Alt 06.03.2013, 03:24   #1
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

ich habe den starken Veracht das mein Computer unter Virenbefall leidet. Mein Internet ist seit ca. einer Woche deutlich langsamer geworden und laggt ziemlich oft.

Im Anhang die 3 Logdateien.

/// Malware-holic
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

23:03:16.0620 4312  TDSS rootkit removing tool Feb 11 2013 18:50:42
23:03:16.0748 4312  ============================================================
23:03:16.0748 4312  Current date / time: 2013/03/06 23:03:16.0748
23:03:16.0748 4312  SystemInfo:
23:03:16.0748 4312  
23:03:16.0748 4312  OS Version: 6.1.7601 ServicePack: 1.0
23:03:16.0749 4312  Product type: Workstation
23:03:16.0749 4312  ComputerName: JARO-PC
23:03:16.0749 4312  UserName: Jaro
23:03:16.0749 4312  Windows directory: C:\Windows
23:03:16.0749 4312  System windows directory: C:\Windows
23:03:16.0749 4312  Running under WOW64
23:03:16.0749 4312  Processor architecture: Intel x64
23:03:16.0749 4312  Number of processors: 4
23:03:16.0749 4312  Page size: 0x1000
23:03:16.0749 4312  Boot type: Normal boot
23:03:16.0749 4312  ============================================================
23:03:16.0896 4312  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
23:03:16.0900 4312  ============================================================
23:03:16.0900 4312  \Device\Harddisk0\DR0:
23:03:16.0901 4312  MBR partitions:
23:03:16.0901 4312  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:03:16.0901 4312  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
23:03:16.0901 4312  ============================================================
23:03:16.0902 4312  C: <-> \Device\Harddisk0\DR0\Partition2
23:03:16.0902 4312  ============================================================
23:03:16.0902 4312  Initialize success
23:03:16.0902 4312  ============================================================
23:03:27.0163 1220  ============================================================
23:03:27.0163 1220  Scan started
23:03:27.0163 1220  Mode: Manual; SigCheck; TDLFS; 
23:03:27.0163 1220  ============================================================
23:03:27.0277 1220  ================ Scan system memory ========================
23:03:27.0277 1220  System memory - ok
23:03:27.0277 1220  ================ Scan services =============================
23:03:27.0315 1220  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
23:03:27.0362 1220  1394ohci - ok
23:03:27.0368 1220  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:03:27.0379 1220  ACPI - ok
23:03:27.0382 1220  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:03:27.0397 1220  AcpiPmi - ok
23:03:27.0402 1220  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:03:27.0409 1220  AdobeARMservice - ok
23:03:27.0431 1220  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:03:27.0441 1220  AdobeFlashPlayerUpdateSvc - ok
23:03:27.0454 1220  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:03:27.0468 1220  adp94xx - ok
23:03:27.0474 1220  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:03:27.0485 1220  adpahci - ok
23:03:27.0489 1220  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:03:27.0498 1220  adpu320 - ok
23:03:27.0503 1220  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:03:27.0549 1220  AeLookupSvc - ok
23:03:27.0556 1220  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:03:27.0575 1220  AFD - ok
23:03:27.0579 1220  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:03:27.0587 1220  agp440 - ok
23:03:27.0590 1220  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:03:27.0600 1220  ALG - ok
23:03:27.0603 1220  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:03:27.0610 1220  aliide - ok
23:03:27.0615 1220  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:03:27.0633 1220  AMD External Events Utility - ok
23:03:27.0636 1220  AMD FUEL Service - ok
23:03:27.0639 1220  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:03:27.0646 1220  amdide - ok
23:03:27.0649 1220  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:03:27.0657 1220  AmdK8 - ok
23:03:27.0757 1220  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:03:27.0896 1220  amdkmdag - ok
23:03:27.0909 1220  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:03:27.0925 1220  amdkmdap - ok
23:03:27.0929 1220  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:03:27.0937 1220  AmdPPM - ok
23:03:27.0941 1220  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:03:27.0949 1220  amdsata - ok
23:03:27.0954 1220  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:03:27.0962 1220  amdsbs - ok
23:03:27.0965 1220  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:03:27.0972 1220  amdxata - ok
23:03:27.0975 1220  [ EE4797DFEBBE8ACDB548DD8E80BE0A88 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
23:03:27.0985 1220  amd_sata - ok
23:03:27.0988 1220  [ D56EAD71A86FD2ACAE2DB47D0A6A3A41 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
23:03:27.0994 1220  amd_xata - ok
23:03:27.0996 1220  [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
23:03:28.0002 1220  AODDriver4.2 - ok
23:03:28.0007 1220  [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
23:03:28.0019 1220  AppHostSvc - ok
23:03:28.0024 1220  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:03:28.0083 1220  AppID - ok
23:03:28.0086 1220  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:03:28.0107 1220  AppIDSvc - ok
23:03:28.0110 1220  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:03:28.0132 1220  Appinfo - ok
23:03:28.0137 1220  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:03:28.0146 1220  AppMgmt - ok
23:03:28.0150 1220  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
23:03:28.0157 1220  arc - ok
23:03:28.0161 1220  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:03:28.0169 1220  arcsas - ok
23:03:28.0181 1220  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:03:28.0188 1220  aspnet_state - ok
23:03:28.0191 1220  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:03:28.0212 1220  AsyncMac - ok
23:03:28.0215 1220  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:03:28.0221 1220  atapi - ok
23:03:28.0226 1220  [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:03:28.0235 1220  AtiHDAudioService - ok
23:03:28.0250 1220  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:03:28.0279 1220  AudioEndpointBuilder - ok
23:03:28.0286 1220  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:03:28.0309 1220  AudioSrv - ok
23:03:28.0313 1220  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:03:28.0330 1220  AxInstSV - ok
23:03:28.0337 1220  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:03:28.0349 1220  b06bdrv - ok
23:03:28.0356 1220  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:03:28.0377 1220  b57nd60a - ok
23:03:28.0383 1220  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:03:28.0391 1220  BDESVC - ok
23:03:28.0394 1220  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:03:28.0416 1220  Beep - ok
23:03:28.0425 1220  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:03:28.0452 1220  BFE - ok
23:03:28.0462 1220  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
23:03:28.0498 1220  BITS - ok
23:03:28.0501 1220  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:03:28.0509 1220  blbdrive - ok
23:03:28.0512 1220  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:03:28.0520 1220  bowser - ok
23:03:28.0523 1220  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:03:28.0532 1220  BrFiltLo - ok
23:03:28.0535 1220  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:03:28.0543 1220  BrFiltUp - ok
23:03:28.0547 1220  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
23:03:28.0555 1220  Browser - ok
23:03:28.0561 1220  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:03:28.0572 1220  Brserid - ok
23:03:28.0575 1220  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:03:28.0586 1220  BrSerWdm - ok
23:03:28.0591 1220  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:03:28.0605 1220  BrUsbMdm - ok
23:03:28.0609 1220  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:03:28.0616 1220  BrUsbSer - ok
23:03:28.0620 1220  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:03:28.0629 1220  BTHMODEM - ok
23:03:28.0634 1220  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:03:28.0656 1220  bthserv - ok
23:03:28.0659 1220  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:03:28.0681 1220  cdfs - ok
23:03:28.0686 1220  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:03:28.0695 1220  cdrom - ok
23:03:28.0699 1220  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:03:28.0729 1220  CertPropSvc - ok
23:03:28.0732 1220  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
23:03:28.0741 1220  circlass - ok
23:03:28.0747 1220  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:03:28.0758 1220  CLFS - ok
23:03:28.0764 1220  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:03:28.0771 1220  clr_optimization_v2.0.50727_32 - ok
23:03:28.0777 1220  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:03:28.0783 1220  clr_optimization_v2.0.50727_64 - ok
23:03:28.0790 1220  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:03:28.0799 1220  clr_optimization_v4.0.30319_32 - ok
23:03:28.0802 1220  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:03:28.0810 1220  clr_optimization_v4.0.30319_64 - ok
23:03:28.0813 1220  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:03:28.0821 1220  CmBatt - ok
23:03:28.0828 1220  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:03:28.0837 1220  cmdide - ok
