Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: CouponDropDown - brauche Unterstützung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.02.2013, 22:06   #1
Surfershome
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



Habe mir den CouponDropDown Virus eingefangen und benötige Eure Hilfe - und nein, kenne mich am PC nicht wirklich aus
Habe Maleware installiert, den Suchlauf gestartet, 4 infizierte Dateien gelöscht

nach Neustart besteht das Problem noch immer - erweiterten Scan ausgeführt

Zitat:
Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.02.25.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
SurfersHome :: SURFERSHOME-PC [Administrator]

Schutz: Aktiviert

25.02.2013 21:21:29
MBAM-log-2013-02-25 (22-44-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 497373
Laufzeit: 1 Stunde(n), 21 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\Users\SurfersHome\Downloads\ka\XvidSetup (1).exe (Adware.Hotbar) -> Keine Aktion durchgeführt.
C:\Users\SurfersHome\Downloads\ka\XvidSetup (2).exe (Adware.Hotbar) -> Keine Aktion durchgeführt.
C:\Users\SurfersHome\Downloads\ka\XvidSetup (3).exe (Adware.Hotbar) -> Keine Aktion durchgeführt.
C:\Users\SurfersHome\Downloads\ka\XvidSetup (4).exe (Adware.Hotbar) -> Keine Aktion durchgeführt.
C:\Users\SurfersHome\Downloads\ka\XvidSetup.exe (Adware.Hotbar) -> Keine Aktion durchgeführt.

(Ende)
kein Plan wie weiter machen

hilft das?
hxxp://s14.directupload.net/file/d/3177/n5xsrm8t_png.htm

Geändert von Surfershome (25.02.2013 um 22:13 Uhr)

Alt 25.02.2013, 22:19   #2
markusg
/// Malware-holic
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



hi

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 25.02.2013, 22:45   #3
Surfershome
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



so?
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 25.02.2013 23:34:01 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\SurfersHome\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,56 Gb Available Physical Memory | 76,05% Memory free
11,99 Gb Paging File | 10,37 Gb Available in Paging File | 86,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 467,30 Gb Total Space | 265,13 Gb Free Space | 56,74% Space Free | Partition Type: NTFS
Drive D: | 453,45 Gb Total Space | 125,74 Gb Free Space | 27,73% Space Free | Partition Type: NTFS
 
Computer Name: SURFERSHOME-PC | User Name: SurfersHome | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.25 23:32:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SurfersHome\Downloads\OTL.exe
PRC - [2013.02.17 12:30:40 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013.02.17 12:30:40 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013.02.11 11:10:43 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013.01.11 17:10:54 | 000,823,296 | ---- | M] () -- C:\Program Files (x86)\apemap\apemap.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.12.11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012.12.05 13:22:40 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.12.05 13:22:38 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.01.24 10:48:00 | 002,537,264 | ---- | M] (Suunto Oy) -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\Moveslink.exe
PRC - [2011.12.06 22:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011.12.06 22:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011.11.03 16:20:58 | 000,803,144 | ---- | M] (AVG) -- C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
PRC - [2011.09.19 14:58:26 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2011.02.18 10:06:06 | 001,666,560 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE
PRC - [2011.02.18 10:05:32 | 000,495,616 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Kone Mouse\osd.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.03.06 19:48:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.04.07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files (x86)\dcmsvc\dcmsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.17 12:30:40 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013.02.17 12:30:40 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2013.02.14 10:16:47 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.14 10:16:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.11 17:10:54 | 000,823,296 | ---- | M] () -- C:\Program Files (x86)\apemap\apemap.exe
MOD - [2013.01.11 16:38:32 | 001,042,432 | ---- | M] () -- C:\Program Files (x86)\apemap\xxxx.apemap.dll
MOD - [2013.01.11 16:38:28 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\apemap\iphone.dll
MOD - [2013.01.10 18:07:21 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013.01.10 17:30:31 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 17:30:12 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 17:30:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 17:30:07 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 17:29:59 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013.01.09 14:42:06 | 004,091,904 | ---- | M] () -- C:\Program Files (x86)\apemap\apemap_net.dll
MOD - [2013.01.09 14:42:06 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\apemap\apemap_net_sdk.dll
MOD - [2013.01.09 14:41:44 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\apemap\general_net.dll
MOD - [2012.06.08 16:05:46 | 000,687,616 | ---- | M] () -- C:\Program Files (x86)\apemap\plugins\amgdal.dll
MOD - [2011.12.06 22:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011.11.03 16:21:06 | 000,350,024 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup\madExcept_.bpl
MOD - [2011.11.03 16:21:06 | 000,184,136 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup\madBasic_.bpl
MOD - [2011.11.03 16:21:06 | 000,050,504 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup\madDisAsm_.bpl
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:58:50 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.02.17 21:12:42 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2009.12.08 14:54:50 | 002,011,648 | ---- | M] () -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\QtCore4.dll
MOD - [2009.09.29 12:43:02 | 007,462,912 | ---- | M] () -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\QtGui4.dll
MOD - [2009.09.29 12:32:20 | 000,877,056 | ---- | M] () -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\QtNetwork4.dll
MOD - [2009.09.29 12:31:12 | 000,337,408 | ---- | M] () -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\QtXml4.dll
MOD - [2009.04.07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files (x86)\dcmsvc\dcmsvc.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.05.29 15:29:52 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.19 22:16:02 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.18 19:47:33 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.17 12:30:40 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013.02.07 13:24:12 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.05 13:22:40 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.05.29 15:29:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 15:29:52 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.02.15 22:29:01 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011.12.06 22:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011.09.19 14:58:26 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2011.05.21 05:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.06 19:48:39 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.25 15:49:12 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.02.17 12:30:40 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.11.15 23:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012.10.15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.10.02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.09.21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.09.21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012.09.14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.24 22:23:32 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2011.11.24 22:23:28 | 000,098,616 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011.11.08 11:59:12 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.17 15:44:46 | 000,044,480 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011.04.04 13:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011.03.31 13:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.04.01 13:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2009.12.01 22:19:16 | 000,649,472 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2009.12.01 22:18:32 | 000,617,216 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2009.08.21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.25 15:20:08 | 000,052,744 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PWFilterUsb.sys -- (PorscheWheelFilterUsb)
DRV:64bit: - [2009.01.29 16:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009.01.29 16:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008.12.11 06:56:54 | 000,015,488 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Kone.sys -- (KoneFltr)
DRV:64bit: - [2008.02.29 03:17:08 | 000,041,488 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2008.02.29 03:16:52 | 000,057,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2008.02.29 03:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2007.11.02 14:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.02.09 12:16:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=b0008733000000000000002564dcacbb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=b0008733000000000000002564dcacbb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3B 11 B4 03 61 AB CA 01  [binary data]
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=b0008733000000000000002564dcacbb
IE - HKCU\..\SearchScopes\{683CF7F4-6954-4E9E-8F69-CE3AA6BFE0A2}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={14098DEE-AAE8-4D68-8755-8EF6AE7AABBF}&mid=7642e9074e6ff815e24cd1f1903cfee2-d3bb868d81dc3e8dd2e32db581882440f9575925&lang=de&ds=AVG&pr=fr&d=2012-04-12 15:06:27&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D24BABCB-41E3-47E6-9DE5-87E89D9CE7EA}: "URL" = hxxp://search.avg.com/route/?d=4dc470aa&v=6.103.18.1&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.6.3
FF - prefs.js..extensions.enabledAddons: %7B5384767E-00D9-40E9-B72F-9CC39D655D6F%7D:1.4.2.1
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.3.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:14.2.0.1
FF - prefs.js..extensions.enabledAddons: formhistory%40yahoo.com:1.3.0.5
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.7
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7B7b1bf0b6-a1b9-42b0-b75d-252036438bdc%7D:5.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: "199.180.132.20"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.03.31 17:21:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.02.17 12:31:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.02.15 14:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.19 22:16:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.19 22:15:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.09 15:34:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.19 22:16:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.19 22:15:58 | 000,000,000 | ---D | M]
 
[2010.08.16 11:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Extensions
[2010.02.11 22:44:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.08.16 11:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.02.24 21:32:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions
[2012.10.24 21:46:35 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2013.02.24 21:32:24 | 000,000,000 | ---D | M] (Youtube High Definition) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
[2013.02.10 10:49:22 | 000,000,000 | ---D | M] (WOT) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.08.17 10:05:19 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\fb_add_on@avm.de
[2013.02.15 16:24:34 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\firefox@ghostery.com
[2013.02.18 19:46:16 | 000,000,000 | ---D | M] (Form History Control) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\formhistory@yahoo.com
[2012.12.23 20:24:23 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\ich@maltegoetz.de
[2012.11.17 23:28:51 | 000,284,001 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\compatibility@addons.mozilla.org.xpi
[2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.01.01 01:16:49 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\youtube2mp3@mondayx.de.xpi
[2013.01.30 09:40:27 | 000,004,412 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\youtubeunblocker@unblocker.yt.xpi
[2013.02.15 16:24:32 | 000,007,532 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
[2013.02.20 09:00:56 | 000,530,982 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.02.14 10:46:01 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010.02.12 21:53:32 | 000,000,873 | ---- | M] () -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\searchplugins\conduit.xml
[2013.02.15 13:55:00 | 000,001,294 | ---- | M] () -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\searchplugins\delta.xml
[2013.02.19 22:15:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.19 22:15:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.02.17 12:31:13 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.2.0.1
[2013.02.19 22:16:02 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.03.27 11:01:06 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\mozilla firefox\plugins\npPandoWebInst.dll
[2013.02.05 23:53:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.17 12:31:14 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2013.02.15 13:54:49 | 000,006,484 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013.02.05 23:53:50 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.05 23:53:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.05 23:53:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.05 23:53:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.05 23:53:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\\npsitesafety.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: Google Drive = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.9_0\
CHR - Extension: Poper Blocker = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche\1.62_0\
CHR - Extension: YouTube = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Video HD plugin = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\cneeknpibhnkjlaiompbocpmdiehehbn\2.9_0\
CHR - Extension: Google-Suche = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Perfect Converter You-tube to mp3 = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbkgjinbncbllcgboilkeiongklbih\2.0_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Auto HD For YouTube = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\3.3.8_0\
CHR - Extension: AVG Security Toolbar = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.1.0.10_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [dcmsvc] C:\Program Files (x86)\dcmsvc\dcmsvc.exe ()
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [Kone] C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [apemap] C:\Program Files (x86)\apemap\apemap.exe ()
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\SurfersHome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warner Bros.lnk = C:\Program Files (x86)\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: apemap.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16:64bit: - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.13.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43DF802F-04C3-42A8-B686-5F3EBC749B81}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\realconverter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\realplay.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\realtrimmer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\rnxproc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\warner bros. digital copy manager.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\realconverter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\realplay.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\realtrimmer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\rnxproc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\warner bros. digital copy manager.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{417ee2f1-86bf-11e0-8298-002564e52cd1}\Shell - "" = AutoRun
O33 - MountPoints2\{417ee2f1-86bf-11e0-8298-002564e52cd1}\Shell\AutoRun\command - "" = J:\TING.EXE
O33 - MountPoints2\{424d33fc-9843-11e1-abbd-002564dcacbb}\Shell - "" = AutoRun
O33 - MountPoints2\{424d33fc-9843-11e1-abbd-002564dcacbb}\Shell\AutoRun\command - "" = J:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.25 22:44:45 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\male
[2013.02.25 20:55:58 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\Malwarebytes
[2013.02.25 20:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.25 20:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.25 20:55:53 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.25 20:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.25 11:05:22 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\Desktop\Bewerbung
[2013.02.21 10:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.02.21 10:14:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.02.21 10:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.02.21 10:14:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.02.21 10:14:34 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.02.19 22:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.17 18:56:37 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\Skype
[2013.02.17 18:56:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.02.17 18:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.17 18:56:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.02.17 18:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.02.17 12:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2013.02.17 12:22:57 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\AVG2013
[2013.02.17 12:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013.02.17 12:15:22 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Local\MFAData
[2013.02.17 12:15:22 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Local\Avg2013
[2013.02.17 12:06:37 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\Documents\AVG
[2013.02.15 14:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.02.15 13:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.02.15 13:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.02.15 13:54:56 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\Delta
[2013.02.15 13:54:34 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\Babylon
[2013.02.15 13:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.02.15 13:54:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.01.31 09:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.25 23:23:33 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.25 23:23:33 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.25 23:16:26 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.25 23:16:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.25 23:15:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.25 22:42:09 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.25 20:55:54 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.24 19:53:17 | 000,000,000 | ---- | M] () -- C:\Users\SurfersHome\AppData\Local\prvlcl.dat
[2013.02.22 15:18:17 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.02.21 10:14:57 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.18 21:52:55 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.18 21:52:55 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.18 21:52:55 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.18 21:52:55 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.18 21:52:55 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.17 18:56:26 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.17 12:31:16 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.02.17 12:30:40 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.02.15 23:08:44 | 000,000,390 | ---- | M] () -- C:\Users\SurfersHome\Documents\Dokument.rtf
[2013.02.15 14:47:44 | 000,001,629 | ---- | M] () -- C:\Users\SurfersHome\Desktop\DivX Movies.lnk
[2013.02.15 14:47:28 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.02.15 14:47:13 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.02.14 10:13:57 | 000,319,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.25 20:55:54 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.17 18:56:26 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.17 12:18:47 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.02.15 23:08:44 | 000,000,390 | ---- | C] () -- C:\Users\SurfersHome\Documents\Dokument.rtf
[2013.02.15 14:47:44 | 000,001,629 | ---- | C] () -- C:\Users\SurfersHome\Desktop\DivX Movies.lnk
[2013.02.15 14:47:28 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.02.15 14:47:13 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.02.15 14:19:24 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.02.15 13:55:11 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.10.24 21:29:55 | 000,122,880 | ---- | C] () -- C:\Windows\UnGins.exe
[2012.08.07 19:03:59 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2012.08.03 09:37:34 | 000,000,945 | ---- | C] () -- C:\Users\SurfersHome\Launcher - Verknüpfung.lnk
[2012.06.21 08:46:21 | 000,000,862 | ---- | C] () -- C:\Users\SurfersHome\mp3DirectCut.lnk
[2012.06.15 21:25:51 | 000,448,193 | ---- | C] () -- C:\Users\SurfersHome\Unbenannt.png
[2012.06.05 22:36:26 | 000,714,590 | ---- | C] () -- C:\Windows\unins001.exe
[2012.06.05 22:36:26 | 000,001,636 | ---- | C] () -- C:\Windows\unins001.dat
[2012.06.05 22:36:23 | 000,714,590 | ---- | C] () -- C:\Windows\unins000.exe
[2012.06.05 22:36:23 | 000,003,955 | ---- | C] () -- C:\Windows\unins000.dat
[2012.05.10 22:44:03 | 000,000,017 | ---- | C] () -- C:\Users\SurfersHome\AppData\Local\resmon.resmoncfg
[2012.04.12 14:25:13 | 000,001,148 | ---- | C] () -- C:\Users\SurfersHome\AVG PC Tuneup 2011.lnk
[2012.02.13 10:14:33 | 000,001,046 | ---- | C] () -- C:\Users\SurfersHome\RealPlayer.lnk
[2011.10.23 20:59:56 | 000,000,000 | ---- | C] () -- C:\Users\SurfersHome\AppData\Local\{F42B5163-2A0C-432A-B0B3-FCA1EA0B0681}
[2011.06.10 19:35:23 | 000,001,629 | ---- | C] () -- C:\Users\SurfersHome\DivX Movies.lnk
[2011.06.10 19:35:09 | 000,001,118 | ---- | C] () -- C:\Users\SurfersHome\DivX Plus Player.lnk
[2011.06.10 19:34:55 | 000,002,122 | ---- | C] () -- C:\Users\SurfersHome\DivX Plus Converter.lnk
[2011.04.15 14:06:07 | 000,001,639 | ---- | C] () -- C:\Users\SurfersHome\Empire Earth.lnk
[2011.04.15 14:04:43 | 000,000,415 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.03.03 20:14:59 | 000,005,120 | ---- | C] () -- C:\Users\SurfersHome\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.07 17:32:12 | 000,001,264 | ---- | C] () -- C:\Users\SurfersHome\EA Download Manager.lnk
[2010.03.05 22:11:50 | 000,001,199 | ---- | C] () -- C:\Users\SurfersHome\Volvo - The Game.lnk
[2010.03.02 20:23:53 | 000,000,760 | ---- | C] () -- C:\Users\SurfersHome\AppData\Roaming\setup_ldm.iss
[2010.02.24 17:02:32 | 000,000,000 | ---- | C] () -- C:\Users\SurfersHome\AppData\Local\prvlcl.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.04.12 14:26:55 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\AVG
[2013.02.17 12:22:57 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\AVG2013
[2013.02.15 13:54:34 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Babylon
[2012.04.05 17:20:05 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2013.02.15 14:13:29 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Delta
[2010.02.14 00:23:50 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\FreeFLVConverter
[2012.02.14 17:01:57 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\FRITZ!
[2010.11.13 23:22:56 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\iolo
[2011.01.25 19:18:14 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\iWin
[2010.02.26 15:33:57 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Leadertech
[2011.01.11 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Marine Aquarium 3
[2012.05.08 14:29:35 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\motorola
[2012.06.21 08:48:24 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\mp3DirectCut
[2010.12.27 18:07:44 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Mumble
[2012.09.15 14:58:38 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Need for Speed World
[2011.01.19 16:25:52 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\org.bcdef.antenna.43FD862ECBF25EB623FC234EF1704635B78E3AB6.1
[2012.09.07 12:40:55 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\pdfforge
[2010.03.06 13:47:37 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\ROCCAT
[2012.06.02 11:13:16 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Suunto
[2010.02.11 22:44:22 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Thunderbird
[2011.04.08 23:31:59 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Tobit
[2010.08.16 11:31:08 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\TomTom
[2011.02.14 13:20:21 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:C3C72D5F
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E50C1642

< End of report >
         
--- --- ---
__________________

Alt 25.02.2013, 22:49   #4
markusg
/// Malware-holic
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



Passt.
otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
ATTFilter
:OTL
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - No CLSID value found.
O2 - BHO: (no name) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
:files
:Commands
[emptytemp]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 25.02.2013, 23:08   #5
Surfershome
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: SurfersHome
->Temp folder emptied: 2134044 bytes
->Temporary Internet Files folder emptied: 209333954 bytes
->Java cache emptied: 449900 bytes
->FireFox cache emptied: 414671022 bytes
->Google Chrome cache emptied: 54333527 bytes
->Flash cache emptied: 97856 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2007823 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 652,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02252013_235833

Files\Folders moved on Reboot...
C:\Users\SurfersHome\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

CouponDropDown - Pop Up Fenster öffnet sich noch immer :-(

Moin,
also das CouponDropDown - Pop Up Fenster öffnet sich noch immer. Kann es sein daß die Malware nur noch bei vereinzelten Links öffnet, also deutlich weniger?

