Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Internet langsam, ganz viel Werbung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.06.2013, 18:20   #1
jenn2009
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



Hallo,

kann mir jemand sagen wieso mein Internet soooooo langsam ist aufeinmal und auf jeder Seite sooo viel unnötige Werbung aufgeht? Bin total genervt...:-(

Alt 16.06.2013, 18:21   #2
markusg
/// Malware-holic
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



hi
du warst doch schon mal hier, also müsstest du doch wissen das wir otl berichte sehen wollen.

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 16.06.2013, 19:39   #3
jenn2009
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



So auf ein neues...
__________________

Alt 16.06.2013, 19:41   #4
jenn2009
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



otl.txt lässt sich nicht hochladen

Alt 17.06.2013, 14:12   #5
markusg
/// Malware-holic
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



otl.txt fehlt
log einfach reinkopieren

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.06.2013, 20:50   #6
jenn2009
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 16.06.2013 20:15:26 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = c:\Users\admin\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,89 Gb Available Physical Memory | 63,14% Memory free
6,22 Gb Paging File | 4,95 Gb Available in Paging File | 79,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 208,32 Gb Free Space | 69,88% Space Free | Partition Type: NTFS
Drive D: | 112,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: ADMIN-PC | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.16 20:12:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\admin\Downloads\OTL.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.15 12:43:34 | 001,430,592 | ---- | M] (1und1 Mail und Media GmbH) -- C:\Programme\GMX MailCheck\IE\GMX_MailCheck_Broker.exe
PRC - [2013.02.05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013.01.27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\NisSrv.exe
PRC - [2013.01.27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\MsMpEng.exe
PRC - [2013.01.27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2009.07.07 03:07:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.04.11 00:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.10.06 19:07:26 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2008.08.26 10:59:54 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
PRC - [2008.08.07 12:55:38 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe
PRC - [2008.01.19 00:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.19 00:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2006.08.12 13:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll
MOD - [2006.08.12 13:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Yontoo\Y2Desktop.Updater.exe C:\Users\admin\AppData\Roaming\Yontoo\YontooDesktop.exe -- (Yontoo Desktop Updater)
SRV - [2013.05.25 08:18:59 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.14 23:31:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.02.05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013.01.27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.01.27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2009.02.26 19:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 00:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\admin\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.01.20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2009.12.17 17:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.07.27 05:24:00 | 007,548,000 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.05.23 18:13:10 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?affID=119357&tt=gc_&babsrc=HP_ss&mntrId=BC0D00216383BFCD
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {711E92F7-BBEB-41F3-8B2F-4D0B22281AF1}
IE - HKCU\..\SearchScopes\{055B8C8A-9C94-48AA-9000-20124FA2AA33}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119357&tt=gc_&babsrc=SP_ss&mntrId=BC0D00216383BFCD
IE - HKCU\..\SearchScopes\{0FD59F66-C1A2-414A-A44B-4A433EFB3911}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{711E92F7-BBEB-41F3-8B2F-4D0B22281AF1}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7MOOI_de
IE - HKCU\..\SearchScopes\{80BBD1D5-773C-4DD0-8E1A-819DEA3F2390}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=9AB5C664-5E9A-4F0C-B58A-ADE3793DEADF&apn_sauid=7916BA47-1F52-4ED2-A7A9-5012D35841D3
IE - HKCU\..\SearchScopes\{A48D3CFD-DFDA-4976-8056-AFFC41E6B7AB}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{C5117C5C-63FF-487E-A2C9-B526D5F7F8D4}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.02
FF - prefs.js..extensions.enabledAddons: amo%40dealplyshopping.com:2.0
FF - prefs.js..extensions.enabledAddons: YTKaraoke%40DacSoft.org:1.114
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@ei.UtilityChest_49.com/Plugin: C:\Program Files\UtilityChest_49EI\Installr\1.bin\NP49EISB.dll (Utility Chest)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\YTKaraoke@DacSoft.org: C:\Program Files\YTKaraoke\FF\ [2013.05.25 07:11:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.03.17 21:56:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions
[2013.05.13 21:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\4i11hfol.default\extensions
[2013.05.13 19:10:11 | 000,000,000 | ---D | M] (DealPly Shopping) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\4i11hfol.default\extensions\amo@dealplyshopping.com
[2013.05.13 19:07:14 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\4i11hfol.default\extensions\plugin@yontoo.com
[2013.05.13 19:28:09 | 000,002,403 | ---- | M] () -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\4i11hfol.default\searchplugins\askcom.xml
[2013.05.13 19:07:03 | 000,006,505 | ---- | M] () -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\4i11hfol.default\searchplugins\babylon.xml
[2013.05.13 19:07:41 | 000,001,294 | ---- | M] () -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\4i11hfol.default\searchplugins\delta.xml
[2013.05.25 08:19:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.25 08:19:02 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.25 07:11:04 | 000,000,000 | ---D | M] ("Tube Karaoke") -- C:\PROGRAM FILES\YTKARAOKE\FF
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www1.delta-search.com/?affID=119357&tt=gc_&babsrc=HP_ss&mntrId=BC0D00216383BFCD
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.23.42079\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.0.0\
CHR - Extension: No name found = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110\
 
O1 HOSTS File: ([2013.03.24 23:01:24 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (GMX MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DealPly) - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Programme\DealPly\DealPlyIE.dll (DealPly)
O2 - BHO: (Tube Karaoke) - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - C:\Programme\YTKaraoke\ytkaraoke.dll (Dacotta SoftEngineering)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (GMX MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (GMX MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\GMX MailCheck\IE\GMX_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B5287FD-1758-45DC-A022-146D4C7ADED6}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE6F29D9-E361-477E-8FEA-51180530B193}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\gmx {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\GMX MailCheck\IE\GMX_MailCheck.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\admin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\admin\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Programme\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: CanonSolutionMenu - hkey= - key= - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
MsConfig - StartUpReg: GameXN GO - hkey= - key= -  File not found
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: Yontoo Desktop - hkey= - key= - C:\Users\admin\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.05 20:43:10 | 000,000,000 | -HSD | C] -- C:\found.000
[2013.05.25 08:18:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.25 07:12:55 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\EDELBERG
[2013.05.25 07:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\YTKaraoke
[2011.07.15 22:48:45 | 001,900,144 | ---- | C] (Badoo) -- C:\Users\admin\badoo.desktop.installer-1.5.3.exe
[2011.02.10 22:50:17 | 001,029,000 | ---- | C] (Skype Technologies S.A.) -- C:\Users\admin\SkypeSetup.exe
[2011.02.05 21:14:26 | 012,734,632 | ---- | C] (ICQ) -- C:\Users\admin\install_icq7.exe
[2011.01.08 23:26:33 | 081,876,264 | ---- | C] (Apple Inc.) -- C:\Users\admin\iTunesSetup.exe
[2010.12.25 11:50:01 | 023,448,640 | ---- | C] (DVDVideoSoft Limited.                                       ) -- C:\Users\admin\FreeYouTubeToMp3Converter31.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.16 20:10:00 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013.06.16 20:03:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.16 19:34:18 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.16 19:30:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.16 18:58:04 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013.06.16 18:38:23 | 000,004,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.16 18:38:23 | 000,004,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.16 18:38:17 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.16 18:37:42 | 3215,577,088 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.16 18:25:02 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.16 18:25:02 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.16 18:25:02 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.16 18:25:02 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.09 14:17:07 | 000,027,839 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013.06.06 09:01:18 | 000,007,592 | ---- | M] () -- C:\Users\admin\AppData\Local\d3d9caps.dat
[2013.05.25 17:38:19 | 000,001,826 | ---- | M] () -- C:\Users\admin\Desktop\Microsoft Security Essentials.lnk
[2013.05.25 17:37:33 | 000,002,127 | ---- | M] () -- C:\Windows\epplauncher.mif
 