23:03:28.0845 1220  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
23:03:28.0862 1220  CNG - ok
23:03:28.0866 1220  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:03:28.0873 1220  Compbatt - ok
23:03:28.0876 1220  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:03:28.0885 1220  CompositeBus - ok
23:03:28.0887 1220  COMSysApp - ok
23:03:28.0891 1220  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:03:28.0897 1220  crcdisk - ok
23:03:28.0903 1220  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:03:28.0916 1220  CryptSvc - ok
23:03:28.0923 1220  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
23:03:28.0950 1220  CSC - ok
23:03:28.0960 1220  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
23:03:28.0974 1220  CscService - ok
23:03:28.0982 1220  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:03:29.0008 1220  DcomLaunch - ok
23:03:29.0014 1220  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:03:29.0038 1220  defragsvc - ok
23:03:29.0044 1220  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:03:29.0066 1220  DfsC - ok
23:03:29.0072 1220  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:03:29.0083 1220  Dhcp - ok
23:03:29.0086 1220  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:03:29.0107 1220  discache - ok
23:03:29.0111 1220  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
23:03:29.0118 1220  Disk - ok
23:03:29.0121 1220  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
23:03:29.0129 1220  dmvsc - ok
23:03:29.0134 1220  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:03:29.0143 1220  Dnscache - ok
23:03:29.0148 1220  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:03:29.0176 1220  dot3svc - ok
23:03:29.0182 1220  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:03:29.0204 1220  DPS - ok
23:03:29.0207 1220  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:03:29.0216 1220  drmkaud - ok
23:03:29.0227 1220  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:03:29.0246 1220  DXGKrnl - ok
23:03:29.0250 1220  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:03:29.0273 1220  EapHost - ok
23:03:29.0307 1220  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:03:29.0351 1220  ebdrv - ok
23:03:29.0355 1220  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:03:29.0363 1220  EFS - ok
23:03:29.0372 1220  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:03:29.0389 1220  ehRecvr - ok
23:03:29.0393 1220  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:03:29.0406 1220  ehSched - ok
23:03:29.0411 1220  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
23:03:29.0418 1220  ElbyCDIO - ok
23:03:29.0425 1220  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:03:29.0439 1220  elxstor - ok
23:03:29.0441 1220  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:03:29.0448 1220  ErrDev - ok
23:03:29.0457 1220  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:03:29.0483 1220  EventSystem - ok
23:03:29.0487 1220  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:03:29.0512 1220  exfat - ok
23:03:29.0518 1220  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:03:29.0545 1220  fastfat - ok
23:03:29.0554 1220  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:03:29.0569 1220  Fax - ok
23:03:29.0572 1220  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:03:29.0579 1220  fdc - ok
23:03:29.0582 1220  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:03:29.0603 1220  fdPHost - ok
23:03:29.0606 1220  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:03:29.0629 1220  FDResPub - ok
23:03:29.0635 1220  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:03:29.0645 1220  FileInfo - ok
23:03:29.0649 1220  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:03:29.0670 1220  Filetrace - ok
23:03:29.0673 1220  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:03:29.0680 1220  flpydisk - ok
23:03:29.0685 1220  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:03:29.0695 1220  FltMgr - ok
23:03:29.0709 1220  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
23:03:29.0730 1220  FontCache - ok
23:03:29.0734 1220  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:03:29.0744 1220  FontCache3.0.0.0 - ok
23:03:29.0749 1220  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:03:29.0757 1220  FsDepends - ok
23:03:29.0761 1220  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:03:29.0768 1220  Fs_Rec - ok
23:03:29.0772 1220  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:03:29.0783 1220  fvevol - ok
23:03:29.0787 1220  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:03:29.0794 1220  gagp30kx - ok
23:03:29.0802 1220  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:03:29.0830 1220  gpsvc - ok
23:03:29.0834 1220  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:29.0840 1220  gupdate - ok
23:03:29.0843 1220  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:03:29.0849 1220  gupdatem - ok
23:03:29.0855 1220  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:03:29.0866 1220  hcw85cir - ok
23:03:29.0872 1220  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:03:29.0885 1220  HdAudAddService - ok
23:03:29.0889 1220  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:03:29.0898 1220  HDAudBus - ok
23:03:29.0901 1220  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:03:29.0908 1220  HidBatt - ok
23:03:29.0912 1220  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:03:29.0921 1220  HidBth - ok
23:03:29.0925 1220  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:03:29.0933 1220  HidIr - ok
23:03:29.0936 1220  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
23:03:29.0957 1220  hidserv - ok
23:03:29.0960 1220  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:03:29.0976 1220  HidUsb - ok
23:03:29.0981 1220  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:03:30.0004 1220  hkmsvc - ok
23:03:30.0008 1220  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:03:30.0018 1220  HomeGroupListener - ok
23:03:30.0023 1220  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:03:30.0032 1220  HomeGroupProvider - ok
23:03:30.0036 1220  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:03:30.0042 1220  HpSAMD - ok
23:03:30.0051 1220  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:03:30.0083 1220  HTTP - ok
23:03:30.0087 1220  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:03:30.0094 1220  hwpolicy - ok
23:03:30.0098 1220  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:03:30.0105 1220  i8042prt - ok
23:03:30.0113 1220  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:03:30.0125 1220  iaStorV - ok
23:03:30.0135 1220  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:03:30.0151 1220  idsvc - ok
23:03:30.0155 1220  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:03:30.0162 1220  iirsp - ok
23:03:30.0166 1220  [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN        C:\Windows\system32\inetsrv\inetinfo.exe
23:03:30.0175 1220  IISADMIN - ok
23:03:30.0188 1220  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:03:30.0223 1220  IKEEXT - ok
23:03:30.0257 1220  [ DBB365794DD346C9466F05C8D4CB3D25 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:03:30.0321 1220  IntcAzAudAddService - ok
23:03:30.0326 1220  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:03:30.0333 1220  intelide - ok
23:03:30.0336 1220  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
23:03:30.0344 1220  intelppm - ok
23:03:30.0348 1220  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:03:30.0370 1220  IPBusEnum - ok
23:03:30.0373 1220  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:30.0393 1220  IpFilterDriver - ok
23:03:30.0401 1220  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:03:30.0414 1220  iphlpsvc - ok
23:03:30.0418 1220  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:03:30.0432 1220  IPMIDRV - ok
23:03:30.0437 1220  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:03:30.0459 1220  IPNAT - ok
23:03:30.0462 1220  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:03:30.0472 1220  IRENUM - ok
23:03:30.0475 1220  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:03:30.0481 1220  isapnp - ok
23:03:30.0486 1220  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:03:30.0496 1220  iScsiPrt - ok
23:03:30.0500 1220  [ 73A968D4A85BB2552DDCF72CB15F06D2 ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
23:03:30.0508 1220  JRAID - ok
23:03:30.0511 1220  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:03:30.0518 1220  kbdclass - ok
23:03:30.0521 1220  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:03:30.0528 1220  kbdhid - ok
23:03:30.0537 1220  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:03:30.0555 1220  KeyIso - ok
23:03:30.0559 1220  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:03:30.0567 1220  KSecDD - ok
23:03:30.0571 1220  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:03:30.0579 1220  KSecPkg - ok
23:03:30.0583 1220  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:03:30.0603 1220  ksthunk - ok
23:03:30.0609 1220  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:03:30.0634 1220  KtmRm - ok
23:03:30.0639 1220  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:03:30.0665 1220  LanmanServer - ok
23:03:30.0669 1220  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:03:30.0691 1220  LanmanWorkstation - ok
23:03:30.0695 1220  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:03:30.0716 1220  lltdio - ok
23:03:30.0722 1220  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:03:30.0745 1220  lltdsvc - ok
23:03:30.0749 1220  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:03:30.0778 1220  lmhosts - ok
