Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Browser gekapert google wird auf isearch.avg weitergeleitet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.02.2013, 10:06   #1
Katja1
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Hallo liebes Trojanerboard!
Trotz oder gerade wegen AVG hat es mich wohl auch erwischt. Mein PC ist zum surfen kaum noch benutzbar. Suchanfragen von Chrome und IE und in etwas geringerem Ausmaß auch Firefox landen automatisch auf isearch.avg mit befremdlichen Suchergebnissen, selbst bei Eingabe gültiger Webadressen wie chip.de.
Meine Internet-Recherche ergab nur beunruhigendes. Dort warteten kostenflichtige Angebote und weitere Schadsoftware. Hier fand ich einen Beitrag hier über TDSSKiller dieser hat aber rein nichts gefunden?

Was soll ich machen?

Ich hoffe jemand kann mir weiterhelfen.

Katja1

hier die LOGs (Sie sollten ja nicht als Anhang hochgeladen werden?)

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:03 on 10/02/2013 (Katja)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

OTL logfile created on: 10.02.2013 00:04:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katja\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 57,90% Memory free
6,19 Gb Paging File | 4,92 Gb Available in Paging File | 79,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 126,37 Gb Total Space | 60,28 Gb Free Space | 47,70% Space Free | Partition Type: NTFS
Drive D: | 22,66 Gb Total Space | 12,51 Gb Free Space | 55,19% Space Free | Partition Type: FAT32

Computer Name: KATJA-NOTEBOOK | User Name: Katja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.02.09 23:08:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Katja\Desktop\OTL.exe
PRC - [2013.02.09 22:40:16 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2013.01.26 13:13:35 | 001,101,488 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
PRC - [2013.01.26 13:13:35 | 000,945,328 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
PRC - [2012.11.19 17:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgtray.exe
PRC - [2012.02.14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.09.25 19:23:45 | 000,336,896 | ---- | M] (AVM Berlin) -- C:\Users\Katja\AppData\Local\Apps\2.0\03EHO1C7.LHX\EJMOLZRB.ZZL\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
PRC - [2010.03.15 21:36:58 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.07 13:36:20 | 000,086,016 | ---- | M] () -- C:\Programme\gateProtect\VPN Client\bin\GPVPNService.exe
PRC - [2007.11.02 12:31:24 | 000,069,632 | ---- | M] () -- C:\Programme\Softex\OmniPass\opvapp.exe
PRC - [2007.11.02 12:31:08 | 000,040,960 | ---- | M] (Softex Inc.) -- C:\Programme\Softex\OmniPass\OmniServ.exe
PRC - [2007.10.31 12:35:58 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.10.17 15:42:40 | 000,128,296 | ---- | M] (CyberLink) -- C:\Programme\HomeCinema\Power2Go\CLMLSvc.exe
PRC - [2007.10.15 09:15:08 | 001,410,344 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.10.15 09:14:48 | 000,202,024 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.10.03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.09.18 11:19:02 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.09.11 14:37:58 | 000,118,784 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WisLMSvc.exe
PRC - [2007.09.07 08:26:54 | 000,086,016 | ---- | M] (Wistron) -- C:\Programme\Launch Manager\WButton.exe
PRC - [2007.09.06 10:23:36 | 000,188,416 | ---- | M] (Wistron) -- C:\Programme\Launch Manager\HotkeyApp.exe
PRC - [2007.09.01 13:03:50 | 000,032,768 | ---- | M] () -- C:\Programme\Launch Manager\LaunchAp.exe
PRC - [2007.08.31 10:04:26 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe
PRC - [2007.08.16 09:31:40 | 001,681,408 | ---- | M] (Buhl Data Service GmbH) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
PRC - [2007.04.19 12:11:08 | 000,016,384 | ---- | M] (Empolis GmbH) -- C:\Programme\Medion\MEDIONbox\Program\GCS.exe
PRC - [2007.04.19 12:11:06 | 000,036,864 | ---- | M] (Empolis GmbH) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe
PRC - [2007.02.09 20:51:34 | 000,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Programme\HomeCinema\PowerDVD\PDVDServ.exe
PRC - [2006.12.26 10:23:34 | 000,180,224 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\OSD.exe
PRC - [2006.11.02 13:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2006.11.02 13:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2006.11.02 10:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2013.02.09 22:40:16 | 003,023,256 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2013.01.26 13:13:35 | 001,101,488 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
MOD - [2013.01.26 13:13:35 | 000,156,848 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\SiteSafety.dll
MOD - [2011.09.25 19:23:38 | 000,368,640 | ---- | M] () -- C:\Users\Katja\AppData\Local\Apps\2.0\03EHO1C7.LHX\EJMOLZRB.ZZL\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\managedupnp.dll
MOD - [2010.10.24 12:29:40 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\1255d7783a4c6ac254a55fde7b30019b\System.Deployment.ni.dll
MOD - [2010.10.24 12:29:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll
MOD - [2010.10.10 11:41:22 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2010.10.10 11:41:00 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2010.10.10 11:40:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2010.10.10 11:40:25 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a122c56b60812fb5cbc2e941d4875a87\PresentationFramework.Aero.ni.dll
MOD - [2010.10.10 11:40:23 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\29eb51a21ce62ed759b162307bd65e32\PresentationFramework.ni.dll
MOD - [2010.10.10 11:40:01 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\dc8dccca85718096c895b74094e09e5a\PresentationCore.ni.dll
MOD - [2010.10.10 11:39:41 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c049bc39cb33f7459936a689484285d6\WindowsBase.ni.dll
MOD - [2010.10.09 11:36:32 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2010.10.09 11:34:50 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2010.03.15 20:53:01 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010.03.15 20:48:40 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2010.03.15 20:48:38 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.03.15 20:25:14 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2007.11.02 12:36:16 | 000,048,208 | ---- | M] () -- C:\Programme\Softex\OmniPass\hdddrv.dll
MOD - [2007.11.02 12:28:16 | 000,434,176 | ---- | M] () -- C:\Programme\Softex\OmniPass\userdata.dll
MOD - [2007.11.02 12:28:04 | 001,077,248 | ---- | M] () -- C:\Programme\Softex\OmniPass\autheng.dll
MOD - [2007.11.02 12:27:48 | 000,532,480 | ---- | M] () -- C:\Programme\Softex\OmniPass\storeng.dll
MOD - [2007.11.02 12:27:38 | 000,065,536 | ---- | M] () -- C:\Programme\Softex\OmniPass\opfsdll.dll
MOD - [2007.11.02 12:27:28 | 000,016,896 | ---- | M] () -- C:\Programme\Softex\OmniPass\cryptodll.dll
MOD - [2007.11.02 12:27:26 | 000,013,824 | ---- | M] () -- C:\Programme\Softex\OmniPass\SSPLogon.dll
MOD - [2007.10.17 15:42:42 | 000,013,096 | ---- | M] () -- C:\Programme\HomeCinema\Power2Go\CLMLSvcPS.dll
MOD - [2007.10.17 15:42:30 | 000,636,200 | ---- | M] () -- C:\Programme\HomeCinema\Power2Go\CLMediaLibrary.dll
MOD - [2007.09.01 13:03:50 | 000,032,768 | ---- | M] () -- C:\Programme\Launch Manager\LaunchAp.exe


========== Services (SafeList) ==========

SRV - [2013.02.09 23:31:12 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.09 22:40:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.26 13:13:35 | 000,945,328 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe -- (vToolbarUpdater14.0.1)
SRV - [2013.01.08 14:41:40 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.02.14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.11.10 14:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2008.10.07 13:36:20 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Programme\gateProtect\VPN Client\bin\GPVPNService.exe -- (GPVPNService)
SRV - [2007.12.27 17:26:57 | 000,069,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Programme\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2007.11.02 12:31:08 | 000,040,960 | ---- | M] (Softex Inc.) [Auto | Running] -- C:\Programme\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2007.10.03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007.09.18 11:19:02 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.09.11 14:37:58 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Programme\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2007.08.24 03:19:12 | 000,443,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007.08.16 09:31:40 | 001,681,408 | ---- | M] (Buhl Data Service GmbH) [Auto | Running] -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe -- (srvcPVR)
SRV - [2007.04.19 12:11:06 | 000,036,864 | ---- | M] (Empolis GmbH) [Auto | Running] -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe -- (GnabService)
SRV - [2006.11.02 13:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\igdkmd32.sys -- (igfx)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013.01.26 13:13:35 | 000,031,576 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.12.10 03:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012.11.08 03:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.08.24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.04.19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.01.31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.12.23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.12.23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.12.23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011.09.25 19:23:40 | 000,101,248 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avmaudio.sys -- (avmaudio)
DRV - [2010.06.23 08:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.02.05 17:39:08 | 000,017,064 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2009.02.05 17:39:00 | 000,012,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2009.02.05 17:38:24 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Si3531.sys -- (Si3531)
DRV - [2008.04.01 15:48:14 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2007.12.18 11:31:00 | 007,630,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.08.30 19:24:24 | 000,805,416 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607)
DRV - [2007.08.28 15:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV)
DRV - [2007.08.22 18:50:38 | 001,749,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2007.08.08 07:26:06 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007.07.31 10:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap)
DRV - [2006.11.30 14:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006.11.28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2003.04.28 10:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/webhp?sourceid=navclient&hl=de&ie=UTF-8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA_deDE278
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://isearch.avg.com/?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&v=14.0.2.14&pid=avg&sg=&sap=hp"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:14.0.2.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&pid=avg&sg=&v=14.0.2.14&sap=ku&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2013.01.30 22:57:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.0.2.14 [2013.01.26 13:14:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.09 22:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.07.24 14:39:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katja\AppData\Roaming\mozilla\Extensions
[2013.02.09 22:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.01.26 13:14:47 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.0.2.14
[2013.02.09 22:40:17 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.09 22:40:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.26 13:14:00 | 000,003,591 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2013.02.09 22:40:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.02.09 22:40:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.09 22:40:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.09 22:40:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.09 22:40:12 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: hxxp://isearch.avg.com/?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&v=14.0.2.14&pid=avg&sg=&sap=hp
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://isearch.avg.com/?cid={1D110FF7-5D98-4577-81E2-FA9E73C2EE90}&mid=88931260e80a47d1ac99d15f956c31ff-843cd6ded277ccaa11f135d4204f5a5e706f89b5&lang=de&ds=AVG&pr=fr&d=2012-08-04 08:49:16&v=14.0.2.14&pid=avg&sg=&sap=hp
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Drive = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: HTTPS Everywhere = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.1.18_0\
CHR - Extension: AVG Safe Search = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: AVG Secure Search = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.0.2.14_0\
CHR - Extension: Google Mail = C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe" File not found
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe File not found
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Users\Katja\AppData\Local\Apps\2.0\03EHO1C7.LHX\EJMOLZRB.ZZL\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe (AVM Berlin)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -update plugin File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1197719312979 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6C395699-C9E9-4033-BBF3-620ECC9DDFB9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71A6F85B-BE0E-45A8-9E15-75E79E66A30C}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9c746514-056c-11e2-b59b-0016d388d80c}\Shell\AutoRun\command - "" = I:\PMBP_Win.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.02.09 23:08:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Katja\Desktop\OTL.exe
[2013.02.09 22:40:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.03 19:15:51 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\TuneUp Software
[2013.01.30 22:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013.01.13 17:59:27 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\Skype
[2013.01.13 17:59:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.01.13 17:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.01.13 17:59:16 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013.01.13 17:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