Und was ich ganz vergessen habe zu fragen, wie schädlich ist diese Malware. Liest das Dingens auch Daten aus?

Und natürlich ganz Lieben Dank an die Helfer, und Danke daß Ihr Euch die Zeit nehmt

Moin,
also das CouponDropDown - Pop Up Fenster öffnet sich noch immer. Kann es sein daß die Malware nur noch bei vereinzelten Links öffnet, also deutlich weniger?

Und was ich ganz vergessen habe zu fragen, wie schädlich ist diese Malware. Liest das Dingens auch Daten aus?

Und natürlich ganz Lieben Dank an die Helfer, und Danke daß Ihr Euch die Zeit nehmt[/QUOTE]

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.02.2013 11:19:08 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\SurfersHome\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 3,92 Gb Available Physical Memory | 65,28% Memory free
11,99 Gb Paging File | 9,80 Gb Available in Paging File | 81,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 467,30 Gb Total Space | 265,54 Gb Free Space | 56,83% Space Free | Partition Type: NTFS
Drive D: | 453,45 Gb Total Space | 125,74 Gb Free Space | 27,73% Space Free | Partition Type: NTFS
 
Computer Name: SURFERSHOME-PC | User Name: SurfersHome | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.25 23:32:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\SurfersHome\Downloads\OTL.exe
PRC - [2013.02.17 12:30:40 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013.02.17 12:30:40 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013.02.11 11:10:43 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013.01.11 17:10:54 | 000,823,296 | ---- | M] () -- C:\Program Files (x86)\apemap\apemap.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.12.11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012.12.05 13:22:40 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.12.05 13:22:38 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.01.24 10:48:00 | 002,537,264 | ---- | M] (Suunto Oy) -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\Moveslink.exe
PRC - [2011.12.06 22:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011.12.06 22:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011.11.03 16:20:58 | 000,803,144 | ---- | M] (AVG) -- C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
PRC - [2011.09.19 14:58:26 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2011.02.18 10:06:06 | 001,666,560 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE
PRC - [2011.02.18 10:05:32 | 000,495,616 | ---- | M] (ROCCAT) -- C:\Program Files (x86)\ROCCAT\Kone Mouse\osd.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.03.06 19:48:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.04.07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files (x86)\dcmsvc\dcmsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.17 12:30:40 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013.02.17 12:30:40 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2013.02.14 10:16:47 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.14 10:16:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.11 17:10:54 | 000,823,296 | ---- | M] () -- C:\Program Files (x86)\apemap\apemap.exe
MOD - [2013.01.11 16:38:32 | 001,042,432 | ---- | M] () -- C:\Program Files (x86)\apemap\xxxx.apemap.dll
MOD - [2013.01.11 16:38:28 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\apemap\iphone.dll
MOD - [2013.01.10 18:07:21 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013.01.10 17:30:31 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 17:30:12 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 17:30:08 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 17:30:07 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 17:29:59 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013.01.09 14:42:06 | 004,091,904 | ---- | M] () -- C:\Program Files (x86)\apemap\apemap_net.dll
MOD - [2013.01.09 14:42:06 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\apemap\apemap_net_sdk.dll
MOD - [2013.01.09 14:41:44 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\apemap\general_net.dll
MOD - [2012.06.08 16:05:46 | 000,687,616 | ---- | M] () -- C:\Program Files (x86)\apemap\plugins\amgdal.dll
MOD - [2011.12.06 22:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011.11.03 16:21:06 | 000,350,024 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup\madExcept_.bpl
MOD - [2011.11.03 16:21:06 | 000,184,136 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup\madBasic_.bpl
MOD - [2011.11.03 16:21:06 | 000,050,504 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG PC Tuneup\madDisAsm_.bpl
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:58:50 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.02.17 21:12:42 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2009.12.08 14:54:50 | 002,011,648 | ---- | M] () -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\QtCore4.dll
MOD - [2009.09.29 12:43:02 | 007,462,912 | ---- | M] () -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\QtGui4.dll
MOD - [2009.09.29 12:32:20 | 000,877,056 | ---- | M] () -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\QtNetwork4.dll
MOD - [2009.09.29 12:31:12 | 000,337,408 | ---- | M] () -- C:\Program Files (x86)\Suunto\Moveslink for Movestick Mini\QtXml4.dll
MOD - [2009.04.07 12:53:32 | 000,030,440 | ---- | M] () -- C:\Program Files (x86)\dcmsvc\dcmsvc.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.05.29 15:29:52 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.19 22:16:02 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.18 19:47:33 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.17 12:30:40 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013.02.07 13:24:12 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.05 13:22:40 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.05.29 15:29:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 15:29:52 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.02.15 22:29:01 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011.12.06 22:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011.09.19 14:58:26 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2011.05.21 05:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.06 19:48:39 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.25 15:49:12 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.02.17 12:30:40 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.11.15 23:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012.10.15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012.10.02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012.09.21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012.09.21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012.09.14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.24 22:23:32 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2011.11.24 22:23:28 | 000,098,616 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011.11.08 11:59:12 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.17 15:44:46 | 000,044,480 | ---- | M] (libusb-Win32) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011.04.04 13:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011.03.31 13:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.04.01 13:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2009.12.01 22:19:16 | 000,649,472 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2009.12.01 22:18:32 | 000,617,216 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2009.08.21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.25 15:20:08 | 000,052,744 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PWFilterUsb.sys -- (PorscheWheelFilterUsb)
DRV:64bit: - [2009.01.29 16:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009.01.29 16:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008.12.11 06:56:54 | 000,015,488 | ---- | M] (ROCCAT Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Kone.sys -- (KoneFltr)
DRV:64bit: - [2008.02.29 03:17:08 | 000,041,488 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2008.02.29 03:16:52 | 000,057,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2008.02.29 03:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2007.11.02 14:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.02.09 12:16:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Delta Search
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Delta Search
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3B 11 B4 03 61 AB CA 01  [binary data]
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=b0008733000000000000002564dcacbb
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..\SearchScopes\{683CF7F4-6954-4E9E-8F69-CE3AA6BFE0A2}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={14098DEE-AAE8-4D68-8755-8EF6AE7AABBF}&mid=7642e9074e6ff815e24cd1f1903cfee2-d3bb868d81dc3e8dd2e32db581882440f9575925&lang=de&ds=AVG&pr=fr&d=2012-04-12 15:06:27&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..\SearchScopes\{D24BABCB-41E3-47E6-9DE5-87E89D9CE7EA}: "URL" = hxxp://search.avg.com/route/?d=4dc470aa&v=6.103.18.1&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.6.3
FF - prefs.js..extensions.enabledAddons: %7B5384767E-00D9-40E9-B72F-9CC39D655D6F%7D:1.4.2.1
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.3.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.4
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:14.2.0.1
FF - prefs.js..extensions.enabledAddons: formhistory%40yahoo.com:1.3.0.5
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.7
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7B7b1bf0b6-a1b9-42b0-b75d-252036438bdc%7D:5.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: "199.180.132.20"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.03.31 17:21:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.02.17 12:31:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.02.15 14:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.19 22:16:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.19 22:15:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.09 15:34:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.19 22:16:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.19 22:15:58 | 000,000,000 | ---D | M]
 
[2010.08.16 11:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Extensions
[2010.02.11 22:44:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.08.16 11:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.02.24 21:32:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions
[2012.10.24 21:46:35 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2013.02.24 21:32:24 | 000,000,000 | ---D | M] (Youtube High Definition) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
[2013.02.10 10:49:22 | 000,000,000 | ---D | M] (WOT) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.08.17 10:05:19 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\fb_add_on@avm.de
[2013.02.15 16:24:34 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\firefox@ghostery.com
[2013.02.18 19:46:16 | 000,000,000 | ---D | M] (Form History Control) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\formhistory@yahoo.com
[2012.12.23 20:24:23 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\Firefox\Profiles\htroadjf.default\extensions\ich@maltegoetz.de
[2012.11.17 23:28:51 | 000,284,001 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\compatibility@addons.mozilla.org.xpi
[2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.01.01 01:16:49 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\youtube2mp3@mondayx.de.xpi
[2013.01.30 09:40:27 | 000,004,412 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\youtubeunblocker@unblocker.yt.xpi
[2013.02.15 16:24:32 | 000,007,532 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
[2013.02.20 09:00:56 | 000,530,982 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.02.14 10:46:01 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010.02.12 21:53:32 | 000,000,873 | ---- | M] () -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\searchplugins\conduit.xml
[2013.02.15 13:55:00 | 000,001,294 | ---- | M] () -- C:\Users\SurfersHome\AppData\Roaming\mozilla\firefox\profiles\htroadjf.default\searchplugins\delta.xml
[2013.02.19 22:15:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.19 22:15:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.02.17 12:31:13 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.2.0.1
[2013.02.19 22:16:02 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.03.27 11:01:06 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\mozilla firefox\plugins\npPandoWebInst.dll
[2013.02.05 23:53:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.02.17 12:31:14 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2013.02.15 13:54:49 | 000,006,484 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013.02.05 23:53:50 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.05 23:53:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.02.05 23:53:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.02.05 23:53:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.02.05 23:53:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\\npsitesafety.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U37 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: Google Drive = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.9_0\
CHR - Extension: Poper Blocker = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche\1.62_0\
CHR - Extension: YouTube = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Video HD plugin = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\cneeknpibhnkjlaiompbocpmdiehehbn\2.9_0\
CHR - Extension: Google-Suche = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Perfect Converter You-tube to mp3 = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbkgjinbncbllcgboilkeiongklbih\2.0_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Auto HD For YouTube = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\3.3.8_0\
CHR - Extension: AVG Security Toolbar = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.1.0.10_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\SurfersHome\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [dcmsvc] C:\Program Files (x86)\dcmsvc\dcmsvc.exe ()
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [Kone] C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001..\Run: [apemap] C:\Program Files (x86)\apemap\apemap.exe ()
O4 - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\SurfersHome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warner Bros.lnk = C:\Program Files (x86)\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..Trusted Domains: apemap.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-3381989697-3229829299-1665472469-1001\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16:64bit: - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.13.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43DF802F-04C3-42A8-B686-5F3EBC749B81}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\realconverter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\realplay.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\realtrimmer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\rnxproc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\warner bros. digital copy manager.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\realconverter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\realplay.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\realtrimmer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\rnxproc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\warner bros. digital copy manager.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{417ee2f1-86bf-11e0-8298-002564e52cd1}\Shell - "" = AutoRun
O33 - MountPoints2\{417ee2f1-86bf-11e0-8298-002564e52cd1}\Shell\AutoRun\command - "" = J:\TING.EXE
O33 - MountPoints2\{424d33fc-9843-11e1-abbd-002564dcacbb}\Shell - "" = AutoRun
O33 - MountPoints2\{424d33fc-9843-11e1-abbd-002564dcacbb}\Shell\AutoRun\command - "" = J:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.25 23:58:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.02.25 22:44:45 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\male
[2013.02.25 20:55:58 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\Malwarebytes
[2013.02.25 20:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.25 20:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.25 20:55:53 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.25 20:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.25 11:05:22 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\Desktop\Bewerbung
[2013.02.21 10:14:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.02.21 10:14:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.02.21 10:14:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.02.21 10:14:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.02.21 10:14:34 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.02.19 22:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.17 18:56:37 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\Skype
[2013.02.17 18:56:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.02.17 18:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.17 18:56:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.02.17 18:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.02.17 12:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2013.02.17 12:22:57 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\AVG2013
[2013.02.17 12:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013.02.17 12:15:22 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Local\MFAData
[2013.02.17 12:15:22 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Local\Avg2013
[2013.02.17 12:06:37 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\Documents\AVG
[2013.02.15 14:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.02.15 13:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[2013.02.15 13:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.02.15 13:54:56 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\Delta
[2013.02.15 13:54:34 | 000,000,000 | ---D | C] -- C:\Users\SurfersHome\AppData\Roaming\Babylon
[2013.02.15 13:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.02.15 13:54:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.01.31 09:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.26 11:15:18 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.26 11:15:05 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.26 10:56:00 | 000,001,151 | ---- | M] () -- C:\Users\SurfersHome\Desktop\OTL - Verknüpfung.lnk
[2013.02.26 10:51:55 | 000,000,000 | ---- | M] () -- C:\Users\SurfersHome\defogger_reenable
[2013.02.26 10:42:26 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.26 09:34:14 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.26 09:34:14 | 000,014,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.26 09:26:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.25 20:55:54 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.24 19:53:17 | 000,000,000 | ---- | M] () -- C:\Users\SurfersHome\AppData\Local\prvlcl.dat
[2013.02.22 15:18:17 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.02.21 10:14:57 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.18 21:52:55 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.18 21:52:55 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.18 21:52:55 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.18 21:52:55 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.18 21:52:55 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.17 18:56:26 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.17 12:31:16 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.02.17 12:30:40 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.02.15 23:08:44 | 000,000,390 | ---- | M] () -- C:\Users\SurfersHome\Documents\Dokument.rtf
[2013.02.15 14:47:44 | 000,001,629 | ---- | M] () -- C:\Users\SurfersHome\Desktop\DivX Movies.lnk
[2013.02.15 14:47:28 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.02.15 14:47:13 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.02.14 10:13:57 | 000,319,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.02.26 10:56:00 | 000,001,151 | ---- | C] () -- C:\Users\SurfersHome\Desktop\OTL - Verknüpfung.lnk
[2013.02.26 10:51:55 | 000,000,000 | ---- | C] () -- C:\Users\SurfersHome\defogger_reenable
[2013.02.25 20:55:54 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.17 18:56:26 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.17 12:18:47 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.02.15 23:08:44 | 000,000,390 | ---- | C] () -- C:\Users\SurfersHome\Documents\Dokument.rtf
[2013.02.15 14:47:44 | 000,001,629 | ---- | C] () -- C:\Users\SurfersHome\Desktop\DivX Movies.lnk
[2013.02.15 14:47:28 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.02.15 14:47:13 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2013.02.15 14:19:24 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.02.15 13:55:11 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.10.24 21:29:55 | 000,122,880 | ---- | C] () -- C:\Windows\UnGins.exe
[2012.08.07 19:03:59 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2012.08.03 09:37:34 | 000,000,945 | ---- | C] () -- C:\Users\SurfersHome\Launcher - Verknüpfung.lnk
[2012.06.21 08:46:21 | 000,000,862 | ---- | C] () -- C:\Users\SurfersHome\mp3DirectCut.lnk
[2012.06.15 21:25:51 | 000,448,193 | ---- | C] () -- C:\Users\SurfersHome\Unbenannt.png
[2012.06.05 22:36:26 | 000,714,590 | ---- | C] () -- C:\Windows\unins001.exe
[2012.06.05 22:36:26 | 000,001,636 | ---- | C] () -- C:\Windows\unins001.dat
[2012.06.05 22:36:23 | 000,714,590 | ---- | C] () -- C:\Windows\unins000.exe
[2012.06.05 22:36:23 | 000,003,955 | ---- | C] () -- C:\Windows\unins000.dat
[2012.05.10 22:44:03 | 000,000,017 | ---- | C] () -- C:\Users\SurfersHome\AppData\Local\resmon.resmoncfg
[2012.04.12 14:25:13 | 000,001,148 | ---- | C] () -- C:\Users\SurfersHome\AVG PC Tuneup 2011.lnk
[2012.02.13 10:14:33 | 000,001,046 | ---- | C] () -- C:\Users\SurfersHome\RealPlayer.lnk
[2011.10.23 20:59:56 | 000,000,000 | ---- | C] () -- C:\Users\SurfersHome\AppData\Local\{F42B5163-2A0C-432A-B0B3-FCA1EA0B0681}
[2011.06.10 19:35:23 | 000,001,629 | ---- | C] () -- C:\Users\SurfersHome\DivX Movies.lnk
[2011.06.10 19:35:09 | 000,001,118 | ---- | C] () -- C:\Users\SurfersHome\DivX Plus Player.lnk
[2011.06.10 19:34:55 | 000,002,122 | ---- | C] () -- C:\Users\SurfersHome\DivX Plus Converter.lnk
[2011.04.15 14:06:07 | 000,001,639 | ---- | C] () -- C:\Users\SurfersHome\Empire Earth.lnk
[2011.04.15 14:04:43 | 000,000,415 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.03.03 20:14:59 | 000,005,120 | ---- | C] () -- C:\Users\SurfersHome\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.07 17:32:12 | 000,001,264 | ---- | C] () -- C:\Users\SurfersHome\EA Download Manager.lnk
[2010.03.05 22:11:50 | 000,001,199 | ---- | C] () -- C:\Users\SurfersHome\Volvo - The Game.lnk
[2010.03.02 20:23:53 | 000,000,760 | ---- | C] () -- C:\Users\SurfersHome\AppData\Roaming\setup_ldm.iss
[2010.02.24 17:02:32 | 000,000,000 | ---- | C] () -- C:\Users\SurfersHome\AppData\Local\prvlcl.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.01.31 09:52:16 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.31 09:52:16 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012.04.12 14:26:55 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\AVG
[2013.02.17 12:22:57 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\AVG2013
[2013.02.15 13:54:34 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Babylon
[2012.04.05 17:20:05 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1
[2013.02.15 14:13:29 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Delta
[2010.02.14 00:23:50 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\FreeFLVConverter
[2012.02.14 17:01:57 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\FRITZ!
[2010.11.13 23:22:56 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\iolo
[2011.01.25 19:18:14 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\iWin
[2010.02.26 15:33:57 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Leadertech
[2011.01.11 16:43:20 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Marine Aquarium 3
[2012.05.08 14:29:35 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\motorola
[2012.06.21 08:48:24 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\mp3DirectCut
[2010.12.27 18:07:44 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Mumble
[2012.09.15 14:58:38 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Need for Speed World
[2011.01.19 16:25:52 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\org.bcdef.antenna.43FD862ECBF25EB623FC234EF1704635B78E3AB6.1
[2012.09.07 12:40:55 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\pdfforge
[2010.03.06 13:47:37 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\ROCCAT
[2012.06.02 11:13:16 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Suunto
[2010.02.11 22:44:22 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Thunderbird
[2011.04.08 23:31:59 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\Tobit
[2010.08.16 11:31:08 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\TomTom
[2011.02.14 13:20:21 | 000,000,000 | ---D | M] -- C:\Users\SurfersHome\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:C3C72D5F
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:E50C1642

