Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ist das ein Virus oder eine Art Fehler?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 16.06.2013, 18:56   #1
Barney'
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Hallo

Ich habe seit einiger Zeit das nervige Problem, dass wenn ich Sonderzeichen eingebe (z.B. "@") noch ein anderes zusätzliches dazu erscheint. Zum Beispiel "§", sodass am Ende statt "@" "@§" dasteht.

Ist das eine Art Virus bzw. kann das aus einem Virus resultieren oder ist das eher unwahrscheinlich?
Kann ich das irgendwie wegbekommen, wenn es kein Virus ist?

MfG

Alt 16.06.2013, 19:00   #2
markusg
/// Malware-holic
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 16.06.2013, 20:16   #3
Barney'
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 16.06.2013 21:05:51 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Maik\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,97 Gb Total Physical Memory | 14,39 Gb Available Physical Memory | 90,11% Memory free
31,94 Gb Paging File | 30,12 Gb Available in Paging File | 94,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 9,28 Gb Free Space | 16,64% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 901,17 Gb Free Space | 96,74% Space Free | Partition Type: NTFS
 
Computer Name: MAIK-PC | User Name: Maik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.16 21:04:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maik\Downloads\OTL.exe
PRC - [2013.05.13 18:17:33 | 001,105,408 | ---- | M] (Spotify Ltd) -- C:\Users\Maik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.05.06 13:19:49 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.23 19:05:15 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.04.01 12:59:32 | 001,646,216 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.03.29 03:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.03.28 22:30:42 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.06.12 19:25:53 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.04.23 19:05:15 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.25 15:47:33 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.25 15:47:19 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.05.20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.29 04:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.03.29 03:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.03.06 15:13:37 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.26 15:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.02.26 15:56:50 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.02.14 13:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.10 08:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.15 08:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.04.15 08:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.04 16:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.03.04 16:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.28 22:50:38 | 000,044,672 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.30 21:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.09.30 21:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.05.20 15:26:28 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Official Site - The Power To Do More | Dell
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dell Official Site - The Power To Do More | Dell
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{C7A75626-9C28-4364-A30F-2A9C7EF1F08B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=5ef8b7f4-c6ce-44d0-8b45-f82a2f106ed3&apn_sauid=1CC7F304-A5E6-4ED0-B68A-7C1F0143E8E6
IE - HKCU\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}: "URL" = ICQ.com Suche
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maik\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maik\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Maik\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Maik\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Maik\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Maik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Avira Toolbar = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.24.42223_0\
CHR - Extension: Google Docs = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Maik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5A87AF5-D3D6-4BA0-9212-FF9512008A17}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0b3d147b-9eac-11e2-b96c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0b3d147b-9eac-11e2-b96c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\DVDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
MsConfig:64bit - StartUpReg: icq - hkey= - key= - C:\Users\Maik\AppData\Roaming\ICQM\icq.exe (ICQ)
MsConfig:64bit - StartUpReg: LifeCam - hkey= - key= - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\Maik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - D:\Steam\Steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: Super-Charger - hkey= - key= - C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe (MSI)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.16 13:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.06.16 13:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.06.16 13:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.05.27 19:50:51 | 000,000,000 | ---D | C] -- C:\Users\Maik\.thumbnails
[2013.05.27 19:50:06 | 000,000,000 | ---D | C] -- C:\Users\Maik\AppData\Local\fontconfig
[2013.05.27 19:50:04 | 000,000,000 | ---D | C] -- C:\Users\Maik\AppData\Local\gegl-0.2
[2013.05.27 19:50:04 | 000,000,000 | ---D | C] -- C:\Users\Maik\.gimp-2.8
[2013.05.27 19:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.05.27 19:48:56 | 000,000,000 | ---D | C] -- C:\Users\Maik\AppData\Local\Programs
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.16 21:03:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.16 21:03:03 | 4271,484,926 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.16 19:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.16 19:00:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000UA.job
[2013.06.16 18:43:08 | 000,025,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.16 18:43:08 | 000,025,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.16 18:41:15 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.16 18:41:15 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.16 18:41:15 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.16 18:41:15 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.16 18:41:15 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.16 18:00:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000Core.job
[2013.06.09 20:10:59 | 000,018,568 | ---- | M] () -- C:\Users\Maik\Desktop\Unbenannt.png
[2013.06.09 20:10:59 | 000,007,866 | ---- | M] () -- C:\Users\Maik\AppData\Local\recently-used.xbel
[2013.06.07 14:02:30 | 000,002,362 | ---- | M] () -- C:\Users\Maik\Desktop\Google Chrome.lnk
[2013.06.06 18:40:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.06.05 14:00:07 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.06.05 14:00:07 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.28 16:44:28 | 000,003,584 | ---- | M] () -- C:\Users\Maik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.18 10:50:15 | 000,001,407 | ---- | M] () -- C:\Users\Maik\Desktop\Black Ops II - Zombies.lnk
[2013.05.18 10:50:15 | 000,001,407 | ---- | M] () -- C:\Users\Maik\Desktop\Black Ops II - Singleplayer.lnk
[2013.05.18 10:50:15 | 000,001,407 | ---- | M] () -- C:\Users\Maik\Desktop\Black Ops II - Multiplayer.lnk
[2013.05.18 10:49:08 | 000,000,933 | ---- | M] () -- C:\Users\Maik\Desktop\Modern Warfare 3- Singleplayer.lnk
[2013.05.18 10:47:51 | 000,000,933 | ---- | M] () -- C:\Users\Maik\Desktop\Modern Warfare 3- Multiplayer.lnk
 