========== Files - Modified Within 30 Days ==========

[2013.02.10 00:02:29 | 000,365,568 | ---- | M] () -- C:\Users\Katja\Desktop\gmer_2.0.18454.exe
[2013.02.09 23:58:59 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.09 23:58:24 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.09 23:58:24 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.09 23:31:13 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.09 23:08:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Katja\Desktop\OTL.exe
[2013.02.09 23:07:17 | 000,000,000 | ---- | M] () -- C:\Users\Katja\defogger_reenable
[2013.02.09 23:06:31 | 000,050,477 | ---- | M] () -- C:\Users\Katja\Desktop\Defogger.exe
[2013.02.09 22:05:11 | 000,651,112 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.09 22:05:11 | 000,618,272 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.09 22:05:11 | 000,120,908 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.09 22:05:11 | 000,107,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.09 21:58:52 | 000,088,947 | ---- | M] () -- C:\Users\Katja\AppData\Roaming\nvModes.001
[2013.02.09 21:58:43 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013.02.09 21:58:40 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.09 21:58:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.09 21:58:25 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.03 19:04:48 | 000,002,379 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.03 17:23:01 | 108,664,694 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2013.01.30 22:57:45 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2013.01.26 13:13:35 | 000,031,576 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013.01.18 17:47:11 | 000,001,975 | ---- | M] () -- C:\Users\Katja\Desktop\Google Chrome.lnk
[2013.01.14 19:46:03 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013.01.13 17:32:30 | 000,313,656 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm

========== Files Created - No Company Name ==========

[2013.02.10 00:02:29 | 000,365,568 | ---- | C] () -- C:\Users\Katja\Desktop\gmer_2.0.18454.exe
[2013.02.09 23:07:17 | 000,000,000 | ---- | C] () -- C:\Users\Katja\defogger_reenable
[2013.02.09 23:06:30 | 000,050,477 | ---- | C] () -- C:\Users\Katja\Desktop\Defogger.exe
[2013.01.26 13:14:45 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013.01.13 17:59:17 | 000,002,379 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.06.20 15:51:40 | 003,119,659 | ---- | C] () -- C:\Users\Katja\RIMG0892.JPG
[2011.07.28 19:34:20 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.07.24 14:36:30 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.06.10 10:35:36 | 000,088,947 | ---- | C] () -- C:\Users\Katja\AppData\Roaming\nvModes.001
[2009.06.10 10:31:38 | 000,088,947 | ---- | C] () -- C:\Users\Katja\AppData\Roaming\nvModes.dat
[2008.03.01 17:08:15 | 000,006,144 | ---- | C] () -- C:\Users\Katja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.03.01 17:01:59 | 000,000,093 | ---- | C] () -- C:\Users\Katja\AppData\Local\fusioncache.dat

========== ZeroAccess Check ==========

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.03.15 21:43:01 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.03.15 21:22:28 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006.11.02 10:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.08.04 07:48:09 | 000,000,000 | ---D | M] -- C:\Users\Katja\AppData\Roaming\AVG2012
[2010.09.22 13:18:29 | 000,000,000 | ---D | M] -- C:\Users\Katja\AppData\Roaming\gateProtect
[2013.02.03 19:15:51 | 000,000,000 | ---D | M] -- C:\Users\Katja\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >

OTL Extras logfile created on: 10.02.2013 00:04:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katja\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 57,90% Memory free
6,19 Gb Paging File | 4,92 Gb Available in Paging File | 79,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 126,37 Gb Total Space | 60,28 Gb Free Space | 47,70% Space Free | Partition Type: NTFS
Drive D: | 22,66 Gb Total Space | 12,51 Gb Free Space | 55,19% Space Free | Partition Type: FAT32

Computer Name: KATJA-NOTEBOOK | User Name: Katja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2E1B1AA4-FEC3-42EC-9859-DB605B21EDA8}" = rport=445 | protocol=6 | dir=out | app=system |
"{2F6B451D-222F-4078-820F-0857A8A8C6B6}" = rport=139 | protocol=6 | dir=out | app=system |
"{318E450F-8752-4745-A5FC-63CAF78BD6D5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36A04E1C-BB35-4236-8D01-824D53FE54D2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B47AF7F-33A6-4936-89A8-71DF40372710}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{46C799F3-97AB-418F-8B00-4B8A5B235F82}" = rport=10243 | protocol=6 | dir=out | app=system |
"{524B0050-7DD3-4710-9E68-74122B27A0E9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F59DC46-95ED-470C-AF6D-B61B38F09621}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7D63F533-5478-42DE-8652-99A717CABCDC}" = lport=138 | protocol=17 | dir=in | app=system |
"{866D3D89-1444-4BCB-8D49-B05C427375F8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{89AB623D-4B15-43BF-8E8C-C2E90402643D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8E58E178-CDE8-46AC-A7E8-17B04960E919}" = lport=2869 | protocol=6 | dir=in | app=system |
"{93B12594-D9B5-431D-AB1B-1DFDE61A9160}" = rport=138 | protocol=17 | dir=out | app=system |
"{98E3B07C-9330-452F-BCAE-7BD8617B24B4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9B3B5E2B-9613-4F35-869C-3636D28610D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6EE8515-A9B0-4729-8E4C-BA55B859E050}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C0C11B4F-D51E-4C55-A5BE-F2C76C354DCB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C1B9ADF4-E413-4A40-99D0-8BE37A7B40C3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C9592E8A-BD2D-421A-A70F-097D816AE23B}" = lport=139 | protocol=6 | dir=in | app=system |
"{D6D68B9B-0813-432B-A1B0-59149E891395}" = lport=445 | protocol=6 | dir=in | app=system |
"{DBAC3A22-6B08-4D63-AA89-3396CD2FF1E9}" = rport=137 | protocol=17 | dir=out | app=system |
"{DFF27173-23A1-4D33-90FE-7C4B36264200}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E3CABC93-55C7-4366-8600-D5BE6A938EA8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E74A989B-F695-4090-9A1E-9B9C2E5EF319}" = lport=137 | protocol=17 | dir=in | app=system |
"{F4D2A2D3-40C2-4C80-859A-53586D02B438}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022BEC5F-4776-41A9-B273-979091EBF42E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{053C979F-8C4C-454B-AC7F-53699B9A8CEE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{11C65853-84B5-49E5-916F-BE5B112F4146}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{19280D1A-B6D7-4358-A5E0-90F41EC5E990}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{1D41DC67-1DFD-4E7C-88C8-9EBEB18A9C28}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{1F2AFEE5-3795-43DD-A266-9566869C4830}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{21414FA7-3F37-4E11-8D5C-980CF98F1FE3}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{2FF3650F-5831-4281-8EDD-738CE056FE94}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3012225F-F405-4ACF-8A86-87015178C65C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3A85E5B9-FA3B-4829-A44A-9E37CF31E577}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C2273B7-AF18-4E85-832C-75C86C165F63}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3FA1A0C0-0B49-4A09-8DDB-73628879A0E6}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{457C4A84-BF49-491C-98FF-A0B0E0870D65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4C7B764F-9A94-4027-9D43-5FC71D67B683}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4EB2A490-881C-46D0-8ECB-C4F4C683BCD4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{59E76224-0BB8-4E07-9058-38DA326F3C42}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5AD42548-6C2E-448E-9F27-CB44896B9FA4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{616D9E22-6306-4B86-9945-9706D4337D60}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7E3F0BDE-91D8-41C8-98B4-CF4C869A2FED}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{7F97FC2E-32E8-40DE-BF0E-B57156EABC19}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{81E6D8C7-B035-4738-BC32-005CFE4A9CA9}" = protocol=17 | dir=in | app=c:\users\katja\appdata\local\apps\2.0\03eho1c7.lhx\ejmolzrb.zzl\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{82174958-DA37-4CE9-AC1F-DF59CFE770FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8F147490-AF22-4033-999D-E9091A3E804B}" = protocol=17 | dir=in | app=c:\users\katja\appdata\local\apps\2.0\03eho1c7.lhx\ejmolzrb.zzl\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{92270740-28F3-4205-8EF7-32DC683AAF2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{92D89671-5D37-43D2-9AF8-1E7795DE98F2}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{93C542C2-70A8-4FA9-AEF4-E9B08D23E756}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9DD7CC8D-4D49-4FD8-840D-12838BA3F018}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A0608C90-AF30-4D9B-9F4F-FEEF8537EDC9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2597468-56AA-424E-BF5E-A023B3B9A6F7}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A6094089-7AFA-4976-AD56-DDF6F01B6DCB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A96ECD7E-2C9A-4DE3-863C-A262872DCC29}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{AE91C2E5-0E58-44A0-BD3B-3FB003986A73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AED6F70E-C940-460F-BAAC-25A3DFF802DC}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{BA93C9C4-683A-415F-8BAF-049516488432}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"{BBB0F565-3ADE-4355-8AC2-0D6134045D27}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{BCD8F906-A1A4-4726-8F80-E33EAEB938AF}" = protocol=6 | dir=in | app=c:\users\katja\appdata\local\apps\2.0\03eho1c7.lhx\ejmolzrb.zzl\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{BDC45900-34DD-47AB-9AC3-4A15D1BF0AB6}" = protocol=6 | dir=out | app=system |
"{C1216FB7-7530-4497-8158-14D03AC7073B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C18F21F0-AAFE-400B-BE01-476F63B3129F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{CA6D6820-003D-44CE-B61A-778F3AC1EC9F}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{CFC334D3-EEDC-45CD-8C33-FBACDE825A3E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{D426DEF0-8C57-4894-A644-E45CFEAA3A8F}" = protocol=6 | dir=in | app=c:\users\katja\appdata\local\apps\2.0\03eho1c7.lhx\ejmolzrb.zzl\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe |
"{D4449984-D561-4099-AD9D-A25DACB4F705}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{D75B2324-D253-4901-B7D5-BF2973F27EE7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E60F1560-D3B8-424C-A37B-8FF905C40418}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F4F4A35B-4C79-420A-A6B0-9C44A84E5FCB}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{FA96CC29-1097-4042-A251-E0459DAB41F2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{FBA6B899-2FE8-4BAE-9721-899B3FFAB103}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{FF1F94BE-6786-4DEF-8BCA-96AEA9786A39}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{40A6213E-A4F2-4363-88AF-7FEAD8B1AAD4}F:\easysetupassistant\wr842n\easysetupassistant.exe" = protocol=6 | dir=in | app=f:\easysetupassistant\wr842n\easysetupassistant.exe |
"UDP Query User{04860FC6-0896-4730-ADF7-5B26B4507D27}F:\easysetupassistant\wr842n\easysetupassistant.exe" = protocol=17 | dir=in | app=f:\easysetupassistant\wr842n\easysetupassistant.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = YouCam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{286C5BE9-7E61-4AC1-B674-BED333C35F73}" = AVG 2012
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{53DF73B1-37F5-4B7F-86ED-FA7CC4041031}" = Nero 8 Essentials
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink Wireless LAN
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5EA10B8-304A-412E-8ED8-4D8488F19A49}" = AVG 2012
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}" = TVsweeper
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.9
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E0091C29-DEE8-4B24-BF65-8C35B5940D77}" = Letstrade
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.18
"{E815FB81-995F-4F33-8E25-F16712123AB7}" = AuthenTec Fingerprint Sensor Minimum Install
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}" = OmniPass 5.00.91
"{FEDE400D-3381-4087-ACCB-689DD8A56123}" = Inst5657
"{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}" = CyberLink YouCam
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ALDI Foto Manager Free Sued D" = ALDI Foto Manager Free Sued
"ALDI Online Druck Service (Sued)" = ALDI Online Druck Service (Sued)
"ALDI Sued Foto Service D" = ALDI Sued Foto Service
"Aldi Süd Fotoservice_is1" = Aldi Süd Fotoservice
"AVG" = AVG 2012
"AVG Secure Search" = AVG Security Toolbar
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CCleaner" = CCleaner
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"gateProtect VPN Client 1.5" = gateProtect VPN Client 1.5
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"MEDION Fotos auf CD Sued D" = MEDION Fotos auf CD Sued
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 29.01.2013 16:26:05 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 30.01.2013 01:20:52 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 30.01.2013 17:56:12 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 31.01.2013 16:26:57 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 31.01.2013 17:39:48 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 01.02.2013 11:46:20 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 02.02.2013 06:36:29 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 02.02.2013 08:22:22 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 03.02.2013 06:31:15 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 03.02.2013 14:42:35 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

