05.0403 6048  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:33:05.0415 6048  srvnet - ok
23:33:05.0420 6048  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:33:05.0447 6048  SSDPSRV - ok
23:33:05.0450 6048  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:33:05.0479 6048  SstpSvc - ok
23:33:05.0482 6048  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:33:05.0492 6048  stexstor - ok
23:33:05.0499 6048  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:33:05.0523 6048  stisvc - ok
23:33:05.0525 6048  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:33:05.0534 6048  swenum - ok
23:33:05.0541 6048  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:33:05.0571 6048  swprv - ok
23:33:05.0588 6048  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:33:05.0617 6048  SysMain - ok
23:33:05.0620 6048  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:33:05.0637 6048  TabletInputService - ok
23:33:05.0642 6048  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:33:05.0674 6048  TapiSrv - ok
23:33:05.0677 6048  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:33:05.0703 6048  TBS - ok
23:33:05.0719 6048  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:33:05.0764 6048  Tcpip - ok
23:33:05.0780 6048  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:33:05.0807 6048  TCPIP6 - ok
23:33:05.0812 6048  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:33:05.0823 6048  tcpipreg - ok
23:33:05.0826 6048  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:33:05.0836 6048  TDPIPE - ok
23:33:05.0838 6048  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:33:05.0848 6048  TDTCP - ok
23:33:05.0852 6048  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:33:05.0878 6048  tdx - ok
23:33:05.0881 6048  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:33:05.0892 6048  TermDD - ok
23:33:05.0900 6048  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:33:05.0939 6048  TermService - ok
23:33:05.0944 6048  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:33:05.0959 6048  Themes - ok
23:33:05.0962 6048  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:33:05.0987 6048  THREADORDER - ok
23:33:05.0990 6048  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:33:06.0021 6048  TrkWks - ok
23:33:06.0025 6048  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:33:06.0049 6048  TrustedInstaller - ok
23:33:06.0053 6048  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:33:06.0080 6048  tssecsrv - ok
23:33:06.0083 6048  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:33:06.0094 6048  TsUsbFlt - ok
23:33:06.0096 6048  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:33:06.0106 6048  TsUsbGD - ok
23:33:06.0110 6048  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:33:06.0138 6048  tunnel - ok
23:33:06.0140 6048  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:33:06.0151 6048  uagp35 - ok
23:33:06.0157 6048  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:33:06.0188 6048  udfs - ok
23:33:06.0193 6048  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:33:06.0207 6048  UI0Detect - ok
23:33:06.0209 6048  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:33:06.0220 6048  uliagpkx - ok
23:33:06.0223 6048  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:33:06.0235 6048  umbus - ok
23:33:06.0237 6048  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:33:06.0247 6048  UmPass - ok
23:33:06.0252 6048  [ 193AD338F2A64D17300AD640ADFA5D0A ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:33:06.0262 6048  UNS - ok
23:33:06.0268 6048  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:33:06.0300 6048  upnphost - ok
23:33:06.0303 6048  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:33:06.0311 6048  USBAAPL64 - ok
23:33:06.0314 6048  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:33:06.0326 6048  usbccgp - ok
23:33:06.0330 6048  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:33:06.0345 6048  usbcir - ok
23:33:06.0347 6048  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
23:33:06.0358 6048  usbehci - ok
23:33:06.0364 6048  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:33:06.0379 6048  usbhub - ok
23:33:06.0382 6048  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:33:06.0392 6048  usbohci - ok
23:33:06.0395 6048  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
23:33:06.0407 6048  usbprint - ok
23:33:06.0410 6048  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:33:06.0422 6048  USBSTOR - ok
23:33:06.0425 6048  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:33:06.0435 6048  usbuhci - ok
23:33:06.0438 6048  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:33:06.0466 6048  UxSms - ok
23:33:06.0469 6048  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:33:06.0476 6048  VaultSvc - ok
23:33:06.0479 6048  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:33:06.0489 6048  vdrvroot - ok
23:33:06.0496 6048  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:33:06.0530 6048  vds - ok
23:33:06.0533 6048  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:33:06.0545 6048  vga - ok
23:33:06.0548 6048  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:33:06.0575 6048  VgaSave - ok
23:33:06.0579 6048  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:33:06.0593 6048  vhdmp - ok
23:33:06.0596 6048  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:33:06.0605 6048  viaide - ok
23:33:06.0608 6048  [ DACA22260C4F0CA6E90E3A8C35D47E82 ] VirtuWDDM       C:\Windows\system32\DRIVERS\VirtuWDDM.sys
23:33:06.0617 6048  VirtuWDDM - ok
23:33:06.0620 6048  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:33:06.0631 6048  volmgr - ok
23:33:06.0636 6048  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:33:06.0647 6048  volmgrx - ok
23:33:06.0652 6048  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:33:06.0668 6048  volsnap - ok
23:33:06.0671 6048  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:33:06.0683 6048  vsmraid - ok
23:33:06.0698 6048  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:33:06.0737 6048  VSS - ok