========== Files Created - No Company Name ==========
 
[2013.06.09 20:10:59 | 000,007,866 | ---- | C] () -- C:\Users\Maik\AppData\Local\recently-used.xbel
[2013.06.09 20:09:11 | 000,018,568 | ---- | C] () -- C:\Users\Maik\Desktop\Unbenannt.png
[2013.06.06 18:40:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.06.05 14:00:07 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.06.05 14:00:07 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.28 16:44:28 | 000,003,584 | ---- | C] () -- C:\Users\Maik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.27 19:49:18 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013.05.18 10:51:01 | 000,001,407 | ---- | C] () -- C:\Users\Maik\Desktop\Black Ops II - Zombies.lnk
[2013.05.18 10:51:01 | 000,001,407 | ---- | C] () -- C:\Users\Maik\Desktop\Black Ops II - Singleplayer.lnk
[2013.05.18 10:51:01 | 000,001,407 | ---- | C] () -- C:\Users\Maik\Desktop\Black Ops II - Multiplayer.lnk
[2013.05.18 10:49:15 | 000,000,933 | ---- | C] () -- C:\Users\Maik\Desktop\Modern Warfare 3- Singleplayer.lnk
[2013.05.18 10:47:54 | 000,000,933 | ---- | C] () -- C:\Users\Maik\Desktop\Modern Warfare 3- Multiplayer.lnk
[2013.04.23 18:56:58 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.23 18:56:57 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.04.06 14:13:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.04.06 14:10:37 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.04.06 14:10:37 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.04.06 14:10:37 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.04.06 14:31:15 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\ICQ-Profile
[2013.04.06 14:28:12 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\ICQM
[2013.04.06 21:01:22 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\Leadertech
[2013.05.14 19:59:46 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\MW3 FoV Changer
[2013.04.06 17:48:55 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\OpenOffice.org
[2013.06.16 17:44:56 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\Spotify
[2013.06.16 19:49:22 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013.04.06 14:11:38 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013.04.30 16:13:30 | 000,000,000 | ---D | M] -- C:\AMD
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2013.04.06 13:24:33 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.04.06 23:19:56 | 000,000,000 | ---D | M] -- C:\Drivers
[2013.04.06 23:19:56 | 000,000,000 | ---D | M] -- C:\Hotfix
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.05.27 19:48:58 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.06.16 13:37:19 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.06.16 13:37:32 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013.04.06 13:24:33 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.04.06 13:24:33 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.06.16 21:06:47 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.04.06 13:24:34 | 000,000,000 | R--D | M] -- C:\Users
[2013.06.05 13:58:10 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.21 05:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.04.06 13:43:50 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000Core.job
[2013.04.06 13:43:50 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000UA.job
[2013.04.07 00:02:39 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.04.13 14:27:27 | 000,000,250 | ---- | C] () -- C:\Windows\Tasks\Scheduled Update for Ask Toolbar.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.06.16 21:13:44 | 001,310,720 | -HS- | M] () -- C:\Users\Maik\NTUSER.DAT
[2013.06.16 21:13:44 | 000,262,144 | -HS- | M] () -- C:\Users\Maik\ntuser.dat.LOG1
[2013.04.06 13:24:34 | 000,000,000 | -HS- | M] () -- C:\Users\Maik\ntuser.dat.LOG2
[2013.04.06 13:45:51 | 000,065,536 | -HS- | M] () -- C:\Users\Maik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2013.04.06 13:45:51 | 000,524,288 | -HS- | M] () -- C:\Users\Maik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2013.04.06 13:45:51 | 000,524,288 | -HS- | M] () -- C:\Users\Maik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2013.04.06 13:24:34 | 000,000,020 | -HS- | M] () -- C:\Users\Maik\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 16.06.2013 21:05:51 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Maik\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,97 Gb Total Physical Memory | 14,39 Gb Available Physical Memory | 90,11% Memory free
31,94 Gb Paging File | 30,12 Gb Available in Paging File | 94,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 9,28 Gb Free Space | 16,64% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 901,17 Gb Free Space | 96,74% Space Free | Partition Type: NTFS
 