< End of report >
         
--- --- ---


Alt 26.02.2013, 15:07   #6
markusg
/// Malware-holic
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



hi
warte doch bitte ab, ich hatte ja nicht gesagt, dass sie mit dem Schritt gelöscht wurde :-)
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> CouponDropDown - brauche Unterstützung

Alt 26.02.2013, 15:41   #7
Surfershome
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



16:32:18.0159 6064 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:32:18.0253 6064 ============================================================
16:32:18.0253 6064 Current date / time: 2013/02/26 16:32:18.0253
16:32:18.0253 6064 SystemInfo:
16:32:18.0253 6064
16:32:18.0253 6064 OS Version: 6.1.7601 ServicePack: 1.0
16:32:18.0253 6064 Product type: Workstation
16:32:18.0253 6064 ComputerName: SURFERSHOME-PC
16:32:18.0253 6064 UserName: SurfersHome
16:32:18.0253 6064 Windows directory: C:\Windows
16:32:18.0253 6064 System windows directory: C:\Windows
16:32:18.0253 6064 Running under WOW64
16:32:18.0253 6064 Processor architecture: Intel x64
16:32:18.0253 6064 Number of processors: 4
16:32:18.0253 6064 Page size: 0x1000
16:32:18.0253 6064 Boot type: Normal boot
16:32:18.0253 6064 ============================================================
16:32:19.0189 6064 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:32:19.0220 6064 ============================================================
16:32:19.0220 6064 \Device\Harddisk0\DR0:
16:32:19.0220 6064 MBR partitions:
16:32:19.0220 6064 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x27800, BlocksNum 0x155F000
16:32:19.0220 6064 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1586800, BlocksNum 0x3A699000
16:32:19.0235 6064 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3BC20000, BlocksNum 0x38AE6000
16:32:19.0235 6064 ============================================================
16:32:19.0267 6064 C: <-> \Device\Harddisk0\DR0\Partition2
16:32:19.0298 6064 D: <-> \Device\Harddisk0\DR0\Partition3
16:32:19.0298 6064 ============================================================
16:32:19.0298 6064 Initialize success
16:32:19.0298 6064 ============================================================
16:32:23.0494 5588 ============================================================
16:32:23.0494 5588 Scan started
16:32:23.0494 5588 Mode: Manual;
16:32:23.0494 5588 ============================================================
16:32:24.0212 5588 ================ Scan system memory ========================
16:32:24.0212 5588 System memory - ok
16:32:24.0212 5588 ================ Scan services =============================
16:32:24.0305 5588 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:32:24.0321 5588 1394ohci - ok
16:32:24.0368 5588 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:32:24.0368 5588 ACDaemon - ok
16:32:24.0383 5588 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:32:24.0383 5588 ACPI - ok
16:32:24.0399 5588 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:32:24.0399 5588 AcpiPmi - ok
16:32:24.0446 5588 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:32:24.0446 5588 AdobeARMservice - ok
16:32:24.0524 5588 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:32:24.0524 5588 AdobeFlashPlayerUpdateSvc - ok
16:32:24.0571 5588 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:32:24.0571 5588 adp94xx - ok
16:32:24.0586 5588 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:32:24.0586 5588 adpahci - ok
16:32:24.0602 5588 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:32:24.0617 5588 adpu320 - ok
16:32:24.0633 5588 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:32:24.0633 5588 AeLookupSvc - ok
16:32:24.0680 5588 [ 7394641611EF3AB2D041F104F1E8C1B9 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:32:24.0680 5588 AERTFilters - ok
16:32:24.0695 5588 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:32:24.0711 5588 AFD - ok
16:32:24.0711 5588 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:32:24.0711 5588 agp440 - ok
16:32:24.0727 5588 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:32:24.0727 5588 ALG - ok
16:32:24.0742 5588 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:32:24.0742 5588 aliide - ok
16:32:24.0742 5588 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:32:24.0758 5588 amdide - ok
16:32:24.0773 5588 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:32:24.0773 5588 AmdK8 - ok
16:32:24.0789 5588 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:32:24.0789 5588 AmdPPM - ok
16:32:24.0789 5588 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:32:24.0805 5588 amdsata - ok
16:32:24.0820 5588 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:32:24.0820 5588 amdsbs - ok
16:32:24.0836 5588 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:32:24.0836 5588 amdxata - ok
16:32:24.0867 5588 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:32:24.0867 5588 AppID - ok
16:32:24.0867 5588 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:32:24.0867 5588 AppIDSvc - ok
16:32:24.0898 5588 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:32:24.0898 5588 Appinfo - ok
16:32:24.0961 5588 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:32:24.0961 5588 Apple Mobile Device - ok
16:32:24.0992 5588 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:32:24.0992 5588 AppMgmt - ok
16:32:25.0007 5588 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:32:25.0007 5588 arc - ok
16:32:25.0007 5588 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:32:25.0023 5588 arcsas - ok
16:32:25.0039 5588 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:32:25.0039 5588 AsyncMac - ok
16:32:25.0039 5588 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:32:25.0054 5588 atapi - ok
16:32:25.0132 5588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:32:25.0132 5588 AudioEndpointBuilder - ok
16:32:25.0179 5588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:32:25.0195 5588 AudioSrv - ok
16:32:25.0319 5588 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
16:32:25.0351 5588 AVGIDSAgent - ok
16:32:25.0382 5588 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:32:25.0397 5588 AVGIDSDriver - ok
16:32:25.0413 5588 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
16:32:25.0413 5588 AVGIDSHA - ok
16:32:25.0429 5588 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
16:32:25.0429 5588 Avgldx64 - ok
16:32:25.0460 5588 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
16:32:25.0460 5588 Avgloga - ok
16:32:25.0491 5588 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
16:32:25.0491 5588 Avgmfx64 - ok
16:32:25.0491 5588 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
16:32:25.0491 5588 Avgrkx64 - ok
16:32:25.0507 5588 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
16:32:25.0507 5588 Avgtdia - ok
16:32:25.0538 5588 [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
16:32:25.0538 5588 avgtp - ok
16:32:25.0553 5588 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
16:32:25.0553 5588 avgwd - ok
16:32:25.0585 5588 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:32:25.0585 5588 AxInstSV - ok
16:32:25.0600 5588 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:32:25.0616 5588 b06bdrv - ok
16:32:25.0631 5588 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:32:25.0631 5588 b57nd60a - ok
16:32:25.0663 5588 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:32:25.0663 5588 BDESVC - ok
16:32:25.0663 5588 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:32:25.0663 5588 Beep - ok
16:32:25.0694 5588 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:32:25.0709 5588 BFE - ok
16:32:25.0741 5588 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:32:25.0741 5588 BITS - ok
16:32:25.0756 5588 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:32:25.0772 5588 blbdrive - ok
16:32:25.0787 5588 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:32:25.0787 5588 Bonjour Service - ok
16:32:25.0803 5588 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:32:25.0803 5588 bowser - ok
16:32:25.0819 5588 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:32:25.0834 5588 BrFiltLo - ok
16:32:25.0834 5588 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:32:25.0850 5588 BrFiltUp - ok
16:32:25.0865 5588 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:32:25.0865 5588 Browser - ok
16:32:25.0897 5588 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:32:25.0897 5588 Brserid - ok
16:32:25.0912 5588 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:32:25.0912 5588 BrSerWdm - ok
16:32:25.0928 5588 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:32:25.0928 5588 BrUsbMdm - ok
16:32:25.0928 5588 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:32:25.0943 5588 BrUsbSer - ok
16:32:25.0975 5588 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
16:32:25.0975 5588 BTCFilterService - ok
16:32:25.0990 5588 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:32:25.0990 5588 BTHMODEM - ok
16:32:26.0006 5588 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:32:26.0006 5588 bthserv - ok
16:32:26.0021 5588 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:32:26.0021 5588 cdfs - ok
16:32:26.0037 5588 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:32:26.0053 5588 cdrom - ok
16:32:26.0053 5588 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:32:26.0053 5588 CertPropSvc - ok
16:32:26.0068 5588 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:32:26.0068 5588 circlass - ok
16:32:26.0099 5588 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:32:26.0099 5588 CLFS - ok
16:32:26.0162 5588 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:32:26.0162 5588 clr_optimization_v2.0.50727_32 - ok
16:32:26.0193 5588 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:32:26.0193 5588 clr_optimization_v2.0.50727_64 - ok
16:32:26.0255 5588 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:32:26.0255 5588 clr_optimization_v4.0.30319_32 - ok
16:32:26.0271 5588 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:32:26.0271 5588 clr_optimization_v4.0.30319_64 - ok
16:32:26.0287 5588 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:32:26.0287 5588 CmBatt - ok
16:32:26.0302 5588 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:32:26.0302 5588 cmdide - ok
16:32:26.0318 5588 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
16:32:26.0333 5588 CNG - ok
16:32:26.0349 5588 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:32:26.0349 5588 Compbatt - ok
16:32:26.0365 5588 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:32:26.0380 5588 CompositeBus - ok
16:32:26.0380 5588 COMSysApp - ok
16:32:26.0396 5588 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:32:26.0396 5588 crcdisk - ok
16:32:26.0427 5588 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:32:26.0427 5588 CryptSvc - ok
16:32:26.0458 5588 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
16:32:26.0458 5588 CSC - ok
16:32:26.0489 5588 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
16:32:26.0489 5588 CscService - ok
16:32:26.0521 5588 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:32:26.0521 5588 DcomLaunch - ok
16:32:26.0536 5588 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:32:26.0536 5588 defragsvc - ok
16:32:26.0583 5588 [ 74C1305F6F784A725B0A40D693FF4A09 ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
16:32:26.0583 5588 DeviceMonitorService - ok
16:32:26.0614 5588 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:32:26.0614 5588 DfsC - ok
16:32:26.0630 5588 [ 388039F99CE8769024EE0438352ACA99 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:32:26.0630 5588 dg_ssudbus - ok
16:32:26.0661 5588 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:32:26.0661 5588 Dhcp - ok
16:32:26.0661 5588 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:32:26.0661 5588 discache - ok
16:32:26.0677 5588 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:32:26.0677 5588 Disk - ok
16:32:26.0708 5588 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:32:26.0708 5588 Dnscache - ok
16:32:26.0708 5588 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:32:26.0723 5588 dot3svc - ok
16:32:26.0739 5588 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:32:26.0739 5588 DPS - ok
16:32:26.0755 5588 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:32:26.0755 5588 drmkaud - ok
16:32:26.0786 5588 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:32:26.0801 5588 DXGKrnl - ok
16:32:26.0801 5588 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:32:26.0801 5588 EapHost - ok
16:32:26.0864 5588 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:32:26.0911 5588 ebdrv - ok
16:32:26.0926 5588 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:32:26.0926 5588 EFS - ok
16:32:26.0957 5588 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:32:26.0973 5588 ehRecvr - ok
16:32:26.0989 5588 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:32:26.0989 5588 ehSched - ok
16:32:27.0004 5588 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:32:27.0020 5588 elxstor - ok
16:32:27.0035 5588 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:32:27.0035 5588 ErrDev - ok
16:32:27.0067 5588 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:32:27.0067 5588 EventSystem - ok
16:32:27.0082 5588 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:32:27.0082 5588 exfat - ok
16:32:27.0113 5588 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:32:27.0113 5588 fastfat - ok
16:32:27.0145 5588 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:32:27.0145 5588 Fax - ok
16:32:27.0160 5588 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:32:27.0160 5588 fdc - ok
16:32:27.0191 5588 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:32:27.0191 5588 fdPHost - ok
16:32:27.0191 5588 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:32:27.0191 5588 FDResPub - ok
16:32:27.0207 5588 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:32:27.0207 5588 FileInfo - ok
16:32:27.0207 5588 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:32:27.0223 5588 Filetrace - ok
16:32:27.0223 5588 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:32:27.0238 5588 flpydisk - ok
16:32:27.0254 5588 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:32:27.0254 5588 FltMgr - ok
16:32:27.0285 5588 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:32:27.0316 5588 FontCache - ok
16:32:27.0347 5588 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:32:27.0347 5588 FontCache3.0.0.0 - ok
16:32:27.0363 5588 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:32:27.0363 5588 FsDepends - ok
16:32:27.0379 5588 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:32:27.0379 5588 Fs_Rec - ok
16:32:27.0394 5588 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:32:27.0394 5588 fvevol - ok
16:32:27.0410 5588 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:32:27.0410 5588 gagp30kx - ok
16:32:27.0425 5588 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:32:27.0441 5588 GEARAspiWDM - ok
16:32:27.0457 5588 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:32:27.0472 5588 gpsvc - ok
16:32:27.0488 5588 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:32:27.0488 5588 gupdate - ok
16:32:27.0488 5588 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:32:27.0488 5588 gupdatem - ok
16:32:27.0519 5588 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:32:27.0519 5588 gusvc - ok
16:32:27.0535 5588 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:32:27.0535 5588 hcw85cir - ok
16:32:27.0566 5588 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:32:27.0566 5588 HdAudAddService - ok
16:32:27.0581 5588 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:32:27.0581 5588 HDAudBus - ok
16:32:27.0597 5588 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:32:27.0597 5588 HidBatt - ok
16:32:27.0613 5588 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:32:27.0613 5588 HidBth - ok
16:32:27.0644 5588 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:32:27.0644 5588 HidIr - ok
16:32:27.0659 5588 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:32:27.0659 5588 hidserv - ok
16:32:27.0675 5588 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:32:27.0675 5588 HidUsb - ok
16:32:27.0691 5588 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:32:27.0691 5588 hkmsvc - ok
16:32:27.0722 5588 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:32:27.0722 5588 HomeGroupListener - ok
16:32:27.0737 5588 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:32:27.0737 5588 HomeGroupProvider - ok
16:32:27.0769 5588 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:32:27.0769 5588 HpSAMD - ok
16:32:27.0784 5588 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:32:27.0800 5588 HTTP - ok
16:32:27.0800 5588 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:32:27.0800 5588 hwpolicy - ok
16:32:27.0815 5588 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:32:27.0815 5588 i8042prt - ok
16:32:27.0847 5588 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:32:27.0847 5588 iaStorV - ok
16:32:27.0862 5588 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:32:27.0862 5588 IDriverT - ok
16:32:27.0893 5588 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:32:27.0909 5588 idsvc - ok
16:32:27.0925 5588 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:32:27.0925 5588 iirsp - ok
16:32:27.0940 5588 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:32:27.0956 5588 IKEEXT - ok
16:32:27.0987 5588 [ 49A1C3833AF724B2555C0689347DCD05 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:32:28.0003 5588 IntcAzAudAddService - ok
16:32:28.0034 5588 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:32:28.0034 5588 intelide - ok
16:32:28.0049 5588 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:32:28.0049 5588 intelppm - ok
16:32:28.0065 5588 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:32:28.0081 5588 IPBusEnum - ok
16:32:28.0096 5588 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:32:28.0096 5588 IpFilterDriver - ok
16:32:28.0127 5588 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:32:28.0127 5588 iphlpsvc - ok
16:32:28.0143 5588 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:32:28.0143 5588 IPMIDRV - ok
16:32:28.0159 5588 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:32:28.0159 5588 IPNAT - ok
16:32:28.0205 5588 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:32:28.0205 5588 iPod Service - ok
16:32:28.0205 5588 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:32:28.0221 5588 IRENUM - ok
16:32:28.0237 5588 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:32:28.0237 5588 isapnp - ok
16:32:28.0252 5588 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:32:28.0252 5588 iScsiPrt - ok
16:32:28.0268 5588 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:32:28.0268 5588 kbdclass - ok
16:32:28.0283 5588 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:32:28.0283 5588 kbdhid - ok
16:32:28.0299 5588 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:32:28.0299 5588 KeyIso - ok
16:32:28.0299 5588 [ B6D6F12C214DE823FA22709F7BD0EB0B ] KoneFltr C:\Windows\system32\drivers\Kone.sys
16:32:28.0299 5588 KoneFltr - ok
16:32:28.0330 5588 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:32:28.0330 5588 KSecDD - ok
16:32:28.0346 5588 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:32:28.0346 5588 KSecPkg - ok
16:32:28.0361 5588 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:32:28.0361 5588 ksthunk - ok
16:32:28.0393 5588 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:32:28.0393 5588 KtmRm - ok
16:32:28.0424 5588 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:32:28.0424 5588 LanmanServer - ok
16:32:28.0455 5588 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:32:28.0455 5588 LanmanWorkstation - ok
16:32:28.0486 5588 [ AA3D903C5A7538803F2400A8391F1881 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:32:28.0486 5588 LHidFilt - ok
16:32:28.0533 5588 [ 02538E602280C07438C94489DCBE77D5 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys
16:32:28.0533 5588 libusb0 - ok
16:32:28.0549 5588 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:32:28.0549 5588 lltdio - ok
16:32:28.0564 5588 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:32:28.0580 5588 lltdsvc - ok
16:32:28.0595 5588 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:32:28.0595 5588 lmhosts - ok
