Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.04.2013, 12:16   #1
Ephesar
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Hallo liebe Leute!

Ich habe mich heute erst in diesem Forum angemeldet. Vorweg: ich finde es toll, dass hier so viele Leute anderen Menschen mit ihren digitalen Problemen helfen!

Nun zu meinem Problem: mein Antivirenprogramm (Avira Free Antivirius, ja ich weiß, gefällt nicht jedem. Ich weiß aber auch nicht, welches Programm wirklich gut ist, da scheinen die Meinungen auseinander zu gehen) hat bei einem Scan entdeckt: TR/Agent.464.4

Etwas besorgt habe ich angefangen im Netz danach zu suchen und bin dabei auch auf eure Seite gestoßen. Euren Regeln entsprechend habe ich den Trojaner unter Quarantäne stellen lassen.
Mithilfe der Suchfunktion dieses Boards habe ich 2 Einträge zu diesem Trojaner gefunden, die empfohlenen Reaktionen gingen auseinander, deshalb starte ich hier ein neues Thema. Wenn dies unnötig war, dann tut mir dies leid!

Ich habe die empfohlenen Programme heruntergeladen und die jeweiligen Scans durchgeführt (malwarebytes antimalware, defogger, OTL, GMR). Dies hat mit dem Programm GMR meines Erachtens nicht richtig funktioniert (es wurde stundenlang gescannt, aber keine Protokolldatei erstellt). Vielleicht habe ich aber ja auch etwas falsch gemacht.
Über den defogger wurde die deamontoolbar (soweit ich weiß, ein virtuelles CD-Laufwerk-Programm) deinstalliert.

Ich habe festgestellt, dass der Internet Explorer nicht mehr funktioniert (wegen des Web-Browserschutzes). Der Avira Browserschutz war kurz vorher auch deaktiviert, da die Toolbar (Ask-Toolbar) deaktiviert wurde (wie das genau geschehen ist, weiß ich nicht, ich weiß auch gar nicht, was eine Toolbar ist und macht :-) ). Die Toolbar und den Browserschutz konnte ich wieder aktivieren, damit läuft Mozilla Firefox wieder, Google Chrome funktionierte (soweit ich weiß) die ganze Zeit, der Internet Explorer nach wie vor nicht.

Mein Betriebssystem ist Windows Vista (SP2).

Ich bin auch deshalb beunruhigt, da meine Freundin vor ein paar Tagen auf eine "Phishing-Mail" (heißt das so?) hereingefallen ist. Es war eine falsche Paypal-E-Mail, bei der sie leider ihre Kontoverbindung sowie E-Mail-Adresse, Name und Adresse angegeben hat (glücklicherweise keine Passwörter). Ich habe bei der Hotline von Paypal als auch unserer Bank angerufen (bei der wir auch das online-banking nutzen), beide meinten, es könne soweit nichts passieren (außer Lastschriftabbuchungen, die Rückgängig gemacht werden könnten). Ich bin mir nicht so sicher, ob das stimmt :-)

Ich hoffe, das sind alle relevanten Informationen, ich hoffe, ich habe nicht zu viel geschwafelt. Ich hänge an meinen Beitrag die Avira-Reportdatei, die OTL Dateien und die Extras Datei an.

Wenn noch etwas fehlen sollte, versuche ich natürlich, das Fehlende nachzutragen.

Schon im vorraus möchte ich mich herzlich für eure Hilfe Bedanken!

Mit besten Grüßen,

Ciarán

Alt 04.04.2013, 12:27   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Hallo und

Hast du noch weitere Logs (mit Funden)? Ist dein Virenscanner jemals fündig geworden?

Malwarebytes und/oder andere Virenscanner?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 04.04.2013, 12:47   #3
Ephesar
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Hallo cosinus!

Herzlichen Dank für deine Antwort!

Ich hatte versucht, die Protokolldateien direkt in das Forum zu posten, allerdings sagte mir eine Fehlermeldung, dass mein Beitrag zu viele Zeichen enthalte.
Deshalb habe ich die Protokolldateien gezippt angehängt. Ich habe es allerdings nicht mit code /code probiert.
Wenn es hilft, kann ich natürlich auch mehrere Antworten absenden, jeweils mit eine Protokolldatei?

Ich bin im Moment auf der Arbeit, deshalb kann ich die Schritte unter "Wichtig: Bitte alle Logs mit Funden posten" gerade nicth durchgehen. Sobald ich zuhause bin, werde ich dies angehen. Dann poste ich die entsprechenden Dateien hier.

Herzlichen Dank schon mal für deine Mühen!

Beste Grüße,

Ciarán
__________________

Alt 04.04.2013, 12:50   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Die schon im Anhang befindlichen Logs bitte nicht nochmal posten!
Ich wollte nur wissen ob du noch weitere/andere Logs hast, wenn ja diese bitte in CODE-Tags posten
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.04.2013, 12:56   #5
Ephesar
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Ah!

Nein, ich habe nur die Log-Dateien. Ich hoffe das reicht?

Beste Grüße!


Alt 04.04.2013, 13:06   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Rootkitscan mit GMER

Bitte lade dir GMER Rootkit Scanner GMER herunter: (Dateiname zufällig)
  • Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
  • Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei: IAT/EAT und Show All
  • Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
  • Starte den Scan mit "Scan".
  • Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Tauchen Probleme auf?
  • Probiere alternativ den abgesicherten Modus.
  • Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.


Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
--> TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne

Alt 09.04.2013, 14:50   #7
Ephesar
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Hallo!

Ich war einige Tage anderweitig beansprucht, deshalb kann ich jetzt erst antworten. Sorry!

Ich habe GMER laufen lassen. Im "normalen" Windows Modus konnte ich das Log Ergebnis nicht speichern, es ließ sich kein Programm mehr öffnen, ich musste den Laptop über die Powertaste ausschalten. Ich habe dann, wie du es beschrieben hast, den Computer im abgesicherten Modus gestartet. Nun wurde ebenfalls der Scan durchgeführt, allerdings hat GMER mehrfach versucht, das CD-ROM-Laufwerk zu scannen. Nur der Button "Abbrechen" hat Wirkung gezeigt, gmer hat jeweils weitergescannt. Am Ende konnte die Log-Datei erstellt werden. Wenn ich dein letztes Posting richtig gelesen habe, soll ich diese Log-Datei hier nicht posten. Falls du diese Datei doch benötigst, poste ich sie natürlich gerne.

Nach GMER habe ich MBAR laufen lassen. MBAR hat nach dem Scan angezeigt: "Congratulations, no cleanup is required! Scan finished: no maleware found!". Der Button Cleanup war für mich nicht anzuwählen, ich konnte das Programm nur über Exit verlassen.
Wenn ich andere Postings hier im Forum richtig verstanden habe, dann soll ich angeforderte Log-Dateien posten, auch wenn es keinen Fund oder ähnliches gab. Dies möchte gerne tun.
Ich habe zwei mal versucht, die Log-Datei in CODE-Tags in dieses Posting einzufügen. Es funktioniert bei mir nicht. Die Seite tut sehr lange Zeit nichts, danach ist der Trojaner-Board-Reiter in meinem Browser (Firefox) weiß. Deshalb hänge ich diese Log-Datei nun gezippt hier an. Ich hoffe, dass geht in Ordnung, im Moment sehe ich keine andere Möglichkeit dir die Log-Datei zugänglich zu machen.

Soweit von mir,

ich hoffe, dies hilft weiter.

Herzlichen Dank für deine Mühen. Vielleicht hast du ja einen Rat für mich.

Beste Grüße,

Ciarán

Alt 09.04.2013, 15:23   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.04.2013, 23:44   #9
Ephesar
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Hallo!

Beide Programme konnten ohne Probleme durchgeführt werden.

Hier die aswMBR Log-Datei und die TDSSKiller Log-Datei in CODE-Tags (ich habe keine Ahnung, warum es mir jetzt möglich ist, mit CODE-Tags zu posten)

Danke und beste Grüße,

Ciarán

Code:
ATTFilter
 aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-09 22:38:32
-----------------------------
22:38:32.186    OS Version: Windows 6.0.6002 Service Pack 2
22:38:32.186    Number of processors: 2 586 0x301
22:38:32.186    ComputerName: CIARAN-PC  UserName: Ciaran
22:38:32.919    Initialize success
22:40:02.892    AVAST engine defs: 13040900
22:53:21.877    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063
22:53:21.893    Disk 0 Vendor: ST932032 0002 Size: 305245MB BusType: 8
22:53:22.111    Disk 0 MBR read successfully
22:53:22.111    Disk 0 MBR scan
22:53:22.127    Disk 0 unknown MBR code
22:53:22.127    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    12001 MB offset 63
22:53:22.158    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       152617 MB offset 24579450
22:53:22.173    Disk 0 Partition - 00     0F Extended LBA            140623 MB offset 337140090
22:53:22.205    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       140623 MB offset 337140153
22:53:22.220    Disk 0 scanning sectors +625137345
22:53:22.470    Disk 0 scanning C:\Windows\system32\drivers
22:53:49.707    Service scanning
22:54:26.898    Modules scanning
22:54:32.592    Disk 0 trace - called modules:
22:54:32.623    ntkrnlpa.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix86s.sys 
22:54:32.639    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85fc12f0]
22:54:32.639    3 CLASSPNP.SYS[8a7a28b3] -> nt!IofCallDriver -> \Device\00000063[0x858e2958]
22:54:34.199    AVAST engine scan C:\Windows
22:54:38.161    AVAST engine scan C:\Windows\system32
23:00:35.123    AVAST engine scan C:\Windows\system32\drivers
23:01:06.666    AVAST engine scan C:\Users\Ciaran
23:23:26.193    AVAST engine scan C:\ProgramData
23:26:52.768    Scan finished successfully
23:27:11.004    Disk 0 MBR has been saved successfully to "C:\Users\Ciaran\Desktop\MBR.dat"
23:27:11.004    The log file has been saved successfully to "C:\Users\Ciaran\Desktop\aswMBR.txt"
         