========== Files Created - No Company Name ==========
 
[2013.05.25 17:38:19 | 000,001,826 | ---- | C] () -- C:\Users\admin\Desktop\Microsoft Security Essentials.lnk
[2013.05.25 07:11:06 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2011.02.10 22:53:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.02.07 14:13:24 | 000,006,656 | ---- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.28 14:38:31 | 000,007,376 | ---- | C] () -- C:\Users\admin\rechnung_25348857_23280610_8002012461_25012011.pdf
[2011.01.10 08:26:42 | 000,027,839 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011.01.09 21:59:02 | 000,027,839 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.01.08 10:41:19 | 002,677,072 | ---- | C] () -- C:\Users\admin\Elf_1.12.exe
[2010.12.30 19:53:11 | 000,094,110 | ---- | C] () -- C:\Users\admin\L0SCHI_DEZ10_NEU 17.12.2010.pdf
[2010.12.20 20:10:07 | 000,007,592 | ---- | C] () -- C:\Users\admin\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 00:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.04.07 09:38:34 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\1&1 Mail & Media GmbH
[2012.12.25 08:32:51 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Anthropics
[2013.05.13 19:06:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Babylon
[2012.07.02 21:34:19 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2013.05.13 19:10:17 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DealPly
[2013.05.13 19:06:31 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DSite
[2012.10.20 19:57:43 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoft
[2012.10.21 23:59:21 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ICQ
[2013.05.13 19:08:01 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PDF Reader Packages
[2012.12.26 11:30:29 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PhotoScape
[2013.05.13 19:10:19 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\SumatraPDF
[2013.06.09 14:18:27 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Yontoo
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013.03.25 21:52:11 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.12.21 12:58:45 | 000,000,000 | ---D | M] -- C:\Boot
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.12.20 20:08:05 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.06.05 20:43:10 | 000,000,000 | -HSD | M] -- C:\found.000
[2010.12.21 11:29:33 | 000,000,000 | ---D | M] -- C:\Intel
[2011.01.04 09:37:50 | 000,000,000 | R--D | M] -- C:\MSOCache
[2013.03.29 21:24:14 | 000,000,000 | ---D | M] -- C:\output
[2010.12.21 12:23:13 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.05.25 17:33:38 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.05.13 21:55:11 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010.12.20 20:08:05 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.06.16 20:20:14 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.12.20 20:10:05 | 000,000,000 | R--D | M] -- C:\Users
[2013.05.13 22:05:21 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2006.11.02 11:44:49 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2006.11.02 11:44:49 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2006.11.02 11:44:49 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2006.11.02 11:44:49 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.04.11 00:27:18 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2006.11.02 15:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 15:01:49 | 000,032,560 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.25 11:49:00 | 000,001,092 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.12.25 11:49:04 | 000,001,096 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.03.26 19:40:24 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.13 19:06:32 | 000,000,286 | ---- | C] () -- C:\Windows\Tasks\DSite.job
[2013.05.25 07:11:06 | 000,000,350 | ---- | C] () -- C:\Windows\Tasks\Tube Karaoke Update.job
 
< MD5 for: AGP440.SYS  >
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\erdnt\cache\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\erdnt\cache\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\erdnt\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\erdnt\cache\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\erdnt\cache\netlogon.dll
[2009.04.11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 00:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\erdnt\cache\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.04.11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\erdnt\cache\user32.dll
[2008.01.19 00:36:48 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2009.04.11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.18 22:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.18 22:56:50 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2011.07.15 22:48:53 | 001,900,144 | ---- | M] (Badoo) -- C:\Users\admin\badoo.desktop.installer-1.5.3.exe
[2011.01.08 10:41:23 | 002,677,072 | ---- | M] () -- C:\Users\admin\Elf_1.12.exe
[2010.12.25 11:50:23 | 023,448,640 | ---- | M] (DVDVideoSoft Limited.                                       ) -- C:\Users\admin\FreeYouTubeToMp3Converter31.exe
[2011.02.05 21:14:30 | 012,734,632 | ---- | M] (ICQ) -- C:\Users\admin\install_icq7.exe
[2011.01.08 23:26:46 | 081,876,264 | ---- | M] (Apple Inc.) -- C:\Users\admin\iTunesSetup.exe
[2010.12.30 19:53:16 | 000,094,110 | ---- | M] () -- C:\Users\admin\L0SCHI_DEZ10_NEU 17.12.2010.pdf
[2013.06.16 20:30:10 | 002,883,584 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT
[2013.06.16 20:30:10 | 000,262,144 | -H-- | M] () -- C:\Users\admin\ntuser.dat.LOG1
[2012.07.13 15:58:01 | 000,262,144 | -H-- | M] () -- C:\Users\admin\ntuser.dat.LOG2
[2013.06.16 18:36:02 | 000,065,536 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2013.06.16 18:36:02 | 000,524,288 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.12.21 11:33:49 | 000,524,288 | -HS- | M] () -- C:\Users\admin\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.12.20 20:10:06 | 000,000,020 | -HS- | M] () -- C:\Users\admin\ntuser.ini
[2011.01.28 14:38:35 | 000,007,376 | ---- | M] () -- C:\Users\admin\rechnung_25348857_23280610_8002012461_25012011.pdf
[2011.02.10 22:50:33 | 001,029,000 | ---- | M] (Skype Technologies S.A.) -- C:\Users\admin\SkypeSetup.exe
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
========== Files - Unicode (All) ==========
[2013.05.13 19:27:25 | 000,000,000 | ---D | M](C:\ProgramData\??????) -- C:\ProgramData\䄘Ǡ㷀Ǡ捓湡
[2013.05.13 19:27:25 | 000,000,000 | ---D | M](C:\ProgramData\??????) -- C:\ProgramData\䄘Ǡ㷀Ǡ捓湡
(C:\ProgramData\??????) -- C:\ProgramData\䄘Ǡ㷀Ǡ捓湡
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 16 bytes -> C:\Users\admin\Documents\Shareaza Downloads:Shareaza.GUID

< End of report >
         
--- --- ---

Alt 18.06.2013, 11:52   #7
markusg
/// Malware-holic
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.06.2013, 20:40   #8
jenn2009
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



ok hat geklappt...