23:33:06.0739 6048  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:33:06.0752 6048  vwifibus - ok
23:33:06.0758 6048  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:33:06.0792 6048  W32Time - ok
23:33:06.0795 6048  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:33:06.0806 6048  WacomPen - ok
23:33:06.0809 6048  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:33:06.0837 6048  WANARP - ok
23:33:06.0839 6048  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:33:06.0863 6048  Wanarpv6 - ok
23:33:06.0877 6048  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:33:06.0906 6048  wbengine - ok
23:33:06.0910 6048  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:33:06.0928 6048  WbioSrvc - ok
23:33:06.0933 6048  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:33:06.0953 6048  wcncsvc - ok
23:33:06.0956 6048  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:33:06.0968 6048  WcsPlugInService - ok
23:33:06.0970 6048  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
23:33:06.0980 6048  Wd - ok
23:33:06.0989 6048  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:33:07.0015 6048  Wdf01000 - ok
23:33:07.0019 6048  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:33:07.0035 6048  WdiServiceHost - ok
23:33:07.0037 6048  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:33:07.0050 6048  WdiSystemHost - ok
23:33:07.0055 6048  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:33:07.0075 6048  WebClient - ok
23:33:07.0079 6048  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:33:07.0110 6048  Wecsvc - ok
23:33:07.0113 6048  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:33:07.0139 6048  wercplsupport - ok
23:33:07.0142 6048  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:33:07.0172 6048  WerSvc - ok
23:33:07.0175 6048  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:33:07.0201 6048  WfpLwf - ok
23:33:07.0203 6048  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:33:07.0212 6048  WIMMount - ok
23:33:07.0214 6048  WinDefend - ok
23:33:07.0218 6048  WinHttpAutoProxySvc - ok
23:33:07.0227 6048  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:33:07.0259 6048  Winmgmt - ok
23:33:07.0278 6048  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:33:07.0329 6048  WinRM - ok
23:33:07.0335 6048  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:33:07.0346 6048  WinUsb - ok
23:33:07.0361 6048  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:33:07.0389 6048  Wlansvc - ok
23:33:07.0392 6048  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:33:07.0402 6048  WmiAcpi - ok
23:33:07.0407 6048  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:33:07.0421 6048  wmiApSrv - ok
23:33:07.0423 6048  WMPNetworkSvc - ok
23:33:07.0426 6048  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:33:07.0436 6048  WPCSvc - ok
23:33:07.0440 6048  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:33:07.0453 6048  WPDBusEnum - ok
23:33:07.0455 6048  [ 7CA09731EB7FC99B910C7F239E57720F ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys
23:33:07.0462 6048  WPRO_41_2001 - ok
23:33:07.0464 6048  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:33:07.0490 6048  ws2ifsl - ok
23:33:07.0493 6048  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
23:33:07.0511 6048  wscsvc - ok
23:33:07.0513 6048  WSearch - ok
23:33:07.0535 6048  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:33:07.0573 6048  wuauserv - ok
23:33:07.0577 6048  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:33:07.0585 6048  WudfPf - ok
23:33:07.0589 6048  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:33:07.0599 6048  WUDFRd - ok
23:33:07.0602 6048  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:33:07.0611 6048  wudfsvc - ok
23:33:07.0615 6048  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:33:07.0635 6048  WwanSvc - ok
23:33:07.0640 6048  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
23:33:07.0649 6048  xusb21 - ok
23:33:07.0651 6048  ================ Scan global ===============================
23:33:07.0654 6048  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:33:07.0660 6048  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
23:33:07.0670 6048  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
23:33:07.0674 6048  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:33:07.0682 6048  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:33:07.0685 6048  [Global] - ok
23:33:07.0685 6048  ================ Scan MBR ==================================
23:33:07.0686 6048  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:33:07.0748 6048  \Device\Harddisk0\DR0 - ok
23:33:07.0751 6048  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:33:07.0830 6048  \Device\Harddisk1\DR1 - ok
23:33:07.0830 6048  ================ Scan VBR ==================================
23:33:07.0833 6048  [ 97AC2C4A26D36A156E8304C7570FF0CB ] \Device\Harddisk0\DR0\Partition1
23:33:07.0835 6048  \Device\Harddisk0\DR0\Partition1 - ok
23:33:07.0838 6048  [ 5AAA88AB628824A41CE22EF74988438E ] \Device\Harddisk1\DR1\Partition1
23:33:07.0839 6048  \Device\Harddisk1\DR1\Partition1 - ok
23:33:07.0842 6048  [ 364498D1CA6687530F9D79BE551E4E9D ] \Device\Harddisk1\DR1\Partition2
23:33:07.0844 6048  \Device\Harddisk1\DR1\Partition2 - ok
23:33:07.0844 6048  ============================================================
23:33:07.0844 6048  Scan finished
23:33:07.0844 6048  ============================================================
23:33:07.0852 6060  Detected object count: 3
23:33:07.0852 6060  Actual detected object count: 3
23:33:14.0185 6060  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:33:14.0185 6060  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:33:14.0187 6060  IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
23:33:14.0187 6060  IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:33:14.0188 6060  Intel(R) ME Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:33:14.0188 6060  Intel(R) ME Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 03.01.2013, 17:40   #6
markusg
/// Malware-holic
 
