| |
| |||||||
Log-Analyse und Auswertung: Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 FundeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
11.04.2013, 07:09
| #1 |
| |  Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde Hallo, ich habe seit 3 Tagen in Chrome als Startseite und als Suchfunktion Delta Search. Ich habe in den Einstellungen bei Chrome Delta Search herausgenommen, dann war die Such auch mit Google und jedesmal wenn ich den Browser öffne, ist wieder Delta Search da. Dann habe ich in der Systemsteuerung alle Programme (3) welche Delta Search enthielten Deinstalliert. Gestern habe ich mit Avira einen Scan gemacht, wobei zwar 8 Funde angezeigt wurden,welche aber nichts mit Delta Search zu tun haben. Dann ist mir aufgefallen, dass bei Avira der Browser Schutz deaktiviert ist und wenn ich auf An drücke, öffnet sich nur das Hilfefenster. Ich hoffe mir kann jemand helfen. Danke im voraus. Zur Info:Habe gerade einen OTL Suchlauf gemacht. Geändert von twa (11.04.2013 um 07:58 Uhr) Grund: Ergänzung mit OTL |
|
11.04.2013, 09:43
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
 Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
|
11.04.2013, 13:38
| #3 |
| | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde der mbar scan (wollte kein Neustart):
__________________Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org
Database version: v2013.03.21.13
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Admin :: *****-PC [administrator]
11.04.2013 13:32:59
mbar-log-2013-04-11 (13-32-59).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28943
Time elapsed: 32 minute(s), 27 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-11 12:44:54
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\0000006c WDC_WD32 rev.01.0 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Admin\AppData\Local\Temp\ugloqpow.sys
---- System - GMER 2.1 ----
SSDT 8454DAA0 ZwCreateKey
SSDT 844D1A00 ZwCreateMutant
SSDT 8454C5A0 ZwCreateProcess
SSDT 8454C8A0 ZwCreateProcessEx
SSDT 8C2C8076 ZwCreateSection
SSDT 844D1DC0 ZwCreateSymbolicLinkObject
SSDT 844D1340 ZwCreateThread
SSDT 844D1520 ZwCreateThreadEx
SSDT 8454CBA0 ZwCreateUserProcess
SSDT 8454E0A0 ZwDeleteKey
SSDT 8454E9A0 ZwDeleteValueKey
SSDT 844D1FA0 ZwDuplicateObject
SSDT 844D1700 ZwLoadDriver
SSDT 8454CEA0 ZwOpenProcess
SSDT 8454EF80 ZwOpenSection
SSDT 8454D1A0 ZwOpenThread
SSDT 8454E3A0 ZwRenameKey
SSDT 8C2C8080 ZwRequestWaitReplyPort
SSDT 8454E6A0 ZwRestoreKey
SSDT 8C2C807B ZwSetContextThread
SSDT 8C2C8085 ZwSetSecurityObject
SSDT 844D1BE0 ZwSetSystemInformation
SSDT 8454DDA0 ZwSetValueKey
SSDT 8C2C808A ZwSystemDebugControl
SSDT 8C2C8017 ZwTerminateProcess
SSDT 8454D7A0 ZwTerminateThread
SSDT 844D1160 ZwWriteVirtualMemory
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 81E889E9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81EC21C2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11BF 81EC92D4 4 Bytes [A0, DA, 54, 84]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11CF 81EC92E4 4 Bytes [00, 1A, 4D, 84]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11E3 81EC92F8 8 Bytes [A0, C5, 54, 84, A0, C8, 54, ...]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11F7 81EC930C 4 Bytes [76, 80, 2C, 8C] {JBE 0xffffff82; SUB AL, 0x8c}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11FF 81EC9314 12 Bytes [C0, 1D, 4D, 84, 40, 13, 4D, ...]
.text ...
.text C:\windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8CE39000, 0x38EBB5, 0xE8000020]
---- User code sections - GMER 2.1 ----
.text C:\windows\system32\schtasks.exe[116] USER32.dll!DialogBoxParamW 76683B9B 5 Bytes JMP 752B4620 c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll
.text C:\Program Files\Microsoft\BingBar\SeaPort.EXE[324] USER32.dll!DialogBoxParamW 76683B9B 5 Bytes JMP 752B4620 c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll
.text C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe[388] USER32.dll!DialogBoxParamW 76683B9B 5 Bytes JMP 752B4620 c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll
.text C:\windows\system32\wininit.exe[508] USER32.dll!DialogBoxParamW 76683B9B 5 Bytes JMP 752B4620 c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll
.text C:\windows\system32\conhost.exe[556] USER32.dll!DialogBoxParamW 76683B9B 5 Bytes JMP 752B4620 c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll
.text ...
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\tdx \Device\Tcp tmtdi.sys
AttachedDevice \Driver\tdx \Device\Udp tmtdi.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06defd953
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch@Epoch 2619
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 3342
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06defd953 (not active ControlSet)
---- EOF - GMER 2.1 ----
|
|
11.04.2013, 14:00
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.04.2013, 14:56
| #5 |
| | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde Der Kaspersky scan: Code:
ATTFilter 15:30:02.0903 9024 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:30:04.0705 9024 ============================================================
15:30:04.0705 9024 Current date / time: 2013/04/11 15:30:04.0705
15:30:04.0705 9024 SystemInfo:
15:30:04.0706 9024
15:30:04.0706 9024 OS Version: 6.1.7601 ServicePack: 1.0
15:30:04.0706 9024 Product type: Workstation
15:30:04.0707 9024 ComputerName: KITTE-PC
15:30:04.0707 9024 UserName: Admin
15:30:04.0707 9024 Windows directory: C:\windows
15:30:04.0707 9024 System windows directory: C:\windows
15:30:04.0707 9024 Processor architecture: Intel x86
15:30:04.0708 9024 Number of processors: 2
15:30:04.0708 9024 Page size: 0x1000
15:30:04.0708 9024 Boot type: Normal boot
15:30:04.0708 9024 ============================================================
15:30:08.0911 9024 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:30:08.0973 9024 ============================================================
15:30:08.0973 9024 \Device\Harddisk0\DR0:
15:30:08.0994 9024 MBR partitions:
15:30:08.0994 9024 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
15:30:08.0994 9024 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0x16E26000
15:30:08.0994 9024 ============================================================
15:30:09.0170 9024 C: <-> \Device\Harddisk0\DR0\Partition1
15:30:09.0457 9024 D: <-> \Device\Harddisk0\DR0\Partition2
15:30:09.0488 9024 ============================================================
15:30:09.0488 9024 Initialize success
15:30:09.0488 9024 ============================================================
15:51:42.0880 8576 ============================================================
15:51:42.0896 8576 Scan started
15:51:42.0896 8576 Mode: Manual; SigCheck; TDLFS;
15:51:42.0896 8576 ============================================================
15:51:44.0050 8576 ================ Scan system memory ========================
15:51:44.0066 8576 System memory - ok
15:51:44.0066 8576 ================ Scan services =============================
15:51:44.0690 8576 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
15:51:45.0579 8576 1394ohci - ok
15:51:45.0610 8576 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
15:51:45.0704 8576 ACPI - ok
15:51:45.0719 8576 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
15:51:45.0922 8576 AcpiPmi - ok
15:51:45.0969 8576 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
15:51:46.0063 8576 adp94xx - ok
15:51:46.0094 8576 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\drivers\adpahci.sys
15:51:46.0172 8576 adpahci - ok
15:51:46.0203 8576 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\drivers\adpu320.sys
15:51:46.0265 8576 adpu320 - ok
15:51:46.0343 8576 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:51:46.0609 8576 AeLookupSvc - ok
15:51:46.0655 8576 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
15:51:46.0843 8576 AFD - ok
15:51:46.0874 8576 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
15:51:46.0936 8576 agp440 - ok
15:51:46.0967 8576 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\drivers\djsvs.sys
15:51:47.0045 8576 aic78xx - ok
15:51:47.0092 8576 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
15:51:47.0217 8576 ALG - ok
15:51:47.0248 8576 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
15:51:47.0326 8576 aliide - ok
15:51:47.0357 8576 [ 9889E00DBADD49BC874B0355C5624775 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
15:51:47.0513 8576 AMD External Events Utility - ok
15:51:47.0638 8576 AMD FUEL Service - ok
15:51:47.0669 8576 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
15:51:47.0747 8576 amdagp - ok
15:51:47.0794 8576 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
15:51:47.0857 8576 amdide - ok
15:51:47.0888 8576 [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86 C:\windows\system32\DRIVERS\amdiox86.sys
15:51:48.0075 8576 amdiox86 - ok
15:51:48.0106 8576 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
15:51:48.0231 8576 AmdK8 - ok
15:51:48.0481 8576 [ AD6857E2C29111173638CA90F4661262 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
15:51:48.0949 8576 amdkmdag - ok
15:51:48.0980 8576 [ 42DA025FF562418897BE7E437AF56C81 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
15:51:49.0073 8576 amdkmdap - ok
15:51:49.0120 8576 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
15:51:49.0229 8576 AmdPPM - ok
15:51:49.0261 8576 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
15:51:49.0323 8576 amdsata - ok
15:51:49.0354 8576 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\drivers\amdsbs.sys
15:51:49.0417 8576 amdsbs - ok
15:51:49.0432 8576 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
15:51:49.0510 8576 amdxata - ok
15:51:49.0526 8576 [ B6CD4BD087CED9B4B6AACF429B1DE625 ] amd_sata C:\windows\system32\drivers\amd_sata.sys
15:51:49.0588 8576 amd_sata - ok
15:51:49.0604 8576 [ 6ACEDE4ABB94F9F82A4F6D436FEADAA0 ] amd_xata C:\windows\system32\drivers\amd_xata.sys
15:51:49.0682 8576 amd_xata - ok
15:51:49.0807 8576 [ 6EAC742B758E110DD12EBC8446C07B6C ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
15:51:49.0869 8576 Amsp - ok
15:51:50.0087 8576 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:51:50.0197 8576 AntiVirSchedulerService - ok
15:51:50.0259 8576 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:51:50.0321 8576 AntiVirService - ok
15:51:50.0368 8576 [ 5A123AABB571AEA78AE63AF5E372F796 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:51:50.0509 8576 AntiVirWebService - ok
15:51:50.0540 8576 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
15:51:50.0696 8576 AppID - ok
15:51:50.0727 8576 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:51:50.0867 8576 AppIDSvc - ok
15:51:50.0899 8576 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
15:51:51.0039 8576 Appinfo - ok
15:51:51.0242 8576 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:51:51.0320 8576 Apple Mobile Device - ok
15:51:51.0367 8576 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\drivers\arc.sys
15:51:51.0429 8576 arc - ok