Error - 09.02.2013 17:05:11 | Computer Name = Katja-Notebook | Source = WerSvc | ID = 5007
Description =

[ System Events ]
Error - 01.02.2013 11:40:26 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 02.02.2013 06:30:30 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 02.02.2013 08:16:31 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 03.02.2013 06:25:25 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 03.02.2013 08:56:47 | Computer Name = Katja-Notebook | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.254.2 für die Netzwerkkarte mit der Netzwerkadresse
00FF2D7EF27E wurde durch den DHCP-Server 192.168.254.254 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).

Error - 03.02.2013 14:36:33 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000
Description =

Error - 03.02.2013 14:38:42 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7031
Description =

Error - 03.02.2013 14:38:52 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7031
Description =

Error - 03.02.2013 15:00:42 | Computer Name = Katja-Notebook | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.254.2 für die Netzwerkkarte mit der Netzwerkadresse
00FF2D7EF27E wurde durch den DHCP-Server 192.168.254.254 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).

Error - 09.02.2013 16:59:13 | Computer Name = Katja-Notebook | Source = Service Control Manager | ID = 7000
Description =


< End of report >

GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-02-10 09:58:12
Windows 6.0.6000 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 WDC_WD16 rev.04.0 149,05GB
Running: gmer_2.0.18454.exe; Driver: C:\Users\Katja\AppData\Local\Temp\kxtyraog.sys


---- System - GMER 2.0 ----

SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeKey [0xA0D69004]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwNotifyChangeMultipleKeys [0xA0D690D4]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xA0D68D76]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xA0D68E1E]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xA0D68EBA]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xA0D68F56]

---- Kernel code sections - GMER 2.0 ----

.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8E6B9360, 0x35BF98, 0xE8000020]

---- Registry - GMER 2.0 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@c!s!f!`!j!`!m!`!\22!t!t!r!j!r!s!f! 19583823

---- EOF - GMER 2.0 ----

Alt 10.02.2013, 20:06   #2
markusg
/// Malware-holic
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



hi
warum hast du noch nie windows Updates gemacht?
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________

__________________

Alt 11.02.2013, 22:37   #3
Katja1
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Danke für die Rückmeldung,

Vista Updateversuche endeten leider zweimal in größerem Abstand nach umfangreichem Download mit "Update wurde nicht installiert" da hatte ich keinen Nerv mehr.

hier der Report des TDSSKillersmit den beiden Optionen: (die Default Haken habe ich belassen)

