Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: delta-search.com

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.05.2013, 12:50   #1
Louco
 
delta-search.com - Standard

delta-search.com



Hallo zusammen
mein problem ist seit zwei tage da. Problem ist dies sobald ich mein Browser Mozilla Firefox aufmache und ein neuer Tab anklicke geht er direckt auf delta-search.com. Unter Programme und Funktionen habe ihn delta-search.com gefunden und deinstalliert haber irgend wie ist der immer noch da. Kann mir einer helfen dies in ordnung zubringen.

mfg Louco

Alt 31.05.2013, 12:51   #2
markusg
/// Malware-holic
 
delta-search.com - Standard

delta-search.com



Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 31.05.2013, 15:16   #3
Louco
 
delta-search.com - Standard

delta-search.com



OTL.txt
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 31.05.2013 15:22:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jup\Desktop
 Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 60,43% Memory free
6,00 Gb Paging File | 4,70 Gb Available in Paging File | 78,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 216,72 Gb Free Space | 46,54% Space Free | Partition Type: NTFS
Drive D: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: JUP-PC | User Name: Jup | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.05.31 14:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jup\Desktop\OTL.exe
PRC - [2013.05.29 22:42:54 | 000,844,168 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013.05.12 00:26:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.23 13:48:16 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013.04.23 13:48:12 | 001,561,968 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2013.04.18 22:27:59 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.22 16:09:37 | 002,787,280 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
PRC - [2013.03.15 04:59:31 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.11.29 17:06:46 | 001,926,496 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
PRC - [2012.11.29 17:06:44 | 001,723,744 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.29 23:47:59 | 017,554,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\71b6200b469ae31187226c5634b6d6bb\Kies.Theme.ni.dll
MOD - [2013.05.29 23:47:12 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\5face173af94a7083cea1c078a6b4938\DummyStorePlugin.ni.dll
MOD - [2013.05.29 23:46:42 | 000,115,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\9ab54aea64046cd2b4ff895b1c027c05\DeviceStoryAlbum.ni.dll
MOD - [2013.05.29 23:45:56 | 000,614,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\29be5a9cc5b83e2b30e9d788ac201f83\DevicePodcast.ni.dll
MOD - [2013.05.29 23:44:31 | 000,300,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\b44e10add0a5276dc3fbbde338c4b5ea\DeviceVideo.ni.dll
MOD - [2013.05.29 23:43:34 | 000,355,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\9661c2265a6fb7782243c0633378a1e5\DevicePhoto.ni.dll
MOD - [2013.05.29 23:42:26 | 000,307,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\ec4ba3e13a88086bf95ea05919513917\DeviceMusic.ni.dll
MOD - [2013.05.29 23:41:16 | 000,474,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\df3496a7e1364e2b78bac5b4aef48ae6\VideoManager.ni.dll
MOD - [2013.05.29 23:39:41 | 000,782,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\88ec39193b34cf293d0887383c2ccde5\PhotoManager.ni.dll
MOD - [2013.05.29 23:33:00 | 001,988,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\be4228490407398b302edeed5ea57879\Phonebook.ni.dll
MOD - [2013.05.29 23:32:58 | 000,207,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\ea5424dfc774422fa2038d980b1642d1\StoryAlbumManager.ni.dll
MOD - [2013.05.29 23:32:57 | 000,945,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\11e6d42332f583f634dabad0c1252dbd\MusicManager.ni.dll
MOD - [2013.05.29 23:32:56 | 000,404,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\fbe4134679a5506a54004cd5952d7d29\BATPlugin.ni.dll
MOD - [2013.05.29 23:32:50 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\a5bd3f2855afcc1f5bf15057c35bd48d\Kies.Common.StoreManager.ni.dll
MOD - [2013.05.29 23:32:49 | 000,534,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\730c70013610eb7e73f49213b1076bab\Kies.Common.MediaDB.ni.dll
MOD - [2013.05.29 23:32:48 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll
MOD - [2013.05.29 23:32:47 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\94fd3d4235723a962f8b3f29d7eac567\Kies.Common.AllShare.ni.dll
MOD - [2013.05.29 23:32:46 | 000,109,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\fde643974d1f6bc8843237cedb262c9b\Kies.Common.CRMManager.ni.dll
MOD - [2013.05.29 23:32:46 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\1784a3c837a81be9ad8608a9405de178\Kies.Common.DBManager.ni.dll
MOD - [2013.05.29 23:32:45 | 001,146,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\6e3e1abb2c6eec953c061d179162925c\Podcaster.ni.dll
MOD - [2013.05.29 23:32:43 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\35992f641f4348746cfe0c6c1b48ece7\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013.05.29 23:32:42 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\94eee0f7d59880d4ff2754ad67877ac1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013.05.29 23:32:41 | 000,580,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f0dfcf225ea9ee5911a199d90da24d76\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013.05.29 23:32:41 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\931b9596988f8d16731b691a35a25727\Interop.DevFileServiceLib.ni.dll
MOD - [2013.05.29 23:32:24 | 001,204,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f564ae0bcec147d5902965cf0f4367d1\Kies.Common.DeviceService.ni.dll
MOD - [2013.05.29 23:31:10 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\99bba258903cd892a867461d55d728ff\DeviceCommonLib.ni.dll
MOD - [2013.05.29 23:30:59 | 000,743,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\1c2a1b55d3cb205a9387f3b78b8b4380\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013.05.29 23:29:16 | 000,205,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\50c6d0af63aa7107ec15d7ef86a62609\Kies.Common.MainUI.ni.dll
MOD - [2013.05.29 23:19:24 | 000,045,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bd5cbd625647b2af277b7c5c0ffb8f5b\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013.05.29 23:18:49 | 000,928,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\6704d4bac5e6b834fe7cd1502f09f2cb\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013.05.29 23:14:15 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013.05.29 23:14:08 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013.05.29 23:13:58 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\bfc490c6779a7a9ae85832ca58c27054\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013.05.29 23:13:51 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013.05.29 23:12:51 | 002,202,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\55bb76574a2231b83b8bb81ee405f172\Kies.Common.Multimedia.ni.dll
MOD - [2013.05.29 23:10:38 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f93e893f927f890bffe924ec7e8c1323\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013.05.29 23:10:09 | 000,638,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2627bfc447a741309a32dbd51ee23dbc\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013.05.29 23:08:38 | 007,031,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\6873d3fad51da6c98725437186125722\DeviceHost.ni.dll
MOD - [2013.05.29 23:06:17 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll
MOD - [2013.05.29 23:05:51 | 000,282,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\37bb8c2ca86bf868044bce11e73d1efc\Kies.Common.Util.ni.dll
MOD - [2013.05.29 23:05:41 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll
MOD - [2013.05.29 23:05:25 | 001,644,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c5572a7e44449de16eb4e7db6b7b5b82\Kies.Locale.ni.dll
MOD - [2013.05.29 23:05:09 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\2cbf81c1b1b5e7bd6a4758bd057e2d4c\Kies.MVVM.ni.dll
MOD - [2013.05.29 23:04:43 | 001,899,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7aef2d5e9f446c4108ed337e465cd196\Kies.UI.ni.dll
MOD - [2013.05.29 23:04:00 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f67e1afe33aa6c76e375dbd4fa132363\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013.05.29 23:03:10 | 001,273,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0687f786aa9dd34f7dd8d26cdfdb065f\Kies.Interface.ni.dll
MOD - [2013.05.29 22:57:18 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013.05.29 22:48:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll
MOD - [2013.05.29 22:45:18 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013.05.29 22:44:50 | 002,176,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\12c6291066c5db8821df6c56c8254037\Kies.ni.exe
MOD - [2013.05.29 22:30:24 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013.05.29 22:30:21 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll
MOD - [2013.05.29 22:30:19 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll
MOD - [2013.05.29 22:30:06 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll
MOD - [2013.05.29 22:29:52 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll
MOD - [2013.05.29 22:29:43 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll
MOD - [2013.05.29 22:29:35 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013.05.29 22:29:29 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2013.05.12 00:26:24 | 003,128,728 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2013.04.18 22:27:59 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe
MOD - [2013.03.22 16:09:37 | 002,787,280 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
MOD - [2013.03.22 16:08:36 | 002,520,016 | ---- | M] () -- c:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009.08.16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.22 16:09:37 | 002,787,280 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013.03.15 07:46:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.12.14 13:45:40 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)
SRV - [2012.11.29 17:06:44 | 001,723,744 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.11.29 17:06:44 | 000,029,536 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2013.04.24 19:45:35 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
DRV - [2013.04.24 19:45:35 | 000,044,432 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
DRV - [2013.04.24 19:45:26 | 000,594,528 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.04.03 09:58:16 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013.04.03 09:58:16 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013.03.15 07:46:27 | 008,952,608 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.12.14 13:45:34 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2012.12.14 13:45:34 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.08.02 15:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2012.07.19 07:57:52 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.06.19 17:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [1999.09.10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI32)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.delta-search.com/?affID=121562&tt=gc_&babsrc=HP_ss&mntrId=74C76470021311EA"
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:1.0.10
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4307
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@autodesk.com/DWF: C:\Program Files\Autodesk\Autodesk Design Review Browser Add-on v1.2\npADRdwf.dll (Autodesk)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.04.24 19:46:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.04.24 19:46:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.04.24 19:45:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.04.24 19:45:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.04.24 19:46:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.22 22:09:09 | 000,000,000 | ---D | M]
 