Computer Name: MAIK-PC | User Name: Maik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0029AA23-F2A1-4A70-AE0D-25339FE1BF65}" = lport=138 | protocol=17 | dir=in | app=system | 
"{13073007-2765-4DA4-B0C0-404FF9CC71A9}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2239E08C-0972-4973-841C-4D9E3208A0B2}" = lport=445 | protocol=6 | dir=in | app=system | 
"{392832C4-01BC-4EF1-BA36-7AF1AA96FD4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{39458AEA-4ED8-4475-90DE-E88B99F172D4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{41D27F41-161A-49F8-B948-5F1694D0AD86}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5F2C9192-CC49-4258-BC5D-F93CE5BCED21}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{62EF86BC-9220-4594-A781-6CA6C800278B}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{64E8ECA7-E7AB-4F41-9E1A-0784131D6E63}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{69A1545D-0821-49C7-8430-DCE1C72D1CEC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7C842326-098F-4A58-8740-1FA1A005F99D}" = rport=138 | protocol=17 | dir=out | app=system | 
"{8291C80C-7604-4D33-BEF4-08EE35426FE2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8A696181-38B4-44DE-876C-9CF344A6CB5F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{8E41840E-9584-46EE-B2A5-C440E39A573F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{904632A3-F7C8-4AF6-8658-8FC6DEBB97D4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A33192D6-A243-4C85-BD1B-9949C7290030}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AD544A2B-C831-426D-9B8C-516BF79B3616}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{AF338283-1A25-4443-B0C9-54D6C9313716}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B4F12D97-0862-48BD-8DF0-7C0068C8FFE7}" = rport=139 | protocol=6 | dir=out | app=system | 
"{D08D000D-26C6-45B3-B73C-201EAADFFD45}" = rport=137 | protocol=17 | dir=out | app=system | 
"{E05B89DD-6AEB-489A-922D-74268F081904}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B12D15D-8E1B-415F-A3E2-993534522E6B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{0BA965E7-2C6E-4720-B83C-2D0320EB2612}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\apb reloaded\binaries\apb.exe | 
"{0F3B11F1-6B37-434D-B0CF-373CB3FD5F80}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe | 
"{108F26EA-7B85-4A88-8FE0-C19D00D88FB4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1C44AF10-A0AD-4257-B121-C31FDA6F4C6E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
"{249A3DE6-5CC2-4327-BA6E-F35688E50E2F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2A4D7D08-34B0-447F-A3F0-0954A5066B37}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{2B0D1FCE-578D-4B85-8447-7DDE832C8AC7}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{2F691DF7-45B6-44EC-8918-4657F80F04AE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2FCE6B21-F015-4545-A0AA-DF248172122A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{30466591-59E0-42C9-BBFB-758E4B27A6D3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{3468BF3E-CB59-49DA-9ED9-90230DAABA5C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
"{36C3AA16-1D9A-4053-8A68-FFA6113CC075}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
"{3C2E1C6D-BDF6-4E4E-91DC-99D71A582414}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{3ED548DD-7D07-476F-8A6E-68E0E359EA44}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{43A75F48-A979-464F-972A-F4E64E3CEECA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{45C7339C-759D-413A-90A4-539380E63F14}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4A838DD9-6691-4B07-A9E5-F868596F9D95}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
"{570E1FC1-22F9-41B4-99FA-116CCD6A570D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
"{5EA36F51-D969-4E44-9275-2B88025F1F2F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
"{6062DDFA-8D18-44AB-A9E1-CE77A3521F66}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{66695915-66B4-4347-B3CA-A5042ABC9CB7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6sp.exe | 
"{67DBFE84-2321-40FB-BFC1-FF53B0DD173E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6BE56BCC-18AF-4163-8162-AD6171B2F14F}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"{6D706965-0074-484E-A852-506D8C5E2071}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{77E17D08-6370-4500-B888-C45D073009CD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{7C23A03D-8586-417A-8AF0-2022E3666593}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{897DE4F4-A732-4432-98C2-B07CFC2B34D0}" = protocol=6 | dir=in | app=c:\users\maik\appdata\roaming\icqm\icq.exe | 
"{8D5B8415-36C4-457A-B8C6-762F3039E2BA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{9DA08A17-04F3-4370-89CF-44D288F6C980}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A3AFDD18-90E6-474A-AEF6-D574A600F1BC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | 