23:03:30.0785 1220  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:03:30.0793 1220  LSI_FC - ok
23:03:30.0797 1220  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:03:30.0804 1220  LSI_SAS - ok
23:03:30.0807 1220  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:03:30.0814 1220  LSI_SAS2 - ok
23:03:30.0818 1220  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:03:30.0825 1220  LSI_SCSI - ok
23:03:30.0829 1220  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:03:30.0851 1220  luafv - ok
23:03:30.0854 1220  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:03:30.0860 1220  MBAMProtector - ok
23:03:30.0866 1220  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:03:30.0876 1220  MBAMScheduler - ok
23:03:30.0890 1220  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:03:30.0904 1220  MBAMService - ok
23:03:30.0908 1220  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:03:30.0917 1220  Mcx2Svc - ok
23:03:30.0921 1220  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:03:30.0927 1220  megasas - ok
23:03:30.0932 1220  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:03:30.0942 1220  MegaSR - ok
23:03:30.0946 1220  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:03:30.0967 1220  MMCSS - ok
23:03:30.0971 1220  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:03:30.0992 1220  Modem - ok
23:03:31.0000 1220  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:03:31.0012 1220  monitor - ok
23:03:31.0016 1220  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:03:31.0023 1220  mouclass - ok
23:03:31.0026 1220  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:03:31.0033 1220  mouhid - ok
23:03:31.0037 1220  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:03:31.0044 1220  mountmgr - ok
23:03:31.0048 1220  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:03:31.0056 1220  mpio - ok
23:03:31.0060 1220  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:03:31.0081 1220  mpsdrv - ok
23:03:31.0091 1220  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:03:31.0126 1220  MpsSvc - ok
23:03:31.0130 1220  [ CD22D2563039DDA6793F7624719363A7 ] MQAC            C:\Windows\system32\drivers\mqac.sys
23:03:31.0140 1220  MQAC - ok
23:03:31.0144 1220  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:03:31.0155 1220  MRxDAV - ok
23:03:31.0159 1220  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:31.0169 1220  mrxsmb - ok
23:03:31.0174 1220  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:31.0183 1220  mrxsmb10 - ok
23:03:31.0188 1220  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:31.0195 1220  mrxsmb20 - ok
23:03:31.0198 1220  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:03:31.0205 1220  msahci - ok
23:03:31.0209 1220  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:03:31.0220 1220  msdsm - ok
23:03:31.0227 1220  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:03:31.0243 1220  MSDTC - ok
23:03:31.0249 1220  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:03:31.0270 1220  Msfs - ok
23:03:31.0273 1220  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:03:31.0294 1220  mshidkmdf - ok
23:03:31.0297 1220  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:03:31.0303 1220  msisadrv - ok
23:03:31.0308 1220  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:03:31.0330 1220  MSiSCSI - ok
23:03:31.0333 1220  msiserver - ok
23:03:31.0336 1220  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:03:31.0364 1220  MSKSSRV - ok
23:03:31.0367 1220  [ FAAEAEF99E53561BEEE58F946CA56F0D ] MSMQ            C:\Windows\system32\mqsvc.exe
23:03:31.0374 1220  MSMQ - ok
23:03:31.0378 1220  [ 59ED174FD4314B0218DC91F9BFA6CD3D ] MSMQTriggers    C:\Windows\system32\mqtgsvc.exe
23:03:31.0386 1220  MSMQTriggers - ok
23:03:31.0389 1220  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:31.0409 1220  MSPCLOCK - ok
23:03:31.0412 1220  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:03:31.0433 1220  MSPQM - ok
23:03:31.0439 1220  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:03:31.0450 1220  MsRPC - ok
23:03:31.0455 1220  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:03:31.0463 1220  mssmbios - ok
23:03:31.0471 1220  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:03:31.0494 1220  MSTEE - ok
23:03:31.0497 1220  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:03:31.0504 1220  MTConfig - ok
23:03:31.0507 1220  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:03:31.0514 1220  Mup - ok
23:03:31.0521 1220  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:03:31.0547 1220  napagent - ok
23:03:31.0553 1220  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:03:31.0566 1220  NativeWifiP - ok
23:03:31.0580 1220  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:03:31.0604 1220  NDIS - ok
23:03:31.0608 1220  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:03:31.0629 1220  NdisCap - ok
23:03:31.0632 1220  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:31.0652 1220  NdisTapi - ok
23:03:31.0656 1220  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:31.0676 1220  Ndisuio - ok
23:03:31.0680 1220  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:31.0704 1220  NdisWan - ok
23:03:31.0709 1220  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:03:31.0738 1220  NDProxy - ok
23:03:31.0742 1220  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:03:31.0762 1220  NetBIOS - ok
23:03:31.0768 1220  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:03:31.0790 1220  NetBT - ok
23:03:31.0793 1220  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:03:31.0799 1220  Netlogon - ok
23:03:31.0805 1220  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:03:31.0834 1220  Netman - ok
23:03:31.0838 1220  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:03:31.0846 1220  NetMsmqActivator - ok
23:03:31.0849 1220  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:03:31.0855 1220  NetPipeActivator - ok
23:03:31.0862 1220  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:03:31.0888 1220  netprofm - ok
23:03:31.0891 1220  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:03:31.0897 1220  NetTcpActivator - ok
23:03:31.0900 1220  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:03:31.0906 1220  NetTcpPortSharing - ok
23:03:31.0909 1220  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:03:31.0918 1220  nfrd960 - ok
23:03:31.0927 1220  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:03:31.0942 1220  NlaSvc - ok
23:03:31.0946 1220  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:03:31.0967 1220  Npfs - ok
23:03:31.0970 1220  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:03:31.0991 1220  nsi - ok
23:03:31.0994 1220  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:03:32.0015 1220  nsiproxy - ok
23:03:32.0037 1220  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:03:32.0066 1220  Ntfs - ok
23:03:32.0069 1220  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:03:32.0090 1220  Null - ok
23:03:32.0094 1220  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:03:32.0102 1220  nvraid - ok
23:03:32.0107 1220  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:03:32.0115 1220  nvstor - ok
23:03:32.0119 1220  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:03:32.0126 1220  nv_agp - ok
23:03:32.0130 1220  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:03:32.0138 1220  ohci1394 - ok
23:03:32.0148 1220  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:03:32.0164 1220  p2pimsvc - ok
23:03:32.0172 1220  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:03:32.0183 1220  p2psvc - ok
23:03:32.0187 1220  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
23:03:32.0195 1220  Parport - ok
23:03:32.0199 1220  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:03:32.0206 1220  partmgr - ok
23:03:32.0211 1220  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:03:32.0223 1220  PcaSvc - ok
23:03:32.0228 1220  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:03:32.0236 1220  pci - ok
23:03:32.0239 1220  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:03:32.0245 1220  pciide - ok
23:03:32.0250 1220  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:03:32.0259 1220  pcmcia - ok
23:03:32.0267 1220  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:03:32.0277 1220  pcw - ok
23:03:32.0286 1220  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:03:32.0313 1220  PEAUTH - ok
23:03:32.0329 1220  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:03:32.0352 1220  PeerDistSvc - ok
23:03:32.0373 1220  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:03:32.0394 1220  PerfHost - ok
23:03:32.0413 1220  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:03:32.0449 1220  pla - ok
23:03:32.0456 1220  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:03:32.0469 1220  PlugPlay - ok
23:03:32.0473 1220  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:03:32.0480 1220  PNRPAutoReg - ok
23:03:32.0486 1220  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:03:32.0496 1220  PNRPsvc - ok
23:03:32.0510 1220  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:03:32.0536 1220  PolicyAgent - ok
23:03:32.0542 1220  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:03:32.0564 1220  Power - ok
23:03:32.0568 1220  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:03:32.0589 1220  PptpMiniport - ok
23:03:32.0593 1220  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
23:03:32.0600 1220  Processor - ok
23:03:32.0605 1220  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:03:32.0621 1220  ProfSvc - ok