[2013.04.10 20:51:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jup\AppData\Roaming\mozilla\Extensions
[2013.05.30 00:35:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jup\AppData\Roaming\mozilla\Firefox\Profiles\mData\Kaspersky Lab\SafeBrowser\S-1-5-21-2092381075-737353353-2565579881-1000\FireFox\extensions
[2013.05.30 11:16:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jup\AppData\Roaming\mozilla\Firefox\Profiles\sfgcbg9b.default-1369903118924\Extensions
[2013.05.30 11:16:42 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Jup\AppData\Roaming\mozilla\firefox\profiles\sfgcbg9b.default-1369903118924\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.30 00:24:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\Extensions
[2013.05.29 18:46:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.29 18:46:54 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.29 18:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions
[2013.05.29 18:44:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\updated\extensions\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}
[2013.05.29 18:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\browser\extensions
[2013.05.29 18:44:32 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Chew7Hale] C:\Windows\System32\hale.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [PeerBlock] C:\Programme\PeerBlock\peerblock.exe (PeerBlock, LLC)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : E&nviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notas Ligadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notas Ligadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab (Java Plug-in 1.5.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FF566B5-3362-40A7-80B6-14192ADEA9B7}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDF11186-A743-4ACC-9FEA-C318A6345F22}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\misc.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\Winword.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.04.29 11:02:01 | 000,000,055 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.31 15:21:33 | 000,000,000 | ---D | C] -- C:\Users\Jup\Documents\Neuer Ordner (2)
[2013.05.31 14:02:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jup\Desktop\OTL.exe
[2013.05.30 10:38:49 | 000,000,000 | ---D | C] -- C:\Users\Jup\Desktop\Alte Firefox-Daten
[2013.05.30 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013.05.30 00:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013.05.30 00:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.05.30 00:17:22 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\Babylon
[2013.05.30 00:17:02 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2013.05.30 00:15:51 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\OpenCandy
[2013.05.30 00:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013.05.30 00:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013.05.29 23:28:36 | 000,000,000 | ---D | C] -- C:\Users\Jup\.jordan
[2013.05.29 23:01:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.05.29 22:51:39 | 000,000,000 | ---D | C] -- C:\Users\Jup\Documents\SelfMV
[2013.05.29 22:41:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.05.29 22:41:48 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Local\Samsung
[2013.05.29 22:41:36 | 000,000,000 | ---D | C] -- C:\Users\Jup\Documents\samsung
[2013.05.29 22:40:34 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2013.05.29 22:40:34 | 000,083,864 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2013.05.29 22:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2013.05.29 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec
[2013.05.29 22:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013.05.29 22:34:10 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2013.05.29 22:33:51 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2013.05.29 22:33:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.05.29 22:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2013.05.29 22:27:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.05.29 22:10:09 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Local\Downloaded Installations
[2013.05.29 21:43:17 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\Samsung
[2013.05.29 21:33:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2013.05.19 11:24:20 | 000,000,000 | ---D | C] -- C:\Users\Jup\Documents\Neuer Ordner
[2013.05.19 11:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
[2013.05.10 19:26:15 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\elsterformular
[2013.05.10 19:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
[2013.05.10 19:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2013.05.10 19:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\ElsterFormular
[2013.05.10 19:13:21 | 000,000,000 | ---D | C] -- C:\Users\Jup\appleJuice
[2013.05.10 19:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\appleJuice
[2013.05.10 19:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\appleJuice
[2013.05.07 17:40:51 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\EPSON
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.31 14:46:18 | 000,010,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.31 14:46:18 | 000,010,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.31 14:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jup\Desktop\OTL.exe
[2013.05.31 12:52:33 | 000,721,524 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2013.05.31 12:52:33 | 000,700,168 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.05.31 12:52:33 | 000,654,880 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.05.31 12:52:33 | 000,152,446 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2013.05.31 12:52:33 | 000,148,964 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.05.31 12:52:33 | 000,121,752 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.05.31 12:42:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.31 12:42:40 | 2415,357,952 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.30 00:16:15 | 000,001,364 | ---- | M] () -- C:\Users\Jup\Desktop\Free YouTube to MP3 Converter.lnk
[2013.05.29 22:41:25 | 000,001,956 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.05.29 22:41:25 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.05.29 21:43:11 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2013.05.29 18:46:56 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.29 16:16:10 | 000,008,704 | ---- | M] () -- C:\Users\Jup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.20 13:16:35 | 000,007,605 | ---- | M] () -- C:\Users\Jup\AppData\Local\Resmon.ResmonCfg
[2013.05.19 11:21:47 | 000,010,754 | ---- | M] () -- C:\Users\Jup\Documents\IncrediMail exportierte Kontakte (CSV-Format).csv
[2013.05.19 11:06:26 | 000,001,017 | ---- | M] () -- C:\Users\Jup\Desktop\Orbit.lnk
[2013.05.15 16:46:24 | 000,486,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.10 19:25:51 | 000,001,195 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.10 19:12:27 | 000,001,660 | ---- | M] () -- C:\Users\Jup\Desktop\appleJuice Client (Core).lnk
[2013.05.10 19:06:50 | 000,001,980 | ---- | M] () -- C:\Users\Jup\Desktop\appleJuice Client (GUI).lnk
 
========== Files Created - No Company Name ==========
 
[2013.05.29 22:41:25 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.05.29 22:41:25 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.05.29 21:43:11 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2013.05.29 21:40:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2013.05.10 19:25:51 | 000,001,195 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2013.05.10 19:06:50 | 000,001,980 | ---- | C] () -- C:\Users\Jup\Desktop\appleJuice Client (GUI).lnk
[2013.05.10 19:06:46 | 000,001,660 | ---- | C] () -- C:\Users\Jup\Desktop\appleJuice Client (Core).lnk
[2013.05.10 19:03:48 | 000,087,040 | ---- | C] () -- C:\Windows\System32\TrayIcon12.dll
[2013.05.10 19:03:48 | 000,061,952 | ---- | C] () -- C:\Windows\System32\ajnetmask.dll
[2013.04.18 22:27:59 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe
[2013.04.18 19:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013.04.18 19:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013.04.18 19:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013.04.18 19:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013.04.18 19:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013.04.17 16:44:34 | 000,008,704 | ---- | C] () -- C:\Users\Jup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.12 21:17:49 | 000,129,024 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2013.04.12 21:17:04 | 000,037,888 | ---- | C] () -- C:\Windows\System32\AVIwrap.dll
[2013.04.12 21:17:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2013.04.12 21:17:00 | 000,008,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2013.04.12 21:16:59 | 000,077,664 | ---- | C] () -- C:\Windows\System32\IR21_R.DLL
[2013.04.12 21:16:59 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2013.04.12 21:16:58 | 000,180,736 | ---- | C] () -- C:\Windows\System32\vfcodec.dll
[2013.04.12 21:16:57 | 000,202,240 | ---- | C] () -- C:\Windows\System32\XviD.dll
[2013.04.12 21:15:12 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013.04.12 21:15:12 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013.04.12 21:15:12 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013.04.12 19:23:10 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013.04.11 22:31:51 | 000,007,605 | ---- | C] () -- C:\Users\Jup\AppData\Local\Resmon.ResmonCfg
[2013.04.11 21:20:14 | 001,513,984 | ---- | C] () -- C:\Windows\System32\Mgxrdr80.dll
[2013.04.11 21:20:12 | 000,338,944 | ---- | C] () -- C:\Windows\System32\LFFPX7.DLL
[2013.04.11 21:20:12 | 000,118,784 | ---- | C] () -- C:\Windows\System32\LFKODAK.DLL
[2013.04.11 21:19:50 | 000,064,000 | ---- | C] () -- C:\Windows\System32\Ppiv30.dll
[2013.04.11 21:19:50 | 000,000,986 | ---- | C] () -- C:\Windows\Mgxclean.sys
[2013.04.11 21:19:50 | 000,000,100 | ---- | C] () -- C:\Windows\MGXCLEAN.DAT
[2013.04.11 19:10:32 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013.04.11 19:09:42 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013.04.10 20:44:22 | 000,721,524 | ---- | C] () -- C:\Windows\System32\prfh0816.dat
[2013.04.10 20:44:22 | 000,336,656 | ---- | C] () -- C:\Windows\System32\prfi0816.dat
[2013.04.10 20:44:22 | 000,152,446 | ---- | C] () -- C:\Windows\System32\prfc0816.dat
[2013.04.10 20:44:22 | 000,040,548 | ---- | C] () -- C:\Windows\System32\prfd0816.dat
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.04.12 21:51:21 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\Autodesk
[2013.05.30 00:17:22 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\Babylon
[2013.05.30 00:15:51 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\DVDVideoSoft
[2013.04.12 21:35:04 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.05.10 19:26:17 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\elsterformular
[2013.05.07 17:40:51 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\EPSON
[2013.04.12 23:02:09 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\GrabPro
[2013.05.30 00:15:51 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\OpenCandy
[2013.05.29 17:01:09 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\Orbit
[2013.04.12 22:53:27 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\ProgSense
[2013.05.29 22:41:47 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\Samsung
[2013.04.11 22:54:28 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013.04.10 18:38:43 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013.04.12 21:17:49 | 000,000,000 | ---D | M] -- C:\audio
[2013.05.29 23:26:10 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2013.04.10 18:38:28 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.05.29 17:59:42 | 000,000,000 | ---D | M] -- C:\downloads
[2013.04.12 22:29:07 | 000,000,000 | ---D | M] -- C:\Java5_22
[2013.04.12 18:14:38 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.04.11 19:17:22 | 000,000,000 | ---D | M] -- C:\Progi
[2013.05.30 00:35:51 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.05.30 00:23:51 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013.04.10 18:38:28 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.04.10 18:38:28 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.05.31 14:10:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.04.13 18:29:58 | 000,000,000 | ---D | M] -- C:\Tsunami-Filter-Pack
[2013.04.10 19:32:38 | 000,000,000 | R--D | M] -- C:\Users
[2013.05.30 00:17:02 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 06:53:46 | 000,031,372 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2012.07.19 08:12:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2012.07.19 08:12:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Users\All Users\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe
[2012.07.19 08:12:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows\Resources\Themes\Explorer\x64\SMALL\Explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Users\All Users\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe
[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows\Resources\Themes\Explorer\x86\BIG\Explorer.exe
[2012.07.19 08:12:36 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2012.07.19 08:12:36 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Users\All Users\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe
[2012.07.19 08:12:36 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows\Resources\Themes\Explorer\x64\BIG\Explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Users\All Users\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe
[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows\Resources\Themes\Explorer\x86\SMALL\Explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\ProgramData\Microsoft\Windows\SXS\32\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Users\All Users\Microsoft\Windows\SXS\32\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=85AEB26057AAC125EEC1425305F86960 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=1562571D6B1541098E677C3BB78709A0 -- C:\Windows\System32\winlogon.exe
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\ProgramData\Microsoft\Windows\SXS\32\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Users\All Users\Microsoft\Windows\SXS\32\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.06.19 17:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl1.sys
[2013.04.24 19:45:21 | 000,074,848 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klflt.sys
[2013.04.24 19:45:26 | 000,594,528 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klif.sys
[2012.08.02 15:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klim6.sys
[2012.12.14 13:45:34 | 000,025,944 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klkbdflt.sys
[2012.12.14 13:45:34 | 000,025,944 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klmouflt.sys
[2013.04.24 19:45:35 | 000,044,432 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kltdi.sys
[2013.04.24 19:45:35 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kneps.sys
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.05.31 15:34:50 | 002,359,296 | -HS- | M] () -- C:\Users\Jup\NTUSER.DAT
[2013.05.31 15:34:50 | 000,262,144 | -HS- | M] () -- C:\Users\Jup\ntuser.dat.LOG1
[2013.04.10 18:38:32 | 000,000,000 | -HS- | M] () -- C:\Users\Jup\ntuser.dat.LOG2
[2013.04.10 18:56:39 | 000,065,536 | -HS- | M] () -- C:\Users\Jup\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2013.04.10 18:56:39 | 000,524,288 | -HS- | M] () -- C:\Users\Jup\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2013.04.10 18:56:39 | 000,524,288 | -HS- | M] () -- C:\Users\Jup\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2013.04.10 18:38:32 | 000,000,020 | -HS- | M] () -- C:\Users\Jup\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---