Code:
ATTFilter
 23:31:41.0967 4716  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:31:42.0123 4716  ============================================================
23:31:42.0123 4716  Current date / time: 2013/04/09 23:31:42.0123
23:31:42.0123 4716  SystemInfo:
23:31:42.0123 4716  
23:31:42.0123 4716  OS Version: 6.0.6002 ServicePack: 2.0
23:31:42.0123 4716  Product type: Workstation
23:31:42.0123 4716  ComputerName: CIARAN-PC
23:31:42.0123 4716  UserName: Ciaran
23:31:42.0123 4716  Windows directory: C:\Windows
23:31:42.0123 4716  System windows directory: C:\Windows
23:31:42.0123 4716  Processor architecture: Intel x86
23:31:42.0123 4716  Number of processors: 2
23:31:42.0123 4716  Page size: 0x1000
23:31:42.0123 4716  Boot type: Normal boot
23:31:42.0123 4716  ============================================================
23:31:43.0308 4716  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:31:43.0355 4716  ============================================================
23:31:43.0355 4716  \Device\Harddisk0\DR0:
23:31:43.0371 4716  MBR partitions:
23:31:43.0371 4716  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770D7A, BlocksNum 0x12A14C00
23:31:43.0386 4716  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141859B9, BlocksNum 0x112A7D08
23:31:43.0386 4716  ============================================================
23:31:43.0480 4716  C: <-> \Device\Harddisk0\DR0\Partition1
23:31:43.0558 4716  D: <-> \Device\Harddisk0\DR0\Partition2
23:31:43.0558 4716  ============================================================
23:31:43.0558 4716  Initialize success
23:31:43.0558 4716  ============================================================
23:32:58.0329 5664  ============================================================
23:32:58.0329 5664  Scan started
23:32:58.0329 5664  Mode: Manual; SigCheck; TDLFS; 
23:32:58.0329 5664  ============================================================
23:32:59.0187 5664  ================ Scan system memory ========================
23:32:59.0187 5664  System memory - ok
23:32:59.0187 5664  ================ Scan services =============================
23:32:59.0296 5664  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files\AAVUpdateManager\aavus.exe
23:32:59.0421 5664  AAV UpdateService - ok
23:32:59.0577 5664  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
23:32:59.0608 5664  ACPI - ok
23:32:59.0686 5664  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:32:59.0764 5664  AdobeARMservice - ok
23:32:59.0811 5664  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:32:59.0857 5664  adp94xx - ok
23:32:59.0889 5664  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:32:59.0904 5664  adpahci - ok
23:32:59.0967 5664  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
23:32:59.0998 5664  adpu160m - ok
23:33:00.0029 5664  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:33:00.0045 5664  adpu320 - ok
23:33:00.0123 5664  [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService     C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
23:33:00.0169 5664  ADSMService ( UnsignedFile.Multi.Generic ) - warning
23:33:00.0169 5664  ADSMService - detected UnsignedFile.Multi.Generic (1)
23:33:00.0201 5664  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:33:00.0325 5664  AeLookupSvc - ok
23:33:00.0388 5664  [ 3CD15EBAA1D68BC18CE14A26683BC1EC ] AF15BDA         C:\Windows\system32\DRIVERS\AF15BDA.sys
23:33:00.0481 5664  AF15BDA - ok
23:33:00.0544 5664  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc             C:\Windows\system32\drivers\Afc.sys
23:33:00.0559 5664  Afc - ok
23:33:00.0606 5664  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
23:33:00.0669 5664  AFD - ok
23:33:00.0700 5664  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:33:00.0715 5664  agp440 - ok
23:33:00.0731 5664  [ FBE4016F9EF3AB3DB547E40A936B6CD9 ] ahcix86s        C:\Windows\system32\DRIVERS\ahcix86s.sys
23:33:00.0747 5664  ahcix86s - ok
23:33:00.0778 5664  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
23:33:00.0793 5664  aic78xx - ok
23:33:00.0825 5664  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
23:33:00.0981 5664  ALG - ok
23:33:01.0012 5664  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:33:01.0027 5664  aliide - ok
23:33:01.0059 5664  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
23:33:01.0074 5664  amdagp - ok
23:33:01.0105 5664  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:33:01.0137 5664  amdide - ok
23:33:01.0152 5664  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
23:33:01.0215 5664  AmdK7 - ok
23:33:01.0246 5664  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:33:01.0308 5664  AmdK8 - ok
23:33:01.0620 5664  [ 6B6DCA316EA487331E8F4A8EAB65C9C6 ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
23:33:01.0839 5664  amdkmdag - ok
23:33:01.0885 5664  [ E78F5DAA88E4B240E0E1D82ED0E7D96A ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:33:01.0932 5664  amdkmdap - ok
23:33:02.0010 5664  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:33:02.0026 5664  AntiVirSchedulerService - ok
23:33:02.0057 5664  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:33:02.0073 5664  AntiVirService - ok
23:33:02.0119 5664  [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:33:02.0151 5664  AntiVirWebService - ok
23:33:02.0197 5664  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
23:33:02.0260 5664  Appinfo - ok
23:33:02.0338 5664  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:33:02.0431 5664  Apple Mobile Device - ok
23:33:02.0478 5664  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
23:33:02.0494 5664  arc - ok
23:33:02.0525 5664  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:33:02.0541 5664  arcsas - ok
23:33:02.0572 5664  [ 104DB777372411C55850C4A2AE6877EF ] AsDsm           C:\Windows\system32\drivers\AsDsm.sys
23:33:02.0587 5664  AsDsm - ok
23:33:02.0650 5664  [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService    C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
23:33:02.0665 5664  ASLDRService - ok
23:33:02.0681 5664  [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP          C:\Program Files\ATKGFNEX\ASMMAP.sys
23:33:02.0712 5664  ASMMAP - ok
23:33:02.0759 5664  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:33:02.0821 5664  AsyncMac - ok
23:33:02.0853 5664  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:33:02.0884 5664  atapi - ok
23:33:02.0946 5664  [ 2846F5EE802889D500FCF5CC48B28381 ] athr            C:\Windows\system32\DRIVERS\athr.sys
23:33:03.0087 5664  athr - ok
23:33:03.0211 5664  [ F1C465E3A7A095B3B20B32AD39EA477A ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
23:33:03.0399 5664  Ati External Event Utility - ok
23:33:03.0430 5664  [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
23:33:03.0445 5664  AtiPcie - ok
23:33:03.0477 5664  [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv     C:\Program Files\ATKGFNEX\GFNEXSrv.exe
23:33:03.0477 5664  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
23:33:03.0477 5664  ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
23:33:03.0539 5664  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:33:03.0586 5664  AudioEndpointBuilder - ok
23:33:03.0601 5664  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:33:03.0617 5664  Audiosrv - ok
23:33:03.0664 5664  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:33:03.0679 5664  avgntflt - ok
23:33:03.0711 5664  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:33:03.0726 5664  avipbb - ok
23:33:03.0757 5664  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:33:03.0773 5664  avkmgr - ok
23:33:03.0851 5664  [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc           C:\Program Files\Microsoft\BingBar\BBSvc.EXE
23:33:03.0898 5664  BBSvc - ok
23:33:03.0945 5664  [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate        C:\Program Files\Microsoft\BingBar\SeaPort.EXE
23:33:03.0960 5664  BBUpdate - ok
23:33:03.0991 5664  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:33:04.0055 5664  Beep - ok
23:33:04.0133 5664  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
23:33:04.0180 5664  BFE - ok
23:33:04.0242 5664  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
23:33:04.0336 5664  BITS - ok
23:33:04.0367 5664  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
23:33:04.0445 5664  blbdrive - ok
23:33:04.0538 5664  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:33:04.0585 5664  Bonjour Service - ok
23:33:04.0616 5664  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:33:04.0679 5664  bowser - ok
23:33:04.0710 5664  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
23:33:04.0757 5664  BrFiltLo - ok
23:33:04.0788 5664  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
23:33:04.0866 5664  BrFiltUp - ok
23:33:04.0913 5664  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
23:33:04.0960 5664  Browser - ok
23:33:05.0006 5664  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
23:33:05.0162 5664  Brserid - ok
23:33:05.0194 5664  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
23:33:05.0272 5664  BrSerWdm - ok
23:33:05.0287 5664  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
23:33:05.0350 5664  BrUsbMdm - ok
23:33:05.0381 5664  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
23:33:05.0459 5664  BrUsbSer - ok
23:33:05.0521 5664  [ 6D39C954799B63BA866910234CF7D726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
23:33:05.0552 5664  BthEnum - ok
23:33:05.0599 5664  [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:33:05.0630 5664  BTHMODEM - ok
23:33:05.0646 5664  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:33:05.0677 5664  BthPan - ok
23:33:05.0755 5664  [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
23:33:05.0786 5664  BTHPORT - ok
23:33:05.0818 5664  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
23:33:05.0880 5664  BthServ - ok
23:33:05.0911 5664  [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
23:33:05.0927 5664  BTHUSB - ok
23:33:05.0958 5664  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:33:06.0020 5664  cdfs - ok
23:33:06.0052 5664  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:33:06.0098 5664  cdrom - ok
23:33:06.0145 5664  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:33:06.0192 5664  CertPropSvc - ok
23:33:06.0239 5664  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
23:33:06.0301 5664  circlass - ok
23:33:06.0348 5664  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
23:33:06.0379 5664  CLFS - ok
23:33:06.0504 5664  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:33:06.0566 5664  clr_optimization_v2.0.50727_32 - ok
23:33:06.0629 5664  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:33:06.0738 5664  clr_optimization_v4.0.30319_32 - ok
23:33:06.0785 5664  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:33:06.0832 5664  CmBatt - ok
23:33:06.0863 5664  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:33:06.0894 5664  cmdide - ok
23:33:06.0910 5664  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:33:06.0925 5664  Compbatt - ok
23:33:06.0941 5664  COMSysApp - ok
23:33:06.0956 5664  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:33:06.0972 5664  crcdisk - ok
23:33:07.0003 5664  [ D18893845AE1C5833B5B2EA9B7F5C670 ] CRFILTER        C:\Windows\system32\DRIVERS\CRFILTER.sys
23:33:07.0066 5664  CRFILTER - ok
23:33:07.0081 5664  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
23:33:07.0128 5664  Crusoe - ok
23:33:07.0175 5664  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:33:07.0222 5664  CryptSvc - ok
23:33:07.0300 5664  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:33:07.0378 5664  DcomLaunch - ok
23:33:07.0424 5664  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:33:07.0487 5664  DfsC - ok
23:33:07.0596 5664  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
23:33:07.0721 5664  DFSR - ok
23:33:07.0768 5664  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
23:33:07.0830 5664  Dhcp - ok
23:33:07.0908 5664  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
23:33:07.0939 5664  disk - ok
23:33:07.0986 5664  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:33:08.0017 5664  Dnscache - ok
23:33:08.0064 5664  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:33:08.0111 5664  dot3svc - ok
23:33:08.0158 5664  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
23:33:08.0204 5664  DPS - ok
23:33:08.0236 5664  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:33:08.0267 5664  drmkaud - ok
23:33:08.0376 5664  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:33:08.0516 5664  DXGKrnl - ok
23:33:08.0548 5664  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
23:33:08.0594 5664  E1G60 - ok
23:33:08.0641 5664  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
23:33:08.0688 5664  EapHost - ok
23:33:08.0750 5664  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
23:33:08.0766 5664  Ecache - ok
23:33:08.0860 5664  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:33:08.0953 5664  ehRecvr - ok
23:33:08.0969 5664  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
23:33:09.0047 5664  ehSched - ok
23:33:09.0078 5664  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
23:33:09.0094 5664  ehstart - ok