16:32:28.0627 5588 [ 90B4B2B0B5F05ABB9FB365405A7B825B ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:32:28.0627 5588 LMouFilt - ok
16:32:28.0642 5588 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:32:28.0642 5588 LSI_FC - ok
16:32:28.0658 5588 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:32:28.0673 5588 LSI_SAS - ok
16:32:28.0673 5588 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:32:28.0689 5588 LSI_SAS2 - ok
16:32:28.0689 5588 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:32:28.0705 5588 LSI_SCSI - ok
16:32:28.0705 5588 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:32:28.0705 5588 luafv - ok
16:32:28.0720 5588 [ 4EB7886F6223F68CA855730A96D6110C ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
16:32:28.0720 5588 LUsbFilt - ok
16:32:28.0751 5588 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:32:28.0751 5588 MBAMProtector - ok
16:32:28.0783 5588 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:32:28.0783 5588 MBAMScheduler - ok
16:32:28.0814 5588 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:32:28.0814 5588 MBAMService - ok
16:32:28.0845 5588 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:32:28.0845 5588 Mcx2Svc - ok
16:32:28.0861 5588 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:32:28.0861 5588 megasas - ok
16:32:28.0876 5588 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:32:28.0892 5588 MegaSR - ok
16:32:28.0907 5588 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:32:28.0907 5588 MMCSS - ok
16:32:28.0923 5588 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:32:28.0923 5588 Modem - ok
16:32:28.0923 5588 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:32:28.0923 5588 monitor - ok
16:32:28.0954 5588 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
16:32:28.0954 5588 motccgp - ok
16:32:28.0970 5588 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
16:32:28.0970 5588 motccgpfl - ok
16:32:28.0985 5588 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
16:32:28.0985 5588 motmodem - ok
16:32:29.0017 5588 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
16:32:29.0017 5588 MotoHelper - ok
16:32:29.0017 5588 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
16:32:29.0017 5588 MotoSwitchService - ok
16:32:29.0032 5588 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
16:32:29.0032 5588 Motousbnet - ok
16:32:29.0048 5588 [ D075B1D964A314D240F5498773EE89DF ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
16:32:29.0048 5588 motusbdevice - ok
16:32:29.0079 5588 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:32:29.0079 5588 mouclass - ok
16:32:29.0079 5588 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:32:29.0095 5588 mouhid - ok
16:32:29.0110 5588 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:32:29.0110 5588 mountmgr - ok
16:32:29.0126 5588 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:32:29.0141 5588 MozillaMaintenance - ok
16:32:29.0157 5588 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:32:29.0157 5588 mpio - ok
16:32:29.0173 5588 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:32:29.0173 5588 mpsdrv - ok
16:32:29.0204 5588 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:32:29.0204 5588 MpsSvc - ok
16:32:29.0235 5588 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:32:29.0235 5588 MRxDAV - ok
16:32:29.0266 5588 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:32:29.0266 5588 mrxsmb - ok
16:32:29.0282 5588 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:32:29.0282 5588 mrxsmb10 - ok
16:32:29.0297 5588 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:32:29.0297 5588 mrxsmb20 - ok
16:32:29.0313 5588 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:32:29.0313 5588 msahci - ok
16:32:29.0329 5588 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:32:29.0329 5588 msdsm - ok
16:32:29.0360 5588 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:32:29.0360 5588 MSDTC - ok
16:32:29.0375 5588 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:32:29.0375 5588 Msfs - ok
16:32:29.0391 5588 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:32:29.0391 5588 mshidkmdf - ok
16:32:29.0407 5588 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:32:29.0407 5588 msisadrv - ok
16:32:29.0438 5588 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:32:29.0438 5588 MSiSCSI - ok
16:32:29.0453 5588 msiserver - ok
16:32:29.0469 5588 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:32:29.0485 5588 MSKSSRV - ok
16:32:29.0500 5588 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:32:29.0500 5588 MSPCLOCK - ok
16:32:29.0516 5588 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:32:29.0516 5588 MSPQM - ok
16:32:29.0547 5588 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:32:29.0547 5588 MsRPC - ok
16:32:29.0563 5588 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:32:29.0563 5588 mssmbios - ok
16:32:29.0578 5588 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:32:29.0578 5588 MSTEE - ok
16:32:29.0594 5588 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:32:29.0594 5588 MTConfig - ok
16:32:29.0609 5588 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:32:29.0609 5588 Mup - ok
16:32:29.0641 5588 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:32:29.0641 5588 napagent - ok
16:32:29.0656 5588 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:32:29.0656 5588 NativeWifiP - ok
16:32:29.0687 5588 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:32:29.0687 5588 NDIS - ok
16:32:29.0703 5588 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:32:29.0703 5588 NdisCap - ok
16:32:29.0719 5588 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:32:29.0719 5588 NdisTapi - ok
16:32:29.0734 5588 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:32:29.0734 5588 Ndisuio - ok
16:32:29.0765 5588 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:32:29.0765 5588 NdisWan - ok
16:32:29.0797 5588 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:32:29.0797 5588 NDProxy - ok
16:32:29.0812 5588 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:32:29.0812 5588 NetBIOS - ok
16:32:29.0828 5588 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:32:29.0828 5588 NetBT - ok
16:32:29.0859 5588 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:32:29.0859 5588 Netlogon - ok
16:32:29.0875 5588 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:32:29.0890 5588 Netman - ok
16:32:29.0906 5588 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:32:29.0906 5588 netprofm - ok
16:32:29.0921 5588 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:32:29.0921 5588 NetTcpPortSharing - ok
16:32:29.0937 5588 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:32:29.0937 5588 nfrd960 - ok
16:32:29.0968 5588 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:32:29.0968 5588 NlaSvc - ok
16:32:29.0984 5588 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:32:29.0984 5588 Npfs - ok
16:32:29.0999 5588 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:32:29.0999 5588 nsi - ok
16:32:30.0015 5588 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:32:30.0015 5588 nsiproxy - ok
16:32:30.0046 5588 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:32:30.0062 5588 Ntfs - ok
16:32:30.0077 5588 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:32:30.0077 5588 Null - ok
16:32:30.0405 5588 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:32:30.0467 5588 nvlddmkm - ok
16:32:30.0499 5588 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:32:30.0499 5588 nvraid - ok
16:32:30.0530 5588 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:32:30.0530 5588 nvstor - ok
16:32:30.0561 5588 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
16:32:30.0577 5588 nvsvc - ok
16:32:30.0639 5588 [ E7818CD4FB51284C948D68A7A85A69B8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:32:30.0655 5588 nvUpdatusService - ok
16:32:30.0670 5588 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:32:30.0670 5588 nv_agp - ok
16:32:30.0733 5588 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:32:30.0733 5588 odserv - ok
16:32:30.0748 5588 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:32:30.0748 5588 ohci1394 - ok
16:32:30.0764 5588 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:32:30.0764 5588 ose - ok
16:32:30.0795 5588 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:32:30.0795 5588 p2pimsvc - ok
16:32:30.0826 5588 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:32:30.0826 5588 p2psvc - ok
16:32:30.0857 5588 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:32:30.0857 5588 Parport - ok
16:32:30.0873 5588 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:32:30.0873 5588 partmgr - ok
16:32:30.0889 5588 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:32:30.0889 5588 PcaSvc - ok
16:32:30.0904 5588 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:32:30.0904 5588 pci - ok
16:32:30.0920 5588 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:32:30.0920 5588 pciide - ok
16:32:30.0935 5588 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:32:30.0935 5588 pcmcia - ok
16:32:30.0951 5588 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:32:30.0951 5588 pcw - ok
16:32:30.0967 5588 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:32:30.0967 5588 PEAUTH - ok
16:32:30.0998 5588 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:32:31.0029 5588 PeerDistSvc - ok
16:32:31.0091 5588 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:32:31.0091 5588 PerfHost - ok
16:32:31.0138 5588 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:32:31.0154 5588 pla - ok
16:32:31.0216 5588 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:32:31.0216 5588 PlugPlay - ok
16:32:31.0216 5588 PnkBstrA - ok
16:32:31.0232 5588 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:32:31.0232 5588 PNRPAutoReg - ok
16:32:31.0247 5588 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:32:31.0263 5588 PNRPsvc - ok
16:32:31.0279 5588 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:32:31.0279 5588 PolicyAgent - ok
16:32:31.0310 5588 [ 79F4CA38B4E6EADC9F5E5249C3EC494A ] PorscheWheelFilterUsb C:\Windows\system32\DRIVERS\PWFilterUsb.sys
16:32:31.0310 5588 PorscheWheelFilterUsb - ok
16:32:31.0325 5588 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:32:31.0325 5588 Power - ok
16:32:31.0357 5588 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:32:31.0357 5588 PptpMiniport - ok
16:32:31.0357 5588 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:32:31.0357 5588 Processor - ok
16:32:31.0403 5588 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:32:31.0403 5588 ProfSvc - ok
16:32:31.0403 5588 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:32:31.0403 5588 ProtectedStorage - ok
16:32:31.0419 5588 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:32:31.0435 5588 Psched - ok
16:32:31.0466 5588 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:32:31.0497 5588 ql2300 - ok
16:32:31.0513 5588 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:32:31.0513 5588 ql40xx - ok
16:32:31.0528 5588 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:32:31.0528 5588 QWAVE - ok
16:32:31.0544 5588 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:32:31.0544 5588 QWAVEdrv - ok
16:32:31.0544 5588 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:32:31.0559 5588 RasAcd - ok
16:32:31.0575 5588 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:32:31.0575 5588 RasAgileVpn - ok
16:32:31.0575 5588 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:32:31.0575 5588 RasAuto - ok
16:32:31.0606 5588 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:32:31.0606 5588 Rasl2tp - ok
16:32:31.0622 5588 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:32:31.0622 5588 RasMan - ok
16:32:31.0637 5588 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:32:31.0637 5588 RasPppoe - ok
16:32:31.0653 5588 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:32:31.0653 5588 RasSstp - ok
16:32:31.0684 5588 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:32:31.0684 5588 rdbss - ok
16:32:31.0700 5588 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:32:31.0700 5588 rdpbus - ok
16:32:31.0700 5588 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:32:31.0700 5588 RDPCDD - ok
16:32:31.0731 5588 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:32:31.0731 5588 RDPDR - ok
16:32:31.0747 5588 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:32:31.0747 5588 RDPENCDD - ok
16:32:31.0762 5588 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:32:31.0762 5588 RDPREFMP - ok
16:32:31.0825 5588 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:32:31.0825 5588 RdpVideoMiniport - ok
16:32:31.0840 5588 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:32:31.0840 5588 RDPWD - ok
16:32:31.0871 5588 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:32:31.0887 5588 rdyboost - ok
16:32:31.0887 5588 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:32:31.0903 5588 RemoteAccess - ok
16:32:31.0918 5588 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:32:31.0918 5588 RemoteRegistry - ok
16:32:31.0934 5588 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:32:31.0934 5588 RpcEptMapper - ok
16:32:31.0949 5588 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:32:31.0949 5588 RpcLocator - ok
16:32:31.0981 5588 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:32:31.0981 5588 RpcSs - ok
16:32:31.0996 5588 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:32:31.0996 5588 rspndr - ok
16:32:32.0027 5588 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:32:32.0027 5588 RTL8167 - ok
16:32:32.0059 5588 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:32:32.0059 5588 s3cap - ok
16:32:32.0074 5588 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:32:32.0074 5588 SamSs - ok
16:32:32.0090 5588 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:32:32.0090 5588 sbp2port - ok
16:32:32.0105 5588 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:32:32.0105 5588 SCardSvr - ok
16:32:32.0121 5588 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:32:32.0137 5588 scfilter - ok
16:32:32.0168 5588 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:32:32.0168 5588 Schedule - ok
16:32:32.0199 5588 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:32:32.0199 5588 SCPolicySvc - ok
16:32:32.0215 5588 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:32:32.0230 5588 SDRSVC - ok
16:32:32.0230 5588 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:32:32.0230 5588 secdrv - ok
16:32:32.0246 5588 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:32:32.0246 5588 seclogon - ok
16:32:32.0261 5588 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:32:32.0261 5588 SENS - ok
16:32:32.0261 5588 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:32:32.0261 5588 SensrSvc - ok
16:32:32.0277 5588 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:32:32.0293 5588 Serenum - ok
16:32:32.0308 5588 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:32:32.0308 5588 Serial - ok
16:32:32.0324 5588 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:32:32.0324 5588 sermouse - ok
16:32:32.0355 5588 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:32:32.0371 5588 SessionEnv - ok
16:32:32.0371 5588 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:32:32.0371 5588 sffdisk - ok
16:32:32.0386 5588 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:32:32.0386 5588 sffp_mmc - ok
16:32:32.0386 5588 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:32:32.0386 5588 sffp_sd - ok
16:32:32.0402 5588 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:32:32.0417 5588 sfloppy - ok
16:32:32.0449 5588 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:32:32.0449 5588 SharedAccess - ok
16:32:32.0480 5588 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:32:32.0480 5588 ShellHWDetection - ok
16:32:32.0495 5588 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:32:32.0495 5588 SiSRaid2 - ok
16:32:32.0511 5588 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:32:32.0511 5588 SiSRaid4 - ok
16:32:32.0558 5588 [ C205EE85FB05593FDF29F1B6C1553A04 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:32:32.0558 5588 SkypeUpdate - ok
16:32:32.0573 5588 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:32:32.0573 5588 Smb - ok
16:32:32.0589 5588 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:32:32.0589 5588 SNMPTRAP - ok
16:32:32.0605 5588 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:32:32.0605 5588 spldr - ok
16:32:32.0636 5588 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:32:32.0651 5588 Spooler - ok
16:32:32.0714 5588 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:32:32.0776 5588 sppsvc - ok
16:32:32.0776 5588 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:32:32.0792 5588 sppuinotify - ok
16:32:32.0823 5588 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:32:32.0823 5588 srv - ok
16:32:32.0839 5588 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:32:32.0839 5588 srv2 - ok
16:32:32.0839 5588 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:32:32.0839 5588 srvnet - ok
16:32:32.0854 5588 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:32:32.0854 5588 SSDPSRV - ok
16:32:32.0870 5588 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:32:32.0870 5588 SstpSvc - ok
16:32:32.0885 5588 [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:32:32.0901 5588 ssudmdm - ok
16:32:32.0948 5588 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:32:32.0948 5588 Stereo Service - ok
16:32:32.0963 5588 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:32:32.0963 5588 stexstor - ok
16:32:32.0995 5588 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:32:32.0995 5588 stisvc - ok
16:32:33.0026 5588 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:32:33.0026 5588 storflt - ok
16:32:33.0041 5588 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
16:32:33.0041 5588 StorSvc - ok
16:32:33.0057 5588 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:32:33.0057 5588 storvsc - ok
16:32:33.0073 5588 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:32:33.0088 5588 swenum - ok
16:32:33.0088 5588 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:32:33.0104 5588 swprv - ok
16:32:33.0151 5588 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:32:33.0151 5588 SysMain - ok
16:32:33.0166 5588 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:32:33.0166 5588 TabletInputService - ok
16:32:33.0182 5588 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:32:33.0197 5588 TapiSrv - ok
16:32:33.0197 5588 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:32:33.0213 5588 TBS - ok
16:32:33.0244 5588 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:32:33.0260 5588 Tcpip - ok
16:32:33.0291 5588 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:32:33.0307 5588 TCPIP6 - ok
16:32:33.0322 5588 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:32:33.0338 5588 tcpipreg - ok
16:32:33.0353 5588 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:32:33.0353 5588 TDPIPE - ok
16:32:33.0369 5588 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:32:33.0369 5588 TDTCP - ok
16:32:33.0385 5588 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:32:33.0385 5588 tdx - ok
16:32:33.0400 5588 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:32:33.0400 5588 TermDD - ok
16:32:33.0431 5588 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:32:33.0431 5588 TermService - ok
16:32:33.0447 5588 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:32:33.0447 5588 Themes - ok
16:32:33.0478 5588 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:32:33.0478 5588 THREADORDER - ok
16:32:33.0509 5588 [ F620772888B6E3EDEF5C3E71E3D447F0 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
16:32:33.0509 5588 TomTomHOMEService - ok
16:32:33.0509 5588 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:32:33.0525 5588 TrkWks - ok
16:32:33.0556 5588 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:32:33.0556 5588 TrustedInstaller - ok
16:32:33.0587 5588 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:32:33.0603 5588 tssecsrv - ok
16:32:33.0619 5588 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:32:33.0619 5588 TsUsbFlt - ok
16:32:33.0650 5588 [ 41A3F69FBB7CA37A3FC5CD8EF424F199 ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
16:32:33.0665 5588 TuneUp.Defrag - ok