Extra.txt
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 31.05.2013 15:22:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jup\Desktop
 Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 60,43% Memory free
6,00 Gb Paging File | 4,70 Gb Available in Paging File | 78,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 216,72 Gb Free Space | 46,54% Space Free | Partition Type: NTFS
Drive D: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: JUP-PC | User Name: Jup | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10C648BE-D6FF-4B19-9CD2-4CB36F107009}" = lport=138 | protocol=17 | dir=in | app=system | 
"{145F7533-138C-431A-8CBD-B224B66EC78E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{298487AF-EF14-4064-9688-569CE42F9943}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2B12C3AF-3A5A-48D6-A275-7D2EBC55E68E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{4A21BB4B-BA81-44A1-8BCE-ACCD1AB04D3F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{715F0689-ACDC-4E4F-AE01-8E44AA58F0E6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{792C7551-8520-4B75-A89A-1DAEA9288073}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7ECA4F0A-1929-4880-A8A3-29B98966BB64}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{81CCCFDA-6F4C-4B2E-BABB-1B5DE51F158C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9BBCF809-39BB-4162-BAED-9E669223EF23}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{A0D6AB44-DAE3-4398-9C30-FE81C4D643A7}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A53C2C7C-0FC4-45A3-97B8-56564E3F7906}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A9947750-FFC9-4D8E-961A-B37B189B3F30}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C4B8DC76-64FC-4269-AC5F-1C3FF32B710B}" = rport=138 | protocol=17 | dir=out | app=system | 
"{CCAABA95-B895-4928-B827-8C184107C9C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D0B6A957-9A45-41F1-BD3C-938C51983CE5}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D9334A36-E5B8-4ACC-94C4-E89F0D10911A}" = rport=445 | protocol=6 | dir=out | app=system | 
"{DE45CF6F-B7D3-478C-A8B4-13D5C62D7DD7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F1E42304-1002-4010-B73E-B4CADD064907}" = lport=445 | protocol=6 | dir=in | app=system | 
"{F5D1E8CC-8FEB-4D1D-B8C9-FCC0533B9E01}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{FD096B16-4356-482C-A37B-9F2A13AE78BD}" = lport=137 | protocol=17 | dir=in | app=system | 
"{FEA30DA6-35D1-41CF-A888-7C6B6F0DDAA9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C9B530-1A90-4E9E-9FC6-E3566A5C61EF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{3598D15D-6092-464A-B57F-AA69627F8730}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{4944C5CE-44D3-4A04-82F5-85377DB6CEF4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{4D3A06C6-4807-4A61-82F6-9E3D5AA3D631}" = protocol=6 | dir=out | app=system | 
"{5636FAA0-54EA-4773-B93A-1C8E6EAA3614}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{69CD783E-D344-4015-84F7-65A49A53B489}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{844D82D8-A320-4A79-AB07-1622897F5BCE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{9A54CE0F-98A1-4CD1-81C9-08812B0C99DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9B2B9FA4-C80C-4089-9164-EF41470BDB8F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{9EFDFE35-4AB2-4B92-BC89-B0FE32311039}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A21D38D4-6490-406D-97A1-0D6D772699F0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{A90A8B1F-6E4A-427F-BB80-53E4ACC4639F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BF09A6C1-11B8-4C70-9DA1-EB907681408F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C7C1C725-8B3D-4FA7-8687-4C44FE5407A2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{CB03793E-ADFD-441B-88EA-3B358AACF113}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{CC97B194-B47F-4377-A53C-4BA24B2A8C04}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D0E6A6A2-34E9-4CAF-8895-C44170DCEB2D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EE489FF7-0560-4EA8-B3F7-3AD982D64FF5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FC215C45-06BE-4257-BF74-D0551B097769}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FE00E67A-CC74-4F00-A3E4-6871FEB11CCD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0EFDE8F4-691D-4CB0-B4C1-0BD63B0907FF}" = IncrediMail
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{31B5B620-CA8A-4F99-A64E-7DDB3D1BBB69}_is1" = appleJuice Client
"{3248F0A8-6813-11D6-A77B-00B0D0150220}" = J2SE Runtime Environment 5.0 Update 22
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{5783F2D7-A028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2012
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2010
"{90140000-0017-0816-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Portuguese (Portugal)) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0816-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0816-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Portugal)) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0816-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Portugal)) 2010
"{90140000-0100-0816-0000-0000000FF1CE}" = Microsoft Office O MUI (Portuguese (Portugal)) 2010
"{90140000-0101-0816-0000-0000000FF1CE}" = Microsoft Office X MUI (Portuguese (Portugal)) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E4D5A41-1051-4F1A-8342-ECB26CA0C86C}" = Autodesk Design Review 2012
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{CD49E43B-88B1-48AD-A3AF-43FAAAB41CB8}" = Autodesk Design Review Browser Add-on v1.2 
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DCFF9230-22DC-40ED-BBCC-0F260B85734C}" = Tsunami-Filter-Pack
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DWG TrueView 2012" = DWG TrueView 2012
"ElsterFormular" = ElsterFormular
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430
"HyperSnap 7" = HyperSnap 7
"IncrediMail" = IncrediMail 2.0
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"IsoBuster_is1" = IsoBuster 2.8
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.1.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Micrografx Picture Publisher 8" = Micrografx Picture Publisher 8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Codec" = Mpeg Layer3 Codec FHG-Radium v1.263
"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.OMUI.pt-pt" = Microsoft Office Language Pack 2010 - Portuguese/Português
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Orbit_is1" = Orbit Downloader
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VLC media player" = VLC media player 2.0.2
"WashAndGo_is1" = WashAndGo
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.05.2013 11:22:43 | Computer Name = Jup-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: orbitdm.exe, Version: 4.1.1.2, Zeitstempel:
 0x5052a17e  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
 0x4ec49b60  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00059da1  ID des fehlerhaften Prozesses:
 0x2590  Startzeit der fehlerhaften Anwendung: 0x01ce524932181b70  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Orbitdownloader\orbitdm.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 73dde7b0-be3c-11e2-a94d-6470021311ea
 
Error - 17.05.2013 08:35:09 | Computer Name = Jup-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: orbitdm.exe, Version: 4.1.1.2, Zeitstempel:
 0x5052a17e  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
 0x4ec49b60  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00059da1  ID des fehlerhaften Prozesses:
 0x2fd4  Startzeit der fehlerhaften Anwendung: 0x01ce52faef8dbbe0  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Orbitdownloader\orbitdm.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 358b6570-beee-11e2-a211-6470021311ea
 
Error - 17.05.2013 08:36:37 | Computer Name = Jup-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: orbitdm.exe, Version: 4.1.1.2, Zeitstempel:
 0x5052a17e  Name des fehlerhaften Moduls: SoftUpdater.dll_unloaded, Version: 0.0.0.0,
 Zeitstempel: 0x5052a233  Ausnahmecode: 0xc0000005  Fehleroffset: 0x1008078a  ID des fehlerhaften
 Prozesses: 0x3770  Startzeit der fehlerhaften Anwendung: 0x01ce52fb042b4a90  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Orbitdownloader\orbitdm.exe  Pfad des fehlerhaften
 Moduls: SoftUpdater.dll  Berichtskennung: 69d97ac4-beee-11e2-a211-6470021311ea
 