15:51:51.0460 8576 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\drivers\arcsas.sys
15:51:51.0523 8576 arcsas - ok
15:51:51.0585 8576 [ 956C7177DBDA0F02436868AD644CCF31 ] AsIO C:\windows\system32\drivers\AsIO.sys
15:51:51.0632 8576 AsIO - ok
15:51:51.0663 8576 [ A9A565C669786C402752F609AFDD0DD5 ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
15:51:51.0710 8576 AsUpIO - ok
15:51:51.0757 8576 [ 0CC5D45987A29D5F2806F4C344ACEA75 ] ASUS InstantOn C:\Program Files\Common Files\InstantOn\InsOnSrv.exe
15:51:51.0819 8576 ASUS InstantOn - ok
15:51:51.0866 8576 [ 689CA2A0C7ABA6C091FEEEE9439C83DB ] AsusService C:\windows\system32\AsusService.exe
15:51:51.0975 8576 AsusService - ok
15:51:51.0991 8576 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:51:52.0225 8576 AsyncMac - ok
15:51:52.0271 8576 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
15:51:52.0334 8576 atapi - ok
15:51:52.0412 8576 [ 6A661D017C4E5CD313F6A55ACF1D7465 ] athr C:\windows\system32\DRIVERS\athr.sys
15:51:52.0615 8576 athr - ok
15:51:52.0661 8576 [ 95B1E9804CA10D096C0383F7C6684950 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW73.sys
15:51:52.0724 8576 AtiHDAudioService - ok
15:51:52.0802 8576 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:51:52.0958 8576 AudioEndpointBuilder - ok
15:51:52.0989 8576 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
15:51:53.0129 8576 Audiosrv - ok
15:51:53.0176 8576 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
15:51:53.0239 8576 avgntflt - ok
15:51:53.0301 8576 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
15:51:53.0363 8576 avipbb - ok
15:51:53.0410 8576 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
15:51:53.0473 8576 avkmgr - ok
15:51:53.0519 8576 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
15:51:53.0722 8576 AxInstSV - ok
15:51:53.0785 8576 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\drivers\bxvbdx.sys
15:51:53.0972 8576 b06bdrv - ok
15:51:54.0003 8576 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
15:51:54.0097 8576 b57nd60x - ok
15:51:54.0175 8576 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
15:51:54.0253 8576 BBSvc - ok
15:51:54.0299 8576 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
15:51:54.0471 8576 BDESVC - ok
15:51:54.0518 8576 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
15:51:54.0658 8576 Beep - ok
15:51:54.0705 8576 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
15:51:54.0861 8576 BFE - ok
15:51:54.0923 8576 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
15:51:55.0095 8576 BITS - ok
15:51:55.0111 8576 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
15:51:55.0204 8576 blbdrive - ok
15:51:55.0282 8576 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:51:55.0360 8576 Bonjour Service - ok
15:51:55.0376 8576 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:51:55.0516 8576 bowser - ok
15:51:55.0547 8576 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
15:51:55.0688 8576 BrFiltLo - ok
15:51:55.0719 8576 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
15:51:55.0828 8576 BrFiltUp - ok
15:51:55.0891 8576 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
15:51:56.0047 8576 Browser - ok
15:51:56.0249 8576 [ BB13432FA552AFCE8A66BCB5EE85F652 ] BrowserProtect C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
15:51:56.0468 8576 BrowserProtect - ok
15:51:56.0515 8576 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
15:51:56.0655 8576 Brserid - ok
15:51:56.0671 8576 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
15:51:56.0780 8576 BrSerWdm - ok
15:51:56.0795 8576 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
15:51:56.0889 8576 BrUsbMdm - ok
15:51:56.0905 8576 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
15:51:57.0029 8576 BrUsbSer - ok
15:51:57.0092 8576 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
15:51:57.0295 8576 BthEnum - ok
15:51:57.0357 8576 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
15:51:57.0466 8576 BTHMODEM - ok
15:51:57.0482 8576 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
15:51:57.0591 8576 BthPan - ok
15:51:57.0653 8576 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
15:51:57.0794 8576 BTHPORT - ok
15:51:57.0856 8576 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
15:51:58.0012 8576 bthserv - ok
15:51:58.0043 8576 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
15:51:58.0137 8576 BTHUSB - ok
15:51:58.0199 8576 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:51:58.0324 8576 cdfs - ok
15:51:58.0371 8576 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
15:51:58.0465 8576 cdrom - ok
15:51:58.0496 8576 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
15:51:58.0636 8576 CertPropSvc - ok
15:51:58.0652 8576 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\drivers\circlass.sys
15:51:58.0761 8576 circlass - ok
15:51:58.0808 8576 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
15:51:58.0886 8576 CLFS - ok
15:51:59.0073 8576 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:51:59.0135 8576 clr_optimization_v2.0.50727_32 - ok
15:51:59.0354 8576 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:51:59.0479 8576 clr_optimization_v4.0.30319_32 - ok
15:51:59.0525 8576 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
15:51:59.0619 8576 CmBatt - ok
15:51:59.0635 8576 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
15:51:59.0697 8576 cmdide - ok
15:51:59.0759 8576 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
15:51:59.0915 8576 CNG - ok
15:51:59.0947 8576 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\drivers\compbatt.sys
15:52:00.0009 8576 Compbatt - ok
15:52:00.0040 8576 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
15:52:00.0134 8576 CompositeBus - ok
15:52:00.0165 8576 COMSysApp - ok
15:52:00.0181 8576 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
15:52:00.0259 8576 crcdisk - ok
15:52:00.0321 8576 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
15:52:00.0461 8576 CryptSvc - ok
15:52:00.0602 8576 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:52:00.0727 8576 cvhsvc - ok
15:52:00.0773 8576 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
15:52:00.0945 8576 DcomLaunch - ok
15:52:00.0992 8576 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
15:52:01.0148 8576 defragsvc - ok
15:52:01.0195 8576 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
15:52:01.0366 8576 DfsC - ok
15:52:01.0429 8576 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
15:52:01.0600 8576 Dhcp - ok
15:52:01.0616 8576 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
15:52:01.0756 8576 discache - ok
15:52:01.0787 8576 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\drivers\disk.sys
15:52:01.0865 8576 Disk - ok
15:52:01.0897 8576 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:52:02.0037 8576 Dnscache - ok
15:52:02.0084 8576 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
15:52:02.0240 8576 dot3svc - ok
15:52:02.0287 8576 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
15:52:02.0427 8576 DPS - ok
15:52:02.0458 8576 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:52:02.0552 8576 drmkaud - ok
15:52:02.0583 8576 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:52:02.0692 8576 DXGKrnl - ok
15:52:02.0739 8576 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
15:52:02.0879 8576 EapHost - ok
15:52:03.0004 8576 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\drivers\evbdx.sys
15:52:03.0238 8576 ebdrv - ok
15:52:03.0285 8576 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
15:52:03.0441 8576 EFS - ok
15:52:03.0519 8576 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\drivers\elxstor.sys
15:52:03.0613 8576 elxstor - ok
15:52:03.0628 8576 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
15:52:03.0706 8576 ErrDev - ok
15:52:03.0784 8576 [ 907C561D5F01133F247E4E2E74E20E30 ] ETD C:\windows\system32\DRIVERS\ETD.sys
15:52:03.0893 8576 ETD - ok
15:52:03.0971 8576 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
15:52:04.0096 8576 EventSystem - ok
15:52:04.0127 8576 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
15:52:04.0283 8576 exfat - ok
15:52:04.0299 8576 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
15:52:04.0439 8576 fastfat - ok
15:52:04.0517 8576 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
15:52:04.0705 8576 Fax - ok
15:52:04.0736 8576 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\drivers\fdc.sys
15:52:04.0845 8576 fdc - ok
15:52:04.0907 8576 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
15:52:05.0048 8576 fdPHost - ok
15:52:05.0063 8576 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
15:52:05.0204 8576 FDResPub - ok
15:52:05.0219 8576 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:52:05.0297 8576 FileInfo - ok
15:52:05.0313 8576 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:52:05.0438 8576 Filetrace - ok
15:52:05.0469 8576 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
15:52:05.0563 8576 flpydisk - ok
15:52:05.0578 8576 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:52:05.0656 8576 FltMgr - ok
15:52:05.0703 8576 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
15:52:05.0906 8576 FontCache - ok
15:52:05.0984 8576 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:52:06.0031 8576 FontCache3.0.0.0 - ok
15:52:06.0077 8576 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:52:06.0140 8576 FsDepends - ok
15:52:06.0171 8576 [ BFAAA92861526BB0ADCD01E964AB6609 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
15:52:06.0233 8576 fssfltr - ok
15:52:06.0311 8576 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:52:06.0483 8576 fsssvc - ok
15:52:06.0530 8576 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:52:06.0592 8576 Fs_Rec - ok
15:52:06.0655 8576 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:52:06.0764 8576 fvevol - ok
15:52:06.0811 8576 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
15:52:06.0873 8576 gagp30kx - ok
15:52:06.0935 8576 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
15:52:06.0998 8576 GEARAspiWDM - ok
15:52:07.0060 8576 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
15:52:07.0232 8576 gpsvc - ok
15:52:07.0341 8576 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:52:07.0403 8576 gupdate - ok
15:52:07.0419 8576 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:52:07.0481 8576 gupdatem - ok
15:52:07.0528 8576 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
15:52:07.0684 8576 hcw85cir - ok
15:52:07.0715 8576 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:52:07.0825 8576 HdAudAddService - ok
15:52:07.0856 8576 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
15:52:07.0949 8576 HDAudBus - ok
15:52:07.0965 8576 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
15:52:08.0043 8576 HidBatt - ok
15:52:08.0074 8576 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\drivers\hidbth.sys
15:52:08.0168 8576 HidBth - ok
15:52:08.0199 8576 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\drivers\hidir.sys