23:33:09.0156 5664  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:33:09.0172 5664  elxstor - ok
23:33:09.0250 5664  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
23:33:09.0421 5664  EMDMgmt - ok
23:33:09.0452 5664  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:33:09.0499 5664  ErrDev - ok
23:33:09.0546 5664  [ 27D322191A177793448AFB6B9B11C75A ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
23:33:09.0593 5664  ETD - ok
23:33:09.0671 5664  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
23:33:09.0718 5664  EventSystem - ok
23:33:09.0764 5664  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
23:33:09.0811 5664  exfat - ok
23:33:09.0827 5664  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:33:09.0874 5664  fastfat - ok
23:33:09.0905 5664  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:33:09.0967 5664  fdc - ok
23:33:09.0998 5664  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:33:10.0045 5664  fdPHost - ok
23:33:10.0061 5664  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:33:10.0139 5664  FDResPub - ok
23:33:10.0154 5664  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:33:10.0186 5664  FileInfo - ok
23:33:10.0217 5664  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:33:10.0248 5664  Filetrace - ok
23:33:10.0264 5664  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:33:10.0310 5664  flpydisk - ok
23:33:10.0357 5664  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:33:10.0373 5664  FltMgr - ok
23:33:10.0622 5664  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
23:33:10.0716 5664  FontCache - ok
23:33:10.0778 5664  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:33:10.0825 5664  FontCache3.0.0.0 - ok
23:33:10.0888 5664  [ 17829180DEEBF703EC7F445AC3ABEA99 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
23:33:10.0903 5664  fssfltr - ok
23:33:10.0981 5664  [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:33:11.0028 5664  fsssvc - ok
23:33:11.0090 5664  [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
23:33:11.0106 5664  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
23:33:11.0106 5664  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
23:33:11.0122 5664  [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
23:33:11.0153 5664  FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
23:33:11.0153 5664  FsUsbExService - detected UnsignedFile.Multi.Generic (1)
23:33:11.0184 5664  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:33:11.0246 5664  Fs_Rec - ok
23:33:11.0278 5664  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:33:11.0293 5664  gagp30kx - ok
23:33:11.0309 5664  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:33:11.0324 5664  GEARAspiWDM - ok
23:33:11.0371 5664  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:33:11.0449 5664  gpsvc - ok
23:33:11.0512 5664  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
23:33:11.0527 5664  gupdate - ok
23:33:11.0543 5664  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:33:11.0558 5664  gupdatem - ok
23:33:11.0621 5664  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:33:11.0683 5664  HdAudAddService - ok
23:33:11.0839 5664  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:33:11.0917 5664  HDAudBus - ok
23:33:11.0964 5664  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:33:12.0042 5664  HidBth - ok
23:33:12.0073 5664  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:33:12.0151 5664  HidIr - ok
23:33:12.0198 5664  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
23:33:12.0245 5664  hidserv - ok
23:33:12.0276 5664  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:33:12.0323 5664  HidUsb - ok
23:33:12.0354 5664  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:33:12.0416 5664  hkmsvc - ok
23:33:12.0463 5664  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
23:33:12.0479 5664  HpCISSs - ok
23:33:12.0510 5664  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:33:12.0557 5664  HTTP - ok
23:33:12.0572 5664  hwdatacard - ok
23:33:12.0619 5664  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
23:33:12.0635 5664  i2omp - ok
23:33:12.0666 5664  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:33:12.0728 5664  i8042prt - ok
23:33:12.0822 5664  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
23:33:12.0838 5664  iaStorV - ok
23:33:13.0025 5664  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:33:13.0181 5664  idsvc - ok
23:33:13.0228 5664  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:33:13.0243 5664  iirsp - ok
23:33:13.0352 5664  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:33:13.0415 5664  IKEEXT - ok
23:33:13.0493 5664  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:33:13.0508 5664  intelide - ok
23:33:13.0586 5664  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:33:13.0680 5664  intelppm - ok
23:33:13.0742 5664  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:33:13.0805 5664  IPBusEnum - ok
23:33:13.0820 5664  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:33:13.0852 5664  IpFilterDriver - ok
23:33:13.0898 5664  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:33:13.0930 5664  iphlpsvc - ok
23:33:13.0945 5664  IpInIp - ok
23:33:13.0961 5664  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
23:33:13.0992 5664  IPMIDRV - ok
23:33:14.0039 5664  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
23:33:14.0101 5664  IPNAT - ok
23:33:14.0164 5664  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:33:14.0210 5664  iPod Service - ok
23:33:14.0242 5664  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:33:14.0288 5664  IRENUM - ok
23:33:14.0304 5664  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:33:14.0320 5664  isapnp - ok
23:33:14.0366 5664  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:33:14.0382 5664  iScsiPrt - ok
23:33:14.0398 5664  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
23:33:14.0429 5664  iteatapi - ok
23:33:14.0444 5664  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
23:33:14.0460 5664  iteraid - ok
23:33:14.0476 5664  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:33:14.0491 5664  kbdclass - ok
23:33:14.0507 5664  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:33:14.0554 5664  kbdhid - ok
23:33:14.0585 5664  [ 7F2B8D0B31FB4A797E5786EF124C5A80 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
23:33:14.0600 5664  kbfiltr - ok
23:33:14.0632 5664  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
23:33:14.0694 5664  KeyIso - ok
23:33:14.0756 5664  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:33:14.0788 5664  KSecDD - ok
23:33:14.0834 5664  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:33:14.0897 5664  KtmRm - ok
23:33:14.0959 5664  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:33:15.0053 5664  LanmanServer - ok
23:33:15.0068 5664  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:33:15.0115 5664  LanmanWorkstation - ok
23:33:15.0146 5664  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:33:15.0193 5664  lltdio - ok
23:33:15.0224 5664  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:33:15.0271 5664  lltdsvc - ok
23:33:15.0287 5664  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:33:15.0365 5664  lmhosts - ok
23:33:15.0396 5664  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:33:15.0427 5664  LSI_FC - ok
23:33:15.0458 5664  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:33:15.0474 5664  LSI_SAS - ok
23:33:15.0505 5664  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:33:15.0536 5664  LSI_SCSI - ok
23:33:15.0552 5664  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
23:33:15.0583 5664  luafv - ok
23:33:15.0614 5664  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:33:15.0661 5664  Mcx2Svc - ok
23:33:15.0708 5664  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:33:15.0724 5664  megasas - ok
23:33:15.0739 5664  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
23:33:15.0786 5664  MegaSR - ok
23:33:15.0817 5664  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
23:33:15.0864 5664  MMCSS - ok
23:33:15.0895 5664  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
23:33:15.0926 5664  Modem - ok
23:33:15.0942 5664  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:33:16.0004 5664  monitor - ok
23:33:16.0020 5664  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:33:16.0051 5664  mouclass - ok
23:33:16.0067 5664  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:33:16.0114 5664  mouhid - ok
23:33:16.0129 5664  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
23:33:16.0160 5664  MountMgr - ok
23:33:16.0192 5664  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:33:16.0223 5664  MozillaMaintenance - ok
23:33:16.0254 5664  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:33:16.0285 5664  mpio - ok
23:33:16.0301 5664  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:33:16.0332 5664  mpsdrv - ok
23:33:16.0394 5664  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:33:16.0457 5664  MpsSvc - ok
23:33:16.0504 5664  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
23:33:16.0519 5664  Mraid35x - ok
23:33:16.0550 5664  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:33:16.0597 5664  MRxDAV - ok
23:33:16.0644 5664  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:33:16.0706 5664  mrxsmb - ok
23:33:16.0738 5664  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:33:16.0784 5664  mrxsmb10 - ok
23:33:16.0816 5664  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:33:16.0831 5664  mrxsmb20 - ok
23:33:16.0862 5664  [ DE77526BDE93142BDC90CFA9F5CEAD36 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:33:16.0878 5664  msahci - ok
23:33:16.0909 5664  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:33:16.0925 5664  msdsm - ok
23:33:16.0940 5664  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
23:33:16.0987 5664  MSDTC - ok
23:33:17.0018 5664  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:33:17.0065 5664  Msfs - ok
23:33:17.0096 5664  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:33:17.0112 5664  msisadrv - ok
23:33:17.0143 5664  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:33:17.0190 5664  MSiSCSI - ok
23:33:17.0206 5664  msiserver - ok
23:33:17.0252 5664  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:33:17.0284 5664  MSKSSRV - ok
23:33:17.0315 5664  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:33:17.0362 5664  MSPCLOCK - ok
23:33:17.0377 5664  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:33:17.0440 5664  MSPQM - ok
23:33:17.0502 5664  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:33:17.0533 5664  MsRPC - ok
23:33:17.0564 5664  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:33:17.0580 5664  mssmbios - ok
23:33:17.0596 5664  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:33:17.0642 5664  MSTEE - ok
23:33:17.0689 5664  [ BB16693616427EAC1A436E106EA8D318 ] MTsensor        C:\Windows\system32\DRIVERS\ATKACPI.sys
23:33:17.0705 5664  MTsensor - ok
23:33:17.0736 5664  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
23:33:17.0767 5664  Mup - ok
23:33:17.0814 5664  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
23:33:17.0876 5664  napagent - ok
23:33:17.0908 5664  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:33:17.0939 5664  NativeWifiP - ok
23:33:17.0986 5664  NAVENG - ok
23:33:18.0001 5664  NAVEX15 - ok
23:33:18.0064 5664  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:33:18.0110 5664  NDIS - ok
23:33:18.0157 5664  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:33:18.0188 5664  NdisTapi - ok
23:33:18.0204 5664  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:33:18.0251 5664  Ndisuio - ok
23:33:18.0329 5664  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:33:18.0376 5664  NdisWan - ok
23:33:18.0407 5664  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:33:18.0438 5664  NDProxy - ok
23:33:18.0454 5664  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:33:18.0500 5664  NetBIOS - ok
23:33:18.0578 5664  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
23:33:18.0641 5664  netbt - ok
23:33:18.0672 5664  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
23:33:18.0688 5664  Netlogon - ok
23:33:18.0719 5664  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
23:33:18.0766 5664  Netman - ok
23:33:18.0844 5664  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
23:33:18.0906 5664  netprofm - ok
23:33:18.0953 5664  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:33:19.0015 5664  NetTcpPortSharing - ok
23:33:19.0046 5664  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:33:19.0062 5664  nfrd960 - ok
23:33:19.0078 5664  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:33:19.0156 5664  NlaSvc - ok
23:33:19.0187 5664  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:33:19.0249 5664  Npfs - ok
23:33:19.0280 5664  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
23:33:19.0327 5664  nsi - ok
23:33:19.0374 5664  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:33:19.0436 5664  nsiproxy - ok
23:33:19.0577 5664  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:33:19.0655 5664  Ntfs - ok
23:33:19.0702 5664  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
23:33:19.0764 5664  ntrigdigi - ok
23:33:19.0780 5664  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