23:03:32.0626 1220  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:03:32.0633 1220  ProtectedStorage - ok
23:03:32.0637 1220  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:03:32.0658 1220  Psched - ok
23:03:32.0674 1220  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:03:32.0701 1220  ql2300 - ok
23:03:32.0706 1220  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:03:32.0713 1220  ql40xx - ok
23:03:32.0719 1220  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:03:32.0746 1220  QWAVE - ok
23:03:32.0749 1220  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:03:32.0760 1220  QWAVEdrv - ok
23:03:32.0763 1220  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:03:32.0783 1220  RasAcd - ok
23:03:32.0787 1220  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:03:32.0807 1220  RasAgileVpn - ok
23:03:32.0811 1220  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:03:32.0833 1220  RasAuto - ok
23:03:32.0837 1220  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:32.0875 1220  Rasl2tp - ok
23:03:32.0881 1220  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:03:32.0905 1220  RasMan - ok
23:03:32.0909 1220  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:32.0931 1220  RasPppoe - ok
23:03:32.0934 1220  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:03:32.0957 1220  RasSstp - ok
23:03:32.0966 1220  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:03:32.0989 1220  rdbss - ok
23:03:32.0992 1220  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:03:33.0001 1220  rdpbus - ok
23:03:33.0004 1220  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:33.0024 1220  RDPCDD - ok
23:03:33.0030 1220  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:03:33.0038 1220  RDPDR - ok
23:03:33.0041 1220  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:03:33.0062 1220  RDPENCDD - ok
23:03:33.0069 1220  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:03:33.0104 1220  RDPREFMP - ok
23:03:33.0109 1220  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:03:33.0116 1220  RdpVideoMiniport - ok
23:03:33.0121 1220  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:03:33.0130 1220  RDPWD - ok
23:03:33.0135 1220  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:03:33.0144 1220  rdyboost - ok
23:03:33.0148 1220  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:03:33.0170 1220  RemoteAccess - ok
23:03:33.0174 1220  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:03:33.0208 1220  RemoteRegistry - ok
23:03:33.0212 1220  [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
23:03:33.0233 1220  RMCAST - ok
23:03:33.0237 1220  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:03:33.0258 1220  RpcEptMapper - ok
23:03:33.0261 1220  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:03:33.0269 1220  RpcLocator - ok
23:03:33.0276 1220  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
23:03:33.0299 1220  RpcSs - ok
23:03:33.0303 1220  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:03:33.0345 1220  rspndr - ok
23:03:33.0351 1220  [ C435AC77704EB16E85C9D630F4D4B4F7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
23:03:33.0359 1220  RTHDMIAzAudService - ok
23:03:33.0369 1220  [ 61A04C0C084D560BBEF1D09604608262 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:03:33.0385 1220  RTL8167 - ok
23:03:33.0389 1220  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:03:33.0396 1220  s3cap - ok
23:03:33.0399 1220  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:03:33.0405 1220  SamSs - ok
23:03:33.0409 1220  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:03:33.0418 1220  sbp2port - ok
23:03:33.0425 1220  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:03:33.0448 1220  SCardSvr - ok
23:03:33.0451 1220  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:03:33.0471 1220  scfilter - ok
23:03:33.0483 1220  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:03:33.0516 1220  Schedule - ok
23:03:33.0520 1220  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:03:33.0545 1220  SCPolicySvc - ok
23:03:33.0550 1220  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:03:33.0560 1220  SDRSVC - ok
23:03:33.0563 1220  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:03:33.0584 1220  secdrv - ok
23:03:33.0588 1220  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:03:33.0607 1220  seclogon - ok
23:03:33.0611 1220  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
23:03:33.0633 1220  SENS - ok
23:03:33.0636 1220  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:03:33.0644 1220  SensrSvc - ok
23:03:33.0649 1220  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:03:33.0663 1220  Serenum - ok
23:03:33.0669 1220  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:03:33.0678 1220  Serial - ok
23:03:33.0682 1220  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:03:33.0689 1220  sermouse - ok
23:03:33.0697 1220  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:03:33.0718 1220  SessionEnv - ok
23:03:33.0721 1220  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:03:33.0730 1220  sffdisk - ok
23:03:33.0733 1220  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:03:33.0741 1220  sffp_mmc - ok
23:03:33.0744 1220  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:03:33.0753 1220  sffp_sd - ok
23:03:33.0755 1220  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:03:33.0763 1220  sfloppy - ok
23:03:33.0768 1220  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:03:33.0799 1220  SharedAccess - ok
23:03:33.0805 1220  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:03:33.0829 1220  ShellHWDetection - ok
23:03:33.0832 1220  [ E9E830D540EDEDED650F906628468548 ] simptcp         C:\Windows\System32\tcpsvcs.exe
23:03:33.0840 1220  simptcp - ok
23:03:33.0843 1220  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:03:33.0851 1220  SiSRaid2 - ok
23:03:33.0854 1220  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:03:33.0861 1220  SiSRaid4 - ok
23:03:33.0865 1220  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:03:33.0889 1220  Smb - ok
23:03:33.0899 1220  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:03:33.0907 1220  SNMPTRAP - ok
23:03:33.0912 1220  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
23:03:33.0918 1220  Sony PC Companion - ok
23:03:33.0921 1220  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:03:33.0928 1220  spldr - ok
23:03:33.0935 1220  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
23:03:33.0948 1220  Spooler - ok
23:03:33.0982 1220  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:03:34.0049 1220  sppsvc - ok
23:03:34.0054 1220  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:03:34.0076 1220  sppuinotify - ok
23:03:34.0082 1220  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:03:34.0094 1220  srv - ok
23:03:34.0103 1220  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:03:34.0115 1220  srv2 - ok
23:03:34.0120 1220  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:03:34.0128 1220  srvnet - ok
23:03:34.0132 1220  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:03:34.0154 1220  SSDPSRV - ok
23:03:34.0158 1220  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:03:34.0180 1220  SstpSvc - ok
23:03:34.0182 1220  Steam Client Service - ok
23:03:34.0186 1220  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:03:34.0193 1220  stexstor - ok
23:03:34.0201 1220  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:03:34.0230 1220  stisvc - ok
23:03:34.0234 1220  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:03:34.0241 1220  storflt - ok
23:03:34.0244 1220  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
23:03:34.0252 1220  StorSvc - ok
23:03:34.0254 1220  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:03:34.0261 1220  storvsc - ok
23:03:34.0264 1220  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:03:34.0271 1220  swenum - ok
23:03:34.0277 1220  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:03:34.0304 1220  swprv - ok
23:03:34.0323 1220  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:03:34.0357 1220  SysMain - ok
23:03:34.0361 1220  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:03:34.0372 1220  TabletInputService - ok
23:03:34.0378 1220  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:03:34.0401 1220  TapiSrv - ok
23:03:34.0405 1220  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:03:34.0426 1220  TBS - ok
23:03:34.0452 1220  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:03:34.0484 1220  Tcpip - ok
23:03:34.0504 1220  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:03:34.0528 1220  TCPIP6 - ok
23:03:34.0533 1220  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:03:34.0540 1220  tcpipreg - ok
23:03:34.0545 1220  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:03:34.0559 1220  TDPIPE - ok
23:03:34.0564 1220  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:03:34.0576 1220  TDTCP - ok
23:03:34.0580 1220  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:03:34.0601 1220  tdx - ok
23:03:34.0605 1220  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:03:34.0611 1220  TermDD - ok
23:03:34.0620 1220  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:03:34.0648 1220  TermService - ok
23:03:34.0651 1220  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:03:34.0661 1220  Themes - ok
23:03:34.0665 1220  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:03:34.0687 1220  THREADORDER - ok
23:03:34.0692 1220  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:03:34.0714 1220  TrkWks - ok
23:03:34.0719 1220  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:03:34.0740 1220  TrustedInstaller - ok