ihavenet-Virus - Standard

ihavenet-Virus



Hi,
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
--> ihavenet-Virus

Alt 05.01.2013, 14:05   #7
Stieg
 
ihavenet-Virus - Standard

ihavenet-Virus



Code:
ATTFilter
ComboFix 13-01-05.01 - Stieg 05.01.2013  14:59:47.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3989.1125 [GMT 1:00]
ausgeführt von:: c:\users\Stieg\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Stieg\AppData\Local\Temp\0f3afd08d2f9.tmp
c:\users\Stieg\AppData\Local\Temp\1412f802d327.tmp
c:\users\Stieg\AppData\Local\Temp\6665e795d1c9.tmp
c:\users\Stieg\AppData\Local\Temp\7a1ff232b2f2.tmp
c:\users\Stieg\AppData\Local\Temp\9955e2d76397.tmp
c:\users\Stieg\AppData\Local\Temp\c969dec8378a.tmp
c:\users\Stieg\AppData\Local\Temp\f0e3f4563b82.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-05 bis 2013-01-05  ))))))))))))))))))))))))))))))
.
.
2013-01-05 14:02 . 2013-01-05 14:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-23 02:16 . 2013-01-03 14:43	94656	----a-w-	c:\windows\system32\WPRO_41_2001woem.tmp
2012-12-23 02:12 . 2012-12-23 02:19	--------	d-----w-	C:\_OTL
2012-12-21 14:47 . 2012-12-21 14:47	--------	d-----w-	c:\windows\ERUNT
2012-12-21 14:47 . 2012-12-21 14:47	--------	d-----w-	C:\JRT
2012-12-21 02:00 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-21 02:00 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-21 02:00 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-21 02:00 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-20 23:24 . 2013-01-03 14:43	--------	d-----r-	c:\users\Stieg\Dropbox
2012-12-20 23:22 . 2013-01-03 14:43	--------	d-----w-	c:\users\Stieg\AppData\Roaming\Dropbox
2012-12-18 16:08 . 2012-12-18 16:08	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-18 16:08 . 2012-12-18 16:08	--------	d-----w-	c:\program files\iTunes
2012-12-18 16:08 . 2012-12-18 16:08	--------	d-----w-	c:\program files\iPod
2012-12-16 18:35 . 2012-12-16 18:35	--------	d-----w-	c:\program files\CCleaner
2012-12-16 18:12 . 2012-12-16 18:12	--------	d-----w-	c:\users\Stieg\AppData\Local\Diagnostics
2012-12-16 17:33 . 2012-08-23 14:13	243200	----a-w-	c:\windows\system32\rdpudd.dll
2012-12-16 17:33 . 2012-08-23 13:47	46592	----a-w-	c:\windows\SysWow64\MsRdpWebAccess.dll
2012-12-16 17:33 . 2012-08-23 13:20	54272	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2012-12-16 17:33 . 2012-08-23 11:20	62976	----a-w-	c:\windows\system32\TSWbPrxy.exe
2012-12-16 17:33 . 2012-08-23 11:14	384000	----a-w-	c:\windows\system32\wksprt.exe
2012-12-16 17:33 . 2012-08-23 10:54	322560	----a-w-	c:\windows\system32\aaclient.dll
2012-12-16 17:33 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2012-12-16 17:33 . 2012-08-23 10:39	1048064	----a-w-	c:\windows\SysWow64\mstsc.exe
2012-12-16 17:33 . 2012-08-23 10:22	1123840	----a-w-	c:\windows\system32\mstsc.exe
2012-12-16 17:33 . 2012-08-23 09:51	3174912	----a-w-	c:\windows\system32\rdpcorets.dll
2012-12-16 17:33 . 2012-08-23 08:19	4916224	----a-w-	c:\windows\SysWow64\mstscax.dll
2012-12-16 17:33 . 2012-08-23 08:13	5773824	----a-w-	c:\windows\system32\mstscax.dll
2012-12-16 17:29 . 2012-08-24 18:09	458712	----a-w-	c:\windows\system32\drivers\cng.sys
2012-12-16 17:29 . 2012-08-24 18:05	340992	----a-w-	c:\windows\system32\schannel.dll
2012-12-16 17:29 . 2012-08-24 16:57	247808	----a-w-	c:\windows\SysWow64\schannel.dll
2012-12-16 17:29 . 2012-08-24 18:13	154480	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-12-16 17:29 . 2012-08-24 18:04	307200	----a-w-	c:\windows\system32\ncrypt.dll