23:33:19.0842 5664  Null - ok
23:33:19.0873 5664  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:33:19.0889 5664  nvraid - ok
23:33:19.0904 5664  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:33:19.0920 5664  nvstor - ok
23:33:19.0982 5664  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:33:20.0014 5664  nv_agp - ok
23:33:20.0014 5664  NwlnkFlt - ok
23:33:20.0014 5664  NwlnkFwd - ok
23:33:20.0232 5664  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:33:20.0388 5664  odserv - ok
23:33:20.0435 5664  [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
23:33:20.0482 5664  ohci1394 - ok
23:33:20.0544 5664  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:33:20.0575 5664  ose - ok
23:33:20.0653 5664  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
23:33:20.0762 5664  p2pimsvc - ok
23:33:20.0794 5664  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:33:20.0825 5664  p2psvc - ok
23:33:20.0887 5664  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
23:33:20.0965 5664  Parport - ok
23:33:21.0028 5664  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:33:21.0059 5664  partmgr - ok
23:33:21.0121 5664  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
23:33:21.0184 5664  Parvdm - ok
23:33:21.0230 5664  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:33:21.0277 5664  PcaSvc - ok
23:33:21.0324 5664  [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
23:33:21.0355 5664  pccsmcfd - ok
23:33:21.0402 5664  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
23:33:21.0418 5664  pci - ok
23:33:21.0449 5664  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
23:33:21.0464 5664  pciide - ok
23:33:21.0496 5664  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:33:21.0511 5664  pcmcia - ok
23:33:21.0558 5664  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:33:21.0652 5664  PEAUTH - ok
23:33:21.0886 5664  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
23:33:21.0979 5664  pla - ok
23:33:22.0057 5664  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:33:22.0120 5664  PlugPlay - ok
23:33:22.0166 5664  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
23:33:22.0213 5664  PNRPAutoReg - ok
23:33:22.0244 5664  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
23:33:22.0307 5664  PNRPsvc - ok
23:33:22.0369 5664  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:33:22.0432 5664  PolicyAgent - ok
23:33:22.0463 5664  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:33:22.0525 5664  PptpMiniport - ok
23:33:22.0556 5664  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:33:22.0603 5664  Processor - ok
23:33:22.0681 5664  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:33:22.0759 5664  ProfSvc - ok
23:33:22.0775 5664  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:33:22.0806 5664  ProtectedStorage - ok
23:33:22.0837 5664  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
23:33:22.0900 5664  PSched - ok
23:33:22.0962 5664  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:33:23.0040 5664  ql2300 - ok
23:33:23.0087 5664  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:33:23.0102 5664  ql40xx - ok
23:33:23.0134 5664  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
23:33:23.0180 5664  QWAVE - ok
23:33:23.0196 5664  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:33:23.0227 5664  QWAVEdrv - ok
23:33:23.0243 5664  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:33:23.0274 5664  RasAcd - ok
23:33:23.0305 5664  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
23:33:23.0368 5664  RasAuto - ok
23:33:23.0399 5664  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:33:23.0446 5664  Rasl2tp - ok
23:33:23.0492 5664  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
23:33:23.0539 5664  RasMan - ok
23:33:23.0586 5664  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:33:23.0617 5664  RasPppoe - ok
23:33:23.0648 5664  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:33:23.0664 5664  RasSstp - ok
23:33:23.0711 5664  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:33:23.0773 5664  rdbss - ok
23:33:23.0804 5664  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:33:23.0898 5664  RDPCDD - ok
23:33:23.0976 5664  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
23:33:24.0023 5664  rdpdr - ok
23:33:24.0054 5664  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:33:24.0085 5664  RDPENCDD - ok
23:33:24.0148 5664  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:33:24.0194 5664  RDPWD - ok
23:33:24.0226 5664  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:33:24.0272 5664  RemoteAccess - ok
23:33:24.0319 5664  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:33:24.0366 5664  RemoteRegistry - ok
23:33:24.0413 5664  [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:33:24.0475 5664  RFCOMM - ok
23:33:24.0506 5664  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
23:33:24.0569 5664  RpcLocator - ok
23:33:24.0600 5664  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
23:33:24.0631 5664  RpcSs - ok
23:33:24.0662 5664  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:33:24.0709 5664  rspndr - ok
23:33:24.0725 5664  [ F875E277A79EF9D6F3AC89ABB557A689 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
23:33:24.0787 5664  RTL8169 - ok
23:33:24.0850 5664  [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus        C:\Windows\system32\DRIVERS\s0016bus.sys
23:33:24.0896 5664  s0016bus - ok
23:33:24.0912 5664  [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl       C:\Windows\system32\DRIVERS\s0016mdfl.sys
23:33:24.0928 5664  s0016mdfl - ok
23:33:24.0943 5664  [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm        C:\Windows\system32\DRIVERS\s0016mdm.sys
23:33:24.0959 5664  s0016mdm - ok
23:33:24.0974 5664  [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt       C:\Windows\system32\DRIVERS\s0016mgmt.sys
23:33:24.0990 5664  s0016mgmt - ok
23:33:25.0037 5664  [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5        C:\Windows\system32\DRIVERS\s0016nd5.sys
23:33:25.0037 5664  s0016nd5 - ok
23:33:25.0068 5664  [ 36792935847143E4A3CDA0DC87248487 ] s0016obex       C:\Windows\system32\DRIVERS\s0016obex.sys
23:33:25.0084 5664  s0016obex - ok
23:33:25.0099 5664  [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic       C:\Windows\system32\DRIVERS\s0016unic.sys
23:33:25.0115 5664  s0016unic - ok
23:33:25.0162 5664  [ 6381D7FAC6CE956F37AA76031939F8CC ] s0017bus        C:\Windows\system32\DRIVERS\s0017bus.sys
23:33:25.0193 5664  s0017bus - ok
23:33:25.0208 5664  [ 3A0B4FC02D9D79A4F7EE9C13E287C5EB ] s0017mdfl       C:\Windows\system32\DRIVERS\s0017mdfl.sys
23:33:25.0224 5664  s0017mdfl - ok
23:33:25.0240 5664  [ AA689C79D62CAF565357520CAE065F17 ] s0017mdm        C:\Windows\system32\DRIVERS\s0017mdm.sys
23:33:25.0255 5664  s0017mdm - ok
23:33:25.0286 5664  [ 547B1A09017A4C4CE6B535BA810523DA ] s0017mgmt       C:\Windows\system32\DRIVERS\s0017mgmt.sys
23:33:25.0302 5664  s0017mgmt - ok
23:33:25.0349 5664  [ 6DB4820821E819CF61546E1F991A298D ] s0017nd5        C:\Windows\system32\DRIVERS\s0017nd5.sys
23:33:25.0364 5664  s0017nd5 - ok
23:33:25.0411 5664  [ D623BF6F04F7603EE1C4B59C737B69A7 ] s0017obex       C:\Windows\system32\DRIVERS\s0017obex.sys
23:33:25.0427 5664  s0017obex - ok
23:33:25.0458 5664  [ 0C970A53FC43815E948628442F8983AD ] s0017unic       C:\Windows\system32\DRIVERS\s0017unic.sys
23:33:25.0474 5664  s0017unic - ok
23:33:25.0520 5664  [ D259D085F215B57B7170DC2D0B646B2A ] s1039bus        C:\Windows\system32\DRIVERS\s1039bus.sys
23:33:25.0536 5664  s1039bus - ok
23:33:25.0567 5664  [ 4D2B6621B5913E8B1CBB650A6037B8A2 ] s1039mdfl       C:\Windows\system32\DRIVERS\s1039mdfl.sys
23:33:25.0598 5664  s1039mdfl - ok
23:33:25.0661 5664  [ 8149799844AB2E91EA92E9CAD4224254 ] s1039mdm        C:\Windows\system32\DRIVERS\s1039mdm.sys
23:33:25.0676 5664  s1039mdm - ok
23:33:25.0708 5664  [ 5E91068B3F5E003B83D8A99DC0C76E2C ] s1039mgmt       C:\Windows\system32\DRIVERS\s1039mgmt.sys
23:33:25.0723 5664  s1039mgmt - ok
23:33:25.0754 5664  [ DF54DBF1C4105D2074D07929F6BA91AA ] s1039nd5        C:\Windows\system32\DRIVERS\s1039nd5.sys
23:33:25.0770 5664  s1039nd5 - ok
23:33:25.0817 5664  [ 1BC084B0708D42E29E2222346149E52F ] s1039obex       C:\Windows\system32\DRIVERS\s1039obex.sys
23:33:25.0848 5664  s1039obex - ok
23:33:25.0864 5664  [ 2E8CCB7BF5B1EB34BCF4EBF880B3E11C ] s1039unic       C:\Windows\system32\DRIVERS\s1039unic.sys
23:33:25.0879 5664  s1039unic - ok
23:33:25.0895 5664  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
23:33:25.0910 5664  SamSs - ok
23:33:25.0957 5664  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:33:25.0988 5664  sbp2port - ok
23:33:26.0020 5664  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:33:26.0051 5664  SCardSvr - ok
23:33:26.0144 5664  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
23:33:26.0238 5664  Schedule - ok
23:33:26.0254 5664  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:33:26.0285 5664  SCPolicySvc - ok
23:33:26.0300 5664  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
23:33:26.0363 5664  sdbus - ok
23:33:26.0410 5664  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:33:26.0472 5664  SDRSVC - ok
23:33:26.0503 5664  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:33:26.0550 5664  secdrv - ok
23:33:26.0581 5664  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
23:33:26.0644 5664  seclogon - ok
23:33:26.0659 5664  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
23:33:26.0690 5664  SENS - ok
23:33:26.0737 5664  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
23:33:26.0800 5664  Serenum - ok
23:33:26.0815 5664  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
23:33:26.0878 5664  Serial - ok
23:33:26.0909 5664  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:33:26.0956 5664  sermouse - ok
23:33:27.0065 5664  [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23:33:27.0127 5664  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
23:33:27.0127 5664  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
23:33:27.0190 5664  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:33:27.0236 5664  SessionEnv - ok
23:33:27.0283 5664  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:33:27.0330 5664  sffdisk - ok
23:33:27.0361 5664  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:33:27.0392 5664  sffp_mmc - ok
23:33:27.0424 5664  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:33:27.0470 5664  sffp_sd - ok
23:33:27.0502 5664  [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:33:27.0548 5664  sfloppy - ok
23:33:27.0580 5664  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:33:27.0642 5664  SharedAccess - ok
23:33:27.0704 5664  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:33:27.0767 5664  ShellHWDetection - ok
23:33:27.0782 5664  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
23:33:27.0798 5664  sisagp - ok
23:33:27.0814 5664  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
23:33:27.0845 5664  SiSRaid2 - ok
23:33:27.0860 5664  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:33:27.0876 5664  SiSRaid4 - ok
23:33:27.0923 5664  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
23:33:28.0032 5664  SkypeUpdate - ok
23:33:28.0484 5664  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
23:33:28.0672 5664  slsvc - ok
23:33:28.0718 5664  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
23:33:28.0750 5664  SLUINotify - ok
23:33:28.0796 5664  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:33:28.0828 5664  Smb - ok
23:33:28.0890 5664  [ C8A58FC905C9184FA70E37F71060C64D ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
23:33:29.0015 5664  smserial - ok
23:33:29.0062 5664  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:33:29.0124 5664  SNMPTRAP - ok
23:33:29.0186 5664  [ 060F51141B20B8156804446A04AB8B2A ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
23:33:29.0296 5664  SNP2UVC - ok
23:33:29.0420 5664  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
23:33:29.0514 5664  Sony PC Companion ( UnsignedFile.Multi.Generic ) - warning
23:33:29.0514 5664  Sony PC Companion - detected UnsignedFile.Multi.Generic (1)
23:33:29.0530 5664  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
23:33:29.0545 5664  spldr - ok
23:33:29.0592 5664  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
23:33:29.0654 5664  Spooler - ok
23:33:29.0701 5664  [ CDDDEC541BC3C96F91ECB48759673505 ] sptd            C:\Windows\System32\Drivers\sptd.sys
23:33:29.0764 5664  sptd - ok
23:33:29.0795 5664  [ B747EA555A72070F258B3E31E1392D62 ] SRS_PremiumSound_Service C:\Windows\system32\drivers\srs_PremiumSound_i386.sys
23:33:29.0842 5664  SRS_PremiumSound_Service - ok
23:33:29.0873 5664  [ 543B82F5846CEF761EE98D727C15D539 ] SRS_VolSync_Service C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
23:33:29.0904 5664  SRS_VolSync_Service - ok
23:33:29.0904 5664  SRTSP - ok
23:33:29.0920 5664  SRTSPX - ok
23:33:29.0982 5664  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:33:30.0029 5664  srv - ok
23:33:30.0060 5664  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:33:30.0107 5664  srv2 - ok
23:33:30.0154 5664  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:33:30.0185 5664  srvnet - ok
23:33:30.0216 5664  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:33:30.0294 5664  SSDPSRV - ok