16:32:33.0712 5588 [ CAB9E9D6B00B863A8C158BC88A79A116 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
16:32:33.0728 5588 TuneUp.UtilitiesSvc - ok
16:32:33.0743 5588 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
16:32:33.0743 5588 TuneUpUtilitiesDrv - ok
16:32:33.0775 5588 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:32:33.0775 5588 tunnel - ok
16:32:33.0806 5588 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:32:33.0806 5588 uagp35 - ok
16:32:33.0837 5588 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:32:33.0837 5588 udfs - ok
16:32:33.0868 5588 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:32:33.0868 5588 UI0Detect - ok
16:32:33.0884 5588 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:32:33.0884 5588 uliagpkx - ok
16:32:33.0899 5588 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:32:33.0899 5588 umbus - ok
16:32:33.0931 5588 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:32:33.0931 5588 UmPass - ok
16:32:33.0946 5588 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
16:32:33.0962 5588 UmRdpService - ok
16:32:33.0977 5588 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:32:33.0977 5588 upnphost - ok
16:32:34.0009 5588 [ 0835843DE85ACBD7D5C6CF887E8876B7 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
16:32:34.0024 5588 USB28xxBGA - ok
16:32:34.0040 5588 [ C95A614A4DC06DCFC3DA7B15F299F827 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
16:32:34.0040 5588 USB28xxOEM - ok
16:32:34.0071 5588 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:32:34.0071 5588 usbaudio - ok
16:32:34.0071 5588 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:32:34.0071 5588 usbccgp - ok
16:32:34.0087 5588 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:32:34.0087 5588 usbcir - ok
16:32:34.0102 5588 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:32:34.0102 5588 usbehci - ok
16:32:34.0118 5588 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:32:34.0118 5588 usbhub - ok
16:32:34.0133 5588 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:32:34.0133 5588 usbohci - ok
16:32:34.0149 5588 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:32:34.0149 5588 usbprint - ok
16:32:34.0165 5588 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:32:34.0165 5588 USBSTOR - ok
16:32:34.0180 5588 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:32:34.0180 5588 usbuhci - ok
16:32:34.0211 5588 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:32:34.0211 5588 usbvideo - ok
16:32:34.0227 5588 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:32:34.0227 5588 UxSms - ok
16:32:34.0227 5588 [ 5F3B5AA496C386291B8E9777AD19EF42 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
16:32:34.0243 5588 UxTuneUp - ok
16:32:34.0243 5588 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:32:34.0243 5588 VaultSvc - ok
16:32:34.0258 5588 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:32:34.0258 5588 vdrvroot - ok
16:32:34.0289 5588 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:32:34.0289 5588 vds - ok
16:32:34.0305 5588 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:32:34.0305 5588 vga - ok
16:32:34.0305 5588 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:32:34.0321 5588 VgaSave - ok
16:32:34.0336 5588 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:32:34.0336 5588 vhdmp - ok
16:32:34.0367 5588 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:32:34.0367 5588 viaide - ok
16:32:34.0383 5588 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:32:34.0383 5588 vmbus - ok
16:32:34.0399 5588 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:32:34.0399 5588 VMBusHID - ok
16:32:34.0414 5588 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:32:34.0414 5588 volmgr - ok
16:32:34.0430 5588 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:32:34.0430 5588 volmgrx - ok
16:32:34.0445 5588 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:32:34.0445 5588 volsnap - ok
16:32:34.0461 5588 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:32:34.0461 5588 vsmraid - ok
16:32:34.0508 5588 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:32:34.0539 5588 VSS - ok
16:32:34.0633 5588 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
16:32:34.0633 5588 vToolbarUpdater14.2.0 - ok
16:32:34.0648 5588 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:32:34.0648 5588 vwifibus - ok
16:32:34.0679 5588 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:32:34.0679 5588 W32Time - ok
16:32:34.0695 5588 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:32:34.0695 5588 WacomPen - ok
16:32:34.0726 5588 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:32:34.0726 5588 WANARP - ok
16:32:34.0726 5588 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:32:34.0726 5588 Wanarpv6 - ok
16:32:34.0773 5588 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:32:34.0804 5588 wbengine - ok
16:32:34.0820 5588 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:32:34.0820 5588 WbioSrvc - ok
16:32:34.0835 5588 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:32:34.0851 5588 wcncsvc - ok
16:32:34.0851 5588 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:32:34.0851 5588 WcsPlugInService - ok
16:32:34.0867 5588 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:32:34.0867 5588 Wd - ok
16:32:34.0913 5588 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:32:34.0913 5588 Wdf01000 - ok
16:32:34.0929 5588 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:32:34.0929 5588 WdiServiceHost - ok
16:32:34.0929 5588 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:32:34.0929 5588 WdiSystemHost - ok
16:32:34.0960 5588 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:32:34.0960 5588 WebClient - ok
16:32:34.0976 5588 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:32:34.0976 5588 Wecsvc - ok
16:32:34.0991 5588 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:32:34.0991 5588 wercplsupport - ok
16:32:34.0991 5588 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:32:35.0007 5588 WerSvc - ok
16:32:35.0007 5588 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:32:35.0007 5588 WfpLwf - ok
16:32:35.0023 5588 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:32:35.0023 5588 WIMMount - ok
16:32:35.0054 5588 WinDefend - ok
16:32:35.0054 5588 WinHttpAutoProxySvc - ok
16:32:35.0085 5588 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:32:35.0101 5588 Winmgmt - ok
16:32:35.0132 5588 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:32:35.0163 5588 WinRM - ok
16:32:35.0194 5588 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:32:35.0194 5588 WinUsb - ok
16:32:35.0225 5588 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:32:35.0225 5588 Wlansvc - ok
16:32:35.0257 5588 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:32:35.0257 5588 WmiAcpi - ok
16:32:35.0272 5588 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:32:35.0272 5588 wmiApSrv - ok
16:32:35.0288 5588 WMPNetworkSvc - ok
16:32:35.0303 5588 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:32:35.0303 5588 WPCSvc - ok
16:32:35.0319 5588 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:32:35.0319 5588 WPDBusEnum - ok
16:32:35.0335 5588 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:32:35.0335 5588 ws2ifsl - ok
16:32:35.0350 5588 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:32:35.0350 5588 wscsvc - ok
16:32:35.0350 5588 WSearch - ok
16:32:35.0397 5588 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:32:35.0444 5588 wuauserv - ok
16:32:35.0444 5588 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:32:35.0459 5588 WudfPf - ok
16:32:35.0569 5588 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:32:35.0569 5588 WUDFRd - ok
16:32:35.0615 5588 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:32:35.0615 5588 wudfsvc - ok
16:32:35.0662 5588 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:32:35.0740 5588 WwanSvc - ok
16:32:35.0787 5588 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
16:32:35.0787 5588 xusb21 - ok
16:32:35.0803 5588 ================ Scan global ===============================
16:32:35.0849 5588 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:32:35.0881 5588 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:32:35.0881 5588 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:32:35.0896 5588 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:32:35.0912 5588 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:32:35.0927 5588 [Global] - ok
16:32:35.0927 5588 ================ Scan MBR ==================================
16:32:35.0927 5588 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:32:36.0052 5588 \Device\Harddisk0\DR0 - ok
16:32:36.0052 5588 ================ Scan VBR ==================================
16:32:36.0052 5588 [ 9562A7A09377DEB9D26184C479A3D22C ] \Device\Harddisk0\DR0\Partition1
16:32:36.0052 5588 \Device\Harddisk0\DR0\Partition1 - ok
16:32:36.0068 5588 [ 22A91E84E6DEF0CCA215610F5AE07D60 ] \Device\Harddisk0\DR0\Partition2
16:32:36.0068 5588 \Device\Harddisk0\DR0\Partition2 - ok
16:32:36.0083 5588 [ A81B87A4C52D24F0355146E26BEC5482 ] \Device\Harddisk0\DR0\Partition3
16:32:36.0099 5588 \Device\Harddisk0\DR0\Partition3 - ok
16:32:36.0099 5588 ============================================================
16:32:36.0099 5588 Scan finished
16:32:36.0099 5588 ============================================================
16:32:36.0146 6012 Detected object count: 0
16:32:36.0146 6012 Actual detected object count: 0
16:34:44.0550 4560 ============================================================
16:34:44.0550 4560 Scan started
16:34:44.0550 4560 Mode: Manual; SigCheck; TDLFS;
16:34:44.0550 4560 ============================================================
16:34:44.0924 4560 ================ Scan system memory ========================
16:34:44.0924 4560 System memory - ok
16:34:44.0940 4560 ================ Scan services =============================
16:34:45.0033 4560 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:34:45.0127 4560 1394ohci - ok
16:34:45.0189 4560 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:34:45.0205 4560 ACDaemon - ok
16:34:45.0220 4560 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:34:45.0236 4560 ACPI - ok
16:34:45.0252 4560 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:34:45.0314 4560 AcpiPmi - ok
16:34:45.0361 4560 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:34:45.0376 4560 AdobeARMservice - ok
16:34:45.0439 4560 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:34:45.0454 4560 AdobeFlashPlayerUpdateSvc - ok
16:34:45.0486 4560 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:34:45.0501 4560 adp94xx - ok
16:34:45.0532 4560 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:34:45.0548 4560 adpahci - ok
16:34:45.0564 4560 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:34:45.0579 4560 adpu320 - ok
16:34:45.0595 4560 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:34:45.0688 4560 AeLookupSvc - ok
16:34:45.0735 4560 [ 7394641611EF3AB2D041F104F1E8C1B9 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:34:45.0782 4560 AERTFilters - ok
16:34:45.0798 4560 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:34:45.0829 4560 AFD - ok
16:34:45.0844 4560 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:34:45.0860 4560 agp440 - ok
16:34:45.0876 4560 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:34:45.0907 4560 ALG - ok
16:34:45.0922 4560 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:34:45.0938 4560 aliide - ok
16:34:45.0938 4560 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:34:45.0954 4560 amdide - ok
16:34:45.0969 4560 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:34:46.0016 4560 AmdK8 - ok
16:34:46.0016 4560 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:34:46.0047 4560 AmdPPM - ok
16:34:46.0078 4560 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:34:46.0094 4560 amdsata - ok
16:34:46.0110 4560 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:34:46.0125 4560 amdsbs - ok
16:34:46.0141 4560 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:34:46.0141 4560 amdxata - ok
16:34:46.0172 4560 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:34:46.0297 4560 AppID - ok
16:34:46.0297 4560 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:34:46.0344 4560 AppIDSvc - ok
16:34:46.0359 4560 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:34:46.0406 4560 Appinfo - ok
16:34:46.0468 4560 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:34:46.0468 4560 Apple Mobile Device - ok
16:34:46.0500 4560 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:34:46.0531 4560 AppMgmt - ok
16:34:46.0546 4560 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:34:46.0562 4560 arc - ok
16:34:46.0578 4560 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:34:46.0593 4560 arcsas - ok
16:34:46.0609 4560 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:34:46.0640 4560 AsyncMac - ok
16:34:46.0656 4560 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:34:46.0656 4560 atapi - ok
16:34:46.0687 4560 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:34:46.0718 4560 AudioEndpointBuilder - ok
16:34:46.0734 4560 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:34:46.0780 4560 AudioSrv - ok
16:34:46.0890 4560 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
16:34:46.0983 4560 AVGIDSAgent - ok
16:34:47.0014 4560 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:34:47.0030 4560 AVGIDSDriver - ok
16:34:47.0092 4560 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
16:34:47.0108 4560 AVGIDSHA - ok
16:34:47.0155 4560 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
16:34:47.0155 4560 Avgldx64 - ok
16:34:47.0170 4560 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
16:34:47.0186 4560 Avgloga - ok
16:34:47.0217 4560 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
16:34:47.0217 4560 Avgmfx64 - ok
16:34:47.0233 4560 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
16:34:47.0248 4560 Avgrkx64 - ok
16:34:47.0264 4560 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
16:34:47.0264 4560 Avgtdia - ok
16:34:47.0295 4560 [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
16:34:47.0311 4560 avgtp - ok
16:34:47.0342 4560 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
16:34:47.0342 4560 avgwd - ok
16:34:47.0373 4560 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:34:47.0436 4560 AxInstSV - ok
16:34:47.0467 4560 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:34:47.0498 4560 b06bdrv - ok
16:34:47.0529 4560 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:34:47.0560 4560 b57nd60a - ok
16:34:47.0576 4560 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:34:47.0607 4560 BDESVC - ok
16:34:47.0623 4560 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:34:47.0670 4560 Beep - ok
16:34:47.0701 4560 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:34:47.0748 4560 BFE - ok
16:34:47.0810 4560 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:34:47.0857 4560 BITS - ok
16:34:47.0872 4560 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:34:47.0919 4560 blbdrive - ok
16:34:47.0935 4560 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:34:47.0950 4560 Bonjour Service - ok
16:34:47.0982 4560 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:34:48.0013 4560 bowser - ok
16:34:48.0028 4560 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:34:48.0075 4560 BrFiltLo - ok
16:34:48.0091 4560 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:34:48.0106 4560 BrFiltUp - ok
16:34:48.0122 4560 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:34:48.0153 4560 Browser - ok
16:34:48.0169 4560 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:34:48.0200 4560 Brserid - ok
16:34:48.0216 4560 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:34:48.0247 4560 BrSerWdm - ok
16:34:48.0262 4560 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:34:48.0294 4560 BrUsbMdm - ok
16:34:48.0309 4560 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:34:48.0309 4560 BrUsbSer - ok
16:34:48.0325 4560 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
16:34:48.0372 4560 BTCFilterService - ok
16:34:48.0372 4560 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:34:48.0403 4560 BTHMODEM - ok
16:34:48.0418 4560 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:34:48.0450 4560 bthserv - ok
16:34:48.0465 4560 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:34:48.0496 4560 cdfs - ok
16:34:48.0528 4560 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:34:48.0543 4560 cdrom - ok
16:34:48.0559 4560 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:34:48.0590 4560 CertPropSvc - ok
16:34:48.0606 4560 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:34:48.0621 4560 circlass - ok
16:34:48.0637 4560 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:34:48.0652 4560 CLFS - ok
16:34:48.0699 4560 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:34:48.0715 4560 clr_optimization_v2.0.50727_32 - ok
16:34:48.0730 4560 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:34:48.0746 4560 clr_optimization_v2.0.50727_64 - ok
16:34:48.0793 4560 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:34:48.0808 4560 clr_optimization_v4.0.30319_32 - ok
16:34:48.0824 4560 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:34:48.0840 4560 clr_optimization_v4.0.30319_64 - ok
16:34:48.0855 4560 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:34:48.0886 4560 CmBatt - ok
16:34:48.0886 4560 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:34:48.0902 4560 cmdide - ok
16:34:48.0918 4560 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
16:34:48.0949 4560 CNG - ok
16:34:48.0964 4560 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:34:48.0980 4560 Compbatt - ok
16:34:48.0980 4560 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:34:49.0011 4560 CompositeBus - ok
16:34:49.0011 4560 COMSysApp - ok
16:34:49.0027 4560 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:34:49.0042 4560 crcdisk - ok
16:34:49.0074 4560 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:34:49.0105 4560 CryptSvc - ok
16:34:49.0136 4560 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
16:34:49.0183 4560 CSC - ok
16:34:49.0214 4560 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
16:34:49.0230 4560 CscService - ok
16:34:49.0261 4560 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:34:49.0292 4560 DcomLaunch - ok
16:34:49.0323 4560 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:34:49.0370 4560 defragsvc - ok
16:34:49.0401 4560 [ 74C1305F6F784A725B0A40D693FF4A09 ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
16:34:49.0417 4560 DeviceMonitorService - ok
16:34:49.0432 4560 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:34:49.0479 4560 DfsC - ok
16:34:49.0495 4560 [ 388039F99CE8769024EE0438352ACA99 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:34:49.0510 4560 dg_ssudbus - ok
16:34:49.0526 4560 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:34:49.0557 4560 Dhcp - ok
16:34:49.0588 4560 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:34:49.0620 4560 discache - ok
16:34:49.0635 4560 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:34:49.0635 4560 Disk - ok
16:34:49.0651 4560 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:34:49.0698 4560 Dnscache - ok
16:34:49.0698 4560 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:34:49.0744 4560 dot3svc - ok
16:34:49.0760 4560 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:34:49.0807 4560 DPS - ok
16:34:49.0822 4560 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:34:49.0854 4560 drmkaud - ok
16:34:49.0885 4560 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:34:49.0900 4560 DXGKrnl - ok
16:34:49.0916 4560 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:34:49.0963 4560 EapHost - ok
16:34:50.0010 4560 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:34:50.0072 4560 ebdrv - ok
16:34:50.0088 4560 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:34:50.0134 4560 EFS - ok
16:34:50.0166 4560 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:34:50.0212 4560 ehRecvr - ok
16:34:50.0244 4560 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:34:50.0275 4560 ehSched - ok
16:34:50.0290 4560 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:34:50.0306 4560 elxstor - ok
16:34:50.0337 4560 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:34:50.0353 4560 ErrDev - ok