Alt 18.06.2013, 20:43   #9
markusg
/// Malware-holic
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



log is leer, programm schließen, falls nicht getan und mal log öffnen, gucken obs leer ist, wenn nicht,, posten oder anhängen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.06.2013, 21:16   #10
jenn2009
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



Log ist leer.

Alt 18.06.2013, 21:17   #11
markusg
/// Malware-holic
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



dann büdde noch mal
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.06.2013, 17:52   #12
jenn2009
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



tddskiller.exe

18:41:24.0078 4892 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:41:26.0092 4892 ============================================================
18:41:26.0092 4892 Current date / time: 2013/06/20 18:41:26.0092
18:41:26.0092 4892 SystemInfo:
18:41:26.0092 4892
18:41:26.0092 4892 OS Version: 6.0.6002 ServicePack: 2.0
18:41:26.0092 4892 Product type: Workstation
18:41:26.0092 4892 ComputerName: ADMIN-PC
18:41:26.0092 4892 UserName: admin
18:41:26.0092 4892 Windows directory: C:\Windows
18:41:26.0092 4892 System windows directory: C:\Windows
18:41:26.0092 4892 Processor architecture: Intel x86
18:41:26.0092 4892 Number of processors: 2
18:41:26.0092 4892 Page size: 0x1000
18:41:26.0092 4892 Boot type: Normal boot
18:41:26.0093 4892 ============================================================
18:41:28.0257 4892 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:41:28.0259 4892 ============================================================
18:41:28.0259 4892 \Device\Harddisk0\DR0:
18:41:28.0259 4892 MBR partitions:
18:41:28.0259 4892 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
18:41:28.0259 4892 ============================================================
18:41:28.0272 4892 C: <-> \Device\Harddisk0\DR0\Partition1
18:41:28.0272 4892 ============================================================
18:41:28.0272 4892 Initialize success
18:41:28.0272 4892 ============================================================
18:41:52.0184 0668 ============================================================
18:41:52.0184 0668 Scan started
18:41:52.0184 0668 Mode: Manual; SigCheck; TDLFS;
18:41:52.0184 0668 ============================================================
18:41:53.0138 0668 ================ Scan system memory ========================
18:41:53.0138 0668 System memory - ok
18:41:53.0139 0668 ================ Scan services =============================
18:41:54.0131 0668 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:41:54.0314 0668 ACPI - ok
18:41:54.0607 0668 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:41:54.0646 0668 AdobeARMservice - ok
18:41:54.0718 0668 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:41:54.0738 0668 AdobeFlashPlayerUpdateSvc - ok
18:41:54.0786 0668 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:41:54.0815 0668 adp94xx - ok
18:41:54.0953 0668 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:41:54.0991 0668 adpahci - ok
18:41:55.0024 0668 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:41:55.0045 0668 adpu160m - ok
18:41:55.0099 0668 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:41:55.0145 0668 adpu320 - ok
18:41:55.0181 0668 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:41:55.0308 0668 AeLookupSvc - ok
18:41:55.0419 0668 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
18:41:55.0478 0668 AFD - ok
18:41:55.0535 0668 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:41:55.0569 0668 agp440 - ok
18:41:55.0684 0668 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:41:55.0734 0668 aic78xx - ok
18:41:55.0824 0668 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
18:41:55.0947 0668 ALG - ok
18:41:55.0974 0668 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
18:41:56.0022 0668 aliide - ok
18:41:56.0146 0668 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:41:56.0217 0668 amdagp - ok
18:41:56.0263 0668 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
18:41:56.0304 0668 amdide - ok
18:41:56.0337 0668 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:41:56.0525 0668 AmdK7 - ok
18:41:56.0556 0668 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:41:56.0615 0668 AmdK8 - ok
18:41:56.0682 0668 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
18:41:56.0741 0668 Appinfo - ok
18:41:56.0872 0668 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:41:56.0884 0668 Apple Mobile Device - ok
18:41:56.0940 0668 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
18:41:56.0957 0668 arc - ok
18:41:56.0972 0668 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:41:56.0986 0668 arcsas - ok
18:41:57.0027 0668 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:41:57.0066 0668 AsyncMac - ok
18:41:57.0138 0668 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
18:41:57.0152 0668 atapi - ok
18:41:57.0331 0668 [ F32FEE7CB2EE32C1F808409BC8019701 ] athr C:\Windows\system32\DRIVERS\athr.sys
18:41:57.0431 0668 athr - ok
18:41:57.0556 0668 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:41:57.0620 0668 AudioEndpointBuilder - ok
18:41:57.0629 0668 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:41:57.0658 0668 Audiosrv - ok
18:41:57.0702 0668 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
18:41:57.0748 0668 Beep - ok
18:41:57.0902 0668 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
18:41:57.0975 0668 BFE - ok
18:41:58.0048 0668 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
18:41:58.0201 0668 BITS - ok
18:41:58.0210 0668 blbdrive - ok
18:41:58.0272 0668 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:41:58.0369 0668 bowser - ok
18:41:58.0421 0668 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:41:58.0497 0668 BrFiltLo - ok
18:41:58.0516 0668 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:41:58.0591 0668 BrFiltUp - ok
18:41:58.0617 0668 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
18:41:58.0676 0668 Browser - ok
18:41:58.0719 0668 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:41:58.0795 0668 Brserid - ok
18:41:58.0834 0668 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:41:58.0920 0668 BrSerWdm - ok
18:41:58.0937 0668 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:41:59.0029 0668 BrUsbMdm - ok
18:41:59.0058 0668 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:41:59.0119 0668 BrUsbSer - ok
18:41:59.0157 0668 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:41:59.0210 0668 BTHMODEM - ok
18:41:59.0446 0668 catchme - ok
18:41:59.0523 0668 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:41:59.0596 0668 cdfs - ok
18:41:59.0689 0668 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:41:59.0734 0668 cdrom - ok
18:41:59.0799 0668 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
18:41:59.0847 0668 CertPropSvc - ok
18:41:59.0896 0668 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
18:41:59.0962 0668 circlass - ok
18:42:00.0041 0668 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
18:42:00.0069 0668 CLFS - ok
18:42:00.0193 0668 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:42:00.0221 0668 clr_optimization_v2.0.50727_32 - ok
18:42:00.0362 0668 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:42:00.0403 0668 clr_optimization_v4.0.30319_32 - ok
18:42:00.0454 0668 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:42:00.0545 0668 CmBatt - ok
18:42:00.0579 0668 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:42:00.0602 0668 cmdide - ok
18:42:00.0668 0668 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:42:00.0701 0668 Compbatt - ok
18:42:00.0709 0668 COMSysApp - ok
18:42:00.0724 0668 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:42:00.0750 0668 crcdisk - ok
18:42:00.0794 0668 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:42:00.0876 0668 Crusoe - ok
18:42:00.0927 0668 [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:42:00.0989 0668 CryptSvc - ok
18:42:01.0039 0668 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:42:01.0091 0668 DcomLaunch - ok
18:42:01.0167 0668 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:42:01.0231 0668 DfsC - ok
18:42:01.0294 0668 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
18:42:01.0482 0668 DFSR - ok
18:42:01.0541 0668 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:42:01.0568 0668 Dhcp - ok