23:33:30.0341 5664  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
23:33:30.0356 5664  ssmdrv - ok
23:33:30.0388 5664  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:33:30.0419 5664  SstpSvc - ok
23:33:30.0450 5664  [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
23:33:30.0466 5664  ss_bbus - ok
23:33:30.0497 5664  [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
23:33:30.0497 5664  ss_bmdfl - ok
23:33:30.0528 5664  [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
23:33:30.0544 5664  ss_bmdm - ok
23:33:30.0590 5664  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
23:33:30.0653 5664  stisvc - ok
23:33:30.0684 5664  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:33:30.0700 5664  swenum - ok
23:33:30.0746 5664  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
23:33:30.0793 5664  swprv - ok
23:33:30.0793 5664  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
23:33:30.0809 5664  Symc8xx - ok
23:33:30.0824 5664  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
23:33:30.0840 5664  Sym_hi - ok
23:33:30.0856 5664  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
23:33:30.0871 5664  Sym_u3 - ok
23:33:30.0934 5664  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
23:33:30.0996 5664  SysMain - ok
23:33:31.0058 5664  [ D7E795032847A6E6E9FBC5E296AE0838 ] SystemStore     C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
23:33:31.0105 5664  SystemStore ( UnsignedFile.Multi.Generic ) - warning
23:33:31.0105 5664  SystemStore - detected UnsignedFile.Multi.Generic (1)
23:33:31.0136 5664  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:33:31.0168 5664  TabletInputService - ok
23:33:31.0214 5664  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:33:31.0246 5664  TapiSrv - ok
23:33:31.0277 5664  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
23:33:31.0308 5664  TBS - ok
23:33:31.0355 5664  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:33:31.0433 5664  Tcpip - ok
23:33:31.0526 5664  [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
23:33:31.0573 5664  Tcpip6 - ok
23:33:31.0604 5664  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:33:31.0651 5664  tcpipreg - ok
23:33:31.0682 5664  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:33:31.0714 5664  TDPIPE - ok
23:33:31.0760 5664  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:33:31.0807 5664  TDTCP - ok
23:33:31.0838 5664  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:33:31.0870 5664  tdx - ok
23:33:31.0932 5664  [ D827A50CEC8A16180EEC4F1951B7A842 ] TeamViewer5     C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
23:33:31.0948 5664  TeamViewer5 - ok
23:33:31.0979 5664  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:33:31.0994 5664  TermDD - ok
23:33:32.0072 5664  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
23:33:32.0150 5664  TermService - ok
23:33:32.0166 5664  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
23:33:32.0197 5664  Themes - ok
23:33:32.0213 5664  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
23:33:32.0244 5664  THREADORDER - ok
23:33:32.0291 5664  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
23:33:32.0338 5664  TrkWks - ok
23:33:32.0384 5664  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:33:32.0462 5664  TrustedInstaller - ok
23:33:32.0494 5664  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:33:32.0556 5664  tssecsrv - ok
23:33:32.0587 5664  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
23:33:32.0603 5664  tunmp - ok
23:33:32.0634 5664  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:33:32.0681 5664  tunnel - ok
23:33:32.0712 5664  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:33:32.0743 5664  uagp35 - ok
23:33:32.0790 5664  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:33:32.0821 5664  udfs - ok
23:33:32.0852 5664  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:33:32.0915 5664  UI0Detect - ok
23:33:32.0946 5664  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:33:32.0962 5664  uliagpkx - ok
23:33:32.0977 5664  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
23:33:33.0008 5664  uliahci - ok
23:33:33.0024 5664  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
23:33:33.0040 5664  UlSata - ok
23:33:33.0055 5664  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
23:33:33.0086 5664  ulsata2 - ok
23:33:33.0102 5664  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:33:33.0149 5664  umbus - ok
23:33:33.0180 5664  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
23:33:33.0227 5664  upnphost - ok
23:33:33.0258 5664  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:33:33.0305 5664  usbccgp - ok
23:33:33.0336 5664  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:33:33.0414 5664  usbcir - ok
23:33:33.0445 5664  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:33:33.0461 5664  usbehci - ok
23:33:33.0492 5664  [ EDCA5124B54BCF04E5C0538AA397A9C1 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
23:33:33.0508 5664  usbfilter - ok
23:33:33.0523 5664  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:33:33.0554 5664  usbhub - ok
23:33:33.0570 5664  [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:33:33.0617 5664  usbohci - ok
23:33:33.0632 5664  [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
23:33:33.0695 5664  usbprint - ok
23:33:33.0742 5664  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:33:33.0788 5664  USBSTOR - ok
23:33:33.0804 5664  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:33:33.0835 5664  usbuhci - ok
23:33:33.0866 5664  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
23:33:33.0898 5664  usbvideo - ok
23:33:33.0929 5664  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
23:33:33.0991 5664  UxSms - ok
23:33:34.0022 5664  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
23:33:34.0085 5664  vds - ok
23:33:34.0100 5664  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:33:34.0194 5664  vga - ok
23:33:34.0256 5664  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:33:34.0303 5664  VgaSave - ok
23:33:34.0350 5664  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
23:33:34.0381 5664  viaagp - ok
23:33:34.0397 5664  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
23:33:34.0475 5664  ViaC7 - ok
23:33:34.0522 5664  [ 14235AB7040218EF4B3CC86A693C0B2E ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
23:33:34.0600 5664  VIAHdAudAddService - ok
23:33:34.0631 5664  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
23:33:34.0662 5664  viaide - ok
23:33:34.0678 5664  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:33:34.0693 5664  volmgr - ok
23:33:34.0740 5664  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:33:34.0756 5664  volmgrx - ok
23:33:34.0865 5664  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:33:34.0896 5664  volsnap - ok
23:33:34.0927 5664  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:33:34.0958 5664  vsmraid - ok
23:33:35.0099 5664  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
23:33:35.0208 5664  VSS - ok
23:33:35.0239 5664  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
23:33:35.0270 5664  W32Time - ok
23:33:35.0302 5664  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:33:35.0364 5664  WacomPen - ok
23:33:35.0395 5664  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
23:33:35.0442 5664  Wanarp - ok
23:33:35.0442 5664  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:33:35.0473 5664  Wanarpv6 - ok
23:33:35.0551 5664  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:33:35.0598 5664  wcncsvc - ok
23:33:35.0629 5664  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:33:35.0676 5664  WcsPlugInService - ok
23:33:35.0723 5664  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
23:33:35.0738 5664  Wd - ok
23:33:35.0785 5664  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:33:35.0832 5664  Wdf01000 - ok
23:33:35.0863 5664  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:33:35.0910 5664  WdiServiceHost - ok
23:33:35.0910 5664  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:33:35.0941 5664  WdiSystemHost - ok
23:33:36.0019 5664  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
23:33:36.0066 5664  WebClient - ok
23:33:36.0097 5664  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:33:36.0160 5664  Wecsvc - ok
23:33:36.0191 5664  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:33:36.0222 5664  wercplsupport - ok
23:33:36.0284 5664  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:33:36.0331 5664  WerSvc - ok
23:33:36.0409 5664  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
23:33:36.0456 5664  WinDefend - ok
23:33:36.0456 5664  WinHttpAutoProxySvc - ok
23:33:36.0612 5664  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:33:36.0706 5664  Winmgmt - ok
23:33:36.0893 5664  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:33:37.0002 5664  WinRM - ok
23:33:37.0064 5664  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
23:33:37.0096 5664  WinUSB - ok
23:33:37.0142 5664  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:33:37.0189 5664  Wlansvc - ok
23:33:37.0330 5664  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:33:37.0423 5664  wlidsvc - ok
23:33:37.0470 5664  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:33:37.0517 5664  WmiAcpi - ok
23:33:37.0564 5664  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:33:37.0626 5664  wmiApSrv - ok
23:33:37.0751 5664  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
23:33:37.0844 5664  WMPNetworkSvc - ok
23:33:37.0922 5664  [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
23:33:38.0390 5664  WMZuneComm - ok
23:33:38.0453 5664  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:33:38.0515 5664  WPCSvc - ok
23:33:38.0562 5664  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:33:38.0593 5664  WPDBusEnum - ok
23:33:38.0624 5664  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
23:33:38.0640 5664  WpdUsb - ok
23:33:38.0796 5664  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:33:38.0890 5664  WPFFontCache_v0400 - ok
23:33:38.0921 5664  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:33:38.0983 5664  ws2ifsl - ok
23:33:39.0046 5664  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
23:33:39.0077 5664  wscsvc - ok
23:33:39.0092 5664  WSearch - ok
23:33:39.0170 5664  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
23:33:39.0295 5664  wuauserv - ok
23:33:39.0358 5664  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:33:39.0404 5664  WudfPf - ok
23:33:39.0420 5664  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:33:39.0451 5664  WUDFRd - ok
23:33:39.0529 5664  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:33:39.0576 5664  wudfsvc - ok
23:33:39.0623 5664  [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
23:33:39.0701 5664  yukonwlh - ok
23:33:39.0919 5664  [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
23:33:40.0309 5664  ZuneNetworkSvc - ok
23:33:40.0372 5664  [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
23:33:40.0481 5664  ZuneWlanCfgSvc - ok
23:33:40.0528 5664  ================ Scan global ===============================
23:33:40.0559 5664  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:33:40.0652 5664  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:33:40.0684 5664  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:33:40.0746 5664  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
23:33:40.0762 5664  [Global] - ok
23:33:40.0762 5664  ================ Scan MBR ==================================
23:33:40.0777 5664  [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
23:33:42.0836 5664  \Device\Harddisk0\DR0 - ok
23:33:42.0836 5664  ================ Scan VBR ==================================
23:33:42.0883 5664  [ 57305CBCB76D4D7D57E2F87F29FE070D ] \Device\Harddisk0\DR0\Partition1
23:33:42.0899 5664  \Device\Harddisk0\DR0\Partition1 - ok
23:33:42.0914 5664  [ E7FD3D3D29794C6D64BA321B8B2E8568 ] \Device\Harddisk0\DR0\Partition2
23:33:42.0930 5664  \Device\Harddisk0\DR0\Partition2 - ok
23:33:42.0930 5664  ============================================================
23:33:42.0930 5664  Scan finished
23:33:42.0930 5664  ============================================================
23:33:42.0946 5748  Detected object count: 7
23:33:42.0946 5748  Actual detected object count: 7
23:34:33.0022 5748  ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0022 5748  ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:34:33.0037 5748  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748  ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:34:33.0037 5748  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:34:33.0037 5748  FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748  FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:34:33.0037 5748  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:34:33.0037 5748  Sony PC Companion ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0037 5748  Sony PC Companion ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:34:33.0053 5748  SystemStore ( UnsignedFile.Multi.Generic ) - skipped by user
23:34:33.0053 5748  SystemStore ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:35:36.0233 5004  Deinitialize success
         