Error - 18.05.2013 07:54:05 | Computer Name = Jup-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: orbitdm.exe, Version: 4.1.1.2, Zeitstempel:
 0x5052a17e  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:
 0x4ec49b60  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00059da1  ID des fehlerhaften Prozesses:
 0x4e2c  Startzeit der fehlerhaften Anwendung: 0x01ce53be61d0ab40  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Orbitdownloader\orbitdm.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: a337e684-bfb1-11e2-934a-6470021311ea
 
Error - 22.05.2013 16:42:09 | Computer Name = Jup-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847,
 Zeitstempel: 0x51650aee  Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847,
 Zeitstempel: 0x51650a09  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000b10e8  ID des fehlerhaften
 Prozesses: 0x41e4  Startzeit der fehlerhaften Anwendung: 0x01ce56fc141bf940  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 12524ed0-c320-11e2-b09d-6470021311ea
 
Error - 22.05.2013 16:53:32 | Computer Name = Jup-PC | Source = Application Hang | ID = 1002
Description = Programm OneClick.exe, Version 13.0.3000.133 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 3850    Startzeit: 01ce56fdfb0f6d90    Endzeit: 466    Anwendungspfad:
 C:\Program Files\TuneUp Utilities 2013\OneClick.exe    Berichts-ID: a0a919b1-c321-11e2-b09d-6470021311ea

 
Error - 29.05.2013 13:03:12 | Computer Name = Jup-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879,
 Zeitstempel: 0x518ec3cc  Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879,
 Zeitstempel: 0x518ec306  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001c9789  ID des fehlerhaften
 Prozesses: 0x1890  Startzeit der fehlerhaften Anwendung: 0x01ce5c8c234a4da0  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: a478d980-c881-11e2-9786-6470021311ea
 
Error - 29.05.2013 15:33:14 | Computer Name = Jup-PC | Source = VSS | ID = 8194
Description = 
 
Error - 29.05.2013 16:03:18 | Computer Name = Jup-PC | Source = VSS | ID = 8194
Description = 
 
Error - 30.05.2013 05:29:15 | Computer Name = Jup-PC | Source = Application Hang | ID = 1002
Description = Programm WORDPAD.EXE, Version 6.1.7601.17514 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 22f8    Startzeit: 01ce5d17d9942a00    Endzeit: 47    Anwendungspfad:
 C:\Program Files\Windows NT\Accessories\WORDPAD.EXE    Berichts-ID: 5a9c1d61-c90b-11e2-b343-6470021311ea

 
[ System Events ]
Error - 29.05.2013 17:37:17 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 30.05.2013 03:39:15 | Computer Name = Jup-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?30.?05.?2013 um 00:36:17 unerwartet heruntergefahren.
 
Error - 30.05.2013 03:42:03 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 30.05.2013 03:42:03 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 30.05.2013 04:50:36 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 30.05.2013 04:50:36 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 30.05.2013 05:16:51 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 30.05.2013 05:16:51 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 31.05.2013 06:45:08 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 31.05.2013 06:45:08 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
 
< End of report >
         
--- --- ---
__________________

Alt 31.05.2013, 17:15   #4
markusg
/// Malware-holic
 
delta-search.com - Standard

delta-search.com



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 31.05.2013, 17:46   #5
Louco
 