2012-12-16 17:29 . 2012-08-24 18:03	1448448	----a-w-	c:\windows\system32\lsasrv.dll
2012-12-16 17:29 . 2012-08-24 16:57	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2012-12-16 17:29 . 2012-08-24 16:57	220160	----a-w-	c:\windows\SysWow64\ncrypt.dll
2012-12-16 17:29 . 2012-08-24 16:53	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2012-12-16 17:28 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-12-16 17:28 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-12-16 16:59 . 2012-12-16 16:59	--------	d-----w-	c:\users\Stieg\AppData\Local\ElevatedDiagnostics
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-03 14:43 . 2012-09-21 14:43	34752	----a-w-	c:\windows\system32\drivers\WPRO_41_2001.sys
2012-12-12 02:00 . 2012-10-20 08:57	67413224	----a-w-	c:\windows\system32\MRT.exe
2012-12-11 22:20 . 2012-09-29 10:43	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 22:20 . 2012-09-29 10:43	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 21:11 . 2012-09-29 17:14	99912	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-12-11 21:11 . 2012-09-29 17:14	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-10-16 08:38 . 2012-11-28 07:37	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 07:37	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 07:37	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-10 01:22 . 2012-10-10 01:22	80384	----a-w-	c:\windows\system32\igdde64.dll
2012-10-10 01:22 . 2012-10-10 01:22	437760	----a-w-	c:\windows\system32\igfxrtrk.lrc
2012-10-10 01:22 . 2012-10-10 01:22	216064	----a-w-	c:\windows\system32\iglhcp64.dll
2012-10-10 01:22 . 2012-10-10 01:22	180224	----a-w-	c:\windows\SysWow64\iglhcp32.dll
2012-10-10 01:22 . 2012-10-10 01:22	5903392	----a-w-	c:\windows\system32\GfxUI.exe
2012-10-10 01:22 . 2012-10-10 01:22	438784	----a-w-	c:\windows\system32\igfxrdeu.lrc
2012-10-10 01:22 . 2012-10-10 01:22	438272	----a-w-	c:\windows\system32\igfxrhun.lrc
2012-10-10 01:22 . 2012-10-10 01:22	3776512	----a-w-	c:\windows\SysWow64\igfxcmjit32.dll
2012-10-10 01:22 . 2012-10-10 01:22	10673664	----a-w-	c:\windows\SysWow64\ig4icd32.dll
2012-10-10 01:22 . 2012-10-10 01:22	64512	----a-w-	c:\windows\SysWow64\igdde32.dll
2012-10-10 01:22 . 2012-10-10 01:22	501760	----a-w-	c:\windows\system32\igfxcmrt64.dll
2012-10-10 01:22 . 2012-10-10 01:22	439296	----a-w-	c:\windows\system32\igfxrrus.lrc
2012-10-10 01:22 . 2012-10-10 01:22	431104	----a-w-	c:\windows\system32\igfxrkor.lrc
2012-10-10 01:22 . 2012-10-10 01:22	410624	----a-w-	c:\windows\system32\igfxTMM.dll
2012-10-10 01:22 . 2012-10-10 01:22	12836864	----a-w-	c:\windows\system32\igd10umd64.dll
2012-10-10 01:22 . 2012-03-19 20:17	110592	----a-w-	c:\windows\system32\hccutils.dll
2012-10-10 01:22 . 2012-10-10 01:22	330240	----a-w-	c:\windows\SysWow64\igfxdv32.dll
2012-10-10 01:22 . 2012-10-10 01:22	12604416	----a-w-	c:\windows\system32\igdumd64.dll
2012-10-10 01:22 . 2012-10-10 01:22	441888	----a-w-	c:\windows\system32\igfxpers.exe
2012-10-10 01:22 . 2012-10-10 01:22	438784	----a-w-	c:\windows\system32\igfxrhrv.lrc
2012-10-10 01:22 . 2012-10-10 01:22	438272	----a-w-	c:\windows\system32\igfxrcsy.lrc
2012-10-10 01:22 . 2012-10-10 01:22	25088	----a-w-	c:\windows\SysWow64\igfxexps32.dll
2012-10-10 01:22 . 2012-10-10 01:22	9007616	----a-w-	c:\windows\system32\igfxress.dll
2012-10-10 01:22 . 2012-10-10 01:22	5343584	----a-w-	c:\windows\system32\drivers\igdkmd64.sys
2012-10-10 01:22 . 2012-10-10 01:22	448512	----a-w-	c:\windows\SysWow64\igfx11cmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22	438784	----a-w-	c:\windows\system32\igfxrnld.lrc