"{A5CC1EC5-105C-408B-8282-6B44B1CE531A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{ACF5E5AC-2684-470F-A29A-BFB176D91718}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty black ops ii\t6zm.exe | 
"{B29FD958-4E5A-4D29-9E05-A7C1CBACECFA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B8BBC9D2-3634-470D-BBCA-E3B94CA9D9D1}" = protocol=6 | dir=in | app=d:\steam\steam.exe | 
"{B97338D2-F8D6-4525-8E83-33BA147CEAD9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\apb reloaded\binaries\apb.exe | 
"{BF0234D5-47EC-4885-B818-93C5C0DA9364}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
"{C810D607-F351-4F49-8ECC-69564795F2F1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{D3BD0A66-4759-4CEC-91AB-8F29A780EC58}" = protocol=6 | dir=out | app=system | 
"{D4650B08-01CB-4B92-BD64-56D6811F30DD}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | 
"{D80D0D86-EF54-457D-898D-55D7A7795DBD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
"{D8D15184-81FD-4017-B162-757711A636A0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\apb reloaded\binaries\vivoxvoiceservice.exe | 
"{E44C0D29-533F-4F10-A9E9-600F59119F87}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{E7B69C39-327A-4B04-B1F7-968E331C9E33}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{EA1D21DC-A5E2-4592-A6CE-3603299120FD}" = protocol=17 | dir=in | app=c:\users\maik\appdata\roaming\icqm\icq.exe | 
"{F10DB4DA-42EC-411E-8BC8-556846EC9913}" = protocol=17 | dir=in | app=d:\steam\steam.exe | 
"{F777CC7A-9E18-4825-B3EF-4465AAEC98E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F91BEBFE-347C-4F6F-83BB-345FE1D1C2C4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FCA30ABB-7998-42BF-AAC5-89DE66F51313}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FEA6A7ED-7CF9-470B-A4F6-33EAF62CC39A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"TCP Query User{B7A01CF0-E969-4692-AF98-A76DABFB0FEE}C:\users\maik\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\maik\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{99FCA581-90B9-48D9-8CB2-D5B2DE62CFF9}C:\users\maik\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\maik\appdata\roaming\spotify\spotify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003B37AE-21F5-5BC5-F5EB-CD60A8928696}" = AMD Accelerated Video Transcoding
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1AFC919D-751B-A5D7-B17D-7C0067A65D2E}" = AMD Drag and Drop Transcoding
"{408DD513-C71C-EF6C-1456-247DD8403E18}" = AMD Steady Video Plug-In 
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6397820D-9FC6-774C-1EF5-CBA09049E426}" = AMD Fuel
"{653B9326-BD45-53BE-681A-A49CAAEE8A3C}" = ccc-utility64
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}" = AMD Catalyst Install Manager
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0}" = AMD Media Foundation Decoders
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.4
"Logitech Gaming Software" = Logitech Gaming Software 8.45
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = AMD VISION Engine Control Center
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1" = Winki
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"PunkBusterSvc" = PunkBuster Services
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"Google Chrome" = Google Chrome
"ICQ" = ICQ 8.0 (build 6008, für aktuellen Benutzer)
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.06.2013 10:54:55 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2013 13:07:00 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2013 13:55:55 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 14.06.2013 17:44:41 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.06.2013 06:29:03 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.06.2013 09:23:52 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.06.2013 05:18:02 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.06.2013 10:10:29 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.06.2013 12:37:50 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.06.2013 15:04:58 | Computer Name = Maik-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 15.06.2013 09:22:05 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 15.06.2013 09:22:12 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 16.06.2013 05:16:11 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 16.06.2013 05:16:18 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 16.06.2013 10:08:38 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 16.06.2013 10:08:45 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 16.06.2013 12:35:59 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 16.06.2013 12:36:06 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 16.06.2013 15:03:07 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 16.06.2013 15:03:14 | Computer Name = Maik-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
 