23:20:27.0949 3672 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:20:28.0019 3672 ============================================================
23:20:28.0019 3672 Current date / time: 2013/02/11 23:20:28.0019
23:20:28.0019 3672 SystemInfo:
23:20:28.0019 3672
23:20:28.0019 3672 OS Version: 6.0.6000 ServicePack: 0.0
23:20:28.0019 3672 Product type: Workstation
23:20:28.0019 3672 ComputerName: KATJA-NOTEBOOK
23:20:28.0020 3672 UserName: Katja
23:20:28.0020 3672 Windows directory: C:\Windows
23:20:28.0020 3672 System windows directory: C:\Windows
23:20:28.0020 3672 Processor architecture: Intel x86
23:20:28.0020 3672 Number of processors: 2
23:20:28.0020 3672 Page size: 0x1000
23:20:28.0020 3672 Boot type: Normal boot
23:20:28.0020 3672 ============================================================
23:20:28.0630 3672 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:20:28.0663 3672 ============================================================
23:20:28.0663 3672 \Device\Harddisk0\DR0:
23:20:28.0663 3672 MBR partitions:
23:20:28.0719 3672 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0xFCBF370, BlocksNum 0x2D59751
23:20:28.0719 3672 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFCBF2F2
23:20:28.0719 3672 ============================================================
23:20:28.0765 3672 C: <-> \Device\Harddisk0\DR0\Partition2
23:20:28.0786 3672 D: <-> \Device\Harddisk0\DR0\Partition1
23:20:28.0787 3672 ============================================================
23:20:28.0787 3672 Initialize success
23:20:28.0787 3672 ============================================================
23:21:34.0461 3088 ============================================================
23:21:34.0462 3088 Scan started
23:21:34.0462 3088 Mode: Manual; SigCheck; TDLFS;
23:21:34.0462 3088 ============================================================
23:21:34.0751 3088 ================ Scan system memory ========================
23:21:34.0751 3088 System memory - ok
23:21:34.0755 3088 ================ Scan services =============================
23:21:34.0957 3088 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
23:21:35.0105 3088 ACPI - ok
23:21:35.0194 3088 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:21:35.0219 3088 AdobeFlashPlayerUpdateSvc - ok
23:21:35.0274 3088 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:21:35.0331 3088 adp94xx - ok
23:21:35.0391 3088 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:21:35.0420 3088 adpahci - ok
23:21:35.0460 3088 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:21:35.0481 3088 adpu160m - ok
23:21:35.0540 3088 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:21:35.0562 3088 adpu320 - ok
23:21:35.0617 3088 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:21:35.0689 3088 AeLookupSvc - ok
23:21:35.0727 3088 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
23:21:35.0856 3088 AFD - ok
23:21:35.0905 3088 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
23:21:35.0948 3088 AgereModemAudio - ok
23:21:36.0016 3088 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
23:21:36.0154 3088 AgereSoftModem - ok
23:21:36.0206 3088 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:21:36.0226 3088 aic78xx - ok
23:21:36.0282 3088 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
23:21:36.0313 3088 ALG - ok
23:21:36.0343 3088 [ 496EDA16A127AC9A38BB285BEF17DBB5 ] aliide C:\Windows\system32\drivers\aliide.sys
23:21:36.0356 3088 aliide - ok
23:21:36.0405 3088 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:21:36.0419 3088 amdagp - ok
23:21:36.0443 3088 [ 6F65F4147C54398D7280B18CEBBED215 ] amdide C:\Windows\system32\drivers\amdide.sys
23:21:36.0456 3088 amdide - ok
23:21:36.0471 3088 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:21:36.0541 3088 AmdK7 - ok
23:21:36.0557 3088 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:21:36.0613 3088 AmdK8 - ok
23:21:36.0664 3088 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
23:21:36.0732 3088 Appinfo - ok
23:21:36.0753 3088 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
23:21:36.0768 3088 arc - ok
23:21:36.0793 3088 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:21:36.0845 3088 arcsas - ok
23:21:36.0876 3088 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:21:36.0964 3088 AsyncMac - ok
23:21:37.0004 3088 [ E03E8C99D15D0381E02743C36AFC7C6F ] atapi C:\Windows\system32\drivers\atapi.sys
23:21:37.0018 3088 atapi - ok
23:21:37.0063 3088 [ 69E65A2CE11619F0C868967CA9540B80 ] ATSWPDRV C:\Windows\system32\DRIVERS\ATSwpDrv.sys
23:21:37.0103 3088 ATSWPDRV - ok
23:21:37.0154 3088 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:21:37.0232 3088 AudioEndpointBuilder - ok
23:21:37.0264 3088 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:21:37.0333 3088 Audiosrv - ok
23:21:37.0461 3088 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
23:21:37.0482 3088 AVG Security Toolbar Service - ok
23:21:37.0729 3088 [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent C:\Program Files\AVG\AVG2012\avgidsagent.exe
23:21:38.0182 3088 AVGIDSAgent - ok
23:21:38.0229 3088 [ EF67527CC2AD77D22AB1405C6470407E ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
23:21:38.0266 3088 AVGIDSDriver - ok
23:21:38.0291 3088 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys
23:21:38.0304 3088 AVGIDSFilter - ok
23:21:38.0391 3088 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
23:21:38.0404 3088 AVGIDSHX - ok
23:21:38.0443 3088 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
23:21:38.0457 3088 AVGIDSShim - ok
23:21:38.0487 3088 [ 6671345A6E2669AF1966BAF68EC5620F ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
23:21:38.0510 3088 Avgldx86 - ok
23:21:38.0541 3088 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
23:21:38.0558 3088 Avgmfx86 - ok
23:21:38.0600 3088 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
23:21:38.0618 3088 Avgrkx86 - ok
23:21:38.0675 3088 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
23:21:38.0717 3088 Avgtdix - ok
23:21:38.0769 3088 [ F3D2D8D48E3B0CA83D70A420240E509B ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
23:21:38.0827 3088 avgtp - ok
23:21:38.0885 3088 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
23:21:38.0999 3088 avgwd - ok
23:21:39.0045 3088 [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
23:21:39.0174 3088 avmaudio - ok
23:21:39.0232 3088 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
23:21:39.0314 3088 Beep - ok
23:21:39.0374 3088 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
23:21:39.0480 3088 BFE - ok
23:21:39.0554 3088 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
23:21:39.0620 3088 BITS - ok
23:21:39.0627 3088 blbdrive - ok
23:21:39.0648 3088 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:21:39.0717 3088 bowser - ok
23:21:39.0748 3088 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:21:39.0810 3088 BrFiltLo - ok
23:21:39.0832 3088 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:21:39.0892 3088 BrFiltUp - ok
23:21:39.0929 3088 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
23:21:40.0039 3088 Browser - ok
23:21:40.0074 3088 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:21:40.0174 3088 Brserid - ok
23:21:40.0200 3088 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:21:40.0299 3088 BrSerWdm - ok
23:21:40.0333 3088 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:21:40.0403 3088 BrUsbMdm - ok
23:21:40.0422 3088 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:21:40.0478 3088 BrUsbSer - ok
23:21:40.0505 3088 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:21:40.0581 3088 BTHMODEM - ok
23:21:40.0658 3088 [ 48F64A84054771B2FEF55606ADF57557 ] Cam5607 C:\Windows\system32\Drivers\BisonC07.sys
23:21:40.0791 3088 Cam5607 - ok
23:21:40.0861 3088 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:21:40.0953 3088 cdfs - ok
23:21:41.0080 3088 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:21:41.0182 3088 cdrom - ok
23:21:41.0212 3088 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
23:21:41.0277 3088 CertPropSvc - ok
23:21:41.0297 3088 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
23:21:41.0353 3088 circlass - ok
23:21:41.0396 3088 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
23:21:41.0412 3088 CLFS - ok
23:21:41.0489 3088 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:21:41.0516 3088 clr_optimization_v2.0.50727_32 - ok
23:21:41.0558 3088 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:21:41.0652 3088 CmBatt - ok
23:21:41.0677 3088 [ 59172A0724F2AB769F31D61B0571D75B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:21:41.0693 3088 cmdide - ok
23:21:41.0732 3088 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:21:41.0771 3088 Compbatt - ok
23:21:41.0779 3088 COMSysApp - ok
23:21:41.0816 3088 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:21:41.0833 3088 crcdisk - ok
23:21:41.0850 3088 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:21:41.0939 3088 Crusoe - ok
23:21:41.0981 3088 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:21:42.0038 3088 CryptSvc - ok
23:21:42.0092 3088 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
23:21:42.0206 3088 DcomLaunch - ok
23:21:42.0217 3088 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:21:42.0290 3088 DfsC - ok
23:21:42.0401 3088 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
23:21:42.0625 3088 DFSR - ok
23:21:42.0686 3088 [ 4E04126C04C38DA7FF86C2AFC87E89AC ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:21:42.0731 3088 Dhcp - ok
23:21:42.0756 3088 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
23:21:42.0780 3088 disk - ok
23:21:42.0819 3088 [ 05D7E62FD2EABAD579EB4D0C29245EEC ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:21:42.0894 3088 Dnscache - ok
23:21:42.0938 3088 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
23:21:43.0041 3088 dot3svc - ok
23:21:43.0094 3088 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
23:21:43.0134 3088 DPS - ok
23:21:43.0168 3088 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:21:43.0247 3088 drmkaud - ok
23:21:43.0286 3088 [ B95202EFD0464D226E7542C1E319C028 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:21:43.0362 3088 DXGKrnl - ok
23:21:43.0390 3088 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:21:43.0465 3088 E1G60 - ok
23:21:43.0505 3088 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
23:21:43.0570 3088 EapHost - ok
23:21:43.0606 3088 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
23:21:43.0621 3088 Ecache - ok
23:21:43.0685 3088 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:21:43.0725 3088 ehRecvr - ok
23:21:43.0753 3088 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
23:21:43.0785 3088 ehSched - ok
23:21:43.0812 3088 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
23:21:43.0828 3088 ehstart - ok
23:21:43.0870 3088 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:21:43.0895 3088 elxstor - ok
23:21:43.0954 3088 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:21:44.0036 3088 EMDMgmt - ok
23:21:44.0084 3088 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
23:21:44.0116 3088 EventSystem - ok
23:21:44.0142 3088 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:21:44.0216 3088 fastfat - ok
23:21:44.0255 3088 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:21:44.0323 3088 fdc - ok
23:21:44.0330 3088 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
23:21:44.0407 3088 fdPHost - ok
23:21:44.0432 3088 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
23:21:44.0489 3088 FDResPub - ok
23:21:44.0519 3088 [ B2B2C38E916184FF8523C7439DDD417F ] FETNDIS C:\Windows\system32\DRIVERS\fetnd5.sys
23:21:44.0592 3088 FETNDIS - ok
23:21:44.0601 3088 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:21:44.0614 3088 FileInfo - ok
23:21:44.0635 3088 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:21:44.0701 3088 Filetrace - ok
23:21:44.0842 3088 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe
23:21:45.0059 3088 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
23:21:45.0059 3088 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
23:21:45.0125 3088 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:21:45.0224 3088 flpydisk - ok
23:21:45.0249 3088 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:21:45.0272 3088 FltMgr - ok
23:21:45.0343 3088 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:21:45.0395 3088 FontCache3.0.0.0 - ok
23:21:45.0443 3088 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:21:45.0508 3088 Fs_Rec - ok
23:21:45.0545 3088 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:21:45.0565 3088 gagp30kx - ok
23:21:45.0642 3088 [ 51B2D8629E1A0F463682F365D56325CB ] GnabService c:\program files\common files\gnab\service\servicecontroller.exe
23:21:46.0071 3088 GnabService ( UnsignedFile.Multi.Generic ) - warning
23:21:46.0071 3088 GnabService - detected UnsignedFile.Multi.Generic (1)
23:21:46.0138 3088 [ 4A381768FCAF9096EC96A29F9602A3ED ] GoogleDesktopManager C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
23:21:46.0198 3088 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - warning
23:21:46.0198 3088 GoogleDesktopManager - detected UnsignedFile.Multi.Generic (1)
23:21:46.0264 3088 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
23:21:46.0391 3088 gpsvc - ok
23:21:46.0463 3088 [ A6EE96D04E0455A76A0BE1400147DE9F ] GPVPNService C:\Program Files\gateProtect\VPN Client\bin\GPVPNService.exe
23:21:46.0518 3088 GPVPNService ( UnsignedFile.Multi.Generic ) - warning
23:21:46.0518 3088 GPVPNService - detected UnsignedFile.Multi.Generic (1)
23:21:46.0613 3088 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:21:46.0631 3088 gupdate - ok
23:21:46.0680 3088 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:21:46.0696 3088 gupdatem - ok
23:21:46.0791 3088 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:21:46.0822 3088 gusvc - ok
23:21:46.0873 3088 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:21:46.0970 3088 HdAudAddService - ok
23:21:46.0998 3088 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:21:47.0037 3088 HDAudBus - ok
23:21:47.0061 3088 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:21:47.0129 3088 HidBth - ok
23:21:47.0157 3088 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:21:47.0228 3088 HidIr - ok
23:21:47.0254 3088 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
23:21:47.0333 3088 hidserv - ok
23:21:47.0386 3088 [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:21:47.0416 3088 HidUsb - ok
23:21:47.0441 3088 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
23:21:47.0499 3088 hkmsvc - ok
23:21:47.0577 3088 [ 8B566EA71D5B76157A9CDB78F25A5731 ] Hotkey C:\Windows\system32\drivers\Hotkey.sys
23:21:47.0649 3088 Hotkey ( UnsignedFile.Multi.Generic ) - warning
23:21:47.0649 3088 Hotkey - detected UnsignedFile.Multi.Generic (1)
23:21:47.0697 3088 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:21:47.0710 3088 HpCISSs - ok
23:21:47.0759 3088 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:21:47.0818 3088 HTTP - ok
23:21:47.0865 3088 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:21:47.0883 3088 i2omp - ok
23:21:47.0943 3088 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:21:48.0004 3088 i8042prt - ok
23:21:48.0083 3088 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23:21:48.0123 3088 IAANTMON - ok
23:21:48.0166 3088 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:21:48.0200 3088 iaStor - ok
23:21:48.0243 3088 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:21:48.0277 3088 iaStorV - ok
23:21:48.0351 3088 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:21:48.0450 3088 idsvc - ok
23:21:48.0473 3088 igfx - ok
23:21:48.0503 3088 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:21:48.0528 3088 iirsp - ok