18:42:01.0637 0668 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
18:42:01.0664 0668 disk - ok
18:42:01.0711 0668 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:42:01.0788 0668 Dnscache - ok
18:42:01.0828 0668 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:42:01.0908 0668 dot3svc - ok
18:42:01.0952 0668 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
18:42:02.0041 0668 DPS - ok
18:42:02.0078 0668 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:42:02.0127 0668 drmkaud - ok
18:42:02.0280 0668 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:42:02.0344 0668 DXGKrnl - ok
18:42:02.0386 0668 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:42:02.0498 0668 E1G60 - ok
18:42:02.0529 0668 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
18:42:02.0571 0668 EapHost - ok
18:42:02.0637 0668 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
18:42:02.0670 0668 Ecache - ok
18:42:02.0748 0668 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:42:02.0787 0668 ehRecvr - ok
18:42:02.0811 0668 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
18:42:02.0892 0668 ehSched - ok
18:42:02.0905 0668 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
18:42:02.0942 0668 ehstart - ok
18:42:03.0048 0668 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:42:03.0082 0668 elxstor - ok
18:42:03.0146 0668 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:42:03.0277 0668 EMDMgmt - ok
18:42:03.0391 0668 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
18:42:03.0466 0668 EventSystem - ok
18:42:03.0509 0668 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
18:42:03.0758 0668 exfat - ok
18:42:03.0848 0668 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:42:03.0900 0668 fastfat - ok
18:42:03.0948 0668 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:42:04.0034 0668 fdc - ok
18:42:04.0072 0668 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
18:42:04.0103 0668 fdPHost - ok
18:42:04.0177 0668 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
18:42:04.0230 0668 FDResPub - ok
18:42:04.0268 0668 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:42:04.0301 0668 FileInfo - ok
18:42:04.0323 0668 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:42:04.0354 0668 Filetrace - ok
18:42:04.0409 0668 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:42:04.0489 0668 flpydisk - ok
18:42:04.0605 0668 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:42:04.0647 0668 FltMgr - ok
18:42:04.0844 0668 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
18:42:04.0917 0668 FontCache - ok
18:42:05.0079 0668 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:42:05.0119 0668 FontCache3.0.0.0 - ok
18:42:05.0177 0668 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:42:05.0244 0668 Fs_Rec - ok
18:42:05.0278 0668 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:42:05.0322 0668 gagp30kx - ok
18:42:05.0415 0668 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
18:42:05.0493 0668 gpsvc - ok
18:42:05.0632 0668 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:42:05.0662 0668 gupdate - ok
18:42:05.0695 0668 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:42:05.0716 0668 gupdatem - ok
18:42:05.0802 0668 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:42:05.0846 0668 gusvc - ok
18:42:05.0923 0668 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:42:06.0019 0668 HdAudAddService - ok
18:42:06.0217 0668 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:42:06.0347 0668 HDAudBus - ok
18:42:06.0415 0668 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:42:06.0573 0668 HidBth - ok
18:42:06.0590 0668 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:42:06.0673 0668 HidIr - ok
18:42:06.0702 0668 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
18:42:06.0718 0668 hidserv - ok
18:42:06.0743 0668 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:42:06.0810 0668 HidUsb - ok
18:42:06.0859 0668 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:42:06.0918 0668 hkmsvc - ok
18:42:06.0939 0668 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:42:06.0969 0668 HpCISSs - ok
18:42:07.0007 0668 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:42:07.0062 0668 HTTP - ok
18:42:07.0097 0668 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:42:07.0112 0668 i2omp - ok
18:42:07.0218 0668 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:42:07.0280 0668 i8042prt - ok
18:42:07.0347 0668 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:42:07.0376 0668 iaStorV - ok
18:42:07.0474 0668 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:42:07.0526 0668 idsvc - ok
18:42:07.0559 0668 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:42:07.0597 0668 iirsp - ok
18:42:07.0629 0668 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
18:42:07.0677 0668 IKEEXT - ok
18:42:07.0727 0668 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
18:42:07.0761 0668 intelide - ok
18:42:07.0800 0668 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:42:07.0851 0668 intelppm - ok
18:42:07.0905 0668 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:42:07.0982 0668 IPBusEnum - ok
18:42:08.0029 0668 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:42:08.0068 0668 IpFilterDriver - ok
18:42:08.0106 0668 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:42:08.0158 0668 iphlpsvc - ok
18:42:08.0166 0668 IpInIp - ok
18:42:08.0218 0668 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:42:08.0295 0668 IPMIDRV - ok
18:42:08.0351 0668 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:42:08.0399 0668 IPNAT - ok
18:42:08.0420 0668 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:42:08.0493 0668 IRENUM - ok
18:42:08.0542 0668 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:42:08.0561 0668 isapnp - ok
18:42:08.0600 0668 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:42:08.0637 0668 iScsiPrt - ok
18:42:08.0660 0668 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:42:08.0678 0668 iteatapi - ok
18:42:08.0697 0668 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:42:08.0717 0668 iteraid - ok
18:42:08.0752 0668 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:42:08.0773 0668 kbdclass - ok
18:42:08.0796 0668 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:42:08.0862 0668 kbdhid - ok
18:42:08.0897 0668 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
18:42:08.0943 0668 KeyIso - ok
18:42:09.0009 0668 [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys
18:42:09.0061 0668 KMDFMEMIO - ok
18:42:09.0219 0668 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:42:09.0279 0668 KSecDD - ok
18:42:09.0332 0668 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:42:09.0479 0668 KtmRm - ok
18:42:09.0519 0668 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
18:42:09.0593 0668 LanmanServer - ok
18:42:09.0648 0668 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:42:09.0703 0668 LanmanWorkstation - ok
18:42:09.0732 0668 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:42:09.0823 0668 lltdio - ok
18:42:09.0889 0668 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:42:09.0982 0668 lltdsvc - ok
18:42:10.0008 0668 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:42:10.0099 0668 lmhosts - ok
18:42:10.0185 0668 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:42:10.0216 0668 LSI_FC - ok
18:42:10.0237 0668 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:42:10.0263 0668 LSI_SAS - ok
18:42:10.0286 0668 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:42:10.0312 0668 LSI_SCSI - ok
18:42:10.0382 0668 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
18:42:10.0463 0668 luafv - ok
18:42:10.0512 0668 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:42:10.0549 0668 MBAMProtector - ok
18:42:10.0620 0668 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:42:10.0671 0668 MBAMScheduler - ok
18:42:10.0703 0668 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:42:10.0760 0668 MBAMService - ok
18:42:10.0840 0668 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
18:42:10.0870 0668 McComponentHostService - ok
18:42:10.0910 0668 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:42:10.0986 0668 Mcx2Svc - ok
18:42:11.0036 0668 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
18:42:11.0061 0668 megasas - ok
18:42:11.0218 0668 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:42:11.0250 0668 Microsoft Office Groove Audit Service - ok