2012-10-10 01:22 . 2012-10-10 01:22	399392	----a-w-	c:\windows\system32\hkcmd.exe
2012-10-10 01:22 . 2012-10-10 01:22	272928	----a-w-	c:\windows\system32\igvpkrng600.bin
2012-10-10 01:22 . 2012-10-10 01:22	126976	----a-w-	c:\windows\system32\igfxcpl.cpl
2012-10-10 01:22 . 2012-10-10 01:22	116224	----a-w-	c:\windows\system32\igfxCoIn_v2867.dll
2012-10-10 01:22 . 2012-03-19 20:17	63488	----a-w-	c:\windows\system32\igfxsrvc.dll
2012-10-10 01:22 . 2012-03-19 20:17	441856	----a-w-	c:\windows\system32\igfxdev.dll
2012-10-10 01:22 . 2012-10-10 01:22	604160	----a-w-	c:\windows\SysWow64\igfxcmrt32.dll
2012-10-10 01:22 . 2012-10-10 01:22	4571136	----a-w-	c:\windows\system32\igfxcmjit64.dll
2012-10-10 01:22 . 2012-10-10 01:22	439808	----a-w-	c:\windows\system32\igfxresn.lrc
2012-10-10 01:22 . 2012-10-10 01:22	439296	----a-w-	c:\windows\system32\igfxrrom.lrc
2012-10-10 01:22 . 2012-10-10 01:22	437760	----a-w-	c:\windows\system32\igfxrsve.lrc
2012-10-10 01:22 . 2012-10-10 01:22	437760	----a-w-	c:\windows\system32\igfxrslv.lrc
2012-10-10 01:22 . 2012-10-10 01:22	437760	----a-w-	c:\windows\system32\igfxrnor.lrc
2012-10-10 01:22 . 2012-10-10 01:22	437248	----a-w-	c:\windows\system32\igfxrdan.lrc
2012-10-10 01:22 . 2012-10-10 01:22	277024	----a-w-	c:\windows\SysWow64\IntelCpHeciSvc.exe
2012-10-10 01:22 . 2012-10-10 01:22	185376	----a-w-	c:\windows\system32\difx64.exe
2012-10-10 01:22 . 2012-10-10 01:22	173568	----a-w-	c:\windows\system32\gfxSrvc.dll
2012-10-10 01:22 . 2012-10-10 01:22	12887040	----a-w-	c:\windows\system32\ig4icd64.dll
2012-10-10 01:22 . 2012-10-10 01:22	435712	----a-w-	c:\windows\system32\igfxrheb.lrc
2012-10-10 01:22 . 2012-10-10 01:22	429056	----a-w-	c:\windows\system32\igfxrcht.lrc
2012-10-10 01:22 . 2012-10-10 01:22	171040	----a-w-	c:\windows\system32\igfxtray.exe
2012-10-10 01:22 . 2012-10-10 01:22	11158528	----a-w-	c:\windows\SysWow64\igd10umd32.dll
2012-10-10 01:22 . 2012-10-10 01:22	509984	----a-w-	c:\windows\system32\igfxsrvc.exe
2012-10-10 01:22 . 2012-10-10 01:22	440320	----a-w-	c:\windows\system32\igfxrell.lrc
2012-10-10 01:22 . 2012-10-10 01:22	438784	----a-w-	c:\windows\system32\igfxrptg.lrc
2012-10-10 01:22 . 2012-10-10 01:22	438784	----a-w-	c:\windows\system32\igfxrplk.lrc
2012-10-10 01:22 . 2012-10-10 01:22	438784	----a-w-	c:\windows\system32\igfxrita.lrc
2012-10-10 01:22 . 2012-10-10 01:22	438272	----a-w-	c:\windows\system32\igfxrfin.lrc
2012-10-10 01:22 . 2012-10-10 01:22	437248	----a-w-	c:\windows\system32\igfxrtha.lrc
2012-10-10 01:22 . 2012-10-10 01:22	428544	----a-w-	c:\windows\system32\igfxrchs.lrc
2012-10-10 01:22 . 2012-10-10 01:22	286208	----a-w-	c:\windows\system32\igfxrenu.lrc
2012-10-10 01:22 . 2012-10-10 01:22	142336	----a-w-	c:\windows\system32\igfxdo.dll
2012-10-10 01:22 . 2012-10-10 01:22	963452	----a-w-	c:\windows\system32\igcodeckrng600.bin
2012-10-10 01:22 . 2012-10-10 01:22	482304	----a-w-	c:\windows\system32\igfx11cmrt64.dll
2012-10-10 01:22 . 2012-03-19 20:18	386048	----a-w-	c:\windows\system32\igfxpph.dll
2012-10-10 01:22 . 2012-10-10 01:22	438784	----a-w-	c:\windows\system32\igfxrsky.lrc
2012-10-10 01:22 . 2012-10-10 01:22	435712	----a-w-	c:\windows\system32\igfxrara.lrc
2012-10-10 01:22 . 2012-10-10 01:22	432128	----a-w-	c:\windows\system32\igfxrjpn.lrc
2012-10-10 01:22 . 2012-10-10 01:22	28672	----a-w-	c:\windows\system32\igfxexps.dll
2012-10-10 01:22 . 2012-10-10 01:22	252448	----a-w-	c:\windows\system32\igfxext.exe
2012-10-10 01:22 . 2012-10-10 01:22	11040256	----a-w-	c:\windows\SysWow64\igdumd32.dll