23:03:34.0745 1220  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:34.0765 1220  tssecsrv - ok
23:03:34.0768 1220  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:03:34.0776 1220  TsUsbFlt - ok
23:03:34.0779 1220  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:03:34.0789 1220  TsUsbGD - ok
23:03:34.0795 1220  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:03:34.0820 1220  tunnel - ok
23:03:34.0824 1220  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:03:34.0831 1220  uagp35 - ok
23:03:34.0836 1220  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:03:34.0861 1220  udfs - ok
23:03:34.0867 1220  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:03:34.0875 1220  UI0Detect - ok
23:03:34.0879 1220  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:03:34.0886 1220  uliagpkx - ok
23:03:34.0889 1220  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:03:34.0898 1220  umbus - ok
23:03:34.0904 1220  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:03:34.0928 1220  UmPass - ok
23:03:34.0934 1220  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
23:03:34.0944 1220  UmRdpService - ok
23:03:34.0950 1220  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:03:34.0975 1220  upnphost - ok
23:03:34.0979 1220  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:03:34.0989 1220  usbaudio - ok
23:03:34.0993 1220  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:35.0000 1220  usbccgp - ok
23:03:35.0005 1220  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:03:35.0013 1220  usbcir - ok
23:03:35.0017 1220  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:03:35.0026 1220  usbehci - ok
23:03:35.0031 1220  [ 504901430B6E03B99EBB6BF26E0868C6 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
23:03:35.0037 1220  usbfilter - ok
23:03:35.0043 1220  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:03:35.0054 1220  usbhub - ok
23:03:35.0057 1220  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:03:35.0064 1220  usbohci - ok
23:03:35.0067 1220  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
23:03:35.0076 1220  usbprint - ok
23:03:35.0080 1220  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
23:03:35.0088 1220  USBSTOR - ok
23:03:35.0091 1220  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:03:35.0098 1220  usbuhci - ok
23:03:35.0101 1220  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:03:35.0123 1220  UxSms - ok
23:03:35.0126 1220  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:03:35.0150 1220  VaultSvc - ok
23:03:35.0154 1220  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
23:03:35.0160 1220  VClone - ok
23:03:35.0163 1220  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:03:35.0170 1220  vdrvroot - ok
23:03:35.0177 1220  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:03:35.0203 1220  vds - ok
23:03:35.0206 1220  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:03:35.0215 1220  vga - ok
23:03:35.0218 1220  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:03:35.0239 1220  VgaSave - ok
23:03:35.0243 1220  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:03:35.0257 1220  vhdmp - ok
23:03:35.0262 1220  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:03:35.0269 1220  viaide - ok
23:03:35.0275 1220  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:03:35.0284 1220  vmbus - ok
23:03:35.0287 1220  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:03:35.0294 1220  VMBusHID - ok
23:03:35.0298 1220  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:03:35.0305 1220  volmgr - ok
23:03:35.0311 1220  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:03:35.0321 1220  volmgrx - ok
23:03:35.0327 1220  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:03:35.0337 1220  volsnap - ok
23:03:35.0342 1220  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:03:35.0350 1220  vsmraid - ok
23:03:35.0370 1220  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:03:35.0410 1220  VSS - ok
23:03:35.0414 1220  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:03:35.0423 1220  vwifibus - ok
23:03:35.0429 1220  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:03:35.0454 1220  W32Time - ok
23:03:35.0462 1220  [ B32009DB1972E7F2C227499289C4384A ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
23:03:35.0473 1220  W3SVC - ok
23:03:35.0481 1220  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:03:35.0491 1220  WacomPen - ok
23:03:35.0495 1220  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:03:35.0515 1220  WANARP - ok
23:03:35.0518 1220  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:03:35.0538 1220  Wanarpv6 - ok
23:03:35.0544 1220  [ B32009DB1972E7F2C227499289C4384A ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
23:03:35.0553 1220  WAS - ok
23:03:35.0569 1220  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:03:35.0605 1220  wbengine - ok
23:03:35.0613 1220  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:03:35.0626 1220  WbioSrvc - ok
23:03:35.0632 1220  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:03:35.0646 1220  wcncsvc - ok
23:03:35.0650 1220  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:03:35.0658 1220  WcsPlugInService - ok
23:03:35.0661 1220  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
23:03:35.0667 1220  Wd - ok
23:03:35.0677 1220  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:03:35.0695 1220  Wdf01000 - ok
23:03:35.0699 1220  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:03:35.0729 1220  WdiServiceHost - ok
23:03:35.0732 1220  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:03:35.0742 1220  WdiSystemHost - ok
23:03:35.0747 1220  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:03:35.0760 1220  WebClient - ok
23:03:35.0766 1220  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:03:35.0789 1220  Wecsvc - ok
23:03:35.0793 1220  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:03:35.0817 1220  wercplsupport - ok
23:03:35.0824 1220  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:03:35.0847 1220  WerSvc - ok
23:03:35.0850 1220  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:03:35.0870 1220  WfpLwf - ok
23:03:35.0873 1220  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:03:35.0880 1220  WIMMount - ok
23:03:35.0882 1220  WinDefend - ok
23:03:35.0887 1220  WinHttpAutoProxySvc - ok
23:03:35.0896 1220  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:03:35.0920 1220  Winmgmt - ok
23:03:35.0923 1220  [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0  C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
23:03:35.0935 1220  WinRing0_1_2_0 - ok
23:03:35.0960 1220  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:03:36.0004 1220  WinRM - ok
23:03:36.0010 1220  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:03:36.0019 1220  WinUsb - ok
23:03:36.0030 1220  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:03:36.0053 1220  Wlansvc - ok
23:03:36.0082 1220  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:03:36.0118 1220  wlidsvc - ok
23:03:36.0123 1220  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:03:36.0130 1220  WmiAcpi - ok
23:03:36.0136 1220  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:03:36.0145 1220  wmiApSrv - ok
23:03:36.0148 1220  WMPNetworkSvc - ok
23:03:36.0152 1220  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:03:36.0159 1220  WPCSvc - ok
23:03:36.0163 1220  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:03:36.0174 1220  WPDBusEnum - ok
23:03:36.0179 1220  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:03:36.0207 1220  ws2ifsl - ok
23:03:36.0211 1220  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
23:03:36.0222 1220  wscsvc - ok
23:03:36.0225 1220  WSearch - ok
23:03:36.0251 1220  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:03:36.0291 1220  wuauserv - ok
23:03:36.0296 1220  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:03:36.0310 1220  WudfPf - ok
23:03:36.0315 1220  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:03:36.0324 1220  WUDFRd - ok
23:03:36.0328 1220  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:03:36.0336 1220  wudfsvc - ok
23:03:36.0341 1220  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:03:36.0354 1220  WwanSvc - ok
23:03:36.0358 1220  ================ Scan global ===============================
23:03:36.0360 1220  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:03:36.0364 1220  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:36.0370 1220  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:03:36.0373 1220  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:03:36.0378 1220  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:03:36.0382 1220  [Global] - ok
23:03:36.0382 1220  ================ Scan MBR ==================================
23:03:36.0384 1220  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:03:36.0461 1220  \Device\Harddisk0\DR0 - ok
23:03:36.0461 1220  ================ Scan VBR ==================================
23:03:36.0463 1220  [ E8B0C2E50DBFE4747B348101D6E65D26 ] \Device\Harddisk0\DR0\Partition1
23:03:36.0464 1220  \Device\Harddisk0\DR0\Partition1 - ok
23:03:36.0466 1220  [ 1F167B21EC0334067EEF649AF6CD66F7 ] \Device\Harddisk0\DR0\Partition2
23:03:36.0467 1220  \Device\Harddisk0\DR0\Partition2 - ok
23:03:36.0467 1220  ============================================================
23:03:36.0467 1220  Scan finished
23:03:36.0467 1220  ============================================================
23:03:36.0474 2140  Detected object count: 0
23:03:36.0474 2140  Actual detected object count: 0