15:52:08.0293 8576 HidIr - ok
15:52:08.0339 8576 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
15:52:08.0464 8576 hidserv - ok
15:52:08.0495 8576 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
15:52:08.0589 8576 HidUsb - ok
15:52:08.0620 8576 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
15:52:08.0761 8576 hkmsvc - ok
15:52:08.0792 8576 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:52:08.0963 8576 HomeGroupListener - ok
15:52:09.0010 8576 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:52:09.0119 8576 HomeGroupProvider - ok
15:52:09.0151 8576 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:52:09.0244 8576 HpSAMD - ok
15:52:09.0291 8576 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
15:52:09.0447 8576 HTTP - ok
15:52:09.0463 8576 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:52:09.0525 8576 hwpolicy - ok
15:52:09.0556 8576 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
15:52:09.0634 8576 i8042prt - ok
15:52:09.0681 8576 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:52:09.0759 8576 iaStorV - ok
15:52:09.0853 8576 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:52:09.0977 8576 idsvc - ok
15:52:10.0165 8576 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
15:52:10.0477 8576 igfx - ok
15:52:10.0508 8576 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\drivers\iirsp.sys
15:52:10.0586 8576 iirsp - ok
15:52:10.0648 8576 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
15:52:10.0820 8576 IKEEXT - ok
15:52:10.0991 8576 [ 1C18148E1A55E4B05AD4D4989E7C4832 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
15:52:11.0272 8576 IntcAzAudAddService - ok
15:52:11.0319 8576 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
15:52:11.0397 8576 intelide - ok
15:52:11.0428 8576 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\drivers\intelppm.sys
15:52:11.0506 8576 intelppm - ok
15:52:11.0553 8576 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
15:52:11.0709 8576 IPBusEnum - ok
15:52:11.0725 8576 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:52:11.0849 8576 IpFilterDriver - ok
15:52:11.0896 8576 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:52:12.0099 8576 iphlpsvc - ok
15:52:12.0130 8576 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
15:52:12.0208 8576 IPMIDRV - ok
15:52:12.0224 8576 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:52:12.0364 8576 IPNAT - ok
15:52:12.0442 8576 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:52:12.0551 8576 iPod Service - ok
15:52:12.0583 8576 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
15:52:12.0739 8576 IRENUM - ok
15:52:12.0754 8576 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:52:12.0832 8576 isapnp - ok
15:52:12.0863 8576 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
15:52:12.0941 8576 iScsiPrt - ok
15:52:12.0973 8576 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
15:52:13.0035 8576 kbdclass - ok
15:52:13.0051 8576 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
15:52:13.0144 8576 kbdhid - ok
15:52:13.0160 8576 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
15:52:13.0222 8576 kbfiltr - ok
15:52:13.0253 8576 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
15:52:13.0316 8576 KeyIso - ok
15:52:13.0378 8576 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:52:13.0441 8576 KSecDD - ok
15:52:13.0472 8576 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:52:13.0550 8576 KSecPkg - ok
15:52:13.0612 8576 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
15:52:13.0784 8576 KtmRm - ok
15:52:13.0831 8576 [ C8FA09049E640B0A27E4B4446D958FE5 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
15:52:13.0893 8576 L1C - ok
15:52:13.0940 8576 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
15:52:14.0096 8576 LanmanServer - ok
15:52:14.0143 8576 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:52:14.0283 8576 LanmanWorkstation - ok
15:52:14.0330 8576 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:52:14.0470 8576 lltdio - ok
15:52:14.0517 8576 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
15:52:14.0673 8576 lltdsvc - ok
15:52:14.0689 8576 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
15:52:14.0813 8576 lmhosts - ok
15:52:14.0860 8576 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
15:52:14.0923 8576 LSI_FC - ok
15:52:14.0954 8576 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
15:52:15.0016 8576 LSI_SAS - ok
15:52:15.0032 8576 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
15:52:15.0110 8576 LSI_SAS2 - ok
15:52:15.0125 8576 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
15:52:15.0203 8576 LSI_SCSI - ok
15:52:15.0235 8576 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
15:52:15.0375 8576 luafv - ok
15:52:15.0406 8576 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\drivers\megasas.sys
15:52:15.0469 8576 megasas - ok
15:52:15.0500 8576 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
15:52:15.0578 8576 MegaSR - ok
15:52:15.0609 8576 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
15:52:15.0749 8576 MMCSS - ok
15:52:15.0765 8576 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
15:52:15.0905 8576 Modem - ok
15:52:15.0921 8576 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
15:52:16.0015 8576 monitor - ok
15:52:16.0030 8576 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
15:52:16.0108 8576 mouclass - ok
15:52:16.0124 8576 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\drivers\mouhid.sys
15:52:16.0217 8576 mouhid - ok
15:52:16.0233 8576 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:52:16.0295 8576 mountmgr - ok
15:52:16.0358 8576 [ 2024F4CC36D1954ECD00C07C3BCE6BE3 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:52:16.0420 8576 MozillaMaintenance - ok
15:52:16.0467 8576 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
15:52:16.0529 8576 mpio - ok
15:52:16.0545 8576 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:52:16.0685 8576 mpsdrv - ok
15:52:16.0732 8576 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
15:52:16.0904 8576 MpsSvc - ok
15:52:16.0919 8576 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:52:17.0044 8576 MRxDAV - ok
15:52:17.0060 8576 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:52:17.0200 8576 mrxsmb - ok
15:52:17.0231 8576 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:52:17.0325 8576 mrxsmb10 - ok
15:52:17.0341 8576 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:52:17.0434 8576 mrxsmb20 - ok
15:52:17.0450 8576 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
15:52:17.0559 8576 msahci - ok
15:52:17.0575 8576 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
15:52:17.0637 8576 msdsm - ok
15:52:17.0684 8576 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
15:52:17.0777 8576 MSDTC - ok
15:52:17.0840 8576 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
15:52:17.0965 8576 Msfs - ok
15:52:17.0980 8576 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:52:18.0121 8576 mshidkmdf - ok
15:52:18.0136 8576 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:52:18.0214 8576 msisadrv - ok
15:52:18.0261 8576 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:52:18.0401 8576 MSiSCSI - ok
15:52:18.0417 8576 msiserver - ok
15:52:18.0448 8576 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:52:18.0589 8576 MSKSSRV - ok
15:52:18.0604 8576 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:52:18.0745 8576 MSPCLOCK - ok
15:52:18.0776 8576 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:52:18.0916 8576 MSPQM - ok
15:52:18.0947 8576 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:52:19.0010 8576 MsRPC - ok
15:52:19.0057 8576 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
15:52:19.0119 8576 mssmbios - ok
15:52:19.0150 8576 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:52:19.0275 8576 MSTEE - ok
15:52:19.0291 8576 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
15:52:19.0384 8576 MTConfig - ok
15:52:19.0400 8576 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
15:52:19.0462 8576 Mup - ok
15:52:19.0525 8576 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
15:52:19.0712 8576 napagent - ok
15:52:19.0774 8576 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:52:19.0868 8576 NativeWifiP - ok
15:52:19.0946 8576 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
15:52:20.0055 8576 NDIS - ok
15:52:20.0102 8576 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:52:20.0242 8576 NdisCap - ok
15:52:20.0273 8576 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:52:20.0398 8576 NdisTapi - ok
15:52:20.0414 8576 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:52:20.0554 8576 Ndisuio - ok
15:52:20.0570 8576 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:52:20.0695 8576 NdisWan - ok
15:52:20.0710 8576 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:52:20.0835 8576 NDProxy - ok
15:52:20.0851 8576 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:52:20.0991 8576 NetBIOS - ok
15:52:21.0022 8576 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:52:21.0163 8576 NetBT - ok
15:52:21.0194 8576 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
15:52:21.0272 8576 Netlogon - ok
15:52:21.0319 8576 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
15:52:21.0475 8576 Netman - ok
15:52:21.0506 8576 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
15:52:21.0662 8576 netprofm - ok
15:52:21.0709 8576 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:52:21.0771 8576 NetTcpPortSharing - ok
15:52:21.0802 8576 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
15:52:21.0865 8576 nfrd960 - ok
15:52:21.0911 8576 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
15:52:22.0021 8576 NlaSvc - ok
15:52:22.0052 8576 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
15:52:22.0177 8576 Npfs - ok
15:52:22.0208 8576 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
15:52:22.0348 8576 nsi - ok
15:52:22.0364 8576 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:52:22.0504 8576 nsiproxy - ok
15:52:22.0582 8576 [ 9CDAEBE5160B9AF02AE17C62BDB6C4B5 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:52:22.0738 8576 Ntfs - ok
15:52:22.0769 8576 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
15:52:22.0894 8576 Null - ok
15:52:22.0925 8576 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
15:52:22.0988 8576 nvraid - ok
15:52:23.0019 8576 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
15:52:23.0081 8576 nvstor - ok
15:52:23.0113 8576 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:52:23.0175 8576 nv_agp - ok
15:52:23.0191 8576 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
15:52:23.0284 8576 ohci1394 - ok
15:52:23.0331 8576 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:52:23.0393 8576 ose - ok
15:52:23.0596 8576 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:52:23.0955 8576 osppsvc - ok
15:52:24.0033 8576 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:52:24.0205 8576 p2pimsvc - ok