delta-search.com - Standard

delta-search.com



Hier

18:41:33.0309 3192 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:41:33.0693 3192 ============================================================
18:41:33.0693 3192 Current date / time: 2013/05/31 18:41:33.0693
18:41:33.0693 3192 SystemInfo:
18:41:33.0693 3192
18:41:33.0693 3192 OS Version: 6.1.7601 ServicePack: 1.0
18:41:33.0693 3192 Product type: Workstation
18:41:33.0693 3192 ComputerName: JUP-PC
18:41:33.0693 3192 UserName: Jup
18:41:33.0693 3192 Windows directory: C:\Windows
18:41:33.0693 3192 System windows directory: C:\Windows
18:41:33.0693 3192 Processor architecture: Intel x86
18:41:33.0693 3192 Number of processors: 1
18:41:33.0693 3192 Page size: 0x1000
18:41:33.0693 3192 Boot type: Normal boot
18:41:33.0693 3192 ============================================================
18:41:39.0928 3192 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xCF0156, SectorsPerTrack: 0x4, TracksPerCylinder: 0x12, Type 'K0', Flags 0x00000050
18:41:39.0947 3192 ============================================================
18:41:39.0947 3192 \Device\Harddisk0\DR0:
18:41:39.0948 3192 MBR partitions:
18:41:39.0948 3192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:41:39.0948 3192 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
18:41:39.0948 3192 ============================================================
18:41:39.0988 3192 C: <-> \Device\Harddisk0\DR0\Partition2
18:41:39.0988 3192 ============================================================
18:41:39.0988 3192 Initialize success
18:41:39.0988 3192 ============================================================
18:42:52.0002 13836 ============================================================
18:42:52.0002 13836 Scan started
18:42:52.0002 13836 Mode: Manual; SigCheck; TDLFS;
18:42:52.0002 13836 ============================================================
18:42:52.0442 13836 ================ Scan system memory ========================
18:42:52.0443 13836 System memory - ok
18:42:52.0445 13836 ================ Scan services =============================
18:42:52.0593 13836 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:42:52.0762 13836 1394ohci - ok
18:42:52.0825 13836 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:42:52.0841 13836 ACPI - ok
18:42:52.0881 13836 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:42:52.0980 13836 AcpiPmi - ok
18:42:53.0042 13836 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:42:53.0071 13836 AdobeARMservice - ok
18:42:53.0110 13836 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:42:53.0129 13836 adp94xx - ok
18:42:53.0138 13836 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:42:53.0153 13836 adpahci - ok
18:42:53.0164 13836 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:42:53.0178 13836 adpu320 - ok
18:42:53.0207 13836 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:42:53.0281 13836 AeLookupSvc - ok
18:42:53.0360 13836 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:42:53.0508 13836 AFD - ok
18:42:53.0535 13836 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:42:53.0557 13836 agp440 - ok
18:42:53.0582 13836 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:42:53.0595 13836 aic78xx - ok
18:42:53.0623 13836 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:42:53.0746 13836 ALG - ok
18:42:53.0788 13836 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:42:53.0801 13836 aliide - ok
18:42:53.0830 13836 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:42:53.0842 13836 amdagp - ok
18:42:53.0863 13836 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:42:53.0875 13836 amdide - ok
18:42:53.0894 13836 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:42:53.0998 13836 AmdK8 - ok
18:42:54.0031 13836 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:42:54.0152 13836 AmdPPM - ok
18:42:54.0170 13836 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:42:54.0183 13836 amdsata - ok
18:42:54.0212 13836 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:42:54.0227 13836 amdsbs - ok
18:42:54.0244 13836 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:42:54.0256 13836 amdxata - ok
18:42:54.0290 13836 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:42:54.0353 13836 AppID - ok
18:42:54.0371 13836 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:42:54.0478 13836 AppIDSvc - ok
18:42:54.0534 13836 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
18:42:54.0619 13836 Appinfo - ok
18:42:54.0686 13836 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:42:54.0809 13836 AppMgmt - ok
18:42:54.0816 13836 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:42:54.0828 13836 arc - ok
18:42:54.0844 13836 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:42:54.0857 13836 arcsas - ok
18:42:54.0893 13836 [ B979979AB8027F7F53FB16EC4229B7DB ] ASPI32 C:\Windows\system32\drivers\ASPI32.sys
18:42:54.0977 13836 ASPI32 ( UnsignedFile.Multi.Generic ) - warning
18:42:54.0977 13836 ASPI32 - detected UnsignedFile.Multi.Generic (1)
18:42:55.0036 13836 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:42:55.0047 13836 aspnet_state - ok
18:42:55.0073 13836 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:42:55.0211 13836 AsyncMac - ok
18:42:55.0256 13836 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:42:55.0267 13836 atapi - ok
18:42:55.0318 13836 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:42:55.0422 13836 AudioEndpointBuilder - ok
18:42:55.0440 13836 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:42:55.0472 13836 Audiosrv - ok
18:42:55.0530 13836 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
18:42:55.0574 13836 AVP - ok
18:42:55.0623 13836 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:42:55.0703 13836 AxInstSV - ok
18:42:55.0741 13836 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:42:55.0821 13836 b06bdrv - ok
18:42:55.0837 13836 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:42:55.0904 13836 b57nd60x - ok
18:42:55.0933 13836 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:42:56.0018 13836 BDESVC - ok
18:42:56.0036 13836 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:42:56.0122 13836 Beep - ok
18:42:56.0174 13836 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:42:56.0346 13836 BFE - ok
18:42:56.0376 13836 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:42:56.0437 13836 BITS - ok
18:42:56.0458 13836 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:42:56.0521 13836 blbdrive - ok
18:42:56.0544 13836 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:42:56.0651 13836 bowser - ok
18:42:56.0671 13836 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:42:56.0859 13836 BrFiltLo - ok
18:42:56.0871 13836 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:42:56.0965 13836 BrFiltUp - ok
18:42:56.0993 13836 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:42:57.0095 13836 Browser - ok
18:42:57.0273 13836 [ D9C8DC2D7EC28E3FF25C99EF17C8631A ] BrowserProtect C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
18:42:57.0351 13836 BrowserProtect - ok
18:42:57.0379 13836 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:42:57.0475 13836 Brserid - ok
18:42:57.0489 13836 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:42:57.0574 13836 BrSerWdm - ok
18:42:57.0579 13836 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:42:57.0683 13836 BrUsbMdm - ok
18:42:57.0689 13836 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:42:57.0830 13836 BrUsbSer - ok
18:42:57.0836 13836 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:42:57.0899 13836 BTHMODEM - ok
18:42:57.0938 13836 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:42:58.0027 13836 bthserv - ok
18:42:58.0054 13836 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:42:58.0215 13836 cdfs - ok
18:42:58.0257 13836 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:42:58.0387 13836 cdrom - ok
18:42:58.0426 13836 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:42:58.0501 13836 CertPropSvc - ok
18:42:58.0519 13836 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:42:58.0582 13836 circlass - ok
18:42:58.0603 13836 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:42:58.0618 13836 CLFS - ok
18:42:58.0682 13836 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:42:58.0710 13836 clr_optimization_v2.0.50727_32 - ok
18:42:58.0771 13836 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:42:58.0783 13836 clr_optimization_v4.0.30319_32 - ok
18:42:58.0790 13836 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:42:58.0845 13836 CmBatt - ok
18:42:58.0859 13836 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:42:58.0870 13836 cmdide - ok
18:42:58.0902 13836 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
18:42:58.0932 13836 CNG - ok
18:42:58.0945 13836 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:42:58.0957 13836 Compbatt - ok
18:42:58.0983 13836 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:42:59.0029 13836 CompositeBus - ok
18:42:59.0052 13836 COMSysApp - ok
18:42:59.0064 13836 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:42:59.0107 13836 crcdisk - ok
18:42:59.0146 13836 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:42:59.0205 13836 CryptSvc - ok
18:42:59.0243 13836 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:42:59.0310 13836 CSC - ok
18:42:59.0351 13836 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:42:59.0433 13836 CscService - ok
18:42:59.0461 13836 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:42:59.0554 13836 DcomLaunch - ok
18:42:59.0597 13836 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:42:59.0691 13836 defragsvc - ok
18:42:59.0723 13836 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:42:59.0825 13836 DfsC - ok
18:42:59.0861 13836 [ B575C523F537F24D66D31F8877E6BCAB ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:42:59.0890 13836 dg_ssudbus - ok
18:42:59.0931 13836 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:43:00.0001 13836 Dhcp - ok
18:43:00.0036 13836 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:43:00.0115 13836 discache - ok
18:43:00.0134 13836 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:43:00.0147 13836 Disk - ok
18:43:00.0174 13836 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:43:00.0263 13836 Dnscache - ok
18:43:00.0291 13836 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:43:00.0371 13836 dot3svc - ok
18:43:00.0387 13836 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:43:00.0481 13836 DPS - ok
18:43:00.0541 13836 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:43:00.0604 13836 drmkaud - ok
18:43:00.0691 13836 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:43:00.0730 13836 DXGKrnl - ok
18:43:00.0763 13836 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:43:00.0886 13836 EapHost - ok
18:43:00.0956 13836 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:43:01.0094 13836 ebdrv - ok
18:43:01.0114 13836 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:43:01.0199 13836 EFS - ok
18:43:01.0255 13836 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:43:01.0311 13836 ehRecvr - ok
18:43:01.0351 13836 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:43:01.0431 13836 ehSched - ok
18:43:01.0458 13836 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:43:01.0477 13836 elxstor - ok
18:43:01.0504 13836 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:43:01.0544 13836 ErrDev - ok
18:43:01.0572 13836 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:43:01.0680 13836 EventSystem - ok
18:43:01.0687 13836 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:43:01.0778 13836 exfat - ok
18:43:01.0785 13836 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:43:01.0842 13836 fastfat - ok
18:43:01.0885 13836 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:43:01.0984 13836 Fax - ok
18:43:01.0991 13836 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:43:02.0081 13836 fdc - ok
18:43:02.0102 13836 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:43:02.0168 13836 fdPHost - ok
18:43:02.0190 13836 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:43:02.0233 13836 FDResPub - ok
18:43:02.0248 13836 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:43:02.0261 13836 FileInfo - ok
18:43:02.0279 13836 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:43:02.0386 13836 Filetrace - ok
18:43:02.0393 13836 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:43:02.0449 13836 flpydisk - ok
18:43:02.0457 13836 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:43:02.0472 13836 FltMgr - ok
18:43:02.0512 13836 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
18:43:02.0592 13836 FontCache - ok
18:43:02.0647 13836 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:43:02.0657 13836 FontCache3.0.0.0 - ok
18:43:02.0664 13836 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:43:02.0675 13836 FsDepends - ok
18:43:02.0697 13836 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:43:02.0734 13836 Fs_Rec - ok
18:43:02.0758 13836 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:43:02.0775 13836 fvevol - ok
18:43:02.0796 13836 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:43:02.0809 13836 gagp30kx - ok
18:43:02.0851 13836 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:43:02.0963 13836 gpsvc - ok
18:43:02.0982 13836 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:43:03.0040 13836 hcw85cir - ok
18:43:03.0089 13836 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:43:03.0183 13836 HdAudAddService - ok
18:43:03.0213 13836 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:43:03.0249 13836 HDAudBus - ok
18:43:03.0255 13836 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:43:03.0332 13836 HidBatt - ok
18:43:03.0339 13836 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:43:03.0387 13836 HidBth - ok
18:43:03.0412 13836 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:43:03.0497 13836 HidIr - ok
18:43:03.0516 13836 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:43:03.0599 13836 hidserv - ok
18:43:03.0643 13836 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:43:03.0725 13836 HidUsb - ok
18:43:03.0758 13836 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:43:03.0844 13836 hkmsvc - ok
18:43:03.0862 13836 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:43:03.0935 13836 HomeGroupListener - ok
18:43:03.0960 13836 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:43:04.0066 13836 HomeGroupProvider - ok
18:43:04.0107 13836 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:43:04.0119 13836 HpSAMD - ok
18:43:04.0155 13836 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:43:04.0267 13836 HTTP - ok
18:43:04.0283 13836 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:43:04.0295 13836 hwpolicy - ok
18:43:04.0316 13836 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:43:04.0369 13836 i8042prt - ok
18:43:04.0387 13836 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:43:04.0405 13836 iaStorV - ok
18:43:04.0454 13836 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:43:04.0491 13836 idsvc - ok
18:43:04.0528 13836 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:43:04.0569 13836 iirsp - ok
18:43:04.0593 13836 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:43:04.0702 13836 IKEEXT - ok
18:43:04.0722 13836 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:43:04.0733 13836 intelide - ok
18:43:04.0775 13836 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:43:04.0830 13836 intelppm - ok
18:43:04.0863 13836 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:43:04.0954 13836 IPBusEnum - ok
18:43:04.0961 13836 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:43:05.0073 13836 IpFilterDriver - ok
18:43:05.0103 13836 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:43:05.0180 13836 iphlpsvc - ok
18:43:05.0198 13836 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:43:05.0259 13836 IPMIDRV - ok
18:43:05.0266 13836 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:43:05.0341 13836 IPNAT - ok
18:43:05.0368 13836 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:43:05.0428 13836 IRENUM - ok