Alt 10.04.2013, 00:19   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.04.2013, 10:51   #11
Ephesar
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Hallo!

Habe Combofix durchlaufen lassen. Es schien keine Probleme zu geben. Beim Neustart wurden updates durchgeführt.

Hier die Combogix Log-Datei (erfreulicherweise in CODE-Tags).

Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-04-10.01 - Ciaran 10.04.2013  10:14:01.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3070.1889 [GMT 2:00]
ausgeführt von:: c:\users\Ciaran\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
 ADS - Windows: deleted 48 bytes in 1 streams. 
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Adobe\gp.xpi
c:\users\Ciaran\4.0
c:\windows\system32\AF15BDAEX.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-03-10 bis 2013-04-10  ))))))))))))))))))))))))))))))
.
.
2013-04-10 08:22 . 2013-04-10 08:22	--------	d-----w-	c:\users\Ciaran\AppData\Local\temp
2013-04-10 08:22 . 2013-04-10 08:22	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-04-10 08:20 . 2013-04-10 08:20	60872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0B81AF0-6C80-41CC-91E7-C5E109CAA05A}\offreg.dll
2013-04-10 07:54 . 2013-03-15 07:21	7108640	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0B81AF0-6C80-41CC-91E7-C5E109CAA05A}\mpengine.dll
2013-04-02 10:05 . 2013-04-02 10:05	--------	d-----w-	c:\program files\7-Zip
2013-04-02 08:27 . 2013-04-05 21:02	--------	d-----w-	c:\users\Ciaran\AppData\Local\DoNotTrackPlus
2013-04-01 22:14 . 2013-04-01 22:14	--------	d-----w-	c:\users\Ciaran\AppData\Local\AskToolbar
2013-03-28 22:00 . 2013-03-28 22:22	--------	d-----w-	c:\program files\gmer
2013-03-28 21:44 . 2013-03-28 21:46	--------	d-----w-	c:\program files\Defogger
2013-03-27 16:33 . 2013-03-27 16:33	--------	d-----w-	c:\users\Ciaran\AppData\Roaming\Malwarebytes
2013-03-27 16:33 . 2013-03-27 16:33	--------	d-----w-	c:\programdata\Malwarebytes
2013-03-27 16:33 . 2012-12-14 15:49	21104	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-03-27 16:32 . 2013-03-27 16:33	--------	d-----w-	c:\program files\Malewarebytes
2013-03-20 21:08 . 2013-02-12 01:57	15872	----a-w-	c:\windows\system32\drivers\usb8023.sys
2013-03-19 09:34 . 2013-03-19 09:34	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-09 18:34 . 2009-08-21 01:47	45056	----a-w-	c:\windows\system32\acovcnt.exe
2013-03-29 11:45 . 2013-02-26 11:10	84744	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-03-29 11:45 . 2013-02-26 11:10	37352	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-03-29 11:45 . 2013-02-26 11:10	135136	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-03-19 09:34 . 2012-07-08 20:58	861088	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-03-19 09:34 . 2010-04-28 22:10	782240	----a-w-	c:\windows\system32\deployJava1.dll
2013-03-19 09:28 . 2012-03-31 08:15	693976	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-03-19 09:28 . 2011-06-09 20:49	73432	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-11 23:10 . 2009-11-02 21:14	237088	------w-	c:\windows\system32\MpSigStub.exe
2013-03-08 12:40 . 2013-03-08 12:40	263064	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-08-22 1521872]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Ciaran\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Ciaran\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Ciaran\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Ciaran\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-09-03 8105984]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-19 61440]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-04-30 1392640]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-04-21 540576]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-08-19 159744]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-21 47672]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-08-21 3054136]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"QuickTime Task"="c:\program files\Quick Time\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-08-22 1573584]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-03-29 345312]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk /r \??\G:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^Ciaran^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Ciaran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-11-28 13:13	59280	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-02 17:05	102400	----a-w-	c:\program files\Samsung New PC Studio\NPSAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52	104936	----a-w-	c:\program files\CyberLink\Power2Go\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16	357696	----a-w-	c:\program files\Deamon Tools\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2008-12-02 21:39	3882312	----a-w-	c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-11-09 10:27	17877168	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Switcher]
2007-10-28 10:35	425984	----a-w-	c:\program files\Switcher\Switcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2011-08-05 11:29	159456	----a-w-	c:\program files\Zune\ZuneLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2891030391-3306484332-1369553764-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001
.
S2 AAV UpdateService;AAV UpdateService;c:\program files\AAVUpdateManager\aavus.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
bthsvcs	REG_MULTI_SZ   	BthServ
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-29 19:55	1642448	----a-w-	c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 22:47]
.
2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-21 22:47]
.
.
------- Zusätzlicher Suchlauf -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\
FF - prefs.js: browser.startup.homepage - hxxp://ecosia.org/
FF - ExtSQL: 2013-02-26 12:11; toolbar@ask.com; c:\users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\extensions\toolbar@ask.com
FF - ExtSQL: !HIDDEN! 2009-11-06 14:08; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-NPSStartup - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-04-10 10:22
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r??????????????????????????????????????????????? 
.
Scanne versteckte Dateien... 
.
.
C:\ADSM_PData_0150
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'lsass.exe'(672)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
.
Zeit der Fertigstellung: 2013-04-10  10:25:33
ComboFix-quarantined-files.txt  2013-04-10 08:25
.
Vor Suchlauf: 5 Verzeichnis(se), 58.057.261.056 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 62.789.124.096 Bytes frei
.
- - End Of File - - 522D336095D5ED9BBA2DE3225399B45A
         
--- --- ---

Danke und Beste Grüße!

Ciarán

Alt 10.04.2013, 11:54   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.04.2013, 13:06   #13
Ephesar
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Hey!

Habe die drei beschriebenen Schritte durchgeführt. Diese scheinen alle ohne Probleme gelaufen zu sein.

Ich poste nun die LOG-Dateien in diesem Beitrag.

Als ich mein Avira Antivirenprogramm wieder eingeschaltet habe, ist mir aufgefallen, dass der Browserschutz nicht aktiviert ist. Ich scheine ihn nicht einfach wieder einschalten zu können. Ich weiß nicht, ob das mit dem ursprünglichen Problem oder den durchgeführten Diagnose-Schritten zu tun hat. Kannst du dazu etwas sagen?

Danke und beste Grüße,

Ciarán

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Ciaran on 10.04.2013 at 12:14:58,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\apnupdater



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthost.tool
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\scripthost.tool.1