15:52:24.0251 8576 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
15:52:24.0376 8576 p2psvc - ok
15:52:24.0423 8576 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\drivers\parport.sys
15:52:24.0501 8576 Parport - ok
15:52:24.0548 8576 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
15:52:24.0610 8576 partmgr - ok
15:52:24.0626 8576 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\drivers\parvdm.sys
15:52:24.0719 8576 Parvdm - ok
15:52:24.0735 8576 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
15:52:24.0829 8576 PcaSvc - ok
15:52:24.0860 8576 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
15:52:24.0922 8576 pci - ok
15:52:24.0953 8576 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
15:52:25.0016 8576 pciide - ok
15:52:25.0031 8576 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
15:52:25.0109 8576 pcmcia - ok
15:52:25.0125 8576 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
15:52:25.0203 8576 pcw - ok
15:52:25.0250 8576 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:52:25.0421 8576 PEAUTH - ok
15:52:25.0562 8576 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
15:52:25.0780 8576 pla - ok
15:52:25.0827 8576 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:52:25.0999 8576 PlugPlay - ok
15:52:26.0045 8576 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:52:26.0123 8576 PNRPAutoReg - ok
15:52:26.0155 8576 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:52:26.0233 8576 PNRPsvc - ok
15:52:26.0295 8576 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:52:26.0482 8576 PolicyAgent - ok
15:52:26.0513 8576 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
15:52:26.0654 8576 Power - ok
15:52:26.0701 8576 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:52:26.0825 8576 PptpMiniport - ok
15:52:26.0841 8576 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\drivers\processr.sys
15:52:26.0935 8576 Processor - ok
15:52:26.0997 8576 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
15:52:27.0137 8576 ProfSvc - ok
15:52:27.0184 8576 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
15:52:27.0262 8576 ProtectedStorage - ok
15:52:27.0293 8576 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:52:27.0418 8576 Psched - ok
15:52:27.0496 8576 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\drivers\ql2300.sys
15:52:27.0652 8576 ql2300 - ok
15:52:27.0668 8576 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
15:52:27.0746 8576 ql40xx - ok
15:52:27.0793 8576 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
15:52:27.0917 8576 QWAVE - ok
15:52:27.0933 8576 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:52:28.0042 8576 QWAVEdrv - ok
15:52:28.0073 8576 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:52:28.0198 8576 RasAcd - ok
15:52:28.0229 8576 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:52:28.0401 8576 RasAgileVpn - ok
15:52:28.0448 8576 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
15:52:28.0588 8576 RasAuto - ok
15:52:28.0604 8576 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:52:28.0744 8576 Rasl2tp - ok
15:52:28.0791 8576 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
15:52:28.0963 8576 RasMan - ok
15:52:28.0978 8576 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:52:29.0134 8576 RasPppoe - ok
15:52:29.0165 8576 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:52:29.0321 8576 RasSstp - ok
15:52:29.0337 8576 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:52:29.0477 8576 rdbss - ok
15:52:29.0512 8576 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\drivers\rdpbus.sys
15:52:29.0591 8576 rdpbus - ok
15:52:29.0622 8576 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
15:52:29.0747 8576 RDPCDD - ok
15:52:29.0778 8576 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
15:52:29.0918 8576 RDPENCDD - ok
15:52:29.0949 8576 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
15:52:30.0074 8576 RDPREFMP - ok
15:52:30.0121 8576 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:52:30.0246 8576 RDPWD - ok
15:52:30.0308 8576 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:52:30.0386 8576 rdyboost - ok
15:52:30.0433 8576 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
15:52:30.0573 8576 RemoteAccess - ok
15:52:30.0605 8576 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
15:52:30.0761 8576 RemoteRegistry - ok
15:52:30.0776 8576 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
15:52:30.0885 8576 RFCOMM - ok
15:52:30.0917 8576 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:52:31.0057 8576 RpcEptMapper - ok
15:52:31.0104 8576 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
15:52:31.0197 8576 RpcLocator - ok
15:52:31.0229 8576 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
15:52:31.0369 8576 RpcSs - ok
15:52:31.0431 8576 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:52:31.0572 8576 rspndr - ok
15:52:31.0603 8576 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
15:52:31.0681 8576 SamSs - ok
15:52:31.0712 8576 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:52:31.0790 8576 sbp2port - ok
15:52:31.0837 8576 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
15:52:31.0977 8576 SCardSvr - ok
15:52:32.0009 8576 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:52:32.0149 8576 scfilter - ok
15:52:32.0196 8576 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
15:52:32.0399 8576 Schedule - ok
15:52:32.0430 8576 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
15:52:32.0539 8576 SCPolicySvc - ok
15:52:32.0601 8576 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
15:52:32.0820 8576 SDRSVC - ok
15:52:32.0882 8576 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files\Microsoft\BingBar\SeaPort.EXE
15:52:32.0960 8576 SeaPort - ok
15:52:33.0023 8576 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
15:52:33.0147 8576 secdrv - ok
15:52:33.0210 8576 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
15:52:33.0350 8576 seclogon - ok
15:52:33.0397 8576 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
15:52:33.0537 8576 SENS - ok
15:52:33.0569 8576 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\drivers\serenum.sys
15:52:33.0678 8576 Serenum - ok
15:52:33.0756 8576 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\drivers\serial.sys
15:52:33.0865 8576 Serial - ok
15:52:33.0896 8576 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\drivers\sermouse.sys
15:52:33.0990 8576 sermouse - ok
15:52:34.0083 8576 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
15:52:34.0239 8576 SessionEnv - ok
15:52:34.0302 8576 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
15:52:34.0395 8576 sffdisk - ok
15:52:34.0411 8576 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
15:52:34.0536 8576 sffp_mmc - ok
15:52:34.0551 8576 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
15:52:34.0661 8576 sffp_sd - ok
15:52:34.0707 8576 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
15:52:34.0785 8576 sfloppy - ok
15:52:34.0895 8576 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
15:52:34.0988 8576 Sftfs - ok
15:52:35.0160 8576 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
15:52:35.0253 8576 sftlist - ok
15:52:35.0316 8576 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
15:52:35.0378 8576 Sftplay - ok
15:52:35.0409 8576 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
15:52:35.0472 8576 Sftredir - ok
15:52:35.0519 8576 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
15:52:35.0581 8576 Sftvol - ok
15:52:35.0643 8576 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
15:52:35.0706 8576 sftvsa - ok
15:52:35.0799 8576 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
15:52:35.0971 8576 SharedAccess - ok
15:52:36.0065 8576 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:52:36.0236 8576 ShellHWDetection - ok
15:52:36.0299 8576 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
15:52:36.0361 8576 sisagp - ok
15:52:36.0392 8576 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
15:52:36.0455 8576 SiSRaid2 - ok
15:52:36.0486 8576 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
15:52:36.0548 8576 SiSRaid4 - ok
15:52:36.0579 8576 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
15:52:36.0720 8576 Smb - ok
15:52:36.0782 8576 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:52:36.0876 8576 SNMPTRAP - ok
15:52:36.0891 8576 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
15:52:36.0954 8576 spldr - ok
15:52:37.0001 8576 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
15:52:37.0172 8576 Spooler - ok
15:52:37.0313 8576 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
15:52:37.0609 8576 sppsvc - ok
15:52:37.0671 8576 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
15:52:37.0812 8576 sppuinotify - ok
15:52:37.0859 8576 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
15:52:37.0983 8576 srv - ok
15:52:38.0015 8576 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:52:38.0093 8576 srv2 - ok
15:52:38.0124 8576 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:52:38.0202 8576 srvnet - ok
15:52:38.0233 8576 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:52:38.0389 8576 SSDPSRV - ok
15:52:38.0467 8576 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
15:52:38.0529 8576 ssmdrv - ok
15:52:38.0576 8576 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
15:52:38.0748 8576 SstpSvc - ok
15:52:38.0826 8576 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\drivers\stexstor.sys
15:52:38.0888 8576 stexstor - ok
15:52:39.0029 8576 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
15:52:39.0185 8576 StiSvc - ok
15:52:39.0231 8576 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
15:52:39.0309 8576 swenum - ok
15:52:39.0403 8576 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
15:52:39.0559 8576 swprv - ok
15:52:39.0715 8576 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
15:52:39.0871 8576 SysMain - ok
15:52:39.0902 8576 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
15:52:40.0011 8576 TabletInputService - ok
15:52:40.0043 8576 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
15:52:40.0214 8576 TapiSrv - ok
15:52:40.0245 8576 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
15:52:40.0386 8576 TBS - ok
15:52:40.0479 8576 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:52:40.0651 8576 Tcpip - ok
15:52:40.0713 8576 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:52:40.0838 8576 TCPIP6 - ok
15:52:40.0885 8576 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:52:40.0979 8576 tcpipreg - ok
15:52:41.0025 8576 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
15:52:41.0150 8576 TDPIPE - ok
15:52:41.0181 8576 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
15:52:41.0275 8576 TDTCP - ok
15:52:41.0291 8576 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:52:41.0431 8576 tdx - ok
15:52:41.0447 8576 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
15:52:41.0509 8576 TermDD - ok
15:52:41.0571 8576 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