23:21:48.0583 3088 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
23:21:48.0726 3088 IKEEXT - ok
23:21:48.0908 3088 [ 4E38A2883DF3BA382A59132B3E7D709E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:21:49.0052 3088 IntcAzAudAddService - ok
23:21:49.0081 3088 [ 59B00EFB24EAD979BECF413703BB1FAC ] intelide C:\Windows\system32\drivers\intelide.sys
23:21:49.0116 3088 intelide - ok
23:21:49.0139 3088 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:21:49.0238 3088 intelppm - ok
23:21:49.0262 3088 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:21:49.0375 3088 IPBusEnum - ok
23:21:49.0401 3088 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:21:49.0507 3088 IpFilterDriver - ok
23:21:49.0548 3088 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:21:49.0590 3088 iphlpsvc - ok
23:21:49.0606 3088 IpInIp - ok
23:21:49.0625 3088 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:21:49.0707 3088 IPMIDRV - ok
23:21:49.0738 3088 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:21:49.0817 3088 IPNAT - ok
23:21:49.0834 3088 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:21:49.0909 3088 IRENUM - ok
23:21:49.0935 3088 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:21:49.0949 3088 isapnp - ok
23:21:49.0968 3088 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:21:49.0984 3088 iScsiPrt - ok
23:21:50.0000 3088 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:21:50.0014 3088 iteatapi - ok
23:21:50.0034 3088 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:21:50.0049 3088 iteraid - ok
23:21:50.0085 3088 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:21:50.0099 3088 kbdclass - ok
23:21:50.0131 3088 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:21:50.0177 3088 kbdhid - ok
23:21:50.0208 3088 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
23:21:50.0258 3088 KeyIso - ok
23:21:50.0290 3088 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:21:50.0322 3088 KSecDD - ok
23:21:50.0382 3088 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
23:21:50.0469 3088 KtmRm - ok
23:21:50.0497 3088 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
23:21:50.0561 3088 LanmanServer - ok
23:21:50.0610 3088 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:21:50.0635 3088 LanmanWorkstation - ok
23:21:50.0673 3088 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:21:50.0730 3088 lltdio - ok
23:21:50.0764 3088 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:21:50.0825 3088 lltdsvc - ok
23:21:50.0844 3088 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:21:50.0920 3088 lmhosts - ok
23:21:50.0942 3088 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:21:50.0956 3088 LSI_FC - ok
23:21:50.0997 3088 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:21:51.0011 3088 LSI_SAS - ok
23:21:51.0041 3088 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:21:51.0057 3088 LSI_SCSI - ok
23:21:51.0079 3088 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
23:21:51.0149 3088 luafv - ok
23:21:51.0178 3088 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:21:51.0199 3088 Mcx2Svc - ok
23:21:51.0227 3088 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
23:21:51.0242 3088 megasas - ok
23:21:51.0276 3088 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
23:21:51.0355 3088 MMCSS - ok
23:21:51.0378 3088 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
23:21:51.0444 3088 Modem - ok
23:21:51.0480 3088 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:21:51.0528 3088 monitor - ok
23:21:51.0564 3088 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:21:51.0579 3088 mouclass - ok
23:21:51.0605 3088 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:21:51.0660 3088 mouhid - ok
23:21:51.0711 3088 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:21:51.0727 3088 MountMgr - ok
23:21:51.0810 3088 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:21:51.0865 3088 MozillaMaintenance - ok
23:21:51.0891 3088 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
23:21:51.0911 3088 mpio - ok
23:21:51.0950 3088 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:21:52.0002 3088 mpsdrv - ok
23:21:52.0037 3088 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
23:21:52.0081 3088 MpsSvc - ok
23:21:52.0111 3088 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:21:52.0123 3088 Mraid35x - ok
23:21:52.0160 3088 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:21:52.0194 3088 MRxDAV - ok
23:21:52.0211 3088 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:21:52.0260 3088 mrxsmb - ok
23:21:52.0282 3088 [ A6130566AC4178473B5DAC8F8F74407D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:21:52.0314 3088 mrxsmb10 - ok
23:21:52.0340 3088 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:21:52.0378 3088 mrxsmb20 - ok
23:21:52.0415 3088 [ 86068B8B54A5EB092F51657F00B2222A ] msahci C:\Windows\system32\drivers\msahci.sys
23:21:52.0433 3088 msahci - ok
23:21:52.0468 3088 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:21:52.0486 3088 msdsm - ok
23:21:52.0505 3088 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
23:21:52.0533 3088 MSDTC - ok
23:21:52.0557 3088 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:21:52.0649 3088 Msfs - ok
23:21:52.0676 3088 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:21:52.0693 3088 msisadrv - ok
23:21:52.0731 3088 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:21:52.0808 3088 MSiSCSI - ok
23:21:52.0814 3088 msiserver - ok
23:21:52.0852 3088 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:21:52.0922 3088 MSKSSRV - ok
23:21:52.0943 3088 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:21:52.0999 3088 MSPCLOCK - ok
23:21:53.0013 3088 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:21:53.0084 3088 MSPQM - ok
23:21:53.0111 3088 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:21:53.0125 3088 MsRPC - ok
23:21:53.0141 3088 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:21:53.0154 3088 mssmbios - ok
23:21:53.0163 3088 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:21:53.0238 3088 MSTEE - ok
23:21:53.0263 3088 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
23:21:53.0275 3088 Mup - ok
23:21:53.0324 3088 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
23:21:53.0414 3088 napagent - ok
23:21:53.0480 3088 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:21:53.0568 3088 NativeWifiP - ok
23:21:53.0610 3088 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
23:21:53.0635 3088 NDIS - ok
23:21:53.0688 3088 [ 658B0FDD57EBE34DB6FA1E00141C3640 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:21:53.0717 3088 NdisTapi - ok
23:21:53.0750 3088 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:21:53.0830 3088 Ndisuio - ok
23:21:53.0857 3088 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:21:53.0916 3088 NdisWan - ok
23:21:53.0944 3088 [ DBCC3F1E63AC0E00BA368C55C514B468 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:21:53.0969 3088 NDProxy - ok
23:21:54.0076 3088 [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
23:21:54.0196 3088 Nero BackItUp Scheduler 3 - ok
23:21:54.0249 3088 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:21:54.0330 3088 NetBIOS - ok
23:21:54.0358 3088 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:21:54.0433 3088 netbt - ok
23:21:54.0451 3088 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
23:21:54.0469 3088 Netlogon - ok
23:21:54.0506 3088 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
23:21:54.0567 3088 Netman - ok
23:21:54.0599 3088 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
23:21:54.0699 3088 netprofm - ok
23:21:54.0758 3088 [ B05FFE38336193A9B988B00B230C5B80 ] netr28 C:\Windows\system32\DRIVERS\netr28.sys
23:21:54.0789 3088 netr28 - ok
23:21:54.0831 3088 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:21:54.0846 3088 NetTcpPortSharing - ok
23:21:54.0935 3088 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
23:21:55.0252 3088 NETw3v32 - ok
23:21:55.0401 3088 [ DD194A025D1C0472F45F57DE8D8388EB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
23:21:55.0671 3088 NETw4v32 - ok
23:21:55.0752 3088 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:21:55.0775 3088 nfrd960 - ok
23:21:55.0824 3088 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
23:21:55.0935 3088 NlaSvc - ok
23:21:56.0024 3088 [ D36107465E716CF2335A25C54B6D11C2 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
23:21:56.0044 3088 NMIndexingService - ok
23:21:56.0072 3088 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:21:56.0142 3088 Npfs - ok
23:21:56.0169 3088 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
23:21:56.0231 3088 nsi - ok
23:21:56.0248 3088 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:21:56.0315 3088 nsiproxy - ok
23:21:56.0393 3088 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:21:56.0451 3088 Ntfs - ok
23:21:56.0471 3088 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:21:56.0541 3088 ntrigdigi - ok
23:21:56.0560 3088 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
23:21:56.0626 3088 Null - ok
23:21:56.0937 3088 [ E2E55C958E46346A419EC341189BD8E3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:21:57.0501 3088 nvlddmkm - ok
23:21:57.0528 3088 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:21:57.0543 3088 nvraid - ok
23:21:57.0559 3088 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:21:57.0572 3088 nvstor - ok
23:21:57.0597 3088 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:21:57.0613 3088 nv_agp - ok
23:21:57.0619 3088 NwlnkFlt - ok
23:21:57.0629 3088 NwlnkFwd - ok
23:21:57.0711 3088 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:21:57.0739 3088 odserv - ok
23:21:57.0779 3088 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:21:57.0857 3088 ohci1394 - ok
23:21:57.0926 3088 [ 27915BDFF44CA08E85DA3D1DDB7B6ECD ] omniserv C:\Program Files\Softex\OmniPass\OmniServ.exe
23:21:57.0964 3088 omniserv ( UnsignedFile.Multi.Generic ) - warning
23:21:57.0964 3088 omniserv - detected UnsignedFile.Multi.Generic (1)
23:21:58.0001 3088 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:21:58.0018 3088 ose - ok
23:21:58.0067 3088 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:21:58.0149 3088 p2pimsvc - ok
23:21:58.0189 3088 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
23:21:58.0231 3088 p2psvc - ok
23:21:58.0279 3088 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:21:58.0386 3088 Parport - ok
23:21:58.0407 3088 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:21:58.0424 3088 partmgr - ok
23:21:58.0439 3088 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
23:21:58.0495 3088 Parvdm - ok
23:21:58.0505 3088 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:21:58.0543 3088 PcaSvc - ok
23:21:58.0553 3088 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
23:21:58.0568 3088 pci - ok
23:21:58.0642 3088 [ 304048C2565A803D091CCA1AC945F593 ] pciide C:\Windows\system32\drivers\pciide.sys
23:21:58.0655 3088 pciide - ok
23:21:58.0676 3088 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:21:58.0693 3088 pcmcia - ok
23:21:58.0786 3088 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:21:58.0933 3088 PEAUTH - ok
23:21:59.0030 3088 [ F433B5AA6DBAC3C8626EEFAF134E4763 ] PhilCap C:\Windows\system32\DRIVERS\PhilCap.sys
23:21:59.0126 3088 PhilCap - ok
23:21:59.0197 3088 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
23:21:59.0340 3088 pla - ok
23:21:59.0383 3088 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:21:59.0425 3088 PlugPlay - ok
23:21:59.0466 3088 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:21:59.0508 3088 PNRPAutoReg - ok
23:21:59.0555 3088 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:21:59.0616 3088 PNRPsvc - ok
23:21:59.0685 3088 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:21:59.0802 3088 PolicyAgent - ok
23:21:59.0849 3088 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:21:59.0893 3088 PptpMiniport - ok
23:21:59.0923 3088 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
23:22:00.0014 3088 Processor - ok
23:22:00.0044 3088 [ 8B8E8F4734C5C576E3B910DB73756CF1 ] ProfSvc C:\Windows\system32\profsvc.dll
23:22:00.0072 3088 ProfSvc - ok
23:22:00.0093 3088 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:22:00.0119 3088 ProtectedStorage - ok
23:22:00.0157 3088 [ C35020E28A9F3537CD9EB435A932A090 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:22:00.0179 3088 PSched - ok
23:22:00.0234 3088 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:22:00.0374 3088 ql2300 - ok
23:22:00.0409 3088 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:22:00.0430 3088 ql40xx - ok
23:22:00.0469 3088 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
23:22:00.0493 3088 QWAVE - ok
23:22:00.0511 3088 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:22:00.0548 3088 QWAVEdrv - ok
23:22:00.0655 3088 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
23:22:00.0847 3088 R300 - ok
23:22:00.0872 3088 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:22:00.0953 3088 RasAcd - ok
23:22:00.0983 3088 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
23:22:01.0051 3088 RasAuto - ok
23:22:01.0073 3088 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:22:01.0102 3088 Rasl2tp - ok
23:22:01.0128 3088 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
23:22:01.0239 3088 RasMan - ok
23:22:01.0272 3088 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:22:01.0374 3088 RasPppoe - ok
23:22:01.0408 3088 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:22:01.0472 3088 rdbss - ok
23:22:01.0492 3088 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:22:01.0548 3088 RDPCDD - ok
23:22:01.0572 3088 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:22:01.0645 3088 rdpdr - ok
23:22:01.0653 3088 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:22:01.0710 3088 RDPENCDD - ok
23:22:01.0733 3088 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:22:01.0807 3088 RDPWD - ok
23:22:01.0860 3088 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
23:22:01.0918 3088 RemoteAccess - ok
23:22:01.0959 3088 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:22:02.0032 3088 RemoteRegistry - ok
23:22:02.0129 3088 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
23:22:02.0157 3088 RichVideo - ok
23:22:02.0195 3088 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
23:22:02.0230 3088 RpcLocator - ok
23:22:02.0274 3088 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
23:22:02.0304 3088 RpcSs - ok
23:22:02.0347 3088 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:22:02.0403 3088 rspndr - ok
23:22:02.0448 3088 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
23:22:02.0485 3088 RTL8169 - ok
23:22:02.0522 3088 [ 557D431125AA3D58F2D132FDA1EB8255 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
23:22:02.0556 3088 RTSTOR - ok
23:22:02.0570 3088 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
23:22:02.0591 3088 SamSs - ok
23:22:02.0615 3088 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:22:02.0632 3088 sbp2port - ok
23:22:02.0672 3088 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:22:02.0757 3088 SCardSvr - ok
23:22:02.0810 3088 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
23:22:02.0868 3088 Schedule - ok
23:22:02.0903 3088 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:22:02.0959 3088 SCPolicySvc - ok
23:22:02.0978 3088 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:22:03.0012 3088 SDRSVC - ok
23:22:03.0038 3088 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:22:03.0098 3088 secdrv - ok
23:22:03.0112 3088 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
23:22:03.0173 3088 seclogon - ok
23:22:03.0198 3088 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