18:42:11.0317 0668 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
18:42:11.0381 0668 MMCSS - ok
18:42:11.0406 0668 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
18:42:11.0476 0668 Modem - ok
18:42:11.0512 0668 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:42:11.0574 0668 monitor - ok
18:42:11.0643 0668 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:42:11.0731 0668 mouclass - ok
18:42:11.0796 0668 [ A3A6DFF7E9E757DB3DF51A833BC28885 ] mouhid C:\Windows\system32\drivers\mouhid.sys
18:42:11.0882 0668 mouhid - ok
18:42:11.0940 0668 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:42:11.0967 0668 MountMgr - ok
18:42:12.0003 0668 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:42:12.0040 0668 MozillaMaintenance - ok
18:42:12.0147 0668 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:42:12.0216 0668 MpFilter - ok
18:42:12.0240 0668 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
18:42:12.0292 0668 mpio - ok
18:42:12.0591 0668 [ A69630D039C38018689190234F866D77 ] MpKsl386c368f c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A1E68CB-B282-484C-9AB5-5B872295272E}\MpKsl386c368f.sys
18:42:12.0612 0668 MpKsl386c368f - ok
18:42:12.0680 0668 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:42:12.0721 0668 mpsdrv - ok
18:42:12.0808 0668 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:42:12.0890 0668 MpsSvc - ok
18:42:12.0992 0668 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:42:13.0034 0668 Mraid35x - ok
18:42:13.0075 0668 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:42:13.0138 0668 MRxDAV - ok
18:42:13.0207 0668 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:42:13.0280 0668 mrxsmb - ok
18:42:13.0318 0668 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:42:13.0355 0668 mrxsmb10 - ok
18:42:13.0373 0668 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:42:13.0402 0668 mrxsmb20 - ok
18:42:13.0457 0668 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
18:42:13.0503 0668 msahci - ok
18:42:13.0529 0668 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:42:13.0556 0668 msdsm - ok
18:42:13.0613 0668 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
18:42:13.0684 0668 MSDTC - ok
18:42:13.0730 0668 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:42:13.0780 0668 Msfs - ok
18:42:13.0813 0668 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:42:13.0839 0668 msisadrv - ok
18:42:13.0926 0668 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:42:13.0984 0668 MSiSCSI - ok
18:42:13.0991 0668 msiserver - ok
18:42:14.0032 0668 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:42:14.0083 0668 MSKSSRV - ok
18:42:14.0206 0668 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:42:14.0238 0668 MsMpSvc - ok
18:42:14.0285 0668 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:42:14.0345 0668 MSPCLOCK - ok
18:42:14.0378 0668 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:42:14.0468 0668 MSPQM - ok
18:42:14.0578 0668 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:42:14.0625 0668 MsRPC - ok
18:42:14.0713 0668 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:42:14.0767 0668 mssmbios - ok
18:42:14.0820 0668 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:42:14.0885 0668 MSTEE - ok
18:42:14.0969 0668 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
18:42:15.0022 0668 Mup - ok
18:42:15.0179 0668 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
18:42:15.0243 0668 napagent - ok
18:42:15.0281 0668 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:42:15.0359 0668 NativeWifiP - ok
18:42:15.0410 0668 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:42:15.0458 0668 NDIS - ok
18:42:15.0499 0668 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:42:15.0549 0668 NdisTapi - ok
18:42:15.0561 0668 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:42:15.0596 0668 Ndisuio - ok
18:42:15.0616 0668 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:42:15.0660 0668 NdisWan - ok
18:42:15.0688 0668 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:42:15.0714 0668 NDProxy - ok
18:42:15.0732 0668 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:42:15.0779 0668 NetBIOS - ok
18:42:15.0926 0668 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:42:15.0970 0668 netbt - ok
18:42:16.0008 0668 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
18:42:16.0025 0668 Netlogon - ok
18:42:16.0103 0668 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
18:42:16.0165 0668 Netman - ok
18:42:16.0210 0668 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
18:42:16.0265 0668 netprofm - ok
18:42:16.0308 0668 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:42:16.0336 0668 NetTcpPortSharing - ok
18:42:16.0376 0668 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:42:16.0396 0668 nfrd960 - ok
18:42:16.0435 0668 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:42:16.0479 0668 NisDrv - ok
18:42:16.0528 0668 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:42:16.0559 0668 NisSrv - ok
18:42:16.0603 0668 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:42:16.0678 0668 NlaSvc - ok
18:42:16.0721 0668 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:42:16.0812 0668 Npfs - ok
18:42:16.0898 0668 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
18:42:16.0999 0668 nsi - ok
18:42:17.0061 0668 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:42:17.0155 0668 nsiproxy - ok
18:42:17.0291 0668 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:42:17.0373 0668 Ntfs - ok
18:42:17.0436 0668 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:42:17.0535 0668 ntrigdigi - ok
18:42:17.0595 0668 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
18:42:17.0636 0668 Null - ok
18:42:18.0238 0668 [ C526B4A24EF951EF219C3BFA1534B152 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:42:18.0706 0668 nvlddmkm - ok
18:42:18.0780 0668 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:42:18.0814 0668 nvraid - ok
18:42:18.0845 0668 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:42:18.0889 0668 nvstor - ok
18:42:18.0979 0668 [ DF6315CE4FF30F706ABF3802D7749E70 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:42:19.0034 0668 nvsvc - ok
18:42:19.0070 0668 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:42:19.0113 0668 nv_agp - ok
18:42:19.0120 0668 NwlnkFlt - ok
18:42:19.0131 0668 NwlnkFwd - ok
18:42:19.0226 0668 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:42:19.0265 0668 odserv - ok
18:42:19.0320 0668 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:42:19.0431 0668 ohci1394 - ok
18:42:19.0504 0668 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:42:19.0530 0668 ose - ok
18:42:19.0586 0668 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:42:19.0676 0668 p2pimsvc - ok
18:42:19.0695 0668 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
18:42:19.0741 0668 p2psvc - ok
18:42:19.0792 0668 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
18:42:19.0846 0668 Parport - ok
18:42:19.0909 0668 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:42:19.0946 0668 partmgr - ok
18:42:19.0968 0668 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:42:20.0024 0668 Parvdm - ok
18:42:20.0071 0668 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
18:42:20.0140 0668 PcaSvc - ok
18:42:20.0159 0668 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
18:42:20.0178 0668 pci - ok
18:42:20.0187 0668 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
18:42:20.0204 0668 pciide - ok
18:42:20.0251 0668 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:42:20.0270 0668 pcmcia - ok
18:42:20.0468 0668 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:42:20.0609 0668 PEAUTH - ok
18:42:20.0946 0668 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
18:42:21.0069 0668 pla - ok
18:42:21.0174 0668 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:42:21.0253 0668 PlugPlay - ok
18:42:21.0519 0668 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:42:21.0589 0668 PNRPAutoReg - ok
18:42:21.0975 0668 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:42:22.0303 0668 PNRPsvc - ok
18:42:23.0011 0668 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:42:23.0135 0668 PolicyAgent - ok
18:42:23.0226 0668 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:42:23.0281 0668 PptpMiniport - ok
18:42:23.0333 0668 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