Alt 26.02.2013, 15:42   #8
Surfershome
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



und

16:34:50.0384 4560 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:34:50.0415 4560 EventSystem - ok
16:34:50.0431 4560 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:34:50.0478 4560 exfat - ok
16:34:50.0493 4560 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:34:50.0540 4560 fastfat - ok
16:34:50.0556 4560 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:34:50.0587 4560 Fax - ok
16:34:50.0602 4560 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:34:50.0618 4560 fdc - ok
16:34:50.0634 4560 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:34:50.0680 4560 fdPHost - ok
16:34:50.0696 4560 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:34:50.0727 4560 FDResPub - ok
16:34:50.0743 4560 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:34:50.0758 4560 FileInfo - ok
16:34:50.0758 4560 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:34:50.0805 4560 Filetrace - ok
16:34:50.0821 4560 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:34:50.0836 4560 flpydisk - ok
16:34:50.0852 4560 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:34:50.0868 4560 FltMgr - ok
16:34:50.0914 4560 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:34:50.0946 4560 FontCache - ok
16:34:50.0977 4560 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:34:50.0992 4560 FontCache3.0.0.0 - ok
16:34:50.0992 4560 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:34:51.0008 4560 FsDepends - ok
16:34:51.0039 4560 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:34:51.0039 4560 Fs_Rec - ok
16:34:51.0070 4560 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:34:51.0086 4560 fvevol - ok
16:34:51.0102 4560 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:34:51.0117 4560 gagp30kx - ok
16:34:51.0133 4560 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:34:51.0148 4560 GEARAspiWDM - ok
16:34:51.0164 4560 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:34:51.0211 4560 gpsvc - ok
16:34:51.0258 4560 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:34:51.0258 4560 gupdate - ok
16:34:51.0273 4560 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:34:51.0273 4560 gupdatem - ok
16:34:51.0304 4560 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:34:51.0320 4560 gusvc - ok
16:34:51.0336 4560 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:34:51.0367 4560 hcw85cir - ok
16:34:51.0398 4560 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:34:51.0429 4560 HdAudAddService - ok
16:34:51.0429 4560 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:34:51.0460 4560 HDAudBus - ok
16:34:51.0476 4560 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:34:51.0507 4560 HidBatt - ok
16:34:51.0523 4560 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:34:51.0538 4560 HidBth - ok
16:34:51.0538 4560 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:34:51.0570 4560 HidIr - ok
16:34:51.0585 4560 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:34:51.0632 4560 hidserv - ok
16:34:51.0648 4560 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:34:51.0663 4560 HidUsb - ok
16:34:51.0679 4560 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:34:51.0726 4560 hkmsvc - ok
16:34:51.0757 4560 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:34:51.0788 4560 HomeGroupListener - ok
16:34:51.0819 4560 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:34:51.0835 4560 HomeGroupProvider - ok
16:34:51.0850 4560 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:34:51.0866 4560 HpSAMD - ok
16:34:51.0897 4560 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:34:51.0960 4560 HTTP - ok
16:34:51.0975 4560 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:34:51.0991 4560 hwpolicy - ok
16:34:52.0006 4560 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:34:52.0022 4560 i8042prt - ok
16:34:52.0053 4560 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:34:52.0069 4560 iaStorV - ok
16:34:52.0084 4560 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:34:52.0100 4560 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:34:52.0100 4560 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:34:52.0131 4560 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:34:52.0147 4560 idsvc - ok
16:34:52.0178 4560 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:34:52.0178 4560 iirsp - ok
16:34:52.0209 4560 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:34:52.0272 4560 IKEEXT - ok
16:34:52.0303 4560 [ 49A1C3833AF724B2555C0689347DCD05 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:34:52.0334 4560 IntcAzAudAddService - ok
16:34:52.0350 4560 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:34:52.0365 4560 intelide - ok
16:34:52.0381 4560 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:34:52.0396 4560 intelppm - ok
16:34:52.0428 4560 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:34:52.0474 4560 IPBusEnum - ok
16:34:52.0490 4560 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:34:52.0537 4560 IpFilterDriver - ok
16:34:52.0568 4560 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:34:52.0584 4560 iphlpsvc - ok
16:34:52.0615 4560 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:34:52.0630 4560 IPMIDRV - ok
16:34:52.0646 4560 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:34:52.0693 4560 IPNAT - ok
16:34:52.0724 4560 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:34:52.0740 4560 iPod Service - ok
16:34:52.0755 4560 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:34:52.0786 4560 IRENUM - ok
16:34:52.0802 4560 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:34:52.0818 4560 isapnp - ok
16:34:52.0849 4560 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:34:52.0849 4560 iScsiPrt - ok
16:34:52.0864 4560 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:34:52.0880 4560 kbdclass - ok
16:34:52.0896 4560 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:34:52.0911 4560 kbdhid - ok
16:34:52.0927 4560 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:34:52.0942 4560 KeyIso - ok
16:34:52.0958 4560 [ B6D6F12C214DE823FA22709F7BD0EB0B ] KoneFltr C:\Windows\system32\drivers\Kone.sys
16:34:52.0974 4560 KoneFltr - ok
16:34:52.0989 4560 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:34:53.0005 4560 KSecDD - ok
16:34:53.0036 4560 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:34:53.0052 4560 KSecPkg - ok
16:34:53.0052 4560 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:34:53.0098 4560 ksthunk - ok
16:34:53.0114 4560 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:34:53.0161 4560 KtmRm - ok
16:34:53.0192 4560 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:34:53.0223 4560 LanmanServer - ok
16:34:53.0239 4560 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:34:53.0286 4560 LanmanWorkstation - ok
16:34:53.0317 4560 [ AA3D903C5A7538803F2400A8391F1881 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:34:53.0332 4560 LHidFilt - ok
16:34:53.0348 4560 [ 02538E602280C07438C94489DCBE77D5 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys
16:34:53.0364 4560 libusb0 - ok
16:34:53.0379 4560 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:34:53.0410 4560 lltdio - ok
16:34:53.0442 4560 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:34:53.0488 4560 lltdsvc - ok
16:34:53.0504 4560 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:34:53.0535 4560 lmhosts - ok
16:34:53.0551 4560 [ 90B4B2B0B5F05ABB9FB365405A7B825B ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:34:53.0551 4560 LMouFilt - ok
16:34:53.0582 4560 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:34:53.0598 4560 LSI_FC - ok
16:34:53.0613 4560 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:34:53.0629 4560 LSI_SAS - ok
16:34:53.0629 4560 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:34:53.0644 4560 LSI_SAS2 - ok
16:34:53.0660 4560 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:34:53.0676 4560 LSI_SCSI - ok
16:34:53.0691 4560 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:34:53.0722 4560 luafv - ok
16:34:53.0738 4560 [ 4EB7886F6223F68CA855730A96D6110C ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
16:34:53.0754 4560 LUsbFilt - ok
16:34:53.0769 4560 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:34:53.0785 4560 MBAMProtector - ok
16:34:53.0800 4560 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:34:53.0816 4560 MBAMScheduler - ok
16:34:53.0832 4560 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:34:53.0847 4560 MBAMService - ok
16:34:53.0878 4560 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:34:53.0910 4560 Mcx2Svc - ok
16:34:53.0925 4560 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:34:53.0925 4560 megasas - ok
16:34:53.0941 4560 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:34:53.0956 4560 MegaSR - ok
16:34:53.0988 4560 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:34:54.0019 4560 MMCSS - ok
16:34:54.0034 4560 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:34:54.0081 4560 Modem - ok
16:34:54.0097 4560 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:34:54.0128 4560 monitor - ok
16:34:54.0144 4560 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
16:34:54.0190 4560 motccgp - ok
16:34:54.0206 4560 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
16:34:54.0222 4560 motccgpfl - ok
16:34:54.0237 4560 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
16:34:54.0284 4560 motmodem - ok
16:34:54.0315 4560 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
16:34:54.0331 4560 MotoHelper - ok
16:34:54.0346 4560 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
16:34:54.0362 4560 MotoSwitchService - ok
16:34:54.0362 4560 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
16:34:54.0378 4560 Motousbnet - ok
16:34:54.0393 4560 [ D075B1D964A314D240F5498773EE89DF ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
16:34:54.0409 4560 motusbdevice - ok
16:34:54.0424 4560 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
16:34:54.0440 4560 mouclass - ok
16:34:54.0456 4560 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:34:54.0471 4560 mouhid - ok
16:34:54.0487 4560 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:34:54.0502 4560 mountmgr - ok
16:34:54.0534 4560 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:34:54.0549 4560 MozillaMaintenance - ok
16:34:54.0565 4560 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:34:54.0580 4560 mpio - ok
16:34:54.0596 4560 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:34:54.0627 4560 mpsdrv - ok
16:34:54.0658 4560 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:34:54.0705 4560 MpsSvc - ok
16:34:54.0736 4560 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:34:54.0752 4560 MRxDAV - ok
16:34:54.0783 4560 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:34:54.0799 4560 mrxsmb - ok
16:34:54.0830 4560 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:34:54.0846 4560 mrxsmb10 - ok
16:34:54.0846 4560 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:34:54.0861 4560 mrxsmb20 - ok
16:34:54.0877 4560 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:34:54.0892 4560 msahci - ok
16:34:54.0908 4560 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:34:54.0924 4560 msdsm - ok
16:34:54.0939 4560 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:34:54.0955 4560 MSDTC - ok
16:34:54.0986 4560 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:34:55.0017 4560 Msfs - ok
16:34:55.0033 4560 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:34:55.0064 4560 mshidkmdf - ok
16:34:55.0095 4560 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:34:55.0111 4560 msisadrv - ok
16:34:55.0126 4560 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:34:55.0173 4560 MSiSCSI - ok
16:34:55.0189 4560 msiserver - ok
16:34:55.0204 4560 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:34:55.0236 4560 MSKSSRV - ok
16:34:55.0251 4560 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:34:55.0282 4560 MSPCLOCK - ok
16:34:55.0314 4560 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:34:55.0360 4560 MSPQM - ok
16:34:55.0392 4560 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:34:55.0407 4560 MsRPC - ok
16:34:55.0423 4560 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:34:55.0438 4560 mssmbios - ok
16:34:55.0438 4560 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:34:55.0485 4560 MSTEE - ok
16:34:55.0501 4560 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:34:55.0501 4560 MTConfig - ok
16:34:55.0532 4560 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:34:55.0532 4560 Mup - ok
16:34:55.0563 4560 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:34:55.0610 4560 napagent - ok
16:34:55.0641 4560 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:34:55.0672 4560 NativeWifiP - ok
16:34:55.0704 4560 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:34:55.0735 4560 NDIS - ok
16:34:55.0735 4560 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:34:55.0782 4560 NdisCap - ok
16:34:55.0797 4560 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:34:55.0828 4560 NdisTapi - ok
16:34:55.0860 4560 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:34:55.0891 4560 Ndisuio - ok
16:34:55.0906 4560 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:34:55.0953 4560 NdisWan - ok
16:34:55.0969 4560 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:34:56.0016 4560 NDProxy - ok
16:34:56.0031 4560 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:34:56.0078 4560 NetBIOS - ok
16:34:56.0094 4560 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:34:56.0125 4560 NetBT - ok
16:34:56.0140 4560 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:34:56.0156 4560 Netlogon - ok
16:34:56.0172 4560 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:34:56.0203 4560 Netman - ok
16:34:56.0218 4560 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:34:56.0281 4560 netprofm - ok
16:34:56.0296 4560 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:34:56.0296 4560 NetTcpPortSharing - ok
16:34:56.0312 4560 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:34:56.0328 4560 nfrd960 - ok
16:34:56.0343 4560 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:34:56.0374 4560 NlaSvc - ok
16:34:56.0390 4560 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:34:56.0421 4560 Npfs - ok
16:34:56.0437 4560 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:34:56.0468 4560 nsi - ok
16:34:56.0484 4560 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:34:56.0530 4560 nsiproxy - ok
16:34:56.0562 4560 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:34:56.0593 4560 Ntfs - ok
16:34:56.0608 4560 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:34:56.0655 4560 Null - ok
16:34:56.0842 4560 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:34:57.0030 4560 nvlddmkm - ok
16:34:57.0061 4560 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:34:57.0076 4560 nvraid - ok
16:34:57.0108 4560 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:34:57.0123 4560 nvstor - ok
16:34:57.0154 4560 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
16:34:57.0170 4560 nvsvc - ok
16:34:57.0248 4560 [ E7818CD4FB51284C948D68A7A85A69B8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:34:57.0295 4560 nvUpdatusService - ok
16:34:57.0310 4560 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:34:57.0326 4560 nv_agp - ok
16:34:57.0373 4560 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:34:57.0388 4560 odserv - ok
16:34:57.0404 4560 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:34:57.0435 4560 ohci1394 - ok
16:34:57.0451 4560 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:34:57.0466 4560 ose - ok
16:34:57.0498 4560 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:34:57.0529 4560 p2pimsvc - ok
16:34:57.0560 4560 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:34:57.0576 4560 p2psvc - ok
16:34:57.0591 4560 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:34:57.0607 4560 Parport - ok
16:34:57.0622 4560 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:34:57.0638 4560 partmgr - ok
16:34:57.0654 4560 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:34:57.0669 4560 PcaSvc - ok
16:34:57.0685 4560 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:34:57.0700 4560 pci - ok
16:34:57.0716 4560 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:34:57.0732 4560 pciide - ok
16:34:57.0747 4560 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:34:57.0763 4560 pcmcia - ok
16:34:57.0778 4560 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:34:57.0794 4560 pcw - ok
16:34:57.0810 4560 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:34:57.0856 4560 PEAUTH - ok
16:34:57.0903 4560 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:34:57.0934 4560 PeerDistSvc - ok
16:34:57.0997 4560 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:34:58.0012 4560 PerfHost - ok
16:34:58.0075 4560 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:34:58.0122 4560 pla - ok
16:34:58.0137 4560 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:34:58.0168 4560 PlugPlay - ok
16:34:58.0168 4560 PnkBstrA - ok
16:34:58.0184 4560 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:34:58.0215 4560 PNRPAutoReg - ok
16:34:58.0231 4560 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:34:58.0246 4560 PNRPsvc - ok
16:34:58.0262 4560 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:34:58.0309 4560 PolicyAgent - ok
16:34:58.0324 4560 [ 79F4CA38B4E6EADC9F5E5249C3EC494A ] PorscheWheelFilterUsb C:\Windows\system32\DRIVERS\PWFilterUsb.sys
16:34:58.0340 4560 PorscheWheelFilterUsb - ok
16:34:58.0371 4560 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:34:58.0418 4560 Power - ok
16:34:58.0434 4560 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:34:58.0465 4560 PptpMiniport - ok
16:34:58.0480 4560 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:34:58.0512 4560 Processor - ok
16:34:58.0527 4560 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:34:58.0558 4560 ProfSvc - ok
16:34:58.0558 4560 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:34:58.0574 4560 ProtectedStorage - ok
16:34:58.0590 4560 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:34:58.0636 4560 Psched - ok
16:34:58.0683 4560 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:34:58.0714 4560 ql2300 - ok
16:34:58.0730 4560 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:34:58.0746 4560 ql40xx - ok
16:34:58.0761 4560 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:34:58.0777 4560 QWAVE - ok
16:34:58.0792 4560 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:34:58.0824 4560 QWAVEdrv - ok
16:34:58.0839 4560 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:34:58.0886 4560 RasAcd - ok