< End of report >
         
--- --- ---


Allerdings verwende ich andere Einstellungen, als sie in dem Thread zu sehen sind.
Wenn ich diese EInstellungen verwende kommt dies raus:

(Folgt gleich)
__________________

Alt 16.06.2013, 20:20   #4
markusg
/// Malware-holic
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.06.2013, 20:37   #5
Barney'
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Erstmal noch die OTL Logfile nach den Einstellungen, wie sie in diesem Thread (http://www.trojaner-board.de/85104-o...-oldtimer.html) zu sehen sind:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 16.06.2013 21:17:21 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Maik\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,97 Gb Total Physical Memory | 14,19 Gb Available Physical Memory | 88,86% Memory free
31,94 Gb Paging File | 30,01 Gb Available in Paging File | 93,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55,80 Gb Total Space | 9,54 Gb Free Space | 17,09% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 901,17 Gb Free Space | 96,74% Space Free | Partition Type: NTFS
 
Computer Name: MAIK-PC | User Name: Maik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Maik\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Maik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MSCamSvc) -- C:\Programme\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (AODDriver4.2) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Official Site - The Power To Do More | Dell
IE - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dell Official Site - The Power To Do More | Dell
IE - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000\..\SearchScopes\{C7A75626-9C28-4364-A30F-2A9C7EF1F08B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=5ef8b7f4-c6ce-44d0-8b45-f82a2f106ed3&apn_sauid=1CC7F304-A5E6-4ED0-B68A-7C1F0143E8E6
IE - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}: "URL" = ICQ.com Suche
IE - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maik\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maik\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Maik\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Maik\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Maik\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Maik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Avira Toolbar = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.24.42223_0\
CHR - Extension: Google Docs = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\Maik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1514262915-3440531814-3870741222-1000..\Run: [Spotify Web Helper] C:\Users\Maik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5A87AF5-D3D6-4BA0-9212-FF9512008A17}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0b3d147b-9eac-11e2-b96c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0b3d147b-9eac-11e2-b96c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\DVDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpReg: ApnUpdater - hkey= - key= - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
MsConfig:64bit - StartUpReg: icq - hkey= - key= - C:\Users\Maik\AppData\Roaming\ICQM\icq.exe (ICQ)
MsConfig:64bit - StartUpReg: LifeCam - hkey= - key= - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\Maik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - D:\Steam\Steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: Super-Charger - hkey= - key= - C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe (MSI)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.16 13:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.06.16 13:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.06.16 13:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.05.27 19:50:51 | 000,000,000 | ---D | C] -- C:\Users\Maik\.thumbnails
[2013.05.27 19:50:06 | 000,000,000 | ---D | C] -- C:\Users\Maik\AppData\Local\fontconfig
[2013.05.27 19:50:04 | 000,000,000 | ---D | C] -- C:\Users\Maik\AppData\Local\gegl-0.2
[2013.05.27 19:50:04 | 000,000,000 | ---D | C] -- C:\Users\Maik\.gimp-2.8
[2013.05.27 19:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.05.27 19:48:56 | 000,000,000 | ---D | C] -- C:\Users\Maik\AppData\Local\Programs
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.16 21:10:17 | 000,025,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.16 21:10:17 | 000,025,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.16 21:09:22 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.16 21:09:22 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.16 21:09:22 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.16 21:09:22 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.16 21:09:22 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.16 21:03:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.16 21:03:03 | 4271,484,926 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.16 19:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.16 19:00:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000UA.job
[2013.06.16 18:00:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000Core.job
[2013.06.09 20:10:59 | 000,018,568 | ---- | M] () -- C:\Users\Maik\Desktop\Unbenannt.png
[2013.06.09 20:10:59 | 000,007,866 | ---- | M] () -- C:\Users\Maik\AppData\Local\recently-used.xbel
[2013.06.07 14:02:30 | 000,002,362 | ---- | M] () -- C:\Users\Maik\Desktop\Google Chrome.lnk
[2013.06.06 18:40:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.06.05 14:00:07 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.06.05 14:00:07 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.28 16:44:28 | 000,003,584 | ---- | M] () -- C:\Users\Maik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.18 10:50:15 | 000,001,407 | ---- | M] () -- C:\Users\Maik\Desktop\Black Ops II - Zombies.lnk
[2013.05.18 10:50:15 | 000,001,407 | ---- | M] () -- C:\Users\Maik\Desktop\Black Ops II - Singleplayer.lnk
[2013.05.18 10:50:15 | 000,001,407 | ---- | M] () -- C:\Users\Maik\Desktop\Black Ops II - Multiplayer.lnk
[2013.05.18 10:49:08 | 000,000,933 | ---- | M] () -- C:\Users\Maik\Desktop\Modern Warfare 3- Singleplayer.lnk
[2013.05.18 10:47:51 | 000,000,933 | ---- | M] () -- C:\Users\Maik\Desktop\Modern Warfare 3- Multiplayer.lnk
 