18:42:23.0453 0668 Processor - ok
18:42:23.0588 0668 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
18:42:23.0681 0668 ProfSvc - ok
18:42:23.0696 0668 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:42:23.0711 0668 ProtectedStorage - ok
18:42:23.0756 0668 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:42:23.0802 0668 PSched - ok
18:42:23.0838 0668 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:42:23.0907 0668 ql2300 - ok
18:42:23.0981 0668 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:42:24.0019 0668 ql40xx - ok
18:42:24.0052 0668 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
18:42:24.0085 0668 QWAVE - ok
18:42:24.0117 0668 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:42:24.0131 0668 QWAVEdrv - ok
18:42:24.0202 0668 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:42:24.0228 0668 RasAcd - ok
18:42:24.0292 0668 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
18:42:24.0368 0668 RasAuto - ok
18:42:24.0399 0668 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:42:24.0442 0668 Rasl2tp - ok
18:42:24.0542 0668 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
18:42:24.0617 0668 RasMan - ok
18:42:24.0647 0668 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:42:24.0716 0668 RasPppoe - ok
18:42:24.0726 0668 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:42:24.0776 0668 RasSstp - ok
18:42:24.0878 0668 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:42:24.0945 0668 rdbss - ok
18:42:24.0978 0668 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:42:25.0033 0668 RDPCDD - ok
18:42:25.0132 0668 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:42:25.0232 0668 rdpdr - ok
18:42:25.0289 0668 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:42:25.0365 0668 RDPENCDD - ok
18:42:25.0417 0668 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:42:25.0453 0668 RDPWD - ok
18:42:25.0505 0668 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:42:25.0589 0668 RemoteAccess - ok
18:42:25.0641 0668 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:42:25.0710 0668 RemoteRegistry - ok
18:42:25.0754 0668 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
18:42:25.0840 0668 RpcLocator - ok
18:42:25.0862 0668 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
18:42:25.0920 0668 RpcSs - ok
18:42:25.0968 0668 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:42:26.0087 0668 rspndr - ok
18:42:26.0118 0668 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
18:42:26.0147 0668 SamSs - ok
18:42:26.0212 0668 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:42:26.0245 0668 sbp2port - ok
18:42:26.0279 0668 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:42:26.0339 0668 SCardSvr - ok
18:42:26.0505 0668 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
18:42:26.0585 0668 Schedule - ok
18:42:26.0598 0668 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:42:26.0619 0668 SCPolicySvc - ok
18:42:26.0663 0668 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:42:26.0693 0668 SDRSVC - ok
18:42:26.0713 0668 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:42:26.0774 0668 secdrv - ok
18:42:26.0855 0668 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
18:42:26.0908 0668 seclogon - ok
18:42:26.0985 0668 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
18:42:27.0071 0668 SENS - ok
18:42:27.0092 0668 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:42:27.0167 0668 Serenum - ok
18:42:27.0218 0668 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
18:42:27.0311 0668 Serial - ok
18:42:27.0365 0668 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:42:27.0402 0668 sermouse - ok
18:42:27.0445 0668 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
18:42:27.0511 0668 SessionEnv - ok
18:42:27.0560 0668 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:42:27.0644 0668 sffdisk - ok
18:42:27.0672 0668 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:42:27.0753 0668 sffp_mmc - ok
18:42:27.0774 0668 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:42:27.0887 0668 sffp_sd - ok
18:42:27.0905 0668 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:42:28.0011 0668 sfloppy - ok
18:42:28.0074 0668 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:42:28.0136 0668 SharedAccess - ok
18:42:28.0243 0668 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:42:28.0318 0668 ShellHWDetection - ok
18:42:28.0361 0668 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:42:28.0387 0668 sisagp - ok
18:42:28.0435 0668 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:42:28.0459 0668 SiSRaid2 - ok
18:42:28.0480 0668 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:42:28.0505 0668 SiSRaid4 - ok
18:42:29.0062 0668 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
18:42:29.0322 0668 slsvc - ok
18:42:29.0389 0668 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:42:29.0437 0668 SLUINotify - ok
18:42:29.0449 0668 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:42:29.0507 0668 Smb - ok
18:42:29.0583 0668 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:42:29.0613 0668 SNMPTRAP - ok
18:42:29.0685 0668 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
18:42:29.0737 0668 spldr - ok
18:42:29.0788 0668 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
18:42:29.0862 0668 Spooler - ok
18:42:29.0976 0668 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:42:30.0021 0668 srv - ok
18:42:30.0085 0668 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:42:30.0141 0668 srv2 - ok
18:42:30.0208 0668 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:42:30.0247 0668 srvnet - ok
18:42:30.0273 0668 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:42:30.0329 0668 SSDPSRV - ok
18:42:30.0393 0668 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:42:30.0442 0668 SstpSvc - ok
18:42:30.0663 0668 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
18:42:30.0712 0668 stisvc - ok
18:42:30.0776 0668 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:42:30.0796 0668 swenum - ok
18:42:30.0950 0668 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
18:42:31.0031 0668 swprv - ok
18:42:31.0097 0668 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:42:31.0129 0668 Symc8xx - ok
18:42:31.0156 0668 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:42:31.0180 0668 Sym_hi - ok
18:42:31.0252 0668 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:42:31.0277 0668 Sym_u3 - ok
18:42:31.0336 0668 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
18:42:31.0404 0668 SysMain - ok
18:42:31.0486 0668 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:42:31.0555 0668 TabletInputService - ok
18:42:31.0611 0668 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:42:31.0665 0668 TapiSrv - ok
18:42:31.0720 0668 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
18:42:31.0810 0668 TBS - ok
18:42:31.0982 0668 [ 078218D74C4EFC2CE7E4C6DF22A94F2F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:42:32.0051 0668 Tcpip - ok
18:42:32.0112 0668 [ 078218D74C4EFC2CE7E4C6DF22A94F2F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:42:32.0214 0668 Tcpip6 - ok
18:42:32.0296 0668 [ 4C11A1820DDC37FA653913AD680ACCAE ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:42:32.0358 0668 tcpipreg - ok
18:42:32.0434 0668 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:42:32.0492 0668 TDPIPE - ok
18:42:32.0520 0668 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:42:32.0589 0668 TDTCP - ok
18:42:32.0624 0668 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:42:32.0705 0668 tdx - ok
18:42:32.0738 0668 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:42:32.0784 0668 TermDD - ok
18:42:32.0849 0668 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
18:42:32.0991 0668 TermService - ok
18:42:33.0065 0668 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
18:42:33.0099 0668 Themes - ok
18:42:33.0115 0668 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
18:42:33.0168 0668 THREADORDER - ok
18:42:33.0258 0668 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
18:42:33.0313 0668 TrkWks - ok
18:42:33.0447 0668 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:42:33.0510 0668 TrustedInstaller - ok
18:42:33.0554 0668 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:42:33.0613 0668 tssecsrv - ok
18:42:33.0677 0668 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:42:33.0732 0668 tunmp - ok