15:52:41.0743 8576 TermService - ok
15:52:41.0774 8576 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
15:52:41.0868 8576 Themes - ok
15:52:41.0899 8576 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
15:52:42.0024 8576 THREADORDER - ok
15:52:42.0117 8576 [ E5EFD1068D24F9F052A027CAFED3AA5A ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
15:52:42.0180 8576 TiMiniService - ok
15:52:42.0227 8576 [ DE87A23D2DDC7378D1C7AB681E20DE47 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
15:52:42.0289 8576 tmactmon - ok
15:52:42.0320 8576 [ 540C2B5DC47651C572C2804DC72FDDA8 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
15:52:42.0383 8576 tmcomm - ok
15:52:42.0398 8576 [ 2DE1FA64EBAFF376F2C038F64492F62C ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
15:52:42.0461 8576 tmevtmgr - ok
15:52:42.0507 8576 [ 5A61679B2277B9AD550E30479A69503B ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
15:52:42.0570 8576 tmtdi - ok
15:52:42.0632 8576 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
15:52:42.0773 8576 TrkWks - ok
15:52:42.0819 8576 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:52:42.0960 8576 TrustedInstaller - ok
15:52:42.0991 8576 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
15:52:43.0131 8576 tssecsrv - ok
15:52:43.0163 8576 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:52:43.0319 8576 TsUsbFlt - ok
15:52:43.0334 8576 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
15:52:43.0428 8576 TsUsbGD - ok
15:52:43.0459 8576 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:52:43.0584 8576 tunnel - ok
15:52:43.0599 8576 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\drivers\uagp35.sys
15:52:43.0677 8576 uagp35 - ok
15:52:43.0693 8576 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:52:43.0833 8576 udfs - ok
15:52:43.0896 8576 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
15:52:44.0005 8576 UI0Detect - ok
15:52:44.0021 8576 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:52:44.0083 8576 uliagpkx - ok
15:52:44.0114 8576 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\DRIVERS\umbus.sys
15:52:44.0208 8576 umbus - ok
15:52:44.0223 8576 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\drivers\umpass.sys
15:52:44.0317 8576 UmPass - ok
15:52:44.0348 8576 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
15:52:44.0520 8576 upnphost - ok
15:52:44.0567 8576 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\windows\system32\Drivers\usbaapl.sys
15:52:44.0676 8576 USBAAPL - ok
15:52:44.0723 8576 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
15:52:44.0847 8576 usbccgp - ok
15:52:44.0863 8576 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
15:52:44.0957 8576 usbcir - ok
15:52:44.0988 8576 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
15:52:45.0066 8576 usbehci - ok
15:52:45.0081 8576 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
15:52:45.0175 8576 usbhub - ok
15:52:45.0206 8576 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
15:52:45.0300 8576 usbohci - ok
15:52:45.0331 8576 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
15:52:45.0425 8576 usbprint - ok
15:52:45.0487 8576 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
15:52:45.0581 8576 usbscan - ok
15:52:45.0612 8576 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
15:52:45.0752 8576 USBSTOR - ok
15:52:45.0768 8576 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
15:52:45.0861 8576 usbuhci - ok
15:52:45.0908 8576 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
15:52:46.0002 8576 usbvideo - ok
15:52:46.0049 8576 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
15:52:46.0173 8576 UxSms - ok
15:52:46.0205 8576 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
15:52:46.0283 8576 VaultSvc - ok
15:52:46.0329 8576 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
15:52:46.0392 8576 vdrvroot - ok
15:52:46.0548 8576 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
15:52:46.0688 8576 vds - ok
15:52:46.0735 8576 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
15:52:46.0844 8576 vga - ok
15:52:46.0860 8576 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
15:52:47.0000 8576 VgaSave - ok
15:52:47.0078 8576 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
15:52:47.0156 8576 vhdmp - ok
15:52:47.0172 8576 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
15:52:47.0250 8576 viaagp - ok
15:52:47.0297 8576 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\drivers\viac7.sys
15:52:47.0390 8576 ViaC7 - ok
15:52:47.0421 8576 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
15:52:47.0484 8576 viaide - ok
15:52:47.0577 8576 [ C37CE43FB54066FFB540729C6E6E194E ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
15:52:47.0640 8576 VideAceWindowsService - ok
15:52:47.0671 8576 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
15:52:47.0733 8576 volmgr - ok
15:52:47.0749 8576 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
15:52:47.0843 8576 volmgrx - ok
15:52:47.0874 8576 [ C37AEE5966EB5929E2051AC7409B5730 ] volsnap C:\windows\system32\drivers\volsnap.sys
15:52:47.0952 8576 volsnap - ok
15:52:47.0983 8576 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
15:52:48.0061 8576 vsmraid - ok
15:52:48.0123 8576 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
15:52:48.0326 8576 VSS - ok
15:52:48.0342 8576 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
15:52:48.0435 8576 vwifibus - ok
15:52:48.0467 8576 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
15:52:48.0560 8576 vwififlt - ok
15:52:48.0576 8576 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
15:52:48.0732 8576 W32Time - ok
15:52:48.0763 8576 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\drivers\wacompen.sys
15:52:48.0841 8576 WacomPen - ok
15:52:48.0872 8576 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
15:52:49.0028 8576 WANARP - ok
15:52:49.0044 8576 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
15:52:49.0169 8576 Wanarpv6 - ok
15:52:49.0247 8576 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
15:52:49.0449 8576 wbengine - ok
15:52:49.0496 8576 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
15:52:49.0605 8576 WbioSrvc - ok
15:52:49.0637 8576 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
15:52:49.0746 8576 wcncsvc - ok
15:52:49.0761 8576 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:52:49.0949 8576 WcsPlugInService - ok
15:52:49.0995 8576 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\drivers\wd.sys
15:52:50.0058 8576 Wd - ok
15:52:50.0120 8576 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
15:52:50.0229 8576 Wdf01000 - ok
15:52:50.0276 8576 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
15:52:50.0432 8576 WdiServiceHost - ok
15:52:50.0448 8576 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
15:52:50.0573 8576 WdiSystemHost - ok
15:52:50.0619 8576 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
15:52:50.0729 8576 WebClient - ok
15:52:50.0760 8576 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
15:52:50.0916 8576 Wecsvc - ok
15:52:50.0947 8576 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
15:52:51.0087 8576 wercplsupport - ok
15:52:51.0119 8576 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
15:52:51.0275 8576 WerSvc - ok
15:52:51.0306 8576 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
15:52:51.0446 8576 WfpLwf - ok
15:52:51.0477 8576 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
15:52:51.0540 8576 WIMMount - ok
15:52:51.0618 8576 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:52:51.0758 8576 WinDefend - ok
15:52:51.0789 8576 WinHttpAutoProxySvc - ok
15:52:51.0961 8576 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
15:52:52.0117 8576 Winmgmt - ok
15:52:52.0242 8576 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
15:52:52.0445 8576 WinRM - ok
15:52:52.0554 8576 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
15:52:52.0647 8576 WinUsb - ok
15:52:52.0710 8576 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
15:52:52.0866 8576 Wlansvc - ok
15:52:52.0959 8576 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:52:53.0022 8576 wlcrasvc - ok
15:52:53.0147 8576 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:52:53.0318 8576 wlidsvc - ok
15:52:53.0365 8576 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
15:52:53.0427 8576 WmiAcpi - ok
15:52:53.0490 8576 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
15:52:53.0583 8576 wmiApSrv - ok
15:52:53.0661 8576 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:52:53.0880 8576 WMPNetworkSvc - ok
15:52:53.0911 8576 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
15:52:54.0051 8576 WPCSvc - ok
15:52:54.0083 8576 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
15:52:54.0207 8576 WPDBusEnum - ok
15:52:54.0239 8576 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
15:52:54.0379 8576 ws2ifsl - ok
15:52:54.0395 8576 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
15:52:54.0504 8576 wscsvc - ok
15:52:54.0519 8576 WSearch - ok
15:52:54.0644 8576 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
15:52:54.0847 8576 wuauserv - ok
15:52:54.0909 8576 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
15:52:55.0050 8576 WudfPf - ok
15:52:55.0081 8576 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
15:52:55.0175 8576 WUDFRd - ok
15:52:55.0206 8576 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
15:52:55.0331 8576 wudfsvc - ok
15:52:55.0377 8576 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
15:52:55.0502 8576 WwanSvc - ok
15:52:55.0549 8576 ================ Scan global ===============================
15:52:55.0596 8576 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
15:52:55.0643 8576 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
15:52:55.0689 8576 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\windows\system32\winsrv.dll
15:52:55.0721 8576 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
15:52:55.0783 8576 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
15:52:55.0814 8576 [Global] - ok
15:52:55.0814 8576 ================ Scan MBR ==================================
15:52:55.0845 8576 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:52:56.0579 8576 \Device\Harddisk0\DR0 - ok
15:52:56.0579 8576 ================ Scan VBR ==================================
15:52:56.0594 8576 [ 1464CB3A891944CBF2CDA08611A9B70A ] \Device\Harddisk0\DR0\Partition1
15:52:56.0625 8576 \Device\Harddisk0\DR0\Partition1 - ok
15:52:56.0657 8576 [ 5227DB24F17502F97DBE952E1B66BC39 ] \Device\Harddisk0\DR0\Partition2
15:52:56.0719 8576 \Device\Harddisk0\DR0\Partition2 - ok
15:52:56.0719 8576 ============================================================
15:52:56.0719 8576 Scan finished
15:52:56.0719 8576 ============================================================
15:52:56.0922 7236 Detected object count: 0
15:52:56.0922 7236 Actual detected object count: 0
|
|
11.04.2013, 15:04
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde Und was ist mit dem anderen Log?