Alt 08.03.2013, 20:53   #4
/// Malware-holic
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

Scan mit Combofix
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

-Verdächtige mails bitte an uns zur Analyse weiterleiten:
Mails bitte vorerst nach obiger Anleitung an
Wenn Ihr uns unterstützen möchtet

Alt 08.03.2013, 21:42   #5
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

hier die Logdatei:

ComboFix 13-03-07.03 - Jaro 08.03.2013  21:32:55.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4094.2997 [GMT 1:00]
ausgeführt von:: c:\users\Jaro\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
(((((((((((((((((((((((   Dateien erstellt von 2013-02-08 bis 2013-03-08  ))))))))))))))))))))))))))))))
2013-03-06 01:03 . 2013-03-06 01:03	--------	d-----w-	c:\users\Jaro\AppData\Roaming\Malwarebytes
2013-03-06 01:03 . 2013-03-06 01:03	--------	d-----w-	c:\programdata\Malwarebytes
2013-03-06 01:03 . 2013-03-06 01:03	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-06 01:03 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-03-04 00:56 . 2013-03-04 00:56	--------	d-----w-	c:\users\Jaro\AppData\Roaming\vlc
2013-03-04 00:55 . 2013-03-04 00:55	--------	d-----w-	c:\program files (x86)\VideoLAN
2013-03-04 00:46 . 2013-03-04 00:46	--------	d-----w-	c:\program files (x86)\Sony
2013-02-25 12:47 . 2013-02-25 12:47	--------	d-----w-	c:\users\Jaro\AppData\Local\ElevatedDiagnostics
2013-02-25 12:31 . 2012-12-26 17:26	74344	----a-w-	c:\windows\system32\RtNicProp64.dll
2013-02-25 12:31 . 2012-12-26 17:26	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2013-02-22 04:05 . 2013-02-22 04:05	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-22 04:05 . 2013-02-22 04:05	--------	d-----w-	c:\program files (x86)\Java
2013-02-13 17:03 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 17:03 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 02:44 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-13 02:44 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 02:44 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 02:44 . 2013-01-04 03:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-02-13 02:44 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-13 02:44 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-13 02:44 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-13 02:44 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-13 02:44 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-13 02:44 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-13 02:44 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 02:44 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
2013-03-08 20:35 . 2013-01-07 05:15	4194304	----a-w-	c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-02-27 13:26 . 2013-01-19 07:25	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 13:26 . 2013-01-19 07:25	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-22 04:05 . 2012-12-04 17:55	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-02-22 04:05 . 2012-12-04 17:55	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-02-13 17:05 . 2012-12-04 17:57	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-01-12 03:04 . 2013-01-12 03:04	178800	----a-w-	c:\windows\SysWow64\CmdLineExt_x64.dll
2013-01-04 04:43 . 2013-02-13 02:44	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-27 07:26 . 2013-01-30 09:10	805088	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2012-12-26 02:37 . 2013-01-26 04:17	3269088	----a-w-	c:\windows\system32\drivers\RTKVHD64.sys
2012-12-26 01:34 . 2013-01-26 04:17	126688	----a-w-	c:\windows\system32\RCoInstII64.dll
2012-12-20 15:52 . 2013-01-26 04:17	988896	----a-w-	c:\windows\system32\RtkApi64.dll
2012-12-19 20:50 . 2013-01-26 04:13	5630200	----a-w-	c:\windows\SysWow64\atiumdag.dll
2012-12-19 20:48 . 2013-01-26 04:13	11278336	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2012-12-19 20:29 . 2013-01-26 04:13	23461376	----a-w-	c:\windows\system32\atio6axx.dll
2012-12-19 20:22 . 2013-01-26 04:13	70144	----a-w-	c:\windows\system32\coinst_9.012.dll
2012-12-19 20:19 . 2013-01-26 04:13	163840	----a-w-	c:\windows\system32\atiapfxx.exe
2012-12-19 20:18 . 2013-01-26 04:13	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2012-12-19 20:18 . 2013-01-26 04:13	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2012-12-19 20:17 . 2013-01-26 04:13	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2012-12-19 20:17 . 2013-01-26 04:13	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2012-12-19 20:17 . 2013-01-26 04:13	16082944	----a-w-	c:\windows\system32\aticaldd64.dll
2012-12-19 20:13 . 2013-01-26 04:13	13703168	----a-w-	c:\windows\SysWow64\aticaldd.dll
2012-12-19 20:12 . 2013-01-26 04:13	18982400	----a-w-	c:\windows\SysWow64\atioglxx.dll
2012-12-19 20:09 . 2013-01-26 04:13	960512	----a-w-	c:\windows\SysWow64\aticfx32.dll
2012-12-19 20:08 . 2012-09-28 01:41	1151488	----a-w-	c:\windows\system32\aticfx64.dll
2012-12-19 20:06 . 2013-01-26 04:13	6681088	----a-w-	c:\windows\SysWow64\atidxx32.dll
2012-12-19 19:59 . 2012-09-28 01:31	5087744	----a-w-	c:\windows\system32\atiumd6a.dll
2012-12-19 19:57 . 2012-09-28 01:39	442368	----a-w-	c:\windows\system32\atidemgy.dll
2012-12-19 19:56 . 2013-01-26 04:13	550912	----a-w-	c:\windows\system32\atieclxx.exe
2012-12-19 19:56 . 2013-01-26 04:13	240640	----a-w-	c:\windows\system32\atiesrxx.exe
2012-12-19 19:54 . 2013-01-26 04:13	120320	----a-w-	c:\windows\system32\atitmm64.dll
2012-12-19 19:54 . 2013-01-26 04:13	21504	----a-w-	c:\windows\system32\atimuixx.dll
2012-12-19 19:54 . 2013-01-26 04:13	59392	----a-w-	c:\windows\system32\atiedu64.dll
2012-12-19 19:54 . 2013-01-26 04:13	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2012-12-19 19:49 . 2012-09-28 01:22	7370752	----a-w-	c:\windows\system32\atidxx64.dll
2012-12-19 19:44 . 2013-01-26 04:13	4162048	----a-w-	c:\windows\SysWow64\atiumdva.dll
2012-12-19 19:44 . 2012-09-28 01:25	6786560	----a-w-	c:\windows\system32\atiumd64.dll
2012-12-19 19:33 . 2013-01-26 04:13	56320	----a-w-	c:\windows\system32\atimpc64.dll
2012-12-19 19:33 . 2013-01-26 04:13	56320	----a-w-	c:\windows\system32\amdpcom64.dll
2012-12-19 19:33 . 2012-09-28 01:13	619008	----a-w-	c:\windows\system32\atiadlxx.dll
2012-12-19 19:33 . 2013-01-26 04:13	56832	----a-w-	c:\windows\SysWow64\atimpc32.dll
2012-12-19 19:33 . 2013-01-26 04:13	56832	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2012-12-19 19:33 . 2013-01-26 04:13	421888	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2012-12-19 19:33 . 2013-01-26 04:13	17920	----a-w-	c:\windows\system32\atig6pxx.dll
2012-12-19 19:33 . 2013-01-26 04:13	14848	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2012-12-19 19:33 . 2013-01-26 04:13	14848	----a-w-	c:\windows\system32\atiglpxx.dll
2012-12-19 19:33 . 2013-01-26 04:13	41984	----a-w-	c:\windows\system32\atig6txx.dll
2012-12-19 19:33 . 2013-01-26 04:13	33280	----a-w-	c:\windows\SysWow64\atigktxx.dll
2012-12-19 19:32 . 2013-01-26 04:13	552960	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2012-12-19 19:31 . 2012-09-28 01:11	130048	----a-w-	c:\windows\system32\atiuxp64.dll
2012-12-19 19:31 . 2013-01-26 04:13	109568	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2012-12-19 19:31 . 2012-09-28 01:11	104448	----a-w-	c:\windows\system32\atiu9p64.dll
2012-12-19 19:30 . 2013-01-26 04:13	83968	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2012-12-19 19:30 . 2013-01-26 04:13	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2012-12-19 14:45 . 2012-12-19 14:45	222720	----a-w-	c:\windows\system32\clinfo.exe
2012-12-19 14:44 . 2012-12-19 14:44	76288	----a-w-	c:\windows\system32\OpenVideo64.dll
2012-12-19 14:44 . 2012-12-19 14:44	65536	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2012-12-19 14:44 . 2012-12-19 14:44	64000	----a-w-	c:\windows\system32\OVDecode64.dll
2012-12-19 14:44 . 2012-12-19 14:44	56320	----a-w-	c:\windows\SysWow64\OVDecode.dll
2012-12-19 14:44 . 2012-12-19 14:44	34518016	----a-w-	c:\windows\system32\amdocl64.dll
2012-12-19 14:38 . 2012-12-19 14:38	28732928	----a-w-	c:\windows\SysWow64\amdocl.dll
2012-12-19 14:34 . 2012-12-19 14:34	54784	----a-w-	c:\windows\system32\OpenCL.dll
2012-12-19 14:34 . 2012-12-19 14:34	50176	----a-w-	c:\windows\SysWow64\OpenCL.dll
2012-12-18 22:49 . 2012-12-04 18:09	2079968	----a-w-	c:\windows\RtlExUpd.dll
2012-12-16 17:11 . 2012-12-21 03:58	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 03:58	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 03:58	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 03:58	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-13 00:50 . 2013-01-26 04:17	1652960	----a-w-	c:\windows\system32\RTSnMg64.cpl
2006-05-03 10:06	163328	--sha-r-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47	31232	--sha-r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30	216064	--sha-r-	c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"AOD"="c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" [2012-12-19 361984]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2012-11-13 14544]
R4 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
--- Andere Dienste/Treiber im Speicher ---
*NewlyCreated* - WS2IFSL
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-04 23:47	1630672	----a-w-	c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe
Inhalt des "geplante Tasks" Ordners
2013-03-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-19 13:26]
2013-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-04 17:37]
2013-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-04 17:37]
--------- X64 Entries -----------
"MsmqIntCert"="mqrt.dll" [2010-11-21 247808]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-12-13 13263072]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
------- Zusätzlicher Suchlauf -------
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer =
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_USERS\S-1-5-21-157001695-2697609133-1144193094-1001\Software\SecuROM\License information*]
@Denied: (A 2) (Everyone)
@Denied: (A 2) (Everyone)
@Denied: (A 2) (Everyone)
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
@Denied: (A 2) (Everyone)
@="?????????????????? v1"
@="?????????????????? v2"
@Denied: (Full) (Everyone)
------------------------ Weitere laufende Prozesse ------------------------
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
Zeit der Fertigstellung: 2013-03-08  21:37:04 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-03-08 20:37
Vor Suchlauf: 6 Verzeichnis(se), 62.855.479.296 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 62.481.481.728 Bytes frei
- - End Of File - - EC5C8A965B71C5F2357A2D4B4C1D0914