18:42:33.0786 0668 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:42:33.0813 0668 tunnel - ok
18:42:33.0875 0668 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:42:33.0909 0668 uagp35 - ok
18:42:33.0981 0668 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:42:34.0083 0668 udfs - ok
18:42:34.0172 0668 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:42:34.0226 0668 UI0Detect - ok
18:42:34.0300 0668 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:42:34.0340 0668 uliagpkx - ok
18:42:34.0388 0668 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:42:34.0420 0668 uliahci - ok
18:42:34.0448 0668 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:42:34.0475 0668 UlSata - ok
18:42:34.0496 0668 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:42:34.0524 0668 ulsata2 - ok
18:42:34.0562 0668 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:42:34.0637 0668 umbus - ok
18:42:34.0697 0668 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
18:42:34.0758 0668 upnphost - ok
18:42:34.0821 0668 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
18:42:34.0889 0668 USBAAPL - ok
18:42:34.0924 0668 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:42:34.0985 0668 usbccgp - ok
18:42:35.0027 0668 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:42:35.0116 0668 usbcir - ok
18:42:35.0149 0668 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:42:35.0229 0668 usbehci - ok
18:42:35.0277 0668 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:42:35.0346 0668 usbhub - ok
18:42:35.0408 0668 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:42:35.0534 0668 usbohci - ok
18:42:35.0601 0668 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:42:35.0675 0668 usbprint - ok
18:42:35.0723 0668 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:42:35.0776 0668 USBSTOR - ok
18:42:35.0819 0668 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:42:35.0903 0668 usbuhci - ok
18:42:35.0967 0668 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:42:36.0028 0668 usbvideo - ok
18:42:36.0146 0668 [ 622FCF264119F7DF127BE353F796B319 ] UtilityChest_49Service C:\PROGRA~1\UTILIT~2\bar\1.bin\49barsvc.exe
18:42:36.0191 0668 UtilityChest_49Service - ok
18:42:36.0225 0668 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
18:42:36.0285 0668 UxSms - ok
18:42:36.0358 0668 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
18:42:36.0468 0668 vds - ok
18:42:36.0510 0668 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:42:36.0615 0668 vga - ok
18:42:36.0634 0668 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
18:42:36.0711 0668 VgaSave - ok
18:42:36.0731 0668 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:42:36.0757 0668 viaagp - ok
18:42:36.0812 0668 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:42:36.0869 0668 ViaC7 - ok
18:42:36.0903 0668 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
18:42:36.0940 0668 viaide - ok
18:42:36.0954 0668 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:42:36.0969 0668 volmgr - ok
18:42:36.0985 0668 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:42:37.0006 0668 volmgrx - ok
18:42:37.0105 0668 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:42:37.0133 0668 volsnap - ok
18:42:37.0180 0668 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:42:37.0214 0668 vsmraid - ok
18:42:37.0259 0668 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
18:42:37.0327 0668 VSS - ok
18:42:37.0408 0668 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
18:42:37.0478 0668 W32Time - ok
18:42:37.0514 0668 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:42:37.0610 0668 WacomPen - ok
18:42:37.0646 0668 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:42:37.0694 0668 Wanarp - ok
18:42:37.0700 0668 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:42:37.0732 0668 Wanarpv6 - ok
18:42:37.0785 0668 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:42:37.0853 0668 wcncsvc - ok
18:42:37.0900 0668 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:42:37.0944 0668 WcsPlugInService - ok
18:42:38.0028 0668 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
18:42:38.0051 0668 Wd - ok
18:42:38.0281 0668 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:42:38.0340 0668 Wdf01000 - ok
18:42:38.0411 0668 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:42:38.0478 0668 WdiServiceHost - ok
18:42:38.0500 0668 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:42:38.0557 0668 WdiSystemHost - ok
18:42:38.0640 0668 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
18:42:38.0693 0668 WebClient - ok
18:42:38.0749 0668 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:42:38.0790 0668 Wecsvc - ok
18:42:38.0836 0668 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:42:38.0881 0668 wercplsupport - ok
18:42:38.0920 0668 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
18:42:38.0967 0668 WerSvc - ok
18:42:39.0077 0668 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:42:39.0132 0668 WinDefend - ok
18:42:39.0144 0668 WinHttpAutoProxySvc - ok
18:42:39.0224 0668 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:42:39.0247 0668 Winmgmt - ok
18:42:39.0558 0668 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
18:42:39.0605 0668 WinRM - ok
18:42:39.0694 0668 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:42:39.0736 0668 Wlansvc - ok
18:42:39.0784 0668 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:42:39.0841 0668 WmiAcpi - ok
18:42:39.0880 0668 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:42:39.0907 0668 wmiApSrv - ok
18:42:39.0971 0668 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:42:40.0029 0668 WMPNetworkSvc - ok
18:42:40.0059 0668 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:42:40.0092 0668 WPCSvc - ok
18:42:40.0189 0668 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:42:40.0260 0668 WPDBusEnum - ok
18:42:40.0312 0668 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:42:40.0334 0668 WpdUsb - ok
18:42:40.0724 0668 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:42:40.0772 0668 WPFFontCache_v0400 - ok
18:42:40.0828 0668 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:42:40.0865 0668 ws2ifsl - ok
18:42:40.0911 0668 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
18:42:40.0936 0668 wscsvc - ok
18:42:40.0943 0668 WSearch - ok
18:42:41.0030 0668 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:42:41.0193 0668 wuauserv - ok
18:42:41.0243 0668 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:42:41.0283 0668 WudfPf - ok
18:42:41.0316 0668 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:42:41.0347 0668 WUDFRd - ok
18:42:41.0389 0668 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:42:41.0422 0668 wudfsvc - ok
18:42:41.0495 0668 [ 24FB8DB6D1D55E2C5D0A53DFE48E6AF8 ] Yontoo Desktop Updater C:\Program Files\Yontoo\Y2Desktop.Updater.exe
18:42:41.0504 0668 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - warning
18:42:41.0504 0668 Yontoo Desktop Updater - detected UnsignedFile.Multi.Generic (1)
18:42:41.0583 0668 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
18:42:41.0729 0668 yukonwlh - ok
18:42:41.0744 0668 ================ Scan global ===============================
18:42:41.0827 0668 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:42:41.0868 0668 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
18:42:41.0892 0668 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
18:42:41.0935 0668 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:42:41.0940 0668 [Global] - ok
18:42:41.0940 0668 ================ Scan MBR ==================================
18:42:41.0952 0668 [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
18:42:43.0646 0668 \Device\Harddisk0\DR0 - ok
18:42:43.0647 0668 ================ Scan VBR ==================================
18:42:43.0653 0668 [ 5B5295712D3F44CABCC165689C784432 ] \Device\Harddisk0\DR0\Partition1
18:42:43.0665 0668 \Device\Harddisk0\DR0\Partition1 - ok
18:42:43.0665 0668 ============================================================
18:42:43.0667 0668 Scan finished
18:42:43.0667 0668 ============================================================
18:42:43.0697 3956 Detected object count: 1
18:42:43.0697 3956 Actual detected object count: 1
18:47:46.0184 3956 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - skipped by user
18:47:46.0184 3956 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:48:00.0597 4880 Deinitialize success