2012-10-10 01:22 . 2012-10-10 01:22	9728	----a-w-	c:\windows\system32\IGFXDEVLib.dll
2012-10-10 01:22 . 2012-10-10 01:22	439808	----a-w-	c:\windows\system32\igfxrfra.lrc
2012-10-10 01:22 . 2012-10-10 01:22	437760	----a-w-	c:\windows\system32\igfxrptb.lrc
2012-10-09 18:17 . 2012-11-14 16:31	55296	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 16:31	226816	----a-w-	c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 16:31	44032	----a-w-	c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 16:31	193536	----a-w-	c:\windows\SysWow64\dhcpcore6.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Stieg\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Stieg\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Stieg\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"GrooveMonitor"="g:\programme\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"iTunesHelper"="g:\programme\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
c:\users\Stieg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Stieg\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-29 28539392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\appinit_dll.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-02-07 121344]
R3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2011-09-21 49760]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-02-09 133632]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 MBAMScheduler;MBAMScheduler;g:\programme\Malewarebytes\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;g:\programme\Malewarebytes\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys [2012-02-09 25536]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys [2012-02-09 25536]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys [2012-02-09 44992]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 VirtuWDDM;VirtuWDDM;c:\windows\system32\DRIVERS\VirtuWDDM.sys [2012-02-05 66336]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys [2013-01-03 34752]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 22:20]
.
2013-01-03 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
2013-01-05 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Stieg\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Stieg\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Stieg\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Stieg\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\appinit_dll.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\Stieg\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - g:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3 - c:\program files (x86)\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Stieg\AppData\Roaming\Mozilla\Firefox\Profiles\frd9w31o.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - www.google.de
FF - ExtSQL: 2012-11-08 20:18; dvscontextmenuy@dvdvideosoft.com; c:\program files (x86)\Common Files\DVDVideoSoft\Dll\FFContextMenuY
FF - ExtSQL: 2012-11-08 20:20; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\users\Stieg\AppData\Roaming\Mozilla\Firefox\Profiles\frd9w31o.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-VIRTU_MVP_AUTORUN - c:\program files (x86)\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-05  15:04:05
ComboFix-quarantined-files.txt  2013-01-05 14:04
.
Vor Suchlauf: 10 Verzeichnis(se), 19.259.502.592 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 19.136.581.632 Bytes frei
.
- - End Of File - - 2D03E132A05C5F75BE710617B5D3BA0C
         