Alt 11.03.2013, 18:37   #6
/// Malware-holic
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt


lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
--> Verdacht auf Virenbefall - Internet langsam/laggt

Alt 12.03.2013, 00:58   #7
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	27.02.2013	6,00MB	11.6.602.171; notwendig
Adobe Reader XI (11.0.01) - Deutsch	Adobe Systems Incorporated	09.01.2013	132MB	11.0.01; notwendig
AMD Catalyst Install Manager	Advanced Micro Devices, Inc.	12.02.2013	26,3MB	8.0.903.0; notwendig
CCleaner	Piriform	25.02.2013		3.28; notwendig
Curse Client	Curse	09.02.2013; notwendig
EVEREST Ultimate Edition v5.50	Lavalys, Inc.	05.12.2012		5.50; notwendig
Fraps (remove only)		23.01.2013; unnötig
Google Chrome	Google Inc.	04.12.2012		25.0.1364.152; notwendig
Java 7 Update 15	Oracle	22.02.2013	129MB	7.0.150; notwendig
JDownloader 0.9	AppWork GmbH	29.12.2012		0.9; unnötig
JDownloader Packages		29.12.2012; unnötig
JMicron JMB36X Driver	JMicron Technology Corp.	04.12.2012; unbekannt
K-Lite Codec Pack 9.7.0 (Full)		19.01.2013	83,4MB	9.7.0; unbekannt
Malwarebytes Anti-Malware Version	Malwarebytes Corporation	06.03.2013	18,4MB; notwendig
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	04.12.2012	38,8MB	4.0.30319; notwendig
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	28.12.2012	2,93MB	4.0.30319; notwendig
Microsoft .NET Framework 4 Extended	Microsoft Corporation	28.12.2012	51,9MB	4.0.30319; notwendig
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	28.12.2012	10,6MB	4.0.30319; notwendig
Microsoft Games for Windows - LIVE Redistributable	Microsoft Corporation	12.01.2013	32,5MB	2.0.672.0; unbekannt
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	12.01.2013	300KB	8.0.61001; notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	04.12.2012	788KB	9.0.30729; notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	06.12.2012	788KB	9.0.30729.6161; notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	29.12.2012	596KB	9.0.30729; notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	30.12.2012	600KB	9.0.30729.6161; notwendig
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319	Microsoft Corporation	07.12.2012	15,0MB	10.0.30319; notwendig
NetSpeedMonitor x64	Florian Gilles	04.12.2012	1,24MB; unnötig
Notepad++		04.03.2013		6.3; notwendig
OpenOffice.org 3.4.1	Apache Software Foundation	07.01.2013	330MB	3.41.9593; notwendig
Razer Game Booster	Razer USA Ltd.	28.12.2012	44,3MB; unnötig
Realtek Ethernet Controller Driver	Realtek	25.02.2013		7.67.1226.2012; notwendig
Realtek HDMI Audio Driver for ATI	Realtek Semiconductor Corp.	04.12.2012; notwendig
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	26.01.2013; notwendig
Sony PC Companion 2.10.136	Sony	04.03.2013	18,3MB	2.10.136; notwendig
Steam	Valve Corporation	29.12.2012	35,4MB; unnötig
SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54	eRightSoft	23.01.2013	54,0MB	v2012.build.54; unnötig
TeamSpeak 3 Client	TeamSpeak Systems GmbH	05.03.2013		3.0.10; notwendig
Tukui Client	Tukui	11.03.2013	732KB	2.1.1; notwendig
Tukui Client Installer	Tukui	21.01.2013	720KB	2.0.7; notwendig
Tukui Update Utility	Tukui	04.12.2012	288KB	1.0.0; notwendig
VirtualCloneDrive	Elaborate Bytes	29.12.2012; unnötig
VLC media player 2.0.5	VideoLAN	04.03.2013		2.0.5; notwendig
Winamp	Nullsoft, Inc	07.12.2012		5.63; notwendig
Windows Live Essentials	Microsoft Corporation	23.01.2013		16.4.3505.0912; unbekannt
WinRAR 4.20 (64-Bit)	win.rar GmbH	04.12.2012		4.20.0; notwendig
World of Warcraft	Blizzard Entertainment	11.03.2013; notwendig

Alt 12.03.2013, 19:36   #8
/// Malware-holic
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

downloade Java jre:
Java-Downloads für alle Betriebssysteme
Download der Java-Software für Windows Offline
laden, und instalieren
JDownloader : beide
Windows Live : alle für dich unnötigen

Öffne CCleaner, analysieren, starten, pc neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
Mails bitte vorerst nach obiger Anleitung an
Wenn Ihr uns unterstützen möchtet

Alt 13.03.2013, 06:26   #9
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

habe alles so gemacht wie beschrieben.

Hier die Logdatei:
# AdwCleaner v2.114 - Datei am 13/03/2013 um 06:23:34 erstellt
# Aktualisiert am 05/03/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Jaro - JARO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jaro\Downloads\adwcleaner.exe
# Option [Löschen]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files (x86)\SweetIM

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v25.0.1364.152

Datei : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.


AdwCleaner[S1].txt - [1443 octets] - [13/03/2013 06:23:34]

########## EOF - C:\AdwCleaner[S1].txt - [1503 octets] ##########

Alt 13.03.2013, 18:39   #10
/// Malware-holic
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

HitmanPro - Download - Filepony
hitmanpro laden, doppelklicken,lizenz, testlizenz.
auf Scan, nichts löschen.
auf weiter, und log als xml exportieren und posten, bzw packen und anhängen
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
Mails bitte vorerst nach obiger Anleitung an
Wenn Ihr uns unterstützen möchtet

Alt 14.03.2013, 01:05   #11
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

<Log computer="JARO-PC" windows="" scan="Normal" version="" date="2013-03-14T01:02:00" timeSpentInSecs="59" filesProcessed="14599">
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtracker.com" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Cookies:stats.computecmedia.de" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\0ZELIMPJ.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\18COMTBQ.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\1MQ1QA74.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\2LYM6Q2S.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\3ZX2IT2H.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\4RCNK02F.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\BAFNRC3C.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\D7T11QT7.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\ILKIGK9G.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\LTX13PCT.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\RT94BGHP.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\UHILGVPX.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\UPFH3NKY.txt" /></Item>
	<Item type="Cookie" score="0.0" status="None"><File path="C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Cookies\V4H86YP5.txt" /></Item>