23:22:03.0273 3088 SENS - ok
23:22:03.0293 3088 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:22:03.0349 3088 Serenum - ok
23:22:03.0374 3088 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:22:03.0433 3088 Serial - ok
23:22:03.0493 3088 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:22:03.0559 3088 sermouse - ok
23:22:03.0590 3088 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
23:22:03.0670 3088 SessionEnv - ok
23:22:03.0713 3088 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:22:03.0777 3088 sffdisk - ok
23:22:03.0788 3088 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:22:03.0875 3088 sffp_mmc - ok
23:22:03.0919 3088 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:22:03.0974 3088 sffp_sd - ok
23:22:03.0986 3088 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:22:04.0054 3088 sfloppy - ok
23:22:04.0097 3088 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:22:04.0133 3088 SharedAccess - ok
23:22:04.0165 3088 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:22:04.0199 3088 ShellHWDetection - ok
23:22:04.0255 3088 [ 93BEACC3815A4653A655C8BD7622FF63 ] Si3531 C:\Windows\system32\DRIVERS\Si3531.sys
23:22:04.0274 3088 Si3531 - ok
23:22:04.0291 3088 [ 165448BC832D424B97270C8D1276E24A ] SiFilter C:\Windows\system32\DRIVERS\SiWinAcc.sys
23:22:04.0306 3088 SiFilter - ok
23:22:04.0321 3088 [ 9BE8EA3A8C7E6D47E710F6FA14B7442B ] SiRemFil C:\Windows\system32\DRIVERS\SiRemFil.sys
23:22:04.0336 3088 SiRemFil - ok
23:22:04.0361 3088 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:22:04.0380 3088 SiSRaid2 - ok
23:22:04.0427 3088 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:22:04.0449 3088 SiSRaid4 - ok
23:22:04.0516 3088 [ 011E958267FEB6ED72F1BFA80072943C ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:22:04.0536 3088 SkypeUpdate - ok
23:22:04.0654 3088 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
23:22:05.0033 3088 slsvc - ok
23:22:05.0069 3088 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:22:05.0095 3088 SLUINotify - ok
23:22:05.0186 3088 [ 46BAF398809A0F3B2D3300A1760E4B91 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:22:05.0231 3088 Smb - ok
23:22:05.0277 3088 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:22:05.0328 3088 SNMPTRAP - ok
23:22:05.0447 3088 [ 279C771ED7D5D6132D7FE08EFC781FA4 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
23:22:05.0653 3088 SNP2UVC - ok
23:22:05.0686 3088 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
23:22:05.0708 3088 spldr - ok
23:22:05.0735 3088 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
23:22:05.0775 3088 Spooler - ok
23:22:05.0827 3088 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
23:22:05.0891 3088 srv - ok
23:22:05.0934 3088 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:22:06.0030 3088 srv2 - ok
23:22:06.0172 3088 [ BF94A7553EF257D70CB2287BF7A3BCE1 ] srvcPVR C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
23:22:06.0498 3088 srvcPVR ( UnsignedFile.Multi.Generic ) - warning
23:22:06.0498 3088 srvcPVR - detected UnsignedFile.Multi.Generic (1)
23:22:06.0535 3088 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:22:06.0555 3088 srvnet - ok
23:22:06.0581 3088 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:22:06.0648 3088 SSDPSRV - ok
23:22:06.0719 3088 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
23:22:06.0750 3088 stisvc - ok
23:22:06.0779 3088 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:22:06.0791 3088 swenum - ok
23:22:06.0815 3088 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
23:22:06.0890 3088 swprv - ok
23:22:06.0909 3088 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:22:06.0922 3088 Symc8xx - ok
23:22:06.0944 3088 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:22:06.0957 3088 Sym_hi - ok
23:22:06.0975 3088 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:22:07.0003 3088 Sym_u3 - ok
23:22:07.0057 3088 [ 4C6DE67EBB6C487F7690A373FCFDE279 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:22:07.0074 3088 SynTP - ok
23:22:07.0124 3088 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
23:22:07.0203 3088 SysMain - ok
23:22:07.0241 3088 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:22:07.0265 3088 TabletInputService - ok
23:22:07.0286 3088 [ D8C94D074FE516A8509DFA1D81F8AD17 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
23:22:07.0344 3088 tap0901 - ok
23:22:07.0370 3088 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:22:07.0450 3088 TapiSrv - ok
23:22:07.0470 3088 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
23:22:07.0547 3088 TBS - ok
23:22:07.0601 3088 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:22:07.0706 3088 Tcpip - ok
23:22:07.0726 3088 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:22:07.0764 3088 Tcpip6 - ok
23:22:07.0818 3088 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:22:07.0893 3088 tcpipreg - ok
23:22:07.0919 3088 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:22:08.0002 3088 TDPIPE - ok
23:22:08.0050 3088 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:22:08.0159 3088 TDTCP - ok
23:22:08.0184 3088 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:22:08.0250 3088 tdx - ok
23:22:08.0267 3088 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:22:08.0280 3088 TermDD - ok
23:22:08.0324 3088 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
23:22:08.0390 3088 TermService - ok
23:22:08.0420 3088 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
23:22:08.0448 3088 Themes - ok
23:22:08.0459 3088 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
23:22:08.0518 3088 THREADORDER - ok
23:22:08.0530 3088 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
23:22:08.0606 3088 TrkWks - ok
23:22:08.0693 3088 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:22:08.0726 3088 TrustedInstaller - ok
23:22:08.0751 3088 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:22:08.0807 3088 tssecsrv - ok
23:22:08.0854 3088 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:22:08.0872 3088 tunmp - ok
23:22:08.0882 3088 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:22:08.0900 3088 tunnel - ok
23:22:08.0929 3088 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:22:08.0944 3088 uagp35 - ok
23:22:08.0964 3088 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:22:09.0039 3088 udfs - ok
23:22:09.0088 3088 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:22:09.0106 3088 UI0Detect - ok
23:22:09.0128 3088 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:22:09.0142 3088 uliagpkx - ok
23:22:09.0222 3088 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:22:09.0242 3088 uliahci - ok
23:22:09.0274 3088 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:22:09.0290 3088 UlSata - ok
23:22:09.0309 3088 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:22:09.0325 3088 ulsata2 - ok
23:22:09.0340 3088 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:22:09.0410 3088 umbus - ok
23:22:09.0447 3088 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
23:22:09.0528 3088 upnphost - ok
23:22:09.0591 3088 [ F6BF998AE33E3FB6C7D27F0560F1173F ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:22:09.0649 3088 usbaudio - ok
23:22:09.0688 3088 [ 03B01E8DBD2DA2B49157B7E51912AAF2 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:22:09.0708 3088 usbccgp - ok
23:22:09.0725 3088 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:22:09.0783 3088 usbcir - ok
23:22:09.0811 3088 [ 2F83363F98484F8EDAF49F9B41520D14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:22:09.0838 3088 usbehci - ok
23:22:09.0861 3088 [ 14D2A4DCD92C0B3368667AED6893463D ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:22:09.0882 3088 usbhub - ok
23:22:09.0895 3088 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:22:09.0969 3088 usbohci - ok
23:22:09.0993 3088 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:22:10.0062 3088 usbprint - ok
23:22:10.0081 3088 [ 7DA1833F2B2500C755AB6C81C5ABFC88 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:22:10.0099 3088 USBSTOR - ok
23:22:10.0124 3088 [ 7747B902F6B7D0096F9C2BF55D3247F1 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:22:10.0139 3088 usbuhci - ok
23:22:10.0188 3088 [ 8CFFEB4AF074FD3E24BAD6381CC33361 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:22:10.0239 3088 usbvideo - ok
23:22:10.0275 3088 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
23:22:10.0350 3088 UxSms - ok
23:22:10.0380 3088 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
23:22:10.0437 3088 vds - ok
23:22:10.0496 3088 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:22:10.0569 3088 vga - ok
23:22:10.0606 3088 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
23:22:10.0704 3088 VgaSave - ok
23:22:10.0728 3088 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:22:10.0743 3088 viaagp - ok
23:22:10.0755 3088 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:22:10.0824 3088 ViaC7 - ok
23:22:10.0855 3088 [ 7AA7EC9A08DC2C39649C413B1A26E298 ] viaide C:\Windows\system32\drivers\viaide.sys
23:22:10.0869 3088 viaide - ok
23:22:10.0888 3088 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:22:10.0901 3088 volmgr - ok
23:22:10.0920 3088 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:22:10.0937 3088 volmgrx - ok
23:22:10.0956 3088 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:22:10.0974 3088 volsnap - ok
23:22:11.0004 3088 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:22:11.0020 3088 vsmraid - ok
23:22:11.0083 3088 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
23:22:11.0157 3088 VSS - ok
23:22:11.0281 3088 [ 87C57CBE385E00726A2113614F6C6BD2 ] vToolbarUpdater14.1.7 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe
23:22:11.0425 3088 vToolbarUpdater14.1.7 - ok
23:22:11.0458 3088 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
23:22:11.0521 3088 W32Time - ok
23:22:11.0543 3088 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:22:11.0618 3088 WacomPen - ok
23:22:11.0659 3088 [ C08D40E3F2BBE617782E7F9DE5F5EC20 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:22:11.0689 3088 Wanarp - ok
23:22:11.0695 3088 [ C08D40E3F2BBE617782E7F9DE5F5EC20 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:22:11.0714 3088 Wanarpv6 - ok
23:22:11.0743 3088 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:22:11.0772 3088 wcncsvc - ok
23:22:11.0795 3088 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:22:11.0836 3088 WcsPlugInService - ok
23:22:11.0864 3088 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
23:22:11.0879 3088 Wd - ok
23:22:11.0926 3088 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:22:11.0960 3088 Wdf01000 - ok
23:22:11.0995 3088 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:22:12.0051 3088 WdiServiceHost - ok
23:22:12.0058 3088 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:22:12.0084 3088 WdiSystemHost - ok
23:22:12.0129 3088 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
23:22:12.0172 3088 WebClient - ok
23:22:12.0198 3088 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
23:22:12.0278 3088 Wecsvc - ok
23:22:12.0298 3088 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:22:12.0364 3088 wercplsupport - ok
23:22:12.0379 3088 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
23:22:12.0440 3088 WerSvc - ok
23:22:12.0503 3088 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:22:12.0521 3088 WinDefend - ok
23:22:12.0530 3088 WinHttpAutoProxySvc - ok
23:22:12.0603 3088 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:22:12.0660 3088 Winmgmt - ok
23:22:12.0708 3088 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
23:22:12.0778 3088 WinRM - ok
23:22:12.0842 3088 [ F0FE933E27F1E2A83FF322A0693A4724 ] WisLMSvc C:\Program Files\Launch Manager\WisLMSvc.exe
23:22:12.0862 3088 WisLMSvc ( UnsignedFile.Multi.Generic ) - warning
23:22:12.0862 3088 WisLMSvc - detected UnsignedFile.Multi.Generic (1)
23:22:12.0909 3088 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:22:12.0939 3088 Wlansvc - ok
23:22:12.0987 3088 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:22:13.0013 3088 WmiAcpi - ok
23:22:13.0059 3088 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:22:13.0093 3088 wmiApSrv - ok
23:22:13.0185 3088 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:22:13.0305 3088 WMPNetworkSvc - ok
23:22:13.0359 3088 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:22:13.0388 3088 WPCSvc - ok
23:22:13.0406 3088 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:22:13.0444 3088 WPDBusEnum - ok
23:22:13.0473 3088 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:22:13.0554 3088 WpdUsb - ok
23:22:13.0604 3088 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:22:13.0662 3088 ws2ifsl - ok
23:22:13.0684 3088 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
23:22:13.0706 3088 wscsvc - ok
23:22:13.0712 3088 WSearch - ok
23:22:13.0832 3088 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
23:22:14.0084 3088 wuauserv - ok
23:22:14.0179 3088 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:22:14.0256 3088 WUDFRd - ok
23:22:14.0286 3088 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:22:14.0352 3088 wudfsvc - ok
23:22:14.0419 3088 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
23:22:14.0476 3088 XUIF - ok
23:22:14.0536 3088 ================ Scan global ===============================
23:22:14.0567 3088 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
23:22:14.0615 3088 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
23:22:14.0648 3088 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
23:22:14.0694 3088 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
23:22:14.0700 3088 [Global] - ok
23:22:14.0700 3088 ================ Scan MBR ==================================
23:22:14.0713 3088 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:22:15.0163 3088 \Device\Harddisk0\DR0 - ok
23:22:15.0164 3088 ================ Scan VBR ==================================
23:22:15.0180 3088 [ E469F8A92404AC24759CA938007B248C ] \Device\Harddisk0\DR0\Partition1
23:22:15.0182 3088 \Device\Harddisk0\DR0\Partition1 - ok
23:22:15.0188 3088 [ 926DE62E4E5056316EDBDF9774B986EA ] \Device\Harddisk0\DR0\Partition2
23:22:15.0191 3088 \Device\Harddisk0\DR0\Partition2 - ok
23:22:15.0193 3088 ============================================================
23:22:15.0193 3088 Scan finished
23:22:15.0193 3088 ============================================================
23:22:15.0215 5208 Detected object count: 8
23:22:15.0215 5208 Actual detected object count: 8
23:23:01.0628 5208 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
23:23:01.0629 5208 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:23:01.0633 5208 GnabService ( UnsignedFile.Multi.Generic ) - skipped by user
23:23:01.0633 5208 GnabService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:23:01.0637 5208 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user
23:23:01.0637 5208 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:23:01.0641 5208 GPVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
23:23:01.0642 5208 GPVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:23:01.0642 5208 Hotkey ( UnsignedFile.Multi.Generic ) - skipped by user
23:23:01.0643 5208 Hotkey ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:23:01.0647 5208 omniserv ( UnsignedFile.Multi.Generic ) - skipped by user
23:23:01.0647 5208 omniserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:23:01.0651 5208 srvcPVR ( UnsignedFile.Multi.Generic ) - skipped by user
23:23:01.0651 5208 srvcPVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:23:01.0655 5208 WisLMSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:23:01.0656 5208 WisLMSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
__________________