Alt 21.06.2013, 10:02   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



Hi,

Markus ist im Urlaub. Gibt es noch irgendwelche Probleme mit dem System?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.06.2013, 20:14   #14
jenn2009
 
Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



ja es geht weiterhin ganz viel werbung auf wenn ich im internet bin und es ist total langsam.

Alt 23.06.2013, 20:58   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Internet langsam, ganz viel Werbung - Standard

Internet langsam, ganz viel Werbung



Das bekommen wir hin

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Internet langsam, ganz viel Werbung
aufeinmal, inter, interne, internet, internet langsam, langsam, seite, total, viel werbung, werbun, werbung




Ähnliche Themen: Internet langsam, ganz viel Werbung


  1. Ständig Skriptfehler, PC extrem langsam und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (36)
  2. Browser Langsam & Viel Werbung
    Log-Analyse und Auswertung - 12.01.2015 (8)
  3. Windows - Browser langsam und viel Werbung (v.a. Ads by Softonic)
    Log-Analyse und Auswertung - 21.12.2014 (12)
  4. Viel Werbung Firefox Pc extrem langsam geworden...
    Log-Analyse und Auswertung - 06.10.2014 (3)
  5. Laptop wird immer langsamer und hat plötzlich ganz viel Werbung !
    Log-Analyse und Auswertung - 26.06.2014 (13)
  6. sehr viel Werbung, PC langsam
    Alles rund um Windows - 23.05.2014 (2)
  7. Windows 8: Internet langsam/stockend + ganz viel Werbung auf neuen Tabs
    Plagegeister aller Art und deren Bekämpfung - 26.04.2014 (34)
  8. Viel Werbung bei internet explorer
    Plagegeister aller Art und deren Bekämpfung - 19.04.2014 (4)
  9. Internet langsam, und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.03.2014 (12)
  10. Übermäßig viel Werbung im Internet
    Plagegeister aller Art und deren Bekämpfung - 04.01.2014 (11)
  11. Auf einmal ganz viel komische Werbung im Browser =/
    Plagegeister aller Art und deren Bekämpfung - 26.11.2013 (1)
  12. Viel zu viel Werbung im Internet
    Plagegeister aller Art und deren Bekämpfung - 06.10.2013 (15)
  13. langsames Internet mit viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (21)
  14. Windows 8: Bekomme sehr viel Werbung/PC langsam
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (13)
  15. Sehr viel Werbung und langsames Internet?
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (8)
  16. Plötzlich langsames Internet und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 17.07.2013 (12)
  17. Komisch.. Ne kb download rate von 7 und ganz viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 24.06.2008 (13)

Zum Thema Internet langsam, ganz viel Werbung - Hallo, kann mir jemand sagen wieso mein Internet soooooo langsam ist aufeinmal und auf jeder Seite sooo viel unnötige Werbung aufgeht? Bin total genervt...:-( - Internet langsam, ganz viel Werbung...
Archiv
Du betrachtest: Internet langsam, ganz viel Werbung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.