__________________ --> Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde |
|
11.04.2013, 15:13
| #7 |
| | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde und hier der andere scan, welcher aber vor dem kaspersky gemacht wurde: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-11 15:31:16
-----------------------------
15:31:16.158 OS Version: Windows 6.1.7601 Service Pack 1
15:31:16.158 Number of processors: 2 586 0x200
15:31:16.168 ComputerName: ******-PC UserName: Admin
15:31:17.011 Initialize success
15:33:41.602 AVAST engine defs: 13041100
15:33:55.688 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006c
15:33:55.715 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 11
15:33:56.133 Disk 0 MBR read successfully
15:33:56.144 Disk 0 MBR scan
15:33:56.499 Disk 0 Windows 7 default MBR code
15:33:56.547 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102400 MB offset 2048
15:33:56.649 Disk 0 Partition 2 00 1B Hidd FAT32 MSDOS5.0 15360 MB offset 209717248
15:33:56.762 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 187468 MB offset 241174528
15:33:56.862 Disk 0 Partition 4 00 EF EFI FAT 16 MB offset 625108992
15:33:57.044 Disk 0 scanning sectors +625141760
15:33:57.470 Disk 0 scanning C:\windows\system32\drivers
15:35:16.547 Service scanning
15:37:54.909 Modules scanning
15:38:26.988 Disk 0 trace - called modules:
15:38:27.051 ntkrnlpa.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys halmacpi.dll amd_sata.sys
15:38:27.612 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84256030]
15:38:27.643 3 CLASSPNP.SYS[867ae59e] -> nt!IofCallDriver -> [0x84192020]
15:38:27.675 5 amd_xata.sys[8639a899] -> nt!IofCallDriver -> \Device\0000006c[0x8407d118]
15:38:31.450 AVAST engine scan C:\windows
15:38:38.064 AVAST engine scan C:\windows\system32
15:47:26.920 AVAST engine scan C:\windows\system32\drivers
15:48:12.241 AVAST engine scan C:\Users\Admin
15:48:46.000 AVAST engine scan C:\ProgramData
15:50:41.243 Scan finished successfully
15:51:22.349 Disk 0 MBR has been saved successfully to "C:\Users\Admin\Desktop\MBR.dat"
15:51:22.396 The log file has been saved successfully to "C:\Users\Admin\Desktop\aswMBR.txt"
|
|
11.04.2013, 15:25
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2013, 15:28
| #9 |
| | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde Was sind Schutzprogramme? |
|
11.04.2013, 15:29
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde Virenscanner sind das
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2013, 15:41
| #11 |
| | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde Das Junkware Removal ist mit dem Scan fertig und meldet Code:
ATTFilter A bad modul has been detected!
A reboot is required to remove modules.
Press 'y' to reboot now
Press 'n' to reboot later
Reboot now? [y,n] _
|
|
11.04.2013, 15:46
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde Bestätigen mit y, dann rebooten (Windows neustarten) lassen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.04.2013, 16:37
| #13 |
| | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde So,... Die OTL Datei: Code:
ATTFilter OTL logfile created on: 11.04.2013 17:10:17 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kitte\Downloads Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 749,46 Mb Total Physical Memory | 102,19 Mb Available Physical Memory | 13,64% Memory free 1,73 Gb Paging File | 0,81 Gb Available in Paging File | 46,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 100,00 Gb Total Space | 52,75 Gb Free Space | 52,75% Space Free | Partition Type: NTFS Drive D: | 183,07 Gb Total Space | 182,52 Gb Free Space | 99,70% Space Free | Partition Type: NTFS Computer Name: *****-PC | User Name: Admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.08 21:07:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kitte\Downloads\OTL.exe PRC - [2013.03.30 22:25:55 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2013.03.30 22:25:39 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2013.03.30 22:25:39 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.03.30 22:25:38 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.03.30 22:25:38 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2013.03.20 12:55:48 | 000,162,856 | ---- | M] (Geek Software GmbH) -- C:\Program Files\PDF24\pdf24.exe PRC - [2013.02.20 13:35:28 | 000,152,392 | ---- | M] (Apple Inc.) -- D:\iTunesHelper.exe PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2012.08.13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2012.08.13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.08.09 01:49:08 | 001,263,024 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\HotkeyService\HotkeyService.exe PRC - [2011.08.09 01:49:00 | 000,101,800 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe PRC - [2011.08.09 01:48:20 | 000,224,680 | ---- | M] () -- C:\Windows\System32\AsusService.exe PRC - [2011.07.21 09:46:32 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2011.07.20 14:10:10 | 000,401,408 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011.07.20 14:09:40 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2011.07.12 23:06:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe PRC - [2011.06.16 03:37:58 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnWMI.exe PRC - [2011.06.03 00:11:06 | 000,064,128 | ---- | M] (ASUS) -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe PRC - [2011.04.14 20:23:12 | 000,419,504 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\Asus\Eee Docking\Eee Docking.exe PRC - [2011.03.25 18:55:16 | 000,091,464 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe PRC - [2011.02.25 20:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011.01.27 03:15:08 | 000,413,112 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\SHE\SuperHybridEngine.exe PRC - [2010.11.15 22:27:22 | 000,445,344 | ---- | M] (ASUS) -- C:\Program Files\ASUS\CapsHook\CapsHook.exe PRC - [2010.09.17 10:32:44 | 000,197,968 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe PRC - [2010.09.17 10:32:44 | 000,161,104 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe PRC - [2010.06.10 09:57:18 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe PRC - [2010.04.07 07:16:52 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe ========== Modules (No Company Name) ========== MOD - [2013.03.19 17:13:37 | 000,240,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll MOD - [2013.03.19 17:08:07 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll MOD - [2013.03.19 17:07:13 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll MOD - [2013.03.19 17:06:19 | 014,340,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll MOD - [2013.03.19 16:51:48 | 012,237,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll MOD - [2013.03.19 16:51:14 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll MOD - [2013.03.19 16:50:39 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll MOD - [2013.03.19 16:47:00 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013.03.19 16:46:36 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll MOD - [2013.03.19 16:45:32 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll MOD - [2013.03.19 16:45:01 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.03.19 16:44:48 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.03.19 16:44:37 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll MOD - [2013.03.19 16:44:24 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.03.19 16:44:00 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2013.01.28 14:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2013.01.28 14:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll MOD - [2011.07.21 09:46:40 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll MOD - [2011.07.21 09:35:56 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll MOD - [2011.07.12 23:06:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe MOD - [2011.03.15 00:21:10 | 000,016,384 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2011.02.16 17:29:11 | 000,212,992 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2011.02.16 17:29:03 | 000,249,856 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2011.02.16 17:29:03 | 000,110,592 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll MOD - [2010.11.13 01:19:05 | 000,434,176 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.09.02 13:08:00 | 000,118,784 | ---- | M] () -- C:\PROGRA~1\ASUS\ASUSWE~1\30102~1.211\ASUSWS~1.DLL ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp) SRV - [2013.03.30 22:25:55 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.03.30 22:25:39 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2013.03.30 22:25:38 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.03.08 09:50:45 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011.10.01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.08.09 01:48:20 | 000,224,680 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService) SRV - [2011.07.21 09:46:32 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2011.07.20 14:09:40 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011.06.03 00:11:06 | 000,064,128 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn) SRV - [2011.03.25 18:55:16 | 000,091,464 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService) SRV - [2011.03.02 07:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011.02.25 20:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010.09.17 10:32:44 | 000,161,104 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2013.03.30 22:26:06 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013.03.30 22:26:06 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.03.30 22:26:06 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2011.10.01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol) DRV - [2011.10.01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir) DRV - [2011.10.01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay) DRV - [2011.10.01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs) DRV - [2011.07.20 16:39:22 | 007,811,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011.07.20 13:33:12 | 000,245,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2010.11.20 12:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 12:24:42 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2010.11.20 11:59:46 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010.11.16 20:34:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2010.11.04 12:52:50 | 000,064,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_sata.sys -- (amd_sata) DRV - [2010.11.04 12:52:50 | 000,032,384 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amd_xata.sys -- (amd_xata) DRV - [2010.09.27 09:23:58 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) DRV - [2010.09.17 10:32:48 | 000,189,520 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm) DRV - [2010.09.17 10:32:48 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi) DRV - [2010.09.17 10:32:48 | 000,080,464 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon) DRV - [2010.09.17 10:32:48 | 000,064,080 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr) DRV - [2010.08.03 07:20:56 | 000,011,832 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO) DRV - [2010.06.28 07:24:00 | 000,011,456 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2010.03.02 17:43:20 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2010.02.18 19:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2009.07.20 11:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP07&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP07&src=IE-SearchBox IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{F8419A54-D119-4E1B-BC5A-E9DFB14125B4}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10267&src=kw&q={searchTerms}&locale=de_NL&apn_ptnrs=^AGY&apn_dtid=^YYYYYY^YY^NL&apn_uid=275d5fe8-4042-47cc-bca4-3bda82c2747b&apn_sauid=104383A4-0504-4694-BEE5-2DFB27E76722 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.11.10 01:03:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.03.29 10:09:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.04.04 13:43:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.102.211\AsusWSPanel.exe (ecareme) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [iTunesHelper] D:\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe (Trend Micro Inc.) O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe () O4 - HKLM..\Run: [VizorHtmlDialog.exe] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe (Trend Micro Inc.) O4 - HKLM..\RunOnce: [*ForceDelete] C:\Users\kitte\Downloads\adwcleaner.exe () O4 - HKLM..\RunOnce: [Z1] C:\windows\System32\cmd.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [DeleteOnReboot] C:\Windows\DeleteOnReboot.bat () O4 - HKCU..\RunOnce: [JRTcleanup] C:\JRT\JRT.bat () O4 - HKCU..