Alt 13.02.2013, 10:19   #4
markusg
/// Malware-holic
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.02.2013, 22:36   #5
Katja1
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Hallo,

hier das Logfile Combifix.txt im Anhang
gibt es schon irgendwelche Erkenntnisse?

Grüße Katja1

Angehängte Dateien
Dateityp: txt ComboFix.txt (10,2 KB, 456x aufgerufen)

Alt 14.02.2013, 11:10   #6
markusg
/// Malware-holic
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Hi
immer mit der Ruhe.
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
--> Browser gekapert google wird auf isearch.avg weitergeleitet

Alt 14.02.2013, 21:23   #7
Katja1
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Hallo

Hier das Malwarebytes Anti-Malware Logfile

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.14.08

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.16982
Katja :: KATJA-NOTEBOOK [Administrator]

Schutz: Aktiviert

14.02.2013 21:00:44
mbam-log-2013-02-14 (21-00-44).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 319623
Laufzeit: 1 Stunde(n), 2 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 14.02.2013, 21:25   #8
markusg
/// Malware-holic
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Hi
ist das ein fertig pc, dann sag mir mal hersteller und Typ.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.02.2013, 22:23   #9
Katja1
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Ja, es handelt sich um ein Medion Notebook MD96630

neu aufsetzen möchte ich ihn aber nicht. Es war recht teuer den Gateprotect VPN Client
und die Remotedesktopverbindung installieren zu lassen. Zwei Anläufe durch fragl. kompetenten Servicetechniker waren notwendig.

Alt 14.02.2013, 22:27   #10
markusg
/// Malware-holic
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



sollst du ja nicht.
ich möchte aber später die Windows updates instalieren, dafür benötigen wir die Treiber Updates:
MEDION Deutschland - Produktinformation
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 14.02.2013, 23:02   #11
Katja1
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Nun habe ich alle Treiber heruntergeladen, nach Extrahieren befinden sie sich als je eigener Ordner im C:\Medion Ordner.
und nun?

Alt 14.02.2013, 23:06   #12
markusg
/// Malware-holic
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Dort müssten ausführbare Programme sein, die musst du dann starten und die Treiber instalieren.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.02.2013, 22:20   #13
Katja1
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Hallo,
die Treiberupdates habe ich
ist mir etwas entgangen oder gab es in den 5 scans bisher keine Malwarefunde?