18:43:05.0442 13836 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:43:05.0455 13836 isapnp - ok
18:43:05.0473 13836 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:43:05.0489 13836 iScsiPrt - ok
18:43:05.0514 13836 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:43:05.0526 13836 kbdclass - ok
18:43:05.0555 13836 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:43:05.0600 13836 kbdhid - ok
18:43:05.0621 13836 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:43:05.0635 13836 KeyIso - ok
18:43:05.0673 13836 [ EA26CB00F83686856F2C79673C00C686 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
18:43:05.0690 13836 kl1 - ok
18:43:05.0737 13836 [ BE21AC70BB25B9BA0D79AA510D6BBFCB ] KLIF C:\Windows\system32\DRIVERS\klif.sys
18:43:05.0796 13836 KLIF - ok
18:43:05.0811 13836 [ AF127FE7DD5ED2BBC9049FD8A00DEFC2 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
18:43:05.0879 13836 KLIM6 - ok
18:43:05.0899 13836 [ 24AEBAD59D1DE8A7CC36E8F09F999362 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
18:43:05.0935 13836 klkbdflt - ok
18:43:05.0950 13836 [ A58507C2827C3AE1D4CCB2746AAB349F ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
18:43:06.0045 13836 klmouflt - ok
18:43:06.0058 13836 [ E7EFE379B05BB01F13885C5DBE5A4E64 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
18:43:06.0235 13836 kltdi - ok
18:43:06.0248 13836 [ 8F932DF10408BCABA2FCF6163C843F8E ] kneps C:\Windows\system32\DRIVERS\kneps.sys
18:43:06.0341 13836 kneps - ok
18:43:06.0370 13836 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:43:06.0384 13836 KSecDD - ok
18:43:06.0414 13836 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:43:06.0470 13836 KSecPkg - ok
18:43:06.0507 13836 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:43:06.0605 13836 KtmRm - ok
18:43:06.0637 13836 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:43:06.0866 13836 LanmanServer - ok
18:43:06.0900 13836 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:43:07.0005 13836 LanmanWorkstation - ok
18:43:07.0049 13836 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:43:07.0140 13836 lltdio - ok
18:43:07.0169 13836 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:43:07.0259 13836 lltdsvc - ok
18:43:07.0281 13836 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:43:07.0383 13836 lmhosts - ok
18:43:07.0416 13836 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:43:07.0437 13836 LSI_FC - ok
18:43:07.0455 13836 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:43:07.0467 13836 LSI_SAS - ok
18:43:07.0475 13836 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:43:07.0487 13836 LSI_SAS2 - ok
18:43:07.0494 13836 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:43:07.0508 13836 LSI_SCSI - ok
18:43:07.0514 13836 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:43:07.0545 13836 luafv - ok
18:43:07.0561 13836 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:43:07.0630 13836 MBAMProtector - ok
18:43:07.0667 13836 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:43:07.0691 13836 MBAMScheduler - ok
18:43:07.0715 13836 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:43:07.0752 13836 MBAMService - ok
18:43:07.0779 13836 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:43:07.0810 13836 Mcx2Svc - ok
18:43:07.0816 13836 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:43:07.0828 13836 megasas - ok
18:43:07.0853 13836 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:43:07.0868 13836 MegaSR - ok
18:43:07.0891 13836 Microsoft SharePoint Workspace Audit Service - ok
18:43:07.0927 13836 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:43:08.0018 13836 MMCSS - ok
18:43:08.0032 13836 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:43:08.0114 13836 Modem - ok
18:43:08.0136 13836 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:43:08.0203 13836 monitor - ok
18:43:08.0221 13836 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:43:08.0234 13836 mouclass - ok
18:43:08.0242 13836 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:43:08.0339 13836 mouhid - ok
18:43:08.0357 13836 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:43:08.0370 13836 mountmgr - ok
18:43:08.0415 13836 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:43:08.0431 13836 MozillaMaintenance - ok
18:43:08.0465 13836 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:43:08.0479 13836 mpio - ok
18:43:08.0497 13836 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:43:08.0562 13836 mpsdrv - ok
18:43:08.0593 13836 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:43:08.0715 13836 MpsSvc - ok
18:43:08.0739 13836 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:43:08.0811 13836 MRxDAV - ok
18:43:08.0829 13836 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:43:08.0909 13836 mrxsmb - ok
18:43:08.0931 13836 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:43:09.0004 13836 mrxsmb10 - ok
18:43:09.0017 13836 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:43:09.0059 13836 mrxsmb20 - ok
18:43:09.0069 13836 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:43:09.0080 13836 msahci - ok
18:43:09.0095 13836 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:43:09.0109 13836 msdsm - ok
18:43:09.0132 13836 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:43:09.0204 13836 MSDTC - ok
18:43:09.0216 13836 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:43:09.0264 13836 Msfs - ok
18:43:09.0277 13836 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:43:09.0366 13836 mshidkmdf - ok
18:43:09.0387 13836 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:43:09.0398 13836 msisadrv - ok
18:43:09.0437 13836 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:43:09.0519 13836 MSiSCSI - ok
18:43:09.0525 13836 msiserver - ok
18:43:09.0551 13836 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:43:09.0634 13836 MSKSSRV - ok
18:43:09.0640 13836 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:43:09.0686 13836 MSPCLOCK - ok
18:43:09.0692 13836 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:43:09.0755 13836 MSPQM - ok
18:43:09.0779 13836 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:43:09.0793 13836 MsRPC - ok
18:43:09.0807 13836 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:43:09.0831 13836 mssmbios - ok
18:43:09.0839 13836 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:43:09.0875 13836 MSTEE - ok
18:43:09.0894 13836 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:43:09.0971 13836 MTConfig - ok
18:43:09.0996 13836 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
18:43:10.0050 13836 MTsensor - ok
18:43:10.0063 13836 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:43:10.0075 13836 Mup - ok
18:43:10.0103 13836 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:43:10.0183 13836 napagent - ok
18:43:10.0217 13836 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:43:10.0254 13836 NativeWifiP - ok
18:43:10.0297 13836 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:43:10.0335 13836 NDIS - ok
18:43:10.0368 13836 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:43:10.0459 13836 NdisCap - ok
18:43:10.0490 13836 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:43:10.0535 13836 NdisTapi - ok
18:43:10.0578 13836 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:43:10.0665 13836 Ndisuio - ok
18:43:10.0679 13836 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:43:10.0745 13836 NdisWan - ok
18:43:10.0772 13836 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:43:10.0845 13836 NDProxy - ok
18:43:10.0864 13836 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:43:10.0956 13836 NetBIOS - ok
18:43:10.0980 13836 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:43:11.0123 13836 NetBT - ok
18:43:11.0143 13836 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:43:11.0182 13836 Netlogon - ok
18:43:11.0224 13836 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:43:11.0309 13836 Netman - ok
18:43:11.0343 13836 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:43:11.0356 13836 NetMsmqActivator - ok
18:43:11.0362 13836 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:43:11.0391 13836 NetPipeActivator - ok
18:43:11.0414 13836 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:43:11.0483 13836 netprofm - ok
18:43:11.0490 13836 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:43:11.0501 13836 NetTcpActivator - ok
18:43:11.0507 13836 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:43:11.0518 13836 NetTcpPortSharing - ok
18:43:11.0541 13836 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:43:11.0555 13836 nfrd960 - ok
18:43:11.0602 13836 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:43:11.0645 13836 NlaSvc - ok
18:43:11.0652 13836 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:43:11.0741 13836 Npfs - ok
18:43:11.0776 13836 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:43:11.0835 13836 nsi - ok
18:43:11.0841 13836 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:43:11.0883 13836 nsiproxy - ok
18:43:11.0925 13836 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:43:11.0992 13836 Ntfs - ok
18:43:12.0001 13836 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:43:12.0028 13836 Null - ok
18:43:12.0075 13836 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
18:43:12.0114 13836 NVENETFD - ok
18:43:12.0324 13836 [ 0B2E7B39411FAA44EBDA76FB38673964 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:43:12.0611 13836 nvlddmkm - ok
18:43:12.0670 13836 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
18:43:12.0691 13836 NVNET - ok
18:43:12.0719 13836 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:43:12.0732 13836 nvraid - ok
18:43:12.0740 13836 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:43:12.0759 13836 nvstor - ok
18:43:12.0797 13836 [ 439FD6A5A34113388C51C48D0E5092AA ] nvsvc C:\Windows\system32\nvvsvc.exe
18:43:12.0848 13836 nvsvc - ok
18:43:12.0934 13836 [ E3C7676582502C5E4BB9288C3617AB59 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:43:13.0080 13836 nvUpdatusService - ok
18:43:13.0098 13836 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:43:13.0112 13836 nv_agp - ok
18:43:13.0133 13836 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:43:13.0269 13836 ohci1394 - ok
18:43:13.0295 13836 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:43:13.0307 13836 ose - ok
18:43:13.0413 13836 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:43:13.0626 13836 osppsvc - ok
18:43:13.0663 13836 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:43:13.0836 13836 p2pimsvc - ok
18:43:13.0874 13836 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:43:14.0021 13836 p2psvc - ok
18:43:14.0057 13836 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:43:14.0200 13836 Parport - ok
18:43:14.0222 13836 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:43:14.0235 13836 partmgr - ok
18:43:14.0249 13836 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:43:14.0283 13836 Parvdm - ok
18:43:14.0305 13836 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:43:14.0378 13836 PcaSvc - ok
18:43:14.0395 13836 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:43:14.0410 13836 pci - ok
18:43:14.0416 13836 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:43:14.0428 13836 pciide - ok
18:43:14.0450 13836 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:43:14.0477 13836 pcmcia - ok
18:43:14.0484 13836 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:43:14.0495 13836 pcw - ok
18:43:14.0520 13836 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:43:14.0639 13836 PEAUTH - ok
18:43:14.0695 13836 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:43:14.0764 13836 PeerDistSvc - ok
18:43:14.0823 13836 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:43:14.0921 13836 pla - ok
18:43:14.0967 13836 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:43:15.0050 13836 PlugPlay - ok
18:43:15.0073 13836 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:43:15.0210 13836 PNRPAutoReg - ok
18:43:15.0238 13836 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:43:15.0262 13836 PNRPsvc - ok
18:43:15.0285 13836 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:43:15.0382 13836 PolicyAgent - ok
18:43:15.0410 13836 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:43:15.0457 13836 Power - ok
18:43:15.0475 13836 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:43:15.0525 13836 PptpMiniport - ok
18:43:15.0545 13836 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:43:15.0599 13836 Processor - ok
18:43:15.0631 13836 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:43:15.0752 13836 ProfSvc - ok
18:43:15.0781 13836 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:43:15.0846 13836 ProtectedStorage - ok
18:43:15.0862 13836 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:43:15.0939 13836 Psched - ok
18:43:15.0971 13836 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:43:16.0025 13836 ql2300 - ok
18:43:16.0032 13836 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:43:16.0045 13836 ql40xx - ok
18:43:16.0068 13836 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:43:16.0111 13836 QWAVE - ok
18:43:16.0119 13836 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:43:16.0156 13836 QWAVEdrv - ok
18:43:16.0169 13836 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:43:16.0282 13836 RasAcd - ok
18:43:16.0302 13836 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:43:16.0366 13836 RasAgileVpn - ok
18:43:16.0380 13836 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:43:16.0502 13836 RasAuto - ok
18:43:16.0511 13836 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:43:16.0568 13836 Rasl2tp - ok
18:43:16.0607 13836 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:43:16.0688 13836 RasMan - ok
18:43:16.0717 13836 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:43:16.0753 13836 RasPppoe - ok
18:43:16.0760 13836 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:43:16.0817 13836 RasSstp - ok
18:43:16.0850 13836 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:43:16.0937 13836 rdbss - ok
18:43:16.0944 13836 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:43:16.0991 13836 rdpbus - ok
18:43:17.0017 13836 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:43:17.0084 13836 RDPCDD - ok
18:43:17.0115 13836 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:43:17.0189 13836 RDPDR - ok
18:43:17.0210 13836 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:43:17.0288 13836 RDPENCDD - ok
18:43:17.0297 13836 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:43:17.0355 13836 RDPREFMP - ok
18:43:17.0413 13836 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:43:17.0475 13836 RdpVideoMiniport - ok
18:43:17.0516 13836 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:43:17.0598 13836 RDPWD - ok
18:43:17.0622 13836 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:43:17.0637 13836 rdyboost - ok
18:43:17.0661 13836 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:43:17.0710 13836 RemoteAccess - ok
18:43:17.0733 13836 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:43:17.0824 13836 RemoteRegistry - ok
18:43:17.0843 13836 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:43:17.0930 13836 RpcEptMapper - ok
18:43:17.0953 13836 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:43:18.0013 13836 RpcLocator - ok
18:43:18.0033 13836 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:43:18.0083 13836 RpcSs - ok
18:43:18.0096 13836 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:43:18.0172 13836 rspndr - ok
18:43:18.0212 13836 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
18:43:18.0232 13836 RTL8167 - ok
18:43:18.0262 13836 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:43:18.0347 13836 s3cap - ok
18:43:18.0366 13836 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:43:18.0413 13836 SamSs - ok
18:43:18.0445 13836 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:43:18.0458 13836 sbp2port - ok
18:43:18.0467 13836 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:43:18.0519 13836 SCardSvr - ok
18:43:18.0537 13836 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:43:18.0632 13836 scfilter - ok