16:34:58.0902 4560 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:34:58.0933 4560 RasAgileVpn - ok
16:34:58.0948 4560 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:34:58.0980 4560 RasAuto - ok
16:34:58.0995 4560 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:34:59.0042 4560 Rasl2tp - ok
16:34:59.0073 4560 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:34:59.0104 4560 RasMan - ok
16:34:59.0120 4560 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:34:59.0167 4560 RasPppoe - ok
16:34:59.0167 4560 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:34:59.0214 4560 RasSstp - ok
16:34:59.0229 4560 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:34:59.0276 4560 rdbss - ok
16:34:59.0292 4560 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:34:59.0307 4560 rdpbus - ok
16:34:59.0307 4560 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:34:59.0354 4560 RDPCDD - ok
16:34:59.0370 4560 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:34:59.0385 4560 RDPDR - ok
16:34:59.0401 4560 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:34:59.0448 4560 RDPENCDD - ok
16:34:59.0463 4560 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:34:59.0494 4560 RDPREFMP - ok
16:34:59.0526 4560 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:34:59.0541 4560 RdpVideoMiniport - ok
16:34:59.0557 4560 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:34:59.0572 4560 RDPWD - ok
16:34:59.0604 4560 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:34:59.0619 4560 rdyboost - ok
16:34:59.0635 4560 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:34:59.0682 4560 RemoteAccess - ok
16:34:59.0713 4560 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:34:59.0744 4560 RemoteRegistry - ok
16:34:59.0760 4560 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:34:59.0791 4560 RpcEptMapper - ok
16:34:59.0806 4560 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:34:59.0822 4560 RpcLocator - ok
16:34:59.0838 4560 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:34:59.0884 4560 RpcSs - ok
16:34:59.0900 4560 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:34:59.0947 4560 rspndr - ok
16:34:59.0962 4560 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:34:59.0994 4560 RTL8167 - ok
16:35:00.0009 4560 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:35:00.0025 4560 s3cap - ok
16:35:00.0040 4560 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:35:00.0056 4560 SamSs - ok
16:35:00.0072 4560 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:35:00.0087 4560 sbp2port - ok
16:35:00.0103 4560 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:35:00.0134 4560 SCardSvr - ok
16:35:00.0165 4560 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:35:00.0196 4560 scfilter - ok
16:35:00.0228 4560 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:35:00.0290 4560 Schedule - ok
16:35:00.0306 4560 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:35:00.0337 4560 SCPolicySvc - ok
16:35:00.0368 4560 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:35:00.0399 4560 SDRSVC - ok
16:35:00.0415 4560 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:35:00.0446 4560 secdrv - ok
16:35:00.0462 4560 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:35:00.0493 4560 seclogon - ok
16:35:00.0508 4560 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:35:00.0540 4560 SENS - ok
16:35:00.0555 4560 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:35:00.0586 4560 SensrSvc - ok
16:35:00.0618 4560 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:35:00.0618 4560 Serenum - ok
16:35:00.0633 4560 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:35:00.0664 4560 Serial - ok
16:35:00.0696 4560 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:35:00.0696 4560 sermouse - ok
16:35:00.0727 4560 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:35:00.0774 4560 SessionEnv - ok
16:35:00.0789 4560 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:35:00.0820 4560 sffdisk - ok
16:35:00.0820 4560 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:35:00.0852 4560 sffp_mmc - ok
16:35:00.0852 4560 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:35:00.0867 4560 sffp_sd - ok
16:35:00.0883 4560 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:35:00.0898 4560 sfloppy - ok
16:35:00.0945 4560 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:35:00.0992 4560 SharedAccess - ok
16:35:01.0023 4560 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:35:01.0054 4560 ShellHWDetection - ok
16:35:01.0070 4560 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:35:01.0086 4560 SiSRaid2 - ok
16:35:01.0101 4560 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:35:01.0117 4560 SiSRaid4 - ok
16:35:01.0148 4560 [ C205EE85FB05593FDF29F1B6C1553A04 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:35:01.0148 4560 SkypeUpdate - ok
16:35:01.0164 4560 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:35:01.0210 4560 Smb - ok
16:35:01.0242 4560 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:35:01.0273 4560 SNMPTRAP - ok
16:35:01.0273 4560 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:35:01.0288 4560 spldr - ok
16:35:01.0320 4560 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:35:01.0351 4560 Spooler - ok
16:35:01.0429 4560 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:35:01.0507 4560 sppsvc - ok
16:35:01.0522 4560 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:35:01.0569 4560 sppuinotify - ok
16:35:01.0600 4560 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:35:01.0616 4560 srv - ok
16:35:01.0632 4560 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:35:01.0678 4560 srv2 - ok
16:35:01.0710 4560 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:35:01.0725 4560 srvnet - ok
16:35:01.0741 4560 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:35:01.0788 4560 SSDPSRV - ok
16:35:01.0803 4560 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:35:01.0834 4560 SstpSvc - ok
16:35:01.0850 4560 [ AD42CA614E086BCADBD53FFFC404AC24 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:35:01.0866 4560 ssudmdm - ok
16:35:01.0912 4560 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:35:01.0928 4560 Stereo Service - ok
16:35:01.0944 4560 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:35:01.0944 4560 stexstor - ok
16:35:02.0006 4560 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:35:02.0037 4560 stisvc - ok
16:35:02.0068 4560 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:35:02.0084 4560 storflt - ok
16:35:02.0115 4560 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
16:35:02.0224 4560 StorSvc - ok
16:35:02.0240 4560 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:35:02.0256 4560 storvsc - ok
16:35:02.0271 4560 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:35:02.0271 4560 swenum - ok
16:35:02.0302 4560 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:35:02.0334 4560 swprv - ok
16:35:02.0380 4560 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:35:02.0427 4560 SysMain - ok
16:35:02.0443 4560 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:35:02.0458 4560 TabletInputService - ok
16:35:02.0490 4560 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:35:02.0521 4560 TapiSrv - ok
16:35:02.0536 4560 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:35:02.0583 4560 TBS - ok
16:35:02.0614 4560 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:35:02.0661 4560 Tcpip - ok
16:35:02.0692 4560 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:35:02.0739 4560 TCPIP6 - ok
16:35:02.0739 4560 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:35:02.0770 4560 tcpipreg - ok
16:35:02.0786 4560 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:35:02.0817 4560 TDPIPE - ok
16:35:02.0833 4560 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:35:02.0848 4560 TDTCP - ok
16:35:02.0864 4560 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:35:02.0895 4560 tdx - ok
16:35:02.0926 4560 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:35:02.0942 4560 TermDD - ok
16:35:02.0958 4560 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:35:03.0004 4560 TermService - ok
16:35:03.0020 4560 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:35:03.0051 4560 Themes - ok
16:35:03.0067 4560 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:35:03.0098 4560 THREADORDER - ok
16:35:03.0129 4560 [ F620772888B6E3EDEF5C3E71E3D447F0 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
16:35:03.0145 4560 TomTomHOMEService - ok
16:35:03.0145 4560 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:35:03.0192 4560 TrkWks - ok
16:35:03.0223 4560 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:35:03.0270 4560 TrustedInstaller - ok
16:35:03.0285 4560 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:35:03.0316 4560 tssecsrv - ok
16:35:03.0332 4560 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:35:03.0348 4560 TsUsbFlt - ok
16:35:03.0426 4560 [ 41A3F69FBB7CA37A3FC5CD8EF424F199 ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
16:35:03.0441 4560 TuneUp.Defrag - ok
16:35:03.0504 4560 [ CAB9E9D6B00B863A8C158BC88A79A116 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
16:35:03.0535 4560 TuneUp.UtilitiesSvc - ok
16:35:03.0566 4560 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
16:35:03.0566 4560 TuneUpUtilitiesDrv - ok
16:35:03.0582 4560 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:35:03.0613 4560 tunnel - ok
16:35:03.0660 4560 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:35:03.0660 4560 uagp35 - ok
16:35:03.0706 4560 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:35:03.0753 4560 udfs - ok
16:35:03.0784 4560 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:35:03.0800 4560 UI0Detect - ok
16:35:03.0816 4560 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:35:03.0831 4560 uliagpkx - ok
16:35:03.0847 4560 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:35:03.0878 4560 umbus - ok
16:35:03.0878 4560 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:35:03.0894 4560 UmPass - ok
16:35:03.0925 4560 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
16:35:03.0940 4560 UmRdpService - ok
16:35:03.0956 4560 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:35:04.0003 4560 upnphost - ok
16:35:04.0018 4560 [ 0835843DE85ACBD7D5C6CF887E8876B7 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
16:35:04.0050 4560 USB28xxBGA - ok
16:35:04.0065 4560 [ C95A614A4DC06DCFC3DA7B15F299F827 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
16:35:04.0081 4560 USB28xxOEM - ok
16:35:04.0096 4560 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:35:04.0128 4560 usbaudio - ok
16:35:04.0128 4560 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:35:04.0174 4560 usbccgp - ok
16:35:04.0190 4560 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:35:04.0206 4560 usbcir - ok
16:35:04.0206 4560 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:35:04.0221 4560 usbehci - ok
16:35:04.0237 4560 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:35:04.0268 4560 usbhub - ok
16:35:04.0284 4560 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:35:04.0299 4560 usbohci - ok
16:35:04.0315 4560 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:35:04.0346 4560 usbprint - ok
16:35:04.0362 4560 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:35:04.0377 4560 USBSTOR - ok
16:35:04.0408 4560 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:35:04.0424 4560 usbuhci - ok
16:35:04.0440 4560 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:35:04.0471 4560 usbvideo - ok
16:35:04.0502 4560 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:35:04.0549 4560 UxSms - ok
16:35:04.0564 4560 [ 5F3B5AA496C386291B8E9777AD19EF42 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
16:35:04.0564 4560 UxTuneUp - ok
16:35:04.0580 4560 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:35:04.0596 4560 VaultSvc - ok
16:35:04.0596 4560 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:35:04.0611 4560 vdrvroot - ok
16:35:04.0642 4560 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:35:04.0689 4560 vds - ok
16:35:04.0705 4560 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:35:04.0720 4560 vga - ok
16:35:04.0720 4560 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:35:04.0752 4560 VgaSave - ok
16:35:04.0783 4560 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:35:04.0798 4560 vhdmp - ok
16:35:04.0814 4560 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:35:04.0830 4560 viaide - ok
16:35:04.0845 4560 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:35:04.0861 4560 vmbus - ok
16:35:04.0861 4560 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:35:04.0876 4560 VMBusHID - ok
16:35:04.0892 4560 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:35:04.0908 4560 volmgr - ok
16:35:04.0908 4560 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:35:04.0939 4560 volmgrx - ok
16:35:04.0954 4560 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:35:04.0970 4560 volsnap - ok
16:35:04.0986 4560 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:35:05.0001 4560 vsmraid - ok
16:35:05.0048 4560 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:35:05.0095 4560 VSS - ok
16:35:05.0173 4560 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
16:35:05.0188 4560 vToolbarUpdater14.2.0 - ok
16:35:05.0204 4560 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:35:05.0235 4560 vwifibus - ok
16:35:05.0266 4560 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:35:05.0313 4560 W32Time - ok
16:35:05.0329 4560 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:35:05.0360 4560 WacomPen - ok
16:35:05.0360 4560 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:35:05.0407 4560 WANARP - ok
16:35:05.0407 4560 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:35:05.0438 4560 Wanarpv6 - ok
16:35:05.0485 4560 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:35:05.0516 4560 wbengine - ok
16:35:05.0532 4560 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:35:05.0547 4560 WbioSrvc - ok
16:35:05.0578 4560 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:35:05.0594 4560 wcncsvc - ok
16:35:05.0610 4560 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:35:05.0625 4560 WcsPlugInService - ok
16:35:05.0641 4560 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:35:05.0641 4560 Wd - ok
16:35:05.0688 4560 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:35:05.0703 4560 Wdf01000 - ok
16:35:05.0719 4560 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:35:05.0781 4560 WdiServiceHost - ok
16:35:05.0797 4560 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:35:05.0812 4560 WdiSystemHost - ok
16:35:05.0828 4560 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:35:05.0859 4560 WebClient - ok
16:35:05.0875 4560 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:35:05.0922 4560 Wecsvc - ok
16:35:05.0922 4560 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:35:05.0968 4560 wercplsupport - ok
16:35:05.0984 4560 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:35:06.0031 4560 WerSvc - ok
16:35:06.0062 4560 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:35:06.0093 4560 WfpLwf - ok
16:35:06.0109 4560 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:35:06.0124 4560 WIMMount - ok
16:35:06.0140 4560 WinDefend - ok
16:35:06.0140 4560 WinHttpAutoProxySvc - ok
16:35:06.0187 4560 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:35:06.0218 4560 Winmgmt - ok
16:35:06.0265 4560 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:35:06.0312 4560 WinRM - ok
16:35:06.0343 4560 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:35:06.0358 4560 WinUsb - ok
16:35:06.0390 4560 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:35:06.0405 4560 Wlansvc - ok
16:35:06.0436 4560 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:35:06.0436 4560 WmiAcpi - ok
16:35:06.0468 4560 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:35:06.0483 4560 wmiApSrv - ok
16:35:06.0499 4560 WMPNetworkSvc - ok
16:35:06.0499 4560 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:35:06.0530 4560 WPCSvc - ok
16:35:06.0546 4560 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:35:06.0561 4560 WPDBusEnum - ok
16:35:06.0577 4560 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:35:06.0624 4560 ws2ifsl - ok
16:35:06.0639 4560 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:35:06.0655 4560 wscsvc - ok
16:35:06.0655 4560 WSearch - ok
16:35:06.0702 4560 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:35:06.0748 4560 wuauserv - ok
16:35:06.0780 4560 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:35:06.0795 4560 WudfPf - ok
16:35:06.0811 4560 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:35:06.0842 4560 WUDFRd - ok
16:35:06.0858 4560 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:35:06.0873 4560 wudfsvc - ok
16:35:06.0873 4560 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:35:06.0904 4560 WwanSvc - ok
16:35:06.0920 4560 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
16:35:06.0936 4560 xusb21 - ok
16:35:06.0936 4560 ================ Scan global ===============================
16:35:06.0951 4560 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:35:06.0967 4560 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:35:06.0982 4560 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:35:06.0998 4560 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:35:07.0014 4560 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:35:07.0014 4560 [Global] - ok
16:35:07.0014 4560 ================ Scan MBR ==================================
16:35:07.0029 4560 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:35:07.0232 4560 \Device\Harddisk0\DR0 - ok
16:35:07.0232 4560 ================ Scan VBR ==================================
16:35:07.0248 4560 [ 9562A7A09377DEB9D26184C479A3D22C ] \Device\Harddisk0\DR0\Partition1
16:35:07.0294 4560 \Device\Harddisk0\DR0\Partition1 - ok
16:35:07.0294 4560 [ 22A91E84E6DEF0CCA215610F5AE07D60 ] \Device\Harddisk0\DR0\Partition2
16:35:07.0310 4560 \Device\Harddisk0\DR0\Partition2 - ok
16:35:07.0326 4560 [ A81B87A4C52D24F0355146E26BEC5482 ] \Device\Harddisk0\DR0\Partition3
16:35:07.0326 4560 \Device\Harddisk0\DR0\Partition3 - ok
16:35:07.0326 4560 ============================================================
16:35:07.0326 4560 Scan finished
16:35:07.0326 4560 ============================================================
16:35:07.0341 3228 Detected object count: 1
16:35:07.0341 3228 Actual detected object count: 1
16:36:37.0967 3228 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:36:37.0967 3228 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 26.02.2013, 19:47   #9
markusg
/// Malware-holic
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.02.2013, 20:27   #10
Surfershome
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