Gruß Kati1

Alt 15.02.2013, 22:24   #14
markusg
/// Malware-holic
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



immer mit der Ruhe.
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.02.2013, 12:21   #15
Katja1
 
Browser gekapert google wird auf isearch.avg weitergeleitet - Standard

Browser gekapert google wird auf isearch.avg weitergeleitet



Hallo,

hier die editierte Programmliste aus CC Cleaner


Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 01.03.2008 13,5MB notwendig
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 09.02.2013 11.5.502.149 notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 09.02.2013 11.5.502.149 notwendig
Adobe Reader 9.5.3 - Deutsch Adobe Systems Incorporated 14.01.2013 123MB 9.5.3 notwendig
Adobe Shockwave Player Adobe Systems, Inc. 01.03.2008 10.2.0.23 notwendig
Agere Systems HDA Modem Agere Systems 18.09.2007 unbekannt
ALDI Foto Manager Free Sued MAGIX AG 16.12.20008 51,6MB 3.4.0.466 unnötig
ALDI Online Druck Service (Sued) 01.03.2008 unnötig 8,09MB unnötig
ALDI Sued Foto Service MAGIX AG 16.12.2007 57,2MB 1.12.0.93 unnötig
Aldi Süd Fotoservice 01.03.2008 41,7MB unnötig
Apple Software Update Apple Inc. 24.07.2011 2,38MB 2.1.3.127 unnötig
AVG 2012 AVG Technologies 30.01.2013 109MB 2012.1.2238
AVG Security Toolbar AVG Technologies 11.02.2013 20,5MB 14.1.0.10
AVM FRITZ!Box Druckeranschluss AVM Berlin 23.10.2011 notwendig
AVM FRITZ!Box USB-Fernanschluss AVM Berlin 25.09.2011 2.2.1.0 notwendig
CCleaner Piriform 23.01.2013 3,82MB 3.27
Compatibility Pack für 2007 Office System Microsoft Corporation 23.10.2007 103MB 12.0.4518.1014
CyberLink Power2Go CyberLink Corp. 15.12.2007 124MB 6.0.1109a unbekannt
CyberLink YouCam CyberLink Corp. 15.12.2007 39,0MB 1.00.0000 unbekannt
Firebird SQL Server - MAGIX Edition MAGIX AG 16.12.2007 6,56MB 2.0.1.8 unbekannt
gateProtect VPN Client 1.5 22.09.2010 6,25MB notwendig
Google Chrome Google Inc. 03.01.2013 334MB 24.0.1312.57
Google Desktop Google 01.03.2008 7,91MB -unbekannt
Google Toolbar for Internet Explorer Google Inc. 15.12.2012 11,9MB 7.4.3607.2246 unnötig
Intel(R) Matrix Storage Manager 01.03.2008 3,77MB unbekannt/system
Java 7 Update 13 Oracle 11.02.2013 129MB 7.0.130 unnötig
Java(TM) 6 Update 3 Sun Microsystems, Inc. 23.10.2007 168MB 1.6.0.30 unnötig
Launch Manager V1.4.9 Wistron Corp. 23.10.2007 0,98MB 1.4.9 unbekannt system?
Letstrade Buhl Data Service 23.10.2007 25,9MB 1.00.0000 bloatware unnötig
MakeDisc CyberLink Corp. 01.03.2008 101MB 3.0.2320 unbekannt
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 14.02.2013 12,2MB 1.70.0.1100
MediaShow CyberLink Corporation 01.03.2008 33,0MB 3.0.4325 bloat unbekannt
MEDION Fotos auf CD Sued MAGIX AG 16.12.2007 649MB 6.0.2.0 unnötig
MEDIONbox Medion 17.12.2007 26,9MB 1.09.0000.00052 unbekannt
Microsoft .NET Framework 1.1 23.10.2007 wahrscheinlich notwendig
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 12.08.2012 36,9MB unbekannt
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 15.03.2010 27,8MB unbekannt
Microsoft Office Home and Student 2007 Microsoft Corporation 16.12.2007 299MB 12.0.6215.1000 notwendig
Microsoft Office PowerPoint Viewer 2007 (German) Microsoft Corporation 23.10.2007 89,0MB 12.0.4518.1014 unbekannt
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 18.09.2007 422KB 8.0.56336 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 24.07.2011 590KB 9.0.30729.4148 unbekannt
Microsoft Works Microsoft Corporation 23.10.2007 378MB 9.7.0621 notwendig
Mozilla Firefox 18.0.2 (x86 de) Mozilla 09.02.2013 43,3MB 18.0.2 notwendig
Mozilla Maintenance Service Mozilla 09.02.2013 204KB 18.0.2 notwendig
MSXML 4.0 SP2 (KB925672) Microsoft Corporation 18.09.2007 1,23MB 4.20.9839.0 unbekannt
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 18.09.2007 1,23MB 4.20.9841.0
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 18.09.2007 1,26MB 4.20.9848.0
MSXML 4.0 SP2 (KB941833) Microsoft Corporation 17.10.2007 1,26MB 4.20.9849.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 15.03.2010 35,0KB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 15.03.2010 1,33MB 4.20.9876.0 alle unbekannt
MyPhoneExplorer F.J. Wechselberger 12.02.2013 18,0MB 1.8.4 notwendig
Nero 8 Essentials Nero AG 24.10.2007 1,82GB 8.10.124 notwendig
NVIDIA Drivers 01.03.2008 unnötig
OmniPass 5.00.91 Softex Inc. 15.12.2007 26,5MB 5.00.91 unnötig
PhotoNow! CyberLink Corp. 01.03.2008 1,59MB 1.0.4310 unbekannt
PowerDirector CyberLink Corp. 15.12.2007 230MB 6.5.2209a notwendig
PowerDVD CyberLink Corporation 01.03.2008 87,2MB 7.0.3118.0 notwendig
PowerProducer CyberLink Corp. 01.03.2008 190MB 4.2.2219 notwendig
QuickTime Apple Computer, Inc. 26.03.2008 70,5MB 7.1.6.200 notwendig
Ralink Wireless LAN RaLink 17.12.2007 1,85MB 1.00.0000 notwendig
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista Realtek 18.09.2007 680KB 1.00.0000 notwendig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 15.12.2007 15,5MB 6.0.1.5506 notwendig
Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 15.12.2007 2,97MB notwendig
Sceneo AbsolutTV 01.03.2008 4,79MB unnötig
Skype™ 6.1 Skype Technologies S.A. 13.01.2013 21,1MB 6.1.129 notwendig
Synaptics Pointing Device Driver Synaptics 18.09.2007 13,6MB 10.0.14.0 notwendig
The Football News App Installer 12.02.2013 1,37MB 2.6 unnötig
Tinypic 3.18 E. Fiedler 28.07.2012 2,78MB Tinypic 3.18 notwendig
TVsweeper Sonavis 23.10.2007 4,02MB 3.0.2 unnötig
Ulead PhotoImpact 12 Ulead System 01.03.2008 389MB 12.0 nice to have unbekannt

Antwort

Themen zu Browser gekapert google wird auf isearch.avg weitergeleitet
autorun, avg, avg secure search, avg security toolbar, bho, browser, cid, defender, driver./avg, error, firefox, flash player, format, frage, google, helper, home, hotkey.sys, install.exe, intranet, isearch.avg, launch, logfile, mozilla, realtek, registry, rundll, scan, secure search, security, senden, svchost.exe, udp, vista, vtoolbarupdater



Ähnliche Themen: Browser gekapert google wird auf isearch.avg weitergeleitet


  1. Windows 7: Leerlauf Scan im BitDefender wird immer wieder ausgeschaltet und Browser Startseite "google" wird geändert
    Log-Analyse und Auswertung - 20.05.2014 (13)
  2. Windows 7: Chrome Browser verändert und Suchen werden weitergeleitet
    Log-Analyse und Auswertung - 20.01.2014 (7)
  3. Windows 8.1: Nationzoom hat die Browser gekapert (nutze in erster Linie Firefox)
    Plagegeister aller Art und deren Bekämpfung - 17.12.2013 (9)
  4. googel wird weitergeleitet - was hab ich mir da eingefangen ?
    Plagegeister aller Art und deren Bekämpfung - 27.05.2013 (2)
  5. Browser hat immer script akamaihd.net, Google Suche wird umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 26.02.2013 (34)
  6. Googlesuche wird auf falsche Seiten weitergeleitet.
    Log-Analyse und Auswertung - 07.01.2013 (9)
  7. Google wird umgeleitet, Browser extrem langsam, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 27.05.2012 (7)
  8. Google Suchbegriffe werden falsch weitergeleitet
    Log-Analyse und Auswertung - 24.10.2011 (14)
  9. Spyware - Google Suche wird weitergeleitet
    Log-Analyse und Auswertung - 04.10.2011 (18)
  10. Firefox: bei Google suche wird manchmal auf falsche seiten weitergeleitet
    Log-Analyse und Auswertung - 05.07.2011 (5)
  11. Googlesuchergebnisse werden auf fremde Seiten weitergeleitet + Browser friert ein
    Log-Analyse und Auswertung - 05.05.2011 (1)
  12. Google-Links auf S**-Seiten weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 27.03.2011 (23)
  13. PC gekapert, wird als Mailversender mißbraucht, Arbeitsplan ableiten
    Plagegeister aller Art und deren Bekämpfung - 27.01.2011 (24)
  14. Google-Ergebnisse falsch weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 22.12.2009 (34)
  15. Google-Treffer werden teilweise weitergeleitet
    Log-Analyse und Auswertung - 11.06.2009 (11)
  16. Google Ergebnisse auf andere Suchseiten weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 13.06.2008 (7)
  17. Google-Ergebnisse werden weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 21.05.2008 (9)

Zum Thema Browser gekapert google wird auf isearch.avg weitergeleitet - Hallo liebes Trojanerboard! Trotz oder gerade wegen AVG hat es mich wohl auch erwischt. Mein PC ist zum surfen kaum noch benutzbar. Suchanfragen von Chrome und IE und in etwas - Browser gekapert google wird auf isearch.avg weitergeleitet...
Archiv
Du betrachtest: Browser gekapert google wird auf isearch.avg weitergeleitet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.