========== Files Created - No Company Name ==========
 
[2013.06.09 20:10:59 | 000,007,866 | ---- | C] () -- C:\Users\Maik\AppData\Local\recently-used.xbel
[2013.06.09 20:09:11 | 000,018,568 | ---- | C] () -- C:\Users\Maik\Desktop\Unbenannt.png
[2013.06.06 18:40:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.06.05 14:00:07 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.06.05 14:00:07 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.28 16:44:28 | 000,003,584 | ---- | C] () -- C:\Users\Maik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.27 19:49:18 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013.05.18 10:51:01 | 000,001,407 | ---- | C] () -- C:\Users\Maik\Desktop\Black Ops II - Zombies.lnk
[2013.05.18 10:51:01 | 000,001,407 | ---- | C] () -- C:\Users\Maik\Desktop\Black Ops II - Singleplayer.lnk
[2013.05.18 10:51:01 | 000,001,407 | ---- | C] () -- C:\Users\Maik\Desktop\Black Ops II - Multiplayer.lnk
[2013.05.18 10:49:15 | 000,000,933 | ---- | C] () -- C:\Users\Maik\Desktop\Modern Warfare 3- Singleplayer.lnk
[2013.05.18 10:47:54 | 000,000,933 | ---- | C] () -- C:\Users\Maik\Desktop\Modern Warfare 3- Multiplayer.lnk
[2013.04.23 18:56:58 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.23 18:56:57 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.04.06 14:13:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.04.06 14:10:37 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.04.06 14:10:37 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.04.06 14:10:37 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.04.06 14:31:15 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\ICQ-Profile
[2013.04.06 14:28:12 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\ICQM
[2013.04.06 21:01:22 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\Leadertech
[2013.05.14 19:59:46 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\MW3 FoV Changer
[2013.04.06 17:48:55 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\OpenOffice.org
[2013.06.16 17:44:56 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\Spotify
[2013.06.16 19:49:22 | 000,000,000 | ---D | M] -- C:\Users\Maik\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013.04.06 14:11:38 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2013.04.30 16:13:30 | 000,000,000 | ---D | M] -- C:\AMD
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2013.04.06 13:24:33 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.04.06 23:19:56 | 000,000,000 | ---D | M] -- C:\Drivers
[2013.04.06 23:19:56 | 000,000,000 | ---D | M] -- C:\Hotfix
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.05.27 19:48:58 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.06.16 13:37:19 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.06.16 13:37:32 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013.04.06 13:24:33 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.04.06 13:24:33 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.06.16 21:18:08 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.04.06 13:24:34 | 000,000,000 | R--D | M] -- C:\Users
[2013.06.05 13:58:10 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.21 05:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.04.06 13:43:50 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000Core.job
[2013.04.06 13:43:50 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000UA.job
[2013.04.07 00:02:39 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.04.13 14:27:27 | 000,000,250 | ---- | C] () -- C:\Windows\Tasks\Scheduled Update for Ask Toolbar.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.06.16 21:24:22 | 001,310,720 | -HS- | M] () -- C:\Users\