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Ciaran\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files\daemon tools toolbar"



~~~ FireFox

Successfully deleted: [File] C:\Users\Ciaran\AppData\Roaming\mozilla\firefox\profiles\viwyz4px.default\searchplugins\askcom.xml
Successfully deleted: [Folder] C:\Users\Ciaran\AppData\Roaming\mozilla\firefox\profiles\viwyz4px.default\extensions\toolbar@ask.com
Successfully deleted the following from C:\Users\Ciaran\AppData\Roaming\mozilla\firefox\profiles\viwyz4px.default\prefs.js

user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.defaultenginename", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("extensions.asktb.ff-original-keyword-url", "");
Emptied folder: C:\Users\Ciaran\AppData\Roaming\mozilla\firefox\profiles\viwyz4px.default\minidumps [87 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.04.2013 at 12:19:16,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.200 - Datei am 10/04/2013 um 12:22:37 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Ciaran - CIARAN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Ciaran\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\searchplugins\daemon-search.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\Ciaran\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Ciaran\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\extensions\DTToolbar@toolbarnet.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v19.0.2 (de)

Datei : C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v26.0.1410.43

Datei : C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [10252 octets] - [10/04/2013 12:22:37]

########## EOF - C:\AdwCleaner[S1].txt - [10313 octets] ##########
         
--- --- ---


[/code]


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.04.2013 12:48:09 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ciaran\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,48% Memory free
6,20 Gb Paging File | 5,08 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 58,23 Gb Free Space | 39,07% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 137,26 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
 
Computer Name: CIARAN-PC | User Name: Ciaran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Ciaran\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Divx\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe ()
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE (VIA)
PRC - C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe (SRS Labs, Inc.)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\AAVUpdateManager\aavus.exe ()
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\Divx\DivX Update\DivXUpdate.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3364.37083__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3364.37103__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3364.37097__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3364.37101__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3364.37179__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3364.37180__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3364.37160__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3364.37091__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3364.37141__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3364.37128__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3364.37092__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3364.37146__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3364.37192__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3364.37179__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3364.37147__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3364.37146__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3364.37178__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3364.37192__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3364.37130__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3364.37092__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3364.37104__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3364.37155__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3364.37103__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3364.37139__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3364.37138__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3364.37140__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3364.37108__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3364.37107__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3364.37140__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3364.37128__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3364.37129__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3309.28647__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3364.37207__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3364.37174__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3364.37188__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3364.37078__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3364.37168__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3364.37097__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3364.37080__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3364.37172__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3364.37082__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3364.37087__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3364.37081__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3364.37080__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3364.37079__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3364.37173__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll ()
MOD - C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Program files\P4G\OvrClk.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program files\P4G\DevMng.dll ()
MOD - C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll ()
MOD - C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll ()
MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()
MOD - C:\Program Files\ATKGFNEX\AGFNEX.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (SystemStore) -- C:\Program Files\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe ()
SRV - (Sony PC Companion) -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SRS_VolSync_Service) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe (SRS Labs, Inc.)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (AAV UpdateService) -- C:\Program Files\AAVUpdateManager\aavus.exe ()
SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SRTSPX) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS File not found
DRV - (SRTSP) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS File not found
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (catchme) -- C:\Users\Ciaran\AppData\Local\Temp\catchme.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (s1039bus) -- C:\Windows\System32\drivers\s1039bus.sys (MCCI Corporation)
DRV - (s1039mdm) -- C:\Windows\System32\drivers\s1039mdm.sys (MCCI Corporation)
DRV - (s1039mgmt) -- C:\Windows\System32\drivers\s1039mgmt.sys (MCCI Corporation)
DRV - (s1039obex) -- C:\Windows\System32\drivers\s1039obex.sys (MCCI Corporation)
DRV - (s1039mdfl) -- C:\Windows\System32\drivers\s1039mdfl.sys (MCCI Corporation)
DRV - (s1039unic) -- C:\Windows\System32\drivers\s1039unic.sys (MCCI Corporation)
DRV - (s1039nd5) -- C:\Windows\System32\drivers\s1039nd5.sys (MCCI Corporation)
DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (AfaTech                  )
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (SRS_PremiumSound_Service) -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys ()
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices Inc.)
DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (s0017mgmt) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017nd5) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0016unic) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.)
DRV - (CRFILTER) -- C:\Windows\System32\drivers\CRFILTER.sys (Generic)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com/
IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes\{A98C4578-F989-4B25-BB0C-F3A0772DECBA}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=D2161909-5D4E-4BC5-A87F-50D961941D05&apn_sauid=7268D777-BCED-446F-B977-F47FC413F014
IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\SearchScopes\{E71B1DBB-62F3-495B-BDBF-1274689FDE93}: "URL" = hxxp://de.forestle.org/search.php?q={searchTerms}&meta=
IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\Divx\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VLC Player\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.03.18 23:34:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 14:40:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.21 01:34:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.17 22:05:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.03.21 01:34:39 | 000,000,000 | ---D | M]
 
[2013.03.08 14:40:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013.03.08 14:40:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.03.08 14:40:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.03.08 14:40:40 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.19 22:46:58 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 11:23:57 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.19 22:46:58 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.19 22:46:58 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.19 22:46:58 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.19 22:46:58 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.43\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VLC Player\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Google Mail = C:\Users\Ciaran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013.04.10 10:22:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\Quick Time\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2891030391-3306484332-1369553764-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40EB3047-0DCF-4601-867B-E58510BC3B92}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F573B0FD-F7F2-4836-AFEE-901BE2AE956D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Ciaran\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ciaran\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /r \??\G:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.10 12:14:48 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.10 12:14:38 | 000,000,000 | ---D | C] -- C:\JRT
[2013.04.10 12:14:38 | 000,000,000 | ---D | C] -- \JRT
[2013.04.10 12:12:45 | 000,551,587 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Ciaran\Desktop\JRT.exe
[2013.04.10 10:35:40 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.04.10 10:35:39 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.04.10 10:35:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.04.10 10:35:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.04.10 10:35:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.04.10 10:35:37 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.04.10 10:35:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.04.10 10:35:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.04.10 10:25:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.04.10 10:25:38 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN
[2013.04.10 10:25:35 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\AppData\Local\temp
[2013.04.10 10:10:11 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.04.10 10:10:11 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.04.10 10:10:11 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.04.10 10:10:04 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.04.10 10:10:04 | 000,000,000 | ---D | C] -- \ComboFix
[2013.04.10 10:09:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.04.10 10:09:20 | 000,000,000 | ---D | C] -- \Qoobox
[2013.04.10 10:08:44 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.04.10 09:59:38 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.04.10 09:59:38 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.04.10 09:59:38 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.04.10 09:56:50 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.04.10 09:56:45 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.04.10 09:48:51 | 005,050,680 | R--- | C] (Swearware) -- C:\Users\Ciaran\Desktop\ComboFix.exe
[2013.04.09 20:45:29 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Ciaran\Desktop\tdsskiller.exe
[2013.04.09 20:42:03 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Ciaran\Desktop\aswMBR.exe
[2013.04.06 14:29:06 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\Desktop\Ralph
[2013.04.02 12:07:46 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\Desktop\Reportdateien
[2013.04.02 12:05:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.04.02 12:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.04.02 10:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.04.02 10:27:50 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\AppData\Local\DoNotTrackPlus
[2013.03.29 00:26:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ciaran\Desktop\OTL.exe
[2013.03.29 00:00:46 | 000,000,000 | ---D | C] -- C:\Program Files\gmer
[2013.03.28 23:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\Defogger
[2013.03.27 18:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.27 18:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.27 18:33:06 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.03.27 18:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malewarebytes
[2013.03.24 22:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.22 00:17:42 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\Desktop\mbar
[2013.03.20 23:08:25 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.03.19 23:09:33 | 000,000,000 | ---D | C] -- C:\Users\Ciaran\Desktop\Ryan
[2013.03.19 11:34:35 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.19 11:34:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.19 11:34:12 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.19 11:34:12 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.10 12:42:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.10 12:25:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.10 12:25:29 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.10 12:25:29 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.10 12:25:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.10 12:23:44 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.04.10 12:12:45 | 000,551,587 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Ciaran\Desktop\JRT.exe
[2013.04.10 12:07:14 | 000,613,083 | ---- | M] () -- C:\Users\Ciaran\Desktop\adwcleaner.exe
[2013.04.10 10:44:15 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013.04.10 10:42:28 | 000,396,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.04.10 10:22:22 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.04.10 09:49:01 | 005,050,680 | R--- | M] (Swearware) -- C:\Users\Ciaran\Desktop\ComboFix.exe
[2013.04.09 20:45:36 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Ciaran\Desktop\tdsskiller.exe
[2013.04.09 20:43:01 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Ciaran\Desktop\aswMBR.exe
[2013.04.06 14:23:10 | 000,632,502 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.06 14:23:10 | 000,599,150 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.06 14:23:10 | 000,127,714 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.06 14:23:10 | 000,105,164 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.02 10:38:13 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.03.29 21:56:04 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.29 13:45:03 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.03.29 13:45:03 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.03.29 13:45:03 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.03.29 00:26:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ciaran\Desktop\OTL.exe
[2013.03.29 00:00:33 | 000,377,856 | ---- | M] () -- C:\Users\Ciaran\Desktop\gmer_2.1.19155.exe
[2013.03.28 23:46:50 | 000,000,020 | ---- | M] () -- C:\Users\Ciaran\defogger_reenable
[2013.03.27 18:33:08 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.24 22:44:19 | 000,002,080 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.03.19 21:47:47 | 335,949,404 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.03.19 11:34:04 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.19 11:34:03 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2013.03.19 11:34:03 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.03.19 11:34:03 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.19 11:34:03 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.19 11:34:03 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.19 11:28:13 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.19 11:28:13 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.12 01:10:56 | 000,237,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.03.11 15:25:50 | 003,603,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.03.11 15:25:50 | 003,551,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
 
========== Files Created - No Company Name ==========
 
[2013.04.10 12:07:13 | 000,613,083 | ---- | C] () -- C:\Users\Ciaran\Desktop\adwcleaner.exe
[2013.04.10 10:10:11 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.04.10 10:10:11 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.04.10 10:10:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.04.10 10:10:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.04.10 10:10:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.03.29 00:00:31 | 000,377,856 | ---- | C] () -- C:\Users\Ciaran\Desktop\gmer_2.1.19155.exe
[2013.03.28 23:46:31 | 000,000,020 | ---- | C] () -- C:\Users\Ciaran\defogger_reenable
[2013.03.27 18:33:08 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.03.24 22:44:19 | 000,002,080 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.03.19 21:47:47 | 335,949,404 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.11.06 14:42:41 | 000,093,338 | ---- | C] () -- C:\Users\Ciaran\image201211060002.jpg
[2011.09.22 14:11:07 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011.01.28 18:15:01 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.04.29 20:23:58 | 000,001,356 | ---- | C] () -- C:\Users\Ciaran\AppData\Local\d3d9caps.dat
[2009.10.30 18:12:53 | 000,206,336 | ---- | C] () -- C:\Users\Ciaran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.07 18:51:38 | 001,048,576 | RH-- | C] () -- \K50AB.BIN
[2009.04.27 04:26:42 | 000,000,014 | ---- | C] () -- \K40AB_K50AB_VISTA.10
[2009.04.23 04:10:21 | 001,048,576 | RH-- | C] () -- \K40AB.BIN
[2009.03.04 09:47:39 | 000,000,012 | ---- | C] () -- \RECOVERY.DAT
[2008.04.16 13:27:17 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK
[2008.04.16 13:27:14 | 000,333,257 | RHS- | C] () -- \bootmgr