wenn ich nun wüßte was und wie Code Tags sind - sry

Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-26.01 - SurfersHome 26.02.2013  21:08:06.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.6142.4243 [GMT 1:00]
ausgeführt von:: c:\users\SurfersHome\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Public\invokesi.exe
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\_ctypes.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\_elementtree.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\_hashlib.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\_socket.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\_ssl.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\pyexpat.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\pysqlite2._sqlite.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\python26.dll
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\pythoncom26.dll
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\PyWinTypes26.dll
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\select.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\unicodedata.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32api.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32com.shell.shell.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32crypt.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32event.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32file.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32inet.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32pdh.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32process.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32profile.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32security.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\win32ts.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\windows._cacheinvalidation.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wx._controls_.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wx._core_.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wx._gdi_.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wx._html2.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wx._misc_.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wx._windows_.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wx._wizard.pyd
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wxbase293u_net_vc.dll
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wxbase293u_vc.dll
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wxmsw293u_adv_vc.dll
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wxmsw293u_core_vc.dll
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wxmsw293u_html_vc.dll
c:\users\SURFER~1\AppData\Local\Temp\_MEI11842\wxmsw293u_webview_vc.dll
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\_ctypes.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\_elementtree.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\_hashlib.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\_socket.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\_ssl.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\pyexpat.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\pysqlite2._sqlite.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\python26.dll
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\pythoncom26.dll
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\PyWinTypes26.dll
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\select.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\unicodedata.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32api.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32com.shell.shell.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32crypt.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32event.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32file.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32inet.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32pdh.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32process.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32profile.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32security.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\win32ts.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\windows._cacheinvalidation.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wx._controls_.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wx._core_.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wx._gdi_.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wx._html2.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wx._misc_.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wx._windows_.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wx._wizard.pyd
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wxbase293u_net_vc.dll
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wxbase293u_vc.dll
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wxmsw293u_adv_vc.dll
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wxmsw293u_core_vc.dll
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wxmsw293u_html_vc.dll
c:\users\SurfersHome\AppData\Local\Temp\_MEI11842\wxmsw293u_webview_vc.dll
c:\windows\IsUn0407.exe
c:\windows\jestertb.dll
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\wininit.ini
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-26 bis 2013-02-26  ))))))))))))))))))))))))))))))
.
.
2074-05-07 17:38 . 2006-11-21 19:48	203576	------w-	c:\program files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe
2013-02-26 19:49 . 2012-10-30 22:51	71600	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-02-26 19:49 . 2012-10-30 22:50	285328	----a-w-	c:\windows\system32\aswBoot.exe
2013-02-26 19:49 . 2012-10-30 22:51	41224	----a-w-	c:\windows\avastSS.scr
2013-02-26 19:49 . 2012-10-30 22:50	227648	----a-w-	c:\windows\SysWow64\aswBoot.exe
2013-02-26 19:49 . 2013-02-26 19:49	--------	d-----w-	c:\programdata\AVAST Software
2013-02-26 19:49 . 2013-02-26 19:49	--------	d-----w-	c:\program files\AVAST Software
2013-02-26 19:17 . 2013-02-26 19:17	--------	d-----w-	c:\users\SurfersHome\AppData\Local\Secunia PSI
2013-02-26 19:17 . 2013-02-26 19:17	--------	d-----w-	c:\program files (x86)\Secunia
2013-02-26 14:50 . 2013-02-26 15:53	--------	d-----w-	c:\program files (x86)\SpywareBlaster
2013-02-26 13:42 . 2012-08-23 15:09	3584	----a-w-	c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2013-02-26 13:42 . 2012-08-23 13:41	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-02-26 13:42 . 2012-08-23 13:40	13312	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-02-26 13:42 . 2012-08-23 13:24	15360	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2013-02-26 13:42 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2013-02-26 13:42 . 2012-08-23 14:07	57856	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2013-02-25 21:44 . 2013-02-25 22:09	--------	d-----w-	c:\users\SurfersHome\male
2013-02-25 19:55 . 2013-02-25 19:55	--------	d-----w-	c:\users\SurfersHome\AppData\Roaming\Malwarebytes
2013-02-25 19:55 . 2013-02-25 19:55	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-25 19:55 . 2013-02-25 19:55	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-25 19:55 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-21 09:14 . 2013-02-21 09:14	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-21 09:14 . 2013-02-21 09:14	--------	d-----w-	c:\program files\iTunes
2013-02-21 09:14 . 2013-02-21 09:14	--------	d-----w-	c:\program files (x86)\iTunes
2013-02-21 09:14 . 2013-02-21 09:14	--------	d-----w-	c:\program files\iPod
2013-02-17 17:56 . 2013-02-26 19:26	--------	d-----w-	c:\users\SurfersHome\AppData\Roaming\Skype
2013-02-17 17:56 . 2013-02-17 17:56	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2013-02-17 17:56 . 2013-02-17 17:56	--------	d-----r-	c:\program files (x86)\Skype
2013-02-17 17:56 . 2013-02-17 17:56	--------	d-----w-	c:\programdata\Skype
2013-02-17 11:30 . 2013-02-17 11:31	--------	d-----w-	c:\program files (x86)\AVG Secure Search
2013-02-17 11:22 . 2013-02-17 11:22	--------	d-----w-	c:\users\SurfersHome\AppData\Roaming\AVG2013
2013-02-17 11:17 . 2013-02-17 11:19	--------	d-----w-	c:\programdata\AVG2013
2013-02-17 11:15 . 2013-02-17 11:36	--------	d-----w-	c:\users\SurfersHome\AppData\Local\Avg2013
2013-02-17 11:15 . 2013-02-17 11:15	--------	d-----w-	c:\users\SurfersHome\AppData\Local\MFAData
2013-02-15 22:31 . 2013-02-15 22:31	186432	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-15 12:55 . 2012-04-08 23:40	79360	----a-w-	c:\windows\SysWow64\ff_vfw.dll
2013-02-15 12:55 . 2013-02-15 12:55	--------	d-----w-	c:\programdata\BrowserProtect
2013-02-15 12:54 . 2013-02-15 13:13	--------	d-----w-	c:\users\SurfersHome\AppData\Roaming\Delta
2013-02-15 12:54 . 2013-02-15 12:54	--------	d-----w-	c:\users\SurfersHome\AppData\Roaming\Babylon
2013-02-15 12:54 . 2013-02-15 12:54	--------	d-----w-	c:\programdata\Babylon
2013-02-15 12:54 . 2013-02-15 12:54	--------	d-----w-	c:\programdata\Tarma Installer
2013-02-13 23:54 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 23:54 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 09:46 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-13 09:46 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 09:46 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 09:45 . 2013-01-04 03:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-02-13 09:45 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-13 09:45 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-13 09:45 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-13 09:45 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-13 09:45 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-13 09:45 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-02-13 09:45 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-13 09:45 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-07 12:15 . 2013-02-07 12:15	18456	----a-w-	c:\windows\system32\drivers\psi_mf_amd64.sys
2013-01-31 08:52 . 2013-01-31 08:52	--------	d-----w-	c:\users\Default\AppData\Roaming\TuneUp Software
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 19:19 . 2011-05-20 12:08	404920	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-18 18:47 . 2012-04-06 08:47	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-18 09:12 . 2012-10-22 08:12	861088	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2013-02-18 09:12 . 2010-05-18 15:20	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-02-17 11:30 . 2012-08-29 13:15	39768	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-02-13 23:57 . 2010-02-12 13:04	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-01-04 04:43 . 2013-02-13 09:45	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-20 22:52	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-20 22:52	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-20 22:52	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-20 22:52	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 15:17	441856	----a-w-	c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 15:17	2746368	----a-w-	c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 15:17	308736	----a-w-	c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 15:17	2576384	----a-w-	c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 15:17	30720	----a-w-	c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 15:17	43520	----a-w-	c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 15:17	23552	----a-w-	c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 15:17	45568	----a-w-	c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 15:17	44544	----a-w-	c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 15:17	20480	----a-w-	c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 15:17	20480	----a-w-	c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 15:17	20480	----a-w-	c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 15:17	46592	----a-w-	c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 15:17	40960	----a-w-	c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 15:17	21504	----a-w-	c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 15:17	15360	----a-w-	c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 15:17	55296	----a-w-	c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 15:17	51712	----a-w-	c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 15:17	43520	----a-w-	c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 15:17	30720	----a-w-	c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 15:17	45568	----a-w-	c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 15:17	44544	----a-w-	c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 15:17	23552	----a-w-	c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 15:17	20480	----a-w-	c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 15:17	20480	----a-w-	c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 15:17	46592	----a-w-	c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 15:17	20480	----a-w-	c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 15:17	21504	----a-w-	c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 15:17	40960	----a-w-	c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 15:17	15360	----a-w-	c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 15:17	55296	----a-w-	c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 15:17	51712	----a-w-	c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-09 15:17	362496	----a-w-	c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 15:17	243200	----a-w-	c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 15:17	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2012-11-30 05:43 . 2013-01-09 15:17	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 15:17	424448	----a-w-	c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 15:17	1161216	----a-w-	c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:16	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 15:16	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:53 . 2013-01-09 15:17	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 15:17	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:16	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	5120	---ha-w-	c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 15:17	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-12-05 247768]
"apemap"="c:\program files (x86)\apemap\apemap.exe" [2013-01-11 823296]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-07 17729128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"dcmsvc"="c:\program files (x86)\dcmsvc\dcmsvc.exe" [2009-04-07 30440]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-02-17 1151152]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Kone"="c:\program files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE" [2011-02-18 1666560]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\users\SurfersHome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Warner Bros.lnk - c:\program files (x86)\Warner Bros. Digital Copy Manager\Warner Bros. Digital Copy Manager.exe [2012-4-5 142336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Moveslink for Movestick Mini.lnk - c:\windows\Installer\{4D036ACA-DFDF-41B2-A680-E0D736F3E947}\_22A9010B636AF7A61D8E03.exe [2012-6-2 15086]
Moveslink.lnk - c:\windows\Installer\{0ED016B2-C009-4253-9DDD-BDB8DA9CE181}\_E02D80CCF13FCD5A87F526.exe [2012-6-5 15086]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-2-7 575000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-07 161384]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-29 6144]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-11-24 98616]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2011-04-04 21504]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 9216]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 26624]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2011-11-08 11776]
R3 PorscheWheelFilterUsb;PorscheWheelFilterUsb;c:\windows\system32\DRIVERS\PWFilterUsb.sys [2009-05-25 52744]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-11-24 203320]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2008-09-25 88576]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-17 39768]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2011-09-19 87368]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-06 214896]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2013-02-07 1223704]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2013-02-07 660504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-12-05 92632]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-17 968880]
S3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys [2008-12-11 15488]
S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-05-17 44480]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys [2013-02-07 18456]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-02-09 11856]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-22 14:16	1629648	----a-w-	c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 18:47]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26 17:56]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26 17:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50	755816	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50	755816	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50	755816	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50	755816	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2008-11-04 6848544]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;192.168.*.*
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: apemap.com
TCP: DhcpNameServer = 192.168.178.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\SurfersHome\AppData\Roaming\Mozilla\Firefox\Profiles\htroadjf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: network.proxy.http - 199.180.132.20
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-02-10 10:49; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\SurfersHome\AppData\Roaming\Mozilla\Firefox\Profiles\htroadjf.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-02-10 10:49; {7b1bf0b6-a1b9-42b0-b75d-252036438bdc}; c:\users\SurfersHome\AppData\Roaming\Mozilla\Firefox\Profiles\htroadjf.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
FF - ExtSQL: 2013-02-15 16:24; {27c60876-b5c9-4335-b4f3-52b26782220c}; c:\users\SurfersHome\AppData\Roaming\Mozilla\Firefox\Profiles\htroadjf.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
FF - ExtSQL: 2013-02-15 16:24; formhistory@yahoo.com; c:\users\SurfersHome\AppData\Roaming\Mozilla\Firefox\Profiles\htroadjf.default\extensions\formhistory@yahoo.com
FF - ExtSQL: 2013-02-15 16:24; firefox@ghostery.com; c:\users\SurfersHome\AppData\Roaming\Mozilla\Firefox\Profiles\htroadjf.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2013-02-17 12:31; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\14.2.0.1
FF - ExtSQL: 2013-02-26 20:28; {CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}
FF - ExtSQL: 2013-02-26 20:51; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);FF - user.js: extentions.y2layers.installId - 1362105c-72a5-4689-9a4f-1d429761846d
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - b0008733000000000000002564dcacbb
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15751
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.013:54
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-SereneScreen Marine Aquarium - c:\windows\IsUn0407.exe
AddRemove-SUUVCOMM&10C4&80F6 - c:\program files (x86)\Suunto\SuuntoUSB\DriverUninstaller.exe VCP CP210x Cardinal\SUUVCOMM&10C4&80F6
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
   91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
   34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}"=hex:51,66,7a,6c,4c,1d,38,12,81,2d,20,
   35,ad,85,e1,00,d0,fd,90,4e,9f,38,f2,ae
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
   36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
   38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,38,12,a8,dd,2e,
   5d,5a,3a,b3,09,ef,f7,01,9a,df,fc,66,fd
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
   fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
   b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:7a,0e,03,79,a8,40,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,05,82,40,3a,a0,23,58,43,9f,cc,b1,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,05,82,40,3a,a0,23,58,43,9f,cc,b1,\
.
[HKEY_USERS\S-1-5-21-3381989697-3229829299-1665472469-1001\Software\SecuROM\License information*]
"datasecu"=hex:d5,54,12,43,7d,a6,e5,70,a2,fc,be,09,78,b4,96,b0,dc,b3,42,85,92,
   bc,70,8f,c1,a7,94,95,2c,f6,6a,6d,bc,71,cf,77,44,54,bc,99,8d,f6,59,88,06,2e,\
"rkeysecu"=hex:fa,e8,70,8f,fd,7e,0c,de,e1,a1,7a,4f,a0,6d,38,f6
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10zj_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10zj_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zj.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zj.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zj.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10zj.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
c:\program files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
c:\program files (x86)\Suunto\Moveslink\Moveslink.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-26  21:23:06 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-02-26 20:23
.
Vor Suchlauf: 24 Verzeichnis(se), 284.903.677.952 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 284.790.259.712 Bytes frei
.
- - End Of File - - A005B98197C66FA5EE1664D3C554CCE0
         
--- --- ---

Alt 26.02.2013, 20:38   #11
markusg
/// Malware-holic
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



is ok so.
öffne computer, c: qoobox rechtsklick Quarantain, mit winrar oder ähnlichem archivierungsprogramm packen, und hochladen.
Trojaner-Board Upload Channel
wenn fertig, bescheid geben bitte
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 26.02.2013, 21:28   #12
Surfershome
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



warum ist nur 1 falscher klick so kompliziert

müßte angekommen sein

Alt 27.02.2013, 12:13   #13
markusg
/// Malware-holic
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



gabs gestern noch ne Meldung deiner Av-Software, bzw heute, wenn ja, kannst du die posten?
archiv ist angekommen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 12:26   #14
Surfershome
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



nein, AV brachte keine Meldung

Alt 27.02.2013, 12:29   #15
markusg
/// Malware-holic
 
CouponDropDown - brauche Unterstützung - Standard

CouponDropDown - brauche Unterstützung



ok,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu CouponDropDown - brauche Unterstützung
administrator, aktion, anti-malware, autostart, brauche, dateien, eingefangen, explorer, gen, gestartet, infizierte, installiert, maleware, malwarebytes, neustart, problem, registrierung, scan, service, speicher, test, version, virus, wirklich



Ähnliche Themen: CouponDropDown - brauche Unterstützung


  1. coupondropdown
    Plagegeister aller Art und deren Bekämpfung - 23.10.2013 (5)
  2. Win 7: CouponDropDown entfernen
    Log-Analyse und Auswertung - 24.08.2013 (10)
  3. CouponDropDown entfernen?
    Log-Analyse und Auswertung - 18.07.2013 (12)
  4. CouponDropDown
    Log-Analyse und Auswertung - 14.07.2013 (21)
  5. CouponDropDown
    Log-Analyse und Auswertung - 16.04.2013 (24)
  6. Coupondropdown
    Plagegeister aller Art und deren Bekämpfung - 21.03.2013 (58)
  7. Ich brauche Unterstützung bei der Bekämpfung von "System Repair"
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (42)
  8. Brauche Unterstützung bei der Entfernung des GVU Trojaners
    Plagegeister aller Art und deren Bekämpfung - 18.01.2013 (5)
  9. Was kan ich nur machen..brauche unterstützung
    Plagegeister aller Art und deren Bekämpfung - 31.05.2012 (28)
  10. Brauche Unterstützung zu Sicherheit und Datensicherung
    Antiviren-, Firewall- und andere Schutzprogramme - 17.03.2012 (6)
  11. Trojan.SpyEyes auf meinem pc brauche dringend unterstützung.
    Plagegeister aller Art und deren Bekämpfung - 11.12.2011 (2)
  12. Brauche unterstützung!
    Log-Analyse und Auswertung - 26.11.2010 (6)
  13. BOO/Sinowal.A im Bootsektor und werd das Ding einfach nich los, brauche etwas Unterstützung^^
    Plagegeister aller Art und deren Bekämpfung - 28.09.2010 (4)
  14. HILFE!! logfile, brauche dringend Unterstützung!!
    Log-Analyse und Auswertung - 17.04.2007 (5)
  15. Brauche Unterstützung, mein Laptop spinnt nur noch rum..
    Log-Analyse und Auswertung - 20.01.2007 (3)
  16. Brauche kompetente Unterstützung
    Log-Analyse und Auswertung - 16.09.2005 (6)
  17. Hi, brauche Unterstützung und Ratschläge
    Log-Analyse und Auswertung - 11.03.2005 (8)

Zum Thema CouponDropDown - brauche Unterstützung - Habe mir den CouponDropDown Virus eingefangen und benötige Eure Hilfe - und nein, kenne mich am PC nicht wirklich aus Habe Maleware installiert, den Suchlauf gestartet, 4 infizierte Dateien gelöscht - CouponDropDown - brauche Unterstützung...
Archiv
Du betrachtest: CouponDropDown - brauche Unterstützung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.