Alt 14.03.2013, 20:48   #12
/// Malware-holic
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

funde löschen bitte, neues otl log posten
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
Mails bitte vorerst nach obiger Anleitung an
Wenn Ihr uns unterstützen möchtet

Alt 17.03.2013, 05:21   #13
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

OTL logfile created on: 17.03.2013 05:19:47 - Run 2
OTL by OldTimer - Version     Folder = C:\Users\Jaro\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,92 Gb Available Physical Memory | 72,92% Memory free
10,00 Gb Paging File | 8,61 Gb Available in Paging File | 86,17% Paging File free
Paging file location(s): c:\pagefile.sys 6144 6144 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 58,88 Gb Free Space | 52,72% Space Free | Partition Type: NTFS
Computer Name: JARO-PC | User Name: Jaro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.17 05:15:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jaro\Desktop\OTL.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV:64bit: - [2012.12.19 20:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.12.19 15:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.11.21 04:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
SRV:64bit: - [2010.11.21 04:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 02:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009.07.14 02:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV - [2013.01.27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.01.27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2010.11.21 04:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.21 04:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.11.21 04:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.07.14 02:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.01.20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.12.19 21:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.12.19 20:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.11.06 12:11:52 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.09.17 15:05:10 | 000,123,704 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2012.08.28 13:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.06.05 13:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2012.04.11 02:40:58 | 000,082,560 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012.04.11 02:40:58 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.11.21 04:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2012.04.09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-157001695-2697609133-1144193094-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-157001695-2697609133-1144193094-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-157001695-2697609133-1144193094-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CB E5 3A F5 44 D2 CD 01  [binary data]
IE - HKU\S-1-5-21-157001695-2697609133-1144193094-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-157001695-2697609133-1144193094-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-157001695-2697609133-1144193094-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome  ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\\plugin/npUrlAdvisor.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\np-mswmp.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\\plugin/npABPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: AdBlock = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
CHR - Extension: Yahoo Mail Checker = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijbgodfidfimmjgeapafonbdkkkndpmp\1.4.1_0\
CHR - Extension: Google Mail = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Drive = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: AdBlock = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
CHR - Extension: Yahoo Mail Checker = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijbgodfidfimmjgeapafonbdkkkndpmp\1.4.1_0\
CHR - Extension: Google Mail = C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.03.08 21:35:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts:       localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune File not found
O4 - HKU\S-1-5-18..\RunOnce: [AOD] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune File not found
O4 - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-157001695-2697609133-1144193094-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-157001695-2697609133-1144193094-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E9871FF-5006-4541-8562-AD172DDF9B13}: DhcpNameServer =
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.17 05:15:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jaro\Desktop\OTL.exe
[2013.03.14 01:26:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.14 01:25:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.14 01:14:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.14 01:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013.03.14 01:12:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.03.14 01:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.03.13 06:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.03.13 06:19:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.03.13 06:18:59 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.03.08 21:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\delight software gmbh
[2013.03.08 21:37:05 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.03.08 21:32:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.03.08 21:32:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.03.08 21:32:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.03.08 21:32:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.08 21:32:06 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.03.06 02:03:56 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\Malwarebytes
[2013.03.06 02:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.06 02:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.06 02:03:46 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.03.06 02:03:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.03.04 01:56:02 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\vlc
[2013.03.04 01:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013.03.04 01:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013.03.04 01:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013.03.04 01:46:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013.03.04 01:40:14 | 000,000,000 | --SD | C] -- C:\Users\Jaro\Documents\Passwords Database
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.03.17 05:15:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jaro\Desktop\OTL.exe
[2013.03.17 04:47:02 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.17 01:47:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.16 23:41:58 | 000,022,000 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.16 23:41:58 | 000,022,000 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.16 23:39:04 | 001,804,186 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.16 23:39:04 | 000,772,748 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.16 23:39:04 | 000,715,136 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.16 23:39:04 | 000,174,872 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.16 23:39:04 | 000,142,518 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.16 23:34:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.14 21:07:28 | 000,001,195 | ---- | M] () -- C:\Users\Jaro\Desktop\Downloads.lnk
[2013.03.14 01:16:44 | 000,002,117 | ---- | M] () -- C:\Users\Jaro\Desktop\Microsoft Security Essentials.lnk
[2013.03.14 01:12:33 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.14 01:12:33 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.14 01:12:12 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.03.12 00:47:55 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.11 04:01:55 | 000,003,041 | ---- | M] () -- C:\Users\Jaro\Desktop\Tukui Client.lnk
[2013.03.08 21:35:55 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.03.06 02:53:59 | 000,000,000 | ---- | M] () -- C:\Users\Jaro\defogger_reenable
[2013.03.06 02:03:47 | 000,001,127 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.04 02:03:22 | 000,001,051 | ---- | M] () -- C:\Users\Jaro\Desktop\Notepad++.lnk
[2013.03.04 01:55:59 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.03.04 01:46:38 | 000,002,108 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.02.27 18:58:09 | 000,111,037 | ---- | M] () -- C:\Users\Jaro\Documents\ts3_clientui-win64-1351504843-2013-02-27 18_58_09.071321.dmp
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.03.14 01:18:34 | 000,001,421 | ---- | C] () -- C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.03.14 01:16:44 | 000,002,117 | ---- | C] () -- C:\Users\Jaro\Desktop\Microsoft Security Essentials.lnk
[2013.03.14 01:12:33 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.03.14 01:12:33 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.14 01:12:05 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013.03.11 04:01:55 | 000,003,041 | ---- | C] () -- C:\Users\Jaro\Desktop\Tukui Client.lnk
[2013.03.11 04:01:55 | 000,003,001 | ---- | C] () -- C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tukui Client.lnk
[2013.03.08 21:32:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.08 21:32:14 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.08 21:32:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.08 21:32:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.08 21:32:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.06 02:53:59 | 000,000,000 | ---- | C] () -- C:\Users\Jaro\defogger_reenable
[2013.03.06 02:03:47 | 000,001,127 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.04 01:55:59 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.03.04 01:46:38 | 000,002,108 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.02.27 18:58:09 | 000,111,037 | ---- | C] () -- C:\Users\Jaro\Documents\ts3_clientui-win64-1351504843-2013-02-27 18_58_09.071321.dmp
[2013.02.25 13:31:55 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013.02.15 04:12:33 | 000,000,466 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.01.23 05:45:22 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2013.01.19 10:54:13 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013.01.14 05:04:05 | 000,017,408 | ---- | C] () -- C:\Users\Jaro\AppData\Local\WebpageIcons.db
[2013.01.03 06:39:45 | 000,000,921 | ---- | C] () -- C:\Users\Jaro\AppData\Roaming\MPQEditor.ini
[2012.12.28 13:34:03 | 001,781,080 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.04 18:40:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.28 02:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 02:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.12.29 18:05:19 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Day 1 Studios
[2012.12.29 16:25:03 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\JDownloaderPackages
[2012.12.04 18:54:46 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\NetSpeedMonitor
[2013.03.04 02:03:22 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Notepad++
[2013.01.07 07:33:06 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\OpenOffice.org
[2013.01.23 07:43:02 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Publish Providers
[2013.01.23 07:43:01 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Sony
[2013.01.19 08:25:09 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\SplitMediaLabs
[2013.03.16 01:38:17 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\TS3Client
[2013.03.05 16:13:10 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\ts3overlay
[2012.12.16 19:39:50 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\ts3overlay_hook_win64
[2013.01.04 07:40:44 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\WinISO Computing
========== Purity Check ==========

< End of report >

Alt 28.03.2013, 19:42   #14
/// Malware-holic
Verdacht auf Virenbefall - Internet langsam/laggt - Standard

Verdacht auf Virenbefall - Internet langsam/laggt

sorry, war im Urlaub, und rkrank

otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

bitte teste, ob es im Firefox, internet explorer, und sonstigen
evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt.
Teste wie pc und programme allgemein laufen.
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
Mails bitte vorerst nach obiger Anleitung an
Wenn Ihr uns unterstützen möchtet