Alt 05.01.2013, 14:17   #8
markusg
/// Malware-holic
 
ihavenet-Virus - Standard

ihavenet-Virus



Hi

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.01.2013, 14:34   #9
Stieg
 
ihavenet-Virus - Standard

ihavenet-Virus



Code:
ATTFilter
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	11.12.2012	6,00MB	11.5.502.135	notwendig                            
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	11.12.2012	6,00MB	11.5.502.135	notwendig
Adobe Reader XI - Deutsch	Adobe Systems Incorporated	29.10.2012	128MB	11.0.00		notwendig
AMD Catalyst Install Manager	Advanced Micro Devices, Inc.	23.10.2012	26,3MB	8.0.891.0	notwendig
Apple Application Support	Apple Inc.	01.12.2012	65,0MB	2.3.2				notwendig
Apple Mobile Device Support	Apple Inc.	01.12.2012	25,1MB	6.0.1.3				notwendig
Apple Software Update	Apple Inc.	29.09.2012	2,38MB	2.1.3.127				notwendig	
Asmedia ASM106x SATA Host Controller Driver	Asmedia Technology	21.09.2012	96,0KB	1.3.1.000	unbekannt (ggf. Xbox Controller)
ASRock App Charger v1.0.5	ASRock Inc.	21.09.2012	1,32MB					unbekannt
Avira Free Antivirus	Avira	11.12.2012	122MB	13.0.0.2890					notwendig
Bonjour	Apple Inc.	29.09.2012	2,00MB	3.0.0.10						unbekannt
BurnInTest v7.0 Standard	Passmark Software	02.10.2012	17,3MB	7.0			unnötig
CCleaner	Piriform	25.11.2012		3.25						notwendig
Dropbox	Dropbox, Inc.	01.01.2013		1.6.11							notwendig
FIFA 13	Electronic Arts	29.09.2012	5,26GB	1.0.0.0							notwendig
Free YouTube to MP3 Converter version 3.11.35.1031	DVDVideoSoft Ltd.	08.11.2012	61,9MB	3.11.35.1031 	notwendig
Harveys Neue Augen	Daedalic Entertainment	14.10.2012		1.1				notwendig
iCloud	Apple Inc.	18.12.2012	81,8MB	2.1.0.39						notwendig
Intel(R) Control Center	Intel Corporation	21.09.2012		1.2.1.1007					unbekannt
Intel(R) Manageability Engine Firmware Recovery Agent	Intel Corporation	21.09.2012	54,8MB	1.0.0.35342	unbekannt
Intel(R) Management Engine Components	Intel Corporation	21.09.2012		8.0.2.1410			unbekannt
Intel(R) Processor Graphics	Intel Corporation	16.12.2012		9.17.10.2867				unbekannt
Intel(R) Rapid Storage Technology	Intel Corporation	21.09.2012		11.0.0.1032			unbekannt	
Intel(R) Smart Connect Technology 2.0 x64	Intel	21.09.2012	6,03MB	2.0.1083.0				unbekannt	
Intel(R) USB 3.0 eXtensible Host Controller Driver	Intel Corporation	26.01.2012		1.0.3.214	unbekannt
Intel® Trusted Connect Service Client	Intel Corporation	21.09.2012	10,6MB	1.23.605.1			unbekannt
iTunes	Apple Inc.	18.12.2012	189MB	11.0.1.12								notwendig
Java 7 Update 9	Oracle	29.09.2012	128MB	7.0.90									notwendig
Malwarebytes Anti-Malware Version 1.65.1.1000	Malwarebytes Corporation	20.10.2012	19,4MB	1.65.1.1000	notwendig
Metin2	Gameforge 4D GmbH	02.12.2012	874MB									notwendig
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	29.09.2012	38,8MB	4.0.30319			unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	29.09.2012	2,93MB	4.0.30319	unbekannt
Microsoft Office Enterprise 2007	Microsoft Corporation	11.11.2012		12.0.6612.1000				unbekannt
Microsoft Office File Validation Add-In	Microsoft Corporation	25.11.2012	7,95MB	14.0.5130.5003				unbekannt
Microsoft Office Live Add-in 1.5	Microsoft Corporation	23.11.2012	508KB	2.0.4024.1				unbekannt
Microsoft Silverlight	Microsoft Corporation	10.11.2012	50,6MB	5.1.10411.0						unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	29.09.2012	788KB	9.0.30729	unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	11.11.2012	786KB	9.0.30729.6161	unbekannt	
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319	Microsoft Corporation	01.12.2012	13,7MB	10.0.30319	unbekannt
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	11.11.2012	12,2MB	10.0.40219	unbekannt
Mozilla Firefox 17.0.1 (x86 de)	Mozilla	05.12.2012	41,0MB	17.0.1								notwendig
Mozilla Maintenance Service	Mozilla	05.12.2012	329KB	17.0.1								unbekannt
Origin	Electronic Arts, Inc.	29.09.2012		9.0.10.69							notwendig
Realtek Ethernet Controller Driver	Realtek	21.09.2012		7.48.823.2011					notwendig
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	21.09.2012		6.0.1.6482		notwendig
System Requirements Lab for Intel	Husdawg, LLC	29.09.2012	1,11MB	4.5.9.0					unbekannt
TeamSpeak 3 Client	TeamSpeak Systems GmbH	29.09.2012		3.0.6						notwendig
TmNationsForever	Nadeo	11.11.2012										notwendig
Uninstall 1.0.0.1		08.11.2012										unbekannt
VIRTU MVP 2.1.110	Lucidlogix Technologies LTD	21.09.2012	17,4MB	2.1.110					unbekannt
VLC media player 2.0.4	VideoLAN	15.11.2012		2.0.4							notwendig
         

Alt 05.01.2013, 14:44   #10
markusg
/// Malware-holic
 
ihavenet-Virus - Standard

ihavenet-Virus



deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
BurnInTest
Java
downloade Java jre:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:

öffne CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste
    mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.01.2013, 18:58   #11
Stieg
 
ihavenet-Virus - Standard

ihavenet-Virus



Code:
ATTFilter
# AdwCleaner v2.104 - Datei am 05/01/2013 um 19:57:45 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Stieg - PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Stieg\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\Stieg\AppData\Roaming\Mozilla\Firefox\Profiles\frd9w31o.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [912 octets] - [16/12/2012 18:09:37]
AdwCleaner[R2].txt - [776 octets] - [05/01/2013 19:57:45]
AdwCleaner[S1].txt - [973 octets] - [21/12/2012 15:45:32]

########## EOF - C:\AdwCleaner[R2].txt - [894 octets] ##########
         
Oben war AdwCleaner[R2]

AdwCleaner[R1]

Code:
ATTFilter
# AdwCleaner v2.100 - Datei am 16/12/2012 um 18:09:37 erstellt
# Aktualisiert am 09/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Stieg - PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Stieg\Desktop\AdwCleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Softonic

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Profilname : default 
Datei : C:\Users\Stieg\AppData\Roaming\Mozilla\Firefox\Profiles\frd9w31o.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [785 octets] - [16/12/2012 18:09:37]

########## EOF - C:\AdwCleaner[R1].txt - [844 octets] ##########
         

Alt 06.01.2013, 17:35   #12
markusg
/// Malware-holic
 
ihavenet-Virus - Standard

ihavenet-Virus



Hi
teste bitte, wie der PC + Programme laufen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 28.01.2013, 16:53   #13
Stieg
 
ihavenet-Virus - Standard

ihavenet-Virus



Hey,

hat jetzt ein paar mehr Tage gedauert, aber ich war mir nie sicher, ob es ganz weg ist.

Leider werden irgendwie noch öfter Spammails von meinen Freenet.de Account (trotz Änderung des Passworts).

Heute hat sich dann sogar jemand aus Kiew (stand da) in meinen Facebook Account eingeloggt.

Kann also leider noch nicht ganz behoben sein

Alt 29.01.2013, 14:52   #14
markusg
/// Malware-holic
 
ihavenet-Virus - Standard

ihavenet-Virus



und warum berichtest du erst jetzt von spam von deinen accounts wenn es den schon früher gab?
wir setzen neu auf und sichern dann ab:
1. Datenrettung:2. Formatieren, Windows neu instalieren:3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu ihavenet-Virus
adobe, antivir, autorun, avg, avira, bho, bonjour, converter, entfernen, firefox, flash player, format, home, langsam, logfile, mozilla, mp3, object, realtek, registry, security, senden, software, usb, usb 3.0, windows



Ähnliche Themen: ihavenet-Virus


  1. Ihavenet - Virus
    Log-Analyse und Auswertung - 17.11.2013 (6)
  2. ihavenet virus
    Log-Analyse und Auswertung - 09.10.2013 (28)
  3. ihavenet-Virus
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (11)
  4. 2x | Ihavenet - Virus
    Mülltonne - 30.09.2013 (1)
  5. IHAVENET-virus??
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (12)
  6. ihavenet Virus
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (11)
  7. Ihavenet.com Virus
    Plagegeister aller Art und deren Bekämpfung - 28.02.2013 (30)
  8. Ihavenet Virus
    Plagegeister aller Art und deren Bekämpfung - 12.12.2012 (13)
  9. ihavenet virus
    Plagegeister aller Art und deren Bekämpfung - 06.12.2012 (3)
  10. ihavenet Virus
    Log-Analyse und Auswertung - 01.12.2012 (13)
  11. Ihavenet.com Browser Hijacker- bei Googlesuche öffnen sich andere Seiten (Weiterleitung über Ihavenet.com)
    Log-Analyse und Auswertung - 21.11.2012 (13)
  12. ihavenet - Virus
    Log-Analyse und Auswertung - 03.11.2012 (20)
  13. ihavenet.com virus auf dem PC
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (5)
  14. ihavenet virus
    Log-Analyse und Auswertung - 07.10.2012 (1)
  15. ihavenet- virus
    Plagegeister aller Art und deren Bekämpfung - 17.09.2012 (13)
  16. Ihavenet.com Virus
    Log-Analyse und Auswertung - 13.09.2012 (12)
  17. ihavenet-virus.. help
    Plagegeister aller Art und deren Bekämpfung - 10.09.2012 (3)

Zum Thema ihavenet-Virus - Hallo, ich habe seit einiger Zeit den "ihavenet-Virus" auf dem PC und will den jezt langsam mal loswerden. Habe mir hier einige Beiträge angeguckt und habe die dort angegebenen Schritte - ihavenet-Virus...
Archiv
Du betrachtest: ihavenet-Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.