\RunOnce: [Report] \AdwCleaner[S1].txt () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DE7592A-F969-490A-806E-24783E17EE4A}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O20 - AppInit_DLLs: (c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.11 12:48:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.04.11 09:24:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2013.04.11 09:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP [2013.04.11 09:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 [2013.04.11 09:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\PDF24 [2013.04.11 09:17:45 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Programs [2013.04.11 07:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013.04.11 07:34:41 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2013.04.11 07:34:37 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2013.04.11 07:34:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2013.04.11 07:34:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2013.04.11 07:34:33 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2013.04.11 07:34:28 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2013.04.11 07:34:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll [2013.04.11 07:34:23 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2013.04.10 19:29:10 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2013.04.08 21:16:43 | 000,000,000 | ---D | C] -- C:\windows\ERUNT [2013.04.08 21:14:07 | 000,000,000 | ---D | C] -- C:\JRT [2013.04.04 20:12:44 | 000,000,000 | ---D | C] -- C:\TEMP [2013.04.04 13:43:52 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect [2013.04.04 13:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.03.29 10:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2013.03.29 10:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup [2013.03.29 10:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.03.29 10:09:38 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2013.03.29 10:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2013.03.27 11:48:42 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\RadiantViewer [2013.03.27 11:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadiAnt DICOM Viewer [2013.03.27 11:48:35 | 000,000,000 | ---D | C] -- C:\ProgramData\RadiAntViewer [2013.03.25 01:27:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.03.24 21:38:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster [2013.03.24 19:49:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\SoftGrid Client [2013.03.24 19:49:07 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\SoftGrid Client [2013.03.22 22:29:23 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications [2013.03.22 14:17:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\BewerbungsMaster [2013.03.22 14:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\BewerbungsMaster [2013.03.22 14:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster [2013.03.22 14:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\BEWERBUNGSMASTER [2013.03.22 14:10:11 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\Setup1.exe [2013.03.22 14:09:53 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\ST6UNST.EXE [2013.03.22 14:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch) [2013.03.22 13:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013.03.22 13:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Application Virtualization Client [2013.03.22 13:54:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\TP [2013.03.21 16:01:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.03.21 15:57:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Apple Computer [2013.03.21 15:57:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium [2013.03.21 15:55:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\VirtualStore [2013.03.18 15:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013.03.18 15:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013.03.18 15:54:07 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll [2013.03.18 15:54:07 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll [2013.03.18 15:54:07 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe [2013.03.18 15:53:08 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe [2013.03.18 15:53:08 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe [2013.03.18 15:53:08 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll [2013.03.18 15:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.03.18 10:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.03.18 10:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.03.18 10:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2013.03.18 10:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013.03.18 10:32:00 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Apple [2013.03.18 10:31:48 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2013.03.18 10:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013.03.18 10:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2013.03.18 10:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013.03.18 09:59:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013.03.17 19:05:50 | 000,000,000 | -H-D | C] -- C:\windows\System32\CanonIJ Uninstaller Information [2013.03.17 19:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP540 series [2013.03.17 19:05:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2013.03.17 19:02:19 | 000,230,912 | ---- | C] (CANON INC.) -- C:\windows\System32\CNMLM9E.DLL [2013.03.17 19:01:32 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ [2013.03.17 19:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2013.03.17 19:01:28 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2013.03.16 19:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.03.16 19:57:53 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Google [2013.03.16 19:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Vorlagen [2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Verlauf [2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Temporary Internet Files [2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Startmenü [2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\SendTo [2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Recent [2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Lokale Einstellungen [2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Druckumgebung [2013.03.16 19:50:27 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Anwendungsdaten [2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Netzwerkumgebung [2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Eigene Videos [2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Eigene Musik [2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Eigene Dateien [2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Eigene Bilder [2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Cookies [2013.03.16 19:50:26 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Anwendungsdaten [2013.03.16 19:50:16 | 000,000,000 | --SD | C] -- C:\Users\Admin\AppData\Roaming\Microsoft [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Videos [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Searches [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Saved Games [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Pictures [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Music [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Links [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Favorites [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Downloads [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Documents [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Desktop [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\Contacts [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.03.16 19:50:16 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.03.16 19:50:16 | 000,000,000 | -H-D | C] -- C:\Users\Admin\AppData [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Windows Live [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Temp [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Macromedia [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\InstallShield [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Identities [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\E-Cam [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\ATI [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\ATI [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Asus WebStorage [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\ASUS WebStorage [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\ASUS [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\AMD [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Adobe [2013.03.16 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Adobe [2013.03.15 22:48:29 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2013.03.15 22:48:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2013.03.15 22:04:06 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys [2013.03.15 22:04:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wdfres.dll [2013.03.15 21:45:47 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFPlatform.dll [2013.03.15 21:45:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFCoinstaller.dll [2013.03.15 21:45:43 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFx.dll [2013.03.15 21:39:52 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browserchoice.exe [2013.03.15 21:11:27 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys [2013.03.15 21:10:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\RNDISMP.sys [2013.03.15 21:09:42 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS [2013.03.14 22:58:04 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpnet.dll [2013.03.14 22:50:07 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OxpsConverter.exe [2013.03.14 22:49:35 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\timedate.cpl [2013.03.14 22:48:39 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe [2013.03.14 22:48:33 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe [2013.03.14 22:48:14 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msxml3r.dll [2013.03.14 22:46:18 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncsi.dll [2013.03.14 22:46:17 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys [2013.03.14 22:46:14 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netcorehc.dll [2013.03.14 22:46:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netevent.dll [2013.03.14 22:40:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\packager.dll [2013.03.14 22:34:03 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe [2013.03.14 22:33:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.03.14 22:33:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.03.14 22:33:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.03.14 22:33:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.03.14 22:33:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.03.14 22:33:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.03.14 22:33:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.03.14 22:33:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.03.14 22:33:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.03.14 22:33:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.03.14 22:33:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.03.14 22:33:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.03.14 22:33:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.03.14 22:33:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.03.14 22:33:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.03.14 22:33:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.03.14 22:33:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.03.14 22:33:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.03.14 22:33:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.03.14 22:33:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.03.14 22:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.03.14 22:33:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.03.14 22:33:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.03.14 22:33:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.03.14 22:33:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.03.14 22:33:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.03.14 22:33:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.03.14 22:33:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.03.14 22:27:18 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdosys.dll [2013.03.14 22:26:30 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll [2013.03.14 22:26:23 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll [2013.03.14 22:26:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browcli.dll [2013.03.14 22:25:33 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\quartz.dll [2013.03.14 22:25:31 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll [2013.03.14 22:25:24 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll [2013.03.14 22:22:58 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\System32\oflc-nz.rs [2013.03.14 22:22:57 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\System32\fpb.rs [2013.03.14 22:22:57 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\System32\csrr.rs [2013.03.14 22:22:57 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\System32\cob-au.rs [2013.03.14 22:22:57 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\System32\djctq.rs [2013.03.14 22:22:56 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\System32\pegibbfc.rs [2013.03.14 22:22:56 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\System32\usk.rs [2013.03.14 22:22:56 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\System32\grb.rs [2013.03.14 22:22:56 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi.rs [2013.03.14 22:22:55 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gameux.dll [2013.03.14 22:22:55 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wpc.dll [2013.03.14 22:22:55 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-pt.rs [2013.03.14 22:22:40 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\System32\cero.rs [2013.03.14 22:22:40 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\System32\esrb.rs [2013.03.14 22:22:40 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\System32\oflc.rs [2013.03.14 22:22:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-fi.rs [2013.03.14 22:21:32 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll [2013.03.14 22:21:22 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll [2013.03.14 22:21:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll [2013.03.14 22:21:14 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll [2013.03.14 22:21:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe [2013.03.14 22:21:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll [2013.03.14 22:20:51 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\synceng.dll [2013.03.14 22:20:19 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe [2013.03.14 22:20:14 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll [2013.03.14 22:19:59 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dhcpcore6.dll [2013.03.14 22:19:59 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dhcpcsvc6.dll [2013.03.14 22:16:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll [2013.03.14 22:14:04 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll [2013.03.14 21:06:51 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2013.03.14 21:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2013.03.14 20:00:20 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys [2013.03.14 19:37:16 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcore.dll [2013.03.14 18:57:39 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll [2013.03.14 18:57:37 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll [2013.03.14 18:54:42 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll [2013.03.14 18:54:41 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll [2013.03.14 18:54:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll [2013.03.14 18:53:35 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll [2013.03.14 18:53:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe [2013.03.14 18:46:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.03.14 18:43:42 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\System32\drivers\ssmdrv.sys [2013.03.14 18:42:59 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avkmgr.sys [2013.03.14 18:42:58 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avipbb.sys [2013.03.14 18:42:56 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avgntflt.sys [2013.03.14 18:42:26 | 000,232,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MpSigStub.exe [2013.03.14 18:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.03.14 18:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2013.03.14 18:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013.03.14 18:37:42 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013.03.14 16:15:01 | 000,000,000 | ---D | C] -- C:\windows\ConfigSetRoot [2013.03.14 16:14:40 | 000,000,000 | -H-D | C] -- C:\ExpressGateUtil [2013.03.14 16:12:42 | 001,263,104 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\athr.sys [2013.03.14 16:12:42 | 001,263,104 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\System32\athr.sys [2013.03.14 16:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\Atheros [2013.03.14 16:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2013.03.14 16:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech [2013.03.14 16:09:20 | 000,000,000 | -HSD | C] -- C:\Recovery [1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.11 17:14:04 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.11 17:14:04 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.11 17:04:44 | 000,001,092 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.11 17:04:31 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013.04.11 17:04:21 | 589,393,920 | -HS- | M] () -- C:\hiberfil.sys [2013.04.11 17:03:02 | 000,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.11 17:02:34 | 000,000,097 | ---- | M] () -- C:\windows\DeleteOnReboot.bat [2013.04.11 15:51:22 | 000,000,512 | ---- | M] () -- C:\Users\Admin\Desktop\MBR.dat [2013.04.11 11:50:05 | 000,286,232 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2013.04.11 09:23:47 | 000,001,899 | ---- | M] () -- C:\Users\Admin\Desktop\CDBurnerXP.lnk [2013.04.11 09:19:11 | 000,001,803 | ---- | M] () -- C:\Users\Public\Desktop\PDF24 Fax.lnk [2013.04.08 20:04:18 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013.04.04 18:31:15 | 000,666,022 | ---- | M] () -- C:\windows\System32\perfh007.dat [2013.04.04 18:31:15 | 000,627,864 | ---- | M] () -- C:\windows\System32\perfh009.dat [2013.04.04 18:31:15 | 000,133,944 | ---- | M] () -- C:\windows\System32\perfc007.dat [2013.04.04 18:31:15 | 000,110,326 | ---- | M] () -- C:\windows\System32\perfc009.dat [2013.03.30 22:26:06 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avipbb.sys [2013.03.30 22:26:06 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avgntflt.sys [2013.03.30 22:26:06 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\windows\System32\drivers\avkmgr.sys [2013.03.29 10:12:45 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk [2013.03.29 10:09:45 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.03.24 21:38:11 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\windows\Setup1.exe [2013.03.24 21:38:06 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\ST6UNST.EXE [2013.03.24 21:36:57 | 000,000,626 | ---- | M] () -- C:\windows\ST6UNST0.MIF [2013.03.22 14:09:14 | 009,887,744 | ---- | M] () -- C:\Users\Admin\Desktop\master_3.8.exe [2013.03.21 15:57:28 | 000,001,503 | ---- | M] () -- C:\Users\Admin\Desktop\Trend Micro Titanium.lnk [2013.03.21 15:56:41 | 000,002,205 | ---- | M] () -- C:\Users\Admin\Desktop\Google Chrome.lnk [2013.03.21 15:56:07 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2013.03.18 15:52:43 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll [2013.03.18 15:52:39 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe [2013.03.18 15:52:39 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe [2013.03.18 15:52:38 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll [2013.03.18 15:52:38 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll [2013.03.18 15:52:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe [2013.03.18 10:38:33 | 000,001,353 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.03.17 19:01:55 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk [2013.03.16 21:09:05 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.03.15 08:05:00 | 000,150,011 | ---- | M] () -- C:\windows\System32\license.rtf [2013.03.14 21:06:58 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.03.14 18:46:42 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.03.14 16:14:45 | 000,001,514 | ---- | M] () -- C:\Users\Public\Desktop\OS Switch.lnk [2013.03.14 16:13:24 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\E-Manual.lnk [1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.11 17:01:31 | 000,000,097 | ---- | C] () -- C:\windows\DeleteOnReboot.bat [2013.04.11 15:51:22 | 000,000,512 | ---- | C] () -- C:\Users\Admin\Desktop\MBR.dat [2013.04.11 09:23:47 | 000,001,899 | ---- | C] () -- C:\Users\Admin\Desktop\CDBurnerXP.lnk [2013.04.11 09:23:47 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2013.04.11 09:19:11 | 000,001,803 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Fax.lnk [2013.04.08 20:04:18 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013.03.29 10:12:45 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk [2013.03.29 10:09:45 | 000,002,036 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.03.29 10:09:44 | 000,002,048 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2013.03.24 21:36:42 | 000,000,626 | ---- | C] () -- C:\windows\ST6UNST0.MIF [2013.03.22 14:09:04 | 009,887,744 | ---- | C] () -- C:\Users\Admin\Desktop\master_3.8.exe [2013.03.21 15:57:28 | 000,001,503 | ---- | C] () -- C:\Users\Admin\Desktop\Trend Micro Titanium.lnk [2013.03.21 15:56:51 | 000,001,413 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.03.21 15:56:41 | 000,002,205 | ---- | C] () -- C:\Users\Admin\Desktop\Google Chrome.lnk [2013.03.21 15:56:07 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2013.03.18 10:38:33 | 000,001,353 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.03.18 10:31:50 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013.03.17 19:01:55 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk [2013.03.16 21:09:05 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.03.16 19:58:01 | 000,001,096 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.16 19:57:59 | 000,001,092 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.15 22:04:16 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.03.15 21:45:42 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.03.14 21:06:58 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.03.14 18:46:42 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.03.14 16:15:36 | 000,005,576 | ---- | C] () -- C:\windows\Language.ini [2013.03.14 16:14:45 | 000,001,514 | ---- | C] () -- C:\Users\Public\Desktop\OS Switch.lnk [2013.03.14 16:13:24 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\E-Manual.lnk [2013.03.14 16:12:42 | 000,328,429 | ---- | C] () -- C:\windows\System32\netathr.inf [2013.03.14 16:12:42 | 000,053,352 | ---- | C] () -- C:\windows\System32\athrext.cat [2011.11.10 00:44:11 | 000,224,680 | ---- | C] () -- C:\windows\System32\AsusService.exe [2011.11.10 00:44:11 | 000,025,616 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini [2011.11.10 00:42:15 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2011.11.10 00:40:53 | 000,011,832 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys [2011.11.10 00:40:51 | 000,011,456 | ---- | C] () -- C:\windows\System32\drivers\AsIO.sys [2011.11.10 00:40:25 | 000,000,873 | ---- | C] () -- C:\windows\Reboot.ini [2011.11.10 00:39:49 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2011.11.10 00:35:38 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat [2011.11.10 00:35:38 | 000,000,008 | ---- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat [2011.11.07 11:05:16 | 000,003,929 | ---- | C] () -- C:\windows\System32\atipblag.dat [2011.11.07 11:05:14 | 000,233,765 | ---- | C] () -- C:\windows\System32\atiicdxx.dat [2011.11.07 10:39:57 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys [2011.07.21 10:21:00 | 000,059,904 | ---- | C] () -- C:\windows\System32\OVDecode.dll ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Files - Unicode (All) ========== [2013.03.14 16:16:18 | 000,000,059 | ---- | M] ()(C:\windows\System32\??) -- C:\windows\System32\Ȑ [2013.03.14 16:16:18 | 000,000,059 | ---- | C] ()(C:\windows\System32\??) -- C:\windows\System32\Ȑ ========== Alternate Data Streams ========== @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:AB689DEA < End of report > Die anderen Logs von heute waren auch nicht sichtbar, aber ich konnte wenn ich das Programm zum 2 Mal öffnete und auf save drückte die Datei sehen und mit rechtsklick öffnen oder Anzeigen drücken und dann den Inhalt kopieren. Delta Search ist jetzt auch verschwunden. Wie kann ich die .txt Dateien sehen, wenn diese da sind aber nicht erkennbar ohne Tricks? |
|
12.04.2013, 12:35
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde Bitte die Anleirungen lesen, das Log von adwCleaner wird da erwähnt, direkt auf C JRT bitte wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.04.2013, 20:30
| #15 |
| | Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde adw cleaner: Code:
ATTFilter # AdwCleaner v2.200 - Datei am 11/04/2013 um 17:01:01 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 7 Starter Service Pack 1 (32 bits)
# Benutzer : Admin - *****-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\kitte\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\kitte\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\kitte\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Gelöscht mit Neustart : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Admin\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Admin\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Ordner Gelöscht : C:\Users\kitte\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\kitte\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\kitte\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\a55ddddb56ae946
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\a55ddddb56ae946
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{0F827075-B026-42F3-885D-98981EE7B1AE}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16476
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119370&tt=040413_9113&babsrc=HP_ss&mntrId=AC3494DBC9394A5F --> hxxp://www.google.com
*************************
AdwCleaner[S1].txt - [9970 octets] - [11/04/2013 17:01:01]
########## EOF - \AdwCleaner[S1].txt - [10030 octets] ##########
|
|
| Themen zu Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde |
| angezeigt, avira, browser, deaktiviert, delta, einstellungen, fund, funde, geht nicht mehr, google, hoffe, melde, nicht mehr, nichts, programme, scan, schutz, search, seite, startseite, suchfunktion, systems, systemsteuerung, tagen, öffnet |
Linear-Darstellung