[2006.11.02 12:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2006.11.02 08:25:08 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2012.11.10 00:09:20 | 000,000,596 | ---- | M] () -- C:\Users\Ciaran\AppData\Roaming\Mozilla\Firefox\Profiles\viwyz4px.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         
--- --- ---


[/code]


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.04.2013 12:48:09 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Ciaran\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 63,48% Memory free
6,20 Gb Paging File | 5,08 Gb Available in Paging File | 81,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 58,23 Gb Free Space | 39,07% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 137,26 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
 
Computer Name: CIARAN-PC | User Name: Ciaran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2891030391-3306484332-1369553764-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC Player\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC Player\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2891030391-3306484332-1369553764-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{066CC7D3-9989-4048-8200-9FB4B448C366}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{092327B9-4AF6-4208-9433-81E9A0142FFC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{0E2D0FA0-C669-4C35-BEE8-1C89F7F2AF84}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{14F2C201-16E1-4F26-8AF6-A89B71CD8555}" = lport=139 | protocol=6 | dir=in | app=system | 
"{2B30542B-E5A3-4A04-B2D9-80CAD936BAFF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{4C910879-A740-4526-9550-4AAC2F805B5F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{57C20144-351F-4A86-997C-C278247838AB}" = lport=138 | protocol=17 | dir=in | app=system | 
"{57E4FF1F-DB5C-46F4-AC6F-CC7C8887D1D8}" = rport=139 | protocol=6 | dir=out | app=system | 
"{69F257A0-EFE7-4C4C-BD7F-8D81A9D49CF5}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6E20C36A-C08D-4F91-830A-6F9B961FAA70}" = rport=445 | protocol=6 | dir=out | app=system | 
"{77FAD8C8-F16B-4E3B-9943-F17D65B80086}" = rport=138 | protocol=17 | dir=out | app=system | 
"{80448A4F-6330-4C2E-AC85-3332569735AF}" = lport=137 | protocol=17 | dir=in | app=system | 
"{808F0564-A39E-4FB3-B96B-CC05B7AF2648}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{869AA81C-1E6B-4B46-9A88-9BB80999D30A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9C713E3E-0E9F-48AA-945E-9AA7B23A3DA0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{B030B835-D8E7-4A48-B11B-CB0EB0930FD8}" = rport=137 | protocol=17 | dir=out | app=system | 
"{BFE41885-9D86-47A6-8770-D3E655E284F8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{C7A4C67B-621E-4B56-8551-16875026F89E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DF7D6523-8468-4925-A45C-3D339CFD70EF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F0628A5C-3A0B-452C-A63A-ADCC55E641A0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{F4536782-E193-4A68-9521-7D1F4454962A}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013465FC-B6E7-4EDF-B51E-34D007986FF4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{0BF4D5D8-4EAB-44A6-95EE-62C98A157B02}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | 
"{1101E55F-B19C-40DA-A306-02AD3D23CBD1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{14B43885-672A-45ED-8272-1A09C09505F0}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{15A3F4DC-678A-44E4-BE92-D1A43DF859F4}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1C08B71E-B92D-4267-AFFA-6B9CA589B731}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{1DB94DF7-C3EA-4209-8244-76EC060EC333}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2498F7F4-3C3E-42C3-A5F6-9D237BA6B73C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2D01CF99-8E9E-43C9-A182-D39FE64EE29D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2F9E7732-B23E-4F15-AA44-0275F86BFDBD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3446709B-3E0D-4F9F-959F-41313DCE3918}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{3737E934-83CE-4018-8C98-1FBC01B5ADD6}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3871B283-4518-4C38-8CEE-5643017FA897}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe | 
"{3CEA9948-654B-4C96-AFAB-1853F743A4B0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3E7DCD4B-8127-46F4-AE7F-7DA37E5F102A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{46199A49-1BD0-4B79-A106-B4D7B635D57C}" = protocol=17 | dir=in | app=c:\program files\samsung new pc studio\npsasvr.exe | 
"{474B94F1-EEDE-4D03-A512-27EECBCD7DD2}" = protocol=17 | dir=in | app=c:\program files\samsung new pc studio\npsvsvr.exe | 
"{640BA70B-1427-449D-951C-8A934B08D899}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{649F7FDA-61F2-4061-9991-8B239152F29A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{6606B620-B17F-454D-80CA-71146F24255F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{66A62501-10C8-4DF7-90AC-F8500D3D6991}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{683CE5E4-7E91-42E6-9BE2-C46461927FC5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{6A2E09A9-D6D1-4D75-BC38-ABC583F14293}" = protocol=6 | dir=in | app=c:\program files\samsung new pc studio\npsvsvr.exe | 
"{6B65A2A1-0896-484E-91CB-E4DDC2A97226}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{6E16466A-6FFD-4190-95D9-29DA518E7DE3}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{730A0AFB-CD57-44A6-BA30-411C79CBA4B5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{74EEE04A-5204-4441-A81E-0EF6071FDB1D}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{78561487-8B08-43B5-9682-B7DC045C3038}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7FA0AE4D-AC2B-411F-AD79-D4F41DF0815C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{827140EB-E242-4EAB-BD47-85094C2116F2}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{85BFD068-3303-41B1-ABCC-13AEFFA7F540}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{866784AB-995B-4F22-A3CB-B8B6FB7871EF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{89AEA788-0AA3-494B-B3D8-5607F46E617F}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8A678385-7224-46CF-ACFF-AEA3A0A6F734}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{8E2A3F8B-4124-43B7-A616-F6F46ABBFCD6}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{8E65CFC4-9788-4ED0-8DF2-04C357299D46}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{934C2A29-00E7-4FFE-BA41-A83381D392BD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{95EEF184-57B5-4A5E-896A-736E9E22B11B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{98A3824F-6726-45F5-857B-2FD35545D263}" = protocol=6 | dir=in | app=c:\program files\samsung new pc studio\npsasvr.exe | 
"{9A37F96C-F7AC-4185-8EEB-6621E6DCC589}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{9BBB385D-CF79-42C5-AF7B-E46878993684}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AA4E9561-125E-4C8E-AD4F-6D8063119A33}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{C3FA4D4B-C194-441A-90A0-AC6B4DBDB2A1}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C4DECFFD-8AF8-459C-92B3-526E662D81AD}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C539B2D0-9944-4469-B12B-1E2F2E46208B}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{CFB417E9-71AF-4763-9152-9903020FA7A7}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D8540353-E265-490F-9A7F-200A8E77ACFB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{DEFD38C5-929A-43F2-B848-4752A0035464}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{EA6572FC-D81F-47EB-8CD1-C01E05A464D5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F059DD0D-965B-4B31-BBC9-01AD2A54049A}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{F54EB867-44AB-4E7E-A80F-0EF970A50ABA}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | 
"TCP Query User{26F34563-FE4F-4A12-A743-178731997886}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{54B689B1-4735-448D-890B-3F67B251FA5F}C:\program files\spssinc\statistics17\statistics.exe" = protocol=6 | dir=in | app=c:\program files\spssinc\statistics17\statistics.exe | 
"TCP Query User{84BD0A34-645F-4A45-8EA8-83D46A2B437E}C:\program files\vlc player\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\vlc player\vlc\vlc.exe | 
"TCP Query User{91B6F119-1AAC-4EE8-BE97-CB06ED9F4E7D}C:\users\ciaran\temp\teamviewer\version4\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\ciaran\temp\teamviewer\version4\teamviewer.exe | 
"TCP Query User{A7E39133-CCB6-4A61-946D-8477D3755280}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | 
"UDP Query User{0284DF1D-BC53-4B30-A907-37EA8B95C844}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{23B30D88-BB43-4D99-88FF-CDA0D58E2EB1}C:\program files\spssinc\statistics17\statistics.exe" = protocol=17 | dir=in | app=c:\program files\spssinc\statistics17\statistics.exe | 
"UDP Query User{6B719CE3-C13F-4CDC-8E90-E4837771A8F2}C:\program files\vlc player\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\vlc player\vlc\vlc.exe | 
"UDP Query User{77DEF1D7-AD49-4ECC-AD8F-37D4FF41F8CD}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | 
"UDP Query User{D5989CAD-9FB3-4AF7-AC0B-98E97CCA7D9F}C:\users\ciaran\temp\teamviewer\version4\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\ciaran\temp\teamviewer\version4\teamviewer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{17B2670B-DB33-4F5E-9273-0E5CDF39DA5F}" = Windows Phone Intro Video (DEU)
"{17B3A135-BAA4-1953-AEDF-1496A5159E2A}" = CCC Help French
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{206262A9-1646-7014-22A0-41945D93426C}" = CCC Help Dutch
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2677066A-6ACC-8B1B-82C0-7311ED12D73A}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{29164718-5C73-D67E-8A3F-A00220D98818}" = CCC Help Portuguese
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2DA0C980-2ACE-3F81-0306-131F70BD751B}" = Catalyst Control Center Core Implementation
"{2E1AC6B8-F779-F3D3-3683-E0240D576917}" = CCC Help Italian
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite
"{30FDAACF-C49B-5AE6-2AA9-2C050F929B37}" = CCC Help Hungarian
"{3460BCDC-B45D-84A7-C8ED-C5041B8E2A2B}" = CCC Help English
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}" = Cisco EAP-FAST Module
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{44580BA8-245A-814D-BD25-7EA6FACD5DDC}" = CCC Help Russian
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{46B65150-F8AA-42F2-94FB-2729A8AE5F7E}" = SPSS Statistics 17.0
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Steuer 2010
"{47C7E3C7-1E38-85DB-887D-F9FF84F2086A}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{566F3EB2-C09A-F090-F573-169C42E7E381}" = Catalyst Control Center Graphics Full Existing
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{62CA4D04-7DC8-7ED6-7AE4-833A79AE2DF9}" = Catalyst Control Center Graphics Full New
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{655E04FB-E875-4668-D05A-A3CED767DFF8}" = CCC Help Korean
"{656C519D-C82C-F7E0-93CE-087D5CA75AEA}" = ccc-core-static
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7099D2EB-872E-5163-3F00-A893AC905042}" = CCC Help Japanese
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72E84495-D53C-07FB-76D0-4DD11E710882}" = Catalyst Control Center Localization All
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{806C9880-B087-B336-A86A-5E7E4DB95C39}" = CCC Help Norwegian
"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{934B3B19-8193-467A-B356-E73F82647D38}" = Cisco LEAP Module
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A460F932-27CF-76F6-A291-8C4F7337EFE9}" = CCC Help Spanish
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB429542-1E9D-7479-7ED4-B6D0B5C237E7}" = CCC Help Czech
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B32ECB8E-4532-FD59-02C4-CB0B8F90F68D}" = CCC Help Swedish
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B61F7104-884B-D57D-1626-DE5AD5674B51}" = Skins
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7606E5A-5D01-789F-F5E1-39D78F04854C}" = Catalyst Control Center Graphics Previews Vista
"{B82157D3-6D31-4650-93B4-FC39BB08D6CE}" = AAVUpdateManager
"{BAD1449B-DF0C-4118-B76D-68C54009576C}" = Cisco PEAP Module
"{BB1E1B48-6136-1887-7307-2D9414009516}" = CCC Help Thai
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BFDAC740-3ACD-50A5-6259-F14FA93C86A5}" = ccc-utility
"{C0AE3E60-6003-AF6F-BF8A-B2829480D39D}" = CCC Help Greek
"{C1DFFC18-D91D-0481-0003-5B968F09AFDF}" = CCC Help Chinese Traditional
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C92877A9-9294-334C-0AEB-A1CCA8905FC6}" = CCC Help Finnish
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D463B523-2F2F-A82D-B980-01C9AD578580}" = CCC Help Danish
"{D7385800-AE69-7527-1615-7DFDC02DF55A}" = Catalyst Control Center Graphics Light
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D8C04BEB-2F74-4321-AF24-83B70953005A}" = TubeBox
"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader
"{DB7752E0-D5F8-93DA-7C34-3CD8ECB123B5}" = CCC Help Polish
"{DBE1E170-3EF6-AAA5-32C4-A78D98DF86A1}" = ATI Catalyst Install Manager
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E59AA04C-67BC-C6F8-E8B9-A9E103E3F49B}" = CCC Help German
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.027
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2C7A130-9C68-41C4-A8E7-985DFFBD01DF}" = BILD-Steuer 2011
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7DB6677-661D-4835-AAD8-1B7F4C98D7CE}" = Switcher 2.0.0
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FC3D5BBB-CDF6-252C-2212-06D61AD2C628}" = Catalyst Control Center InstallProxy
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.15
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"BSW" = BrettspielWelt
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"Elantech" = ETDWare PS/2-x86 7.0.5.3 WHQL
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 12.0.1 (x86 de)" = Mozilla Thunderbird 12.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROHYBRIDR" = 2007 Microsoft Office system
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"USB Mass Storage Filter Driver" = Multimedia Card Reader
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Zune" = Zune
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2891030391-3306484332-1369553764-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10.04.2013 06:26:26 | Computer Name = Ciaran-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 10.04.2013 06:26:27 | Computer Name = Ciaran-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 10.04.2013 06:28:41 | Computer Name = Ciaran-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
 
< End of report >
         
--- --- ---


[/code]

Alt 10.04.2013, 13:25   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.04.2013, 20:17   #15
Ephesar
 
TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Standard

TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne



Hallo!

Habe den Quikscan mit Malwarebytes ausgeführt. Keine Probleme, Log-Datei füge ich hier an.

Den ESET-Scanner habe ich auch laufen lassen. Ist auch erfolgreich durchgelaufen. Allerdings kann ich keine Log-Datei finden. In dem Programme ESET-Ordner ist keine, ich habe den Computer durchsuchen lassen, nichts gefunden. :-(

Ich habe, eher zufällig, den einen angezeigten Fund bei ESET in eine Textdatei kopiert. Vielleicht hilft das ja? Wenn nicht, dann mache ich den Scan natürlich noch mal.

Danke und beste Grüße,

Ciarán

ESET-Anzeige:

C:\Users\Ciaran\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\1268506a-4af0c71e multiple threats

Malewarebytes Quickscan:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.04.13.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Ciaran :: CIARAN-PC [Administrator]

14.04.2013 13:13:53
mbam-log-2013-04-14 (13-13-53).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 216654
Laufzeit: 8 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Antwort

Themen zu TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne
antimalware, ask-toolbar, avira, dateien, e-banking, explorer, falsch, falsche, festgestellt, firefox, forum, free, google, internet, internet explorer, malwarebytes, mozilla, phishing-mail, probleme, programm, programme, rückgängig, scan, seite, suche, trojaner, vista, windows



Ähnliche Themen: TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne


  1. Windows 7: Malwarebytes Anti-Malware findet Trojan.Agent.RC und setzt SkyDriveSetup.exe in Quarantäne
    Log-Analyse und Auswertung - 12.06.2015 (17)
  2. Als Trojaner identifizierte Datei aus Quarantäne gelöscht. Ist noch etwas auf meinem System?
    Log-Analyse und Auswertung - 17.03.2015 (3)
  3. Aktive Malware in meinem System gefunden? Objekt: svchost.exe Fund: ADWARE/Eprotektor.E --> In Quarantäne --->Bluescreen
    Log-Analyse und Auswertung - 07.12.2013 (12)
  4. AviraScan hat jede menge Viren gefunden und in Quarantäne geschoben! Rechner jetzt clean???
    Plagegeister aller Art und deren Bekämpfung - 02.12.2013 (3)
  5. Trojaner TrojanZ.botR.Gen und Trojan.spyEyes in Quarantäne, was mache ich weiter, damit die Dinger vollständig von meinem Computer sind?
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (11)
  6. Genügt Quarantäne bei EXP/CVE-2010-0840 - TR/Dldr.Agent.gsuj und TR/Spy.163328.6 ?
    Plagegeister aller Art und deren Bekämpfung - 20.06.2012 (19)
  7. XP REchner: kann nicht erkennen, ob ich immer noch Trojaner auf meinem Rechner habe
    Plagegeister aller Art und deren Bekämpfung - 13.09.2011 (43)
  8. in der antivir quarantäne ist das trojanische pferd: TR/Agent.32768.AB! ist mein system verseucht?
    Log-Analyse und Auswertung - 22.01.2011 (6)
  9. Freier Virenscanner Clamwin verschiebt Windows-Rechner in Quarantäne
    Nachrichten - 19.11.2010 (0)
  10. JAVA/Dldr.Agent.D durch Antivir gefunden, in Quarantäne verschoben. Und nun?
    Antiviren-, Firewall- und andere Schutzprogramme - 18.08.2010 (10)
  11. TR/Click.Yabector.B.48 auf meinem PC aufgetaucht!in quarantäne verschoben,pc spinnt trotzdem.icq fun
    Plagegeister aller Art und deren Bekämpfung - 11.08.2010 (3)
  12. Ertfor.B.30 und Dldr.Agent.dmgo machen meinem Rechner zu schaffen
    Plagegeister aller Art und deren Bekämpfung - 02.05.2010 (2)
  13. AntiVir findet inzwischen nichts mehr
    Log-Analyse und Auswertung - 13.02.2009 (4)
  14. Trojan-Downloader.Win32.Agent variant auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 27.10.2007 (1)
  15. TR/Agent.AFGS.30 auf meinem Rechner und nichts geht mehr... HILFE!!!
    Plagegeister aller Art und deren Bekämpfung - 04.10.2007 (1)
  16. Wie bekomme ich das Backdoorprogramm BDS/Agent.Z von meinem Rechner?
    Plagegeister aller Art und deren Bekämpfung - 28.05.2007 (5)
  17. win32.agent.bq und ttdeuxxa.exe in kaspersky-quarantäne
    Log-Analyse und Auswertung - 13.08.2004 (4)

Zum Thema TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne - Hallo liebe Leute! Ich habe mich heute erst in diesem Forum angemeldet. Vorweg: ich finde es toll, dass hier so viele Leute anderen Menschen mit ihren digitalen Problemen helfen! Nun - TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne...
Archiv
Du betrachtest: TR/Agent.464.4 auf meinem Rechner, inzwischen in Quarantäne auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.