18:43:18.0691 13836 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:43:18.0785 13836 Schedule - ok
18:43:18.0806 13836 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:43:18.0849 13836 SCPolicySvc - ok
18:43:18.0876 13836 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:43:18.0960 13836 SDRSVC - ok
18:43:18.0986 13836 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:43:19.0044 13836 secdrv - ok
18:43:19.0059 13836 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:43:19.0147 13836 seclogon - ok
18:43:19.0181 13836 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:43:19.0279 13836 SENS - ok
18:43:19.0308 13836 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:43:19.0384 13836 SensrSvc - ok
18:43:19.0404 13836 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:43:19.0452 13836 Serenum - ok
18:43:19.0469 13836 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:43:19.0551 13836 Serial - ok
18:43:19.0579 13836 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:43:19.0631 13836 sermouse - ok
18:43:19.0669 13836 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:43:19.0759 13836 SessionEnv - ok
18:43:19.0785 13836 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:43:19.0827 13836 sffdisk - ok
18:43:19.0839 13836 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:43:20.0000 13836 sffp_mmc - ok
18:43:20.0015 13836 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:43:20.0196 13836 sffp_sd - ok
18:43:20.0218 13836 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:43:20.0312 13836 sfloppy - ok
18:43:20.0341 13836 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:43:20.0501 13836 SharedAccess - ok
18:43:20.0526 13836 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:43:20.0593 13836 ShellHWDetection - ok
18:43:20.0610 13836 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:43:20.0623 13836 sisagp - ok
18:43:20.0651 13836 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:43:20.0703 13836 SiSRaid2 - ok
18:43:20.0710 13836 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:43:20.0724 13836 SiSRaid4 - ok
18:43:20.0737 13836 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:43:20.0787 13836 Smb - ok
18:43:20.0824 13836 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:43:20.0911 13836 SNMPTRAP - ok
18:43:20.0928 13836 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:43:20.0940 13836 spldr - ok
18:43:20.0976 13836 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:43:21.0088 13836 Spooler - ok
18:43:21.0174 13836 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:43:21.0399 13836 sppsvc - ok
18:43:21.0426 13836 [ 761B6D9D80FF93D83E2542AF190E3E24 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:43:21.0501 13836 sppuinotify ( UnsignedFile.Multi.Generic ) - warning
18:43:21.0501 13836 sppuinotify - detected UnsignedFile.Multi.Generic (1)
18:43:21.0521 13836 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:43:21.0609 13836 srv - ok
18:43:21.0637 13836 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:43:21.0722 13836 srv2 - ok
18:43:21.0730 13836 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:43:21.0750 13836 srvnet - ok
18:43:21.0771 13836 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:43:21.0857 13836 SSDPSRV - ok
18:43:21.0875 13836 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:43:21.0933 13836 SstpSvc - ok
18:43:21.0978 13836 [ CA22092117F4F8BA3700B4BF9962444A ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:43:22.0021 13836 ssudmdm - ok
18:43:22.0076 13836 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
18:43:22.0101 13836 StarOpen ( UnsignedFile.Multi.Generic ) - warning
18:43:22.0101 13836 StarOpen - detected UnsignedFile.Multi.Generic (1)
18:43:22.0147 13836 [ 81F177C1954453AF407604160BD149CB ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:43:22.0175 13836 Stereo Service - ok
18:43:22.0199 13836 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:43:22.0211 13836 stexstor - ok
18:43:22.0242 13836 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:43:22.0314 13836 StiSvc - ok
18:43:22.0321 13836 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:43:22.0334 13836 storflt - ok
18:43:22.0357 13836 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
18:43:22.0431 13836 StorSvc - ok
18:43:22.0464 13836 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:43:22.0475 13836 storvsc - ok
18:43:22.0488 13836 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
18:43:22.0500 13836 swenum - ok
18:43:22.0544 13836 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:43:22.0597 13836 swprv - ok
18:43:22.0632 13836 Synth3dVsc - ok
18:43:22.0676 13836 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:43:22.0743 13836 SysMain - ok
18:43:22.0800 13836 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:43:22.0956 13836 TabletInputService - ok
18:43:22.0985 13836 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:43:23.0026 13836 TapiSrv - ok
18:43:23.0043 13836 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:43:23.0077 13836 TBS - ok
18:43:23.0121 13836 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:43:23.0186 13836 Tcpip - ok
18:43:23.0210 13836 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:43:23.0236 13836 TCPIP6 - ok
18:43:23.0268 13836 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:43:23.0347 13836 tcpipreg - ok
18:43:23.0374 13836 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:43:23.0420 13836 TDPIPE - ok
18:43:23.0427 13836 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:43:23.0506 13836 TDTCP - ok
18:43:23.0531 13836 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:43:23.0593 13836 tdx - ok
18:43:23.0608 13836 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:43:23.0621 13836 TermDD - ok
18:43:23.0659 13836 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:43:23.0743 13836 TermService - ok
18:43:23.0763 13836 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:43:23.0829 13836 Themes - ok
18:43:23.0848 13836 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:43:23.0929 13836 THREADORDER - ok
18:43:23.0949 13836 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:43:24.0053 13836 TrkWks - ok
18:43:24.0108 13836 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:43:24.0205 13836 TrustedInstaller - ok
18:43:24.0231 13836 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:43:24.0324 13836 tssecsrv - ok
18:43:24.0382 13836 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:43:24.0408 13836 TsUsbFlt - ok
18:43:24.0415 13836 tsusbhub - ok
18:43:24.0491 13836 [ 3C4FE9B413AC1025EE0E0F3C895B73C9 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
18:43:24.0549 13836 TuneUp.UtilitiesSvc - ok
18:43:24.0592 13836 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
18:43:24.0657 13836 TuneUpUtilitiesDrv - ok
18:43:24.0706 13836 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:43:24.0866 13836 tunnel - ok
18:43:24.0890 13836 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:43:24.0902 13836 uagp35 - ok
18:43:24.0927 13836 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:43:25.0055 13836 udfs - ok
18:43:25.0080 13836 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:43:25.0132 13836 UI0Detect - ok
18:43:25.0150 13836 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:43:25.0162 13836 uliagpkx - ok
18:43:25.0196 13836 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
18:43:25.0269 13836 umbus - ok
18:43:25.0287 13836 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:43:25.0351 13836 UmPass - ok
18:43:25.0385 13836 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:43:25.0487 13836 UmRdpService - ok
18:43:25.0521 13836 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:43:25.0643 13836 upnphost - ok
18:43:25.0659 13836 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:43:25.0725 13836 usbccgp - ok
18:43:25.0761 13836 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:43:25.0832 13836 usbcir - ok
18:43:25.0839 13836 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:43:25.0882 13836 usbehci - ok
18:43:25.0891 13836 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:43:25.0973 13836 usbhub - ok
18:43:25.0981 13836 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:43:26.0050 13836 usbohci - ok
18:43:26.0084 13836 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:43:26.0156 13836 usbprint - ok
18:43:26.0182 13836 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:43:26.0232 13836 usbscan - ok
18:43:26.0246 13836 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:43:26.0323 13836 USBSTOR - ok
18:43:26.0359 13836 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:43:26.0386 13836 usbuhci - ok
18:43:26.0398 13836 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:43:26.0486 13836 UxSms - ok
18:43:26.0525 13836 [ 2FEE0AAA981AC1685319778E647E9000 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
18:43:26.0536 13836 UxTuneUp - ok
18:43:26.0553 13836 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:43:26.0603 13836 VaultSvc - ok
18:43:26.0613 13836 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:43:26.0625 13836 vdrvroot - ok
18:43:26.0652 13836 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:43:26.0776 13836 vds - ok
18:43:26.0794 13836 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:43:26.0871 13836 vga - ok
18:43:26.0901 13836 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:43:27.0028 13836 VgaSave - ok
18:43:27.0050 13836 VGPU - ok
18:43:27.0079 13836 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:43:27.0093 13836 vhdmp - ok
18:43:27.0146 13836 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:43:27.0158 13836 viaagp - ok
18:43:27.0182 13836 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:43:27.0280 13836 ViaC7 - ok
18:43:27.0299 13836 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:43:27.0310 13836 viaide - ok
18:43:27.0331 13836 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:43:27.0349 13836 vmbus - ok
18:43:27.0370 13836 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:43:27.0466 13836 VMBusHID - ok
18:43:27.0473 13836 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:43:27.0486 13836 volmgr - ok
18:43:27.0505 13836 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:43:27.0522 13836 volmgrx - ok
18:43:27.0545 13836 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:43:27.0590 13836 volsnap - ok
18:43:27.0612 13836 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:43:27.0651 13836 vsmraid - ok
18:43:27.0719 13836 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:43:27.0821 13836 VSS - ok
18:43:27.0844 13836 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:43:27.0891 13836 vwifibus - ok
18:43:27.0938 13836 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:43:28.0102 13836 W32Time - ok
18:43:28.0142 13836 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:43:28.0205 13836 WacomPen - ok
18:43:28.0269 13836 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:43:28.0342 13836 WANARP - ok
18:43:28.0349 13836 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:43:28.0416 13836 Wanarpv6 - ok
18:43:28.0485 13836 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:43:28.0700 13836 wbengine - ok
18:43:28.0893 13836 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:43:28.0995 13836 WbioSrvc - ok
18:43:29.0255 13836 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:43:29.0366 13836 wcncsvc - ok
18:43:29.0420 13836 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:43:29.0500 13836 WcsPlugInService - ok
18:43:29.0517 13836 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:43:29.0529 13836 Wd - ok
18:43:29.0565 13836 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:43:29.0592 13836 Wdf01000 - ok
18:43:29.0654 13836 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:43:29.0737 13836 WdiServiceHost - ok
18:43:29.0747 13836 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:43:29.0796 13836 WdiSystemHost - ok
18:43:29.0837 13836 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:43:29.0891 13836 WebClient - ok
18:43:29.0919 13836 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:43:30.0017 13836 Wecsvc - ok
18:43:30.0049 13836 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:43:30.0170 13836 wercplsupport - ok
18:43:30.0194 13836 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:43:30.0264 13836 WerSvc - ok
18:43:30.0321 13836 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:43:30.0390 13836 WfpLwf - ok
18:43:30.0431 13836 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:43:30.0443 13836 WIMMount - ok
18:43:30.0706 13836 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:43:30.0788 13836 WinDefend - ok
18:43:30.0801 13836 WinHttpAutoProxySvc - ok
18:43:30.0886 13836 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:43:30.0990 13836 Winmgmt - ok
18:43:31.0051 13836 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:43:31.0285 13836 WinRM - ok
18:43:31.0503 13836 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:43:31.0670 13836 Wlansvc - ok
18:43:31.0714 13836 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:43:31.0843 13836 WmiAcpi - ok
18:43:31.0880 13836 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:43:31.0923 13836 wmiApSrv - ok
18:43:32.0038 13836 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:43:32.0135 13836 WMPNetworkSvc - ok
18:43:32.0168 13836 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:43:32.0198 13836 WPCSvc - ok
18:43:32.0234 13836 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:43:32.0333 13836 WPDBusEnum - ok
18:43:32.0375 13836 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:43:32.0470 13836 ws2ifsl - ok
18:43:32.0512 13836 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:43:32.0759 13836 wscsvc - ok
18:43:32.0778 13836 WSearch - ok
18:43:33.0357 13836 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:43:33.0428 13836 wuauserv - ok
18:43:33.0504 13836 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:43:33.0537 13836 WudfPf - ok
18:43:33.0567 13836 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:43:33.0680 13836 WUDFRd - ok
18:43:33.0747 13836 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:43:33.0800 13836 wudfsvc - ok
18:43:33.0857 13836 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:43:33.0908 13836 WwanSvc - ok
18:43:33.0937 13836 ================ Scan global ===============================
18:43:33.0973 13836 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:43:34.0031 13836 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:43:34.0041 13836 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:43:34.0080 13836 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:43:34.0156 13836 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:43:34.0171 13836 [Global] - ok
18:43:34.0174 13836 ================ Scan MBR ==================================
18:43:34.0226 13836 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:43:41.0486 13836 \Device\Harddisk0\DR0 - ok
18:43:41.0488 13836 ================ Scan VBR ==================================
18:43:41.0492 13836 [ 141B1B633DB405E447E255D0AE10E9FB ] \Device\Harddisk0\DR0\Partition1
18:43:41.0493 13836 \Device\Harddisk0\DR0\Partition1 - ok
18:43:41.0518 13836 [ 234F1169A687D87A5893F9F6B7D2CD54 ] \Device\Harddisk0\DR0\Partition2
18:43:41.0519 13836 \Device\Harddisk0\DR0\Partition2 - ok
18:43:41.0521 13836 ============================================================
18:43:41.0521 13836 Scan finished
18:43:41.0521 13836 ============================================================
18:43:41.0531 5184 Detected object count: 3
18:43:41.0531 5184 Actual detected object count: 3
18:44:17.0301 5184 ASPI32 ( UnsignedFile.Multi.Generic ) - skipped by user
18:44:17.0301 5184 ASPI32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:44:17.0302 5184 sppuinotify ( UnsignedFile.Multi.Generic ) - skipped by user
18:44:17.0302 5184 sppuinotify ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:44:17.0304 5184 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
18:44:17.0304 5184 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip



Louco


Alt 31.05.2013, 18:19   #6
markusg
/// Malware-holic
 
delta-search.com - Standard

delta-search.com



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> delta-search.com

Alt 01.06.2013, 14:46   #7
Louco
 
delta-search.com - Standard

delta-search.com



So wie du es beschrieben hast ,habe ich es gemacht. Dann kamm dies Schwarzer hintergrund ein blaues fenster wo drin stand das combofix gestartet wird und das scannen etwas weniger als das doppelt von 10 minuten. habe ich auch gemacht und lies den rechner hinruh, nach etwas länger als eine halbe stunde wo sich nichts mehr tat habe ich abgebrochen, von eine
C:\Combofix.tx ist nicht da.

Louco

Zitat:
Zitat von Louco Beitrag anzeigen
So wie du es beschrieben hast ,habe ich es gemacht. Dann kamm dies Schwarzer hintergrund ein blaues fenster wo drin stand das combofix gestartet wird und das scannen etwas weniger als das doppelt von 10 minuten. habe ich auch gemacht und lies den rechner hinruh, nach etwas länger als eine halbe stunde wo sich nichts mehr tat habe ich abgebrochen, von eine
C:\Combofix.tx ist nicht da.

Louco
Der fehler von "neuer Tab anklicke geht er direckt auf delta-search.com" ist immer noch vorhanden.

Louco

Alt 02.06.2013, 12:15   #8
markusg
/// Malware-holic
 
delta-search.com - Standard

delta-search.com



starte neu, wähle via f8 abgesicherter Modus, melde dich in deinem Konto an und lass combofix noch mal laufen, solange Stufen fertig gestelt werden, warte ab.
dann wieder in den normalen Modus und Log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.06.2013, 21:23   #9
Louco
 
delta-search.com - Standard

delta-search.com



Hallo
jetzt hats geklappt
hier

Louco

Alt 03.06.2013, 11:22   #10
markusg
/// Malware-holic
 
delta-search.com - Standard

delta-search.com



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.06.2013, 19:48   #11
Louco
 
delta-search.com - Standard

delta-search.com



Hallo
hier bin ich wieder, es wurde nichts gefunden haber das problem ist immer noch siehe anhang
(Aufnahme25).

Louco
Miniaturansicht angehängter Grafiken
delta-search.com-aufnahme25.jpg  

Alt 03.06.2013, 19:52   #12
markusg
/// Malware-holic
 
delta-search.com - Standard

delta-search.com



Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.06.2013, 20:16   #13
Louco
 
delta-search.com - Standard

delta-search.com



Hallo hier

Louco

Alt 03.06.2013, 20:21   #14
markusg
/// Malware-holic
 
delta-search.com - Standard

delta-search.com



deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:

BrowserProtect
IncrediMail : würde ich durch was sicheres ersetzen wi thunderbird
J2SE
TuneUp : verzcihte auf solchen unsinn, viele Funktionen können dem pc schaden, oder bringen im besten Fall nichts.
öffne ccleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.06.2013, 20:42   #15
Louco
 
delta-search.com - Standard

delta-search.com



Hallo
meinst du das so beim adobe reader, bei javascript

Louco
Miniaturansicht angehängter Grafiken
delta-search.com-aufnahme26.jpg  

Antwort

Themen zu delta-search.com
browser, deinstalliert, direckt, firefox, funktionen, gefunde, hallo zusammen, irgend, klicke, mozilla, mozilla firefox, neuer, ordnung, problem, programme, programme und funktionen, sobald, tab, zusammen



Ähnliche Themen: delta-search.com


  1. babylon search und delta search als startseite im browser
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (9)
  2. Search d.p Engine. Ist das Delta-Search? Wenn nein, egal ich werde es nicht mehr los
    Log-Analyse und Auswertung - 27.01.2014 (11)
  3. Delta Search
    Log-Analyse und Auswertung - 10.08.2013 (20)
  4. Delta Search und Babylon search - Malware durch Freeware, Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 16.07.2013 (37)
  5. Delta Search
    Plagegeister aller Art und deren Bekämpfung - 26.06.2013 (9)
  6. Delta-Search
    Plagegeister aller Art und deren Bekämpfung - 09.05.2013 (10)
  7. Delta Search die 2te
    Log-Analyse und Auswertung - 03.05.2013 (7)
  8. Delta Search
    Plagegeister aller Art und deren Bekämpfung - 20.04.2013 (7)
  9. Delta Search mit Spybot entfernt; Delta Search taucht jedoch in neuen Tab trotzdem auf
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (10)
  10. Delta Search
    Plagegeister aller Art und deren Bekämpfung - 03.04.2013 (6)
  11. Delta Search
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (10)
  12. Delta Search
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (51)
  13. Delta Search
    Plagegeister aller Art und deren Bekämpfung - 22.03.2013 (9)
  14. Delta Search und Babylon Search entfernt - Ist nun alles weg?
    Log-Analyse und Auswertung - 16.03.2013 (18)
  15. Delta Search
    Plagegeister aller Art und deren Bekämpfung - 03.03.2013 (15)
  16. Delta Search Tab
    Plagegeister aller Art und deren Bekämpfung - 21.02.2013 (24)
  17. Delta Search
    Log-Analyse und Auswertung - 21.02.2013 (1)

Zum Thema delta-search.com - Hallo zusammen mein problem ist seit zwei tage da. Problem ist dies sobald ich mein Browser Mozilla Firefox aufmache und ein neuer Tab anklicke geht er direckt auf delta-search.com . - delta-search.com...
Archiv
Du betrachtest: delta-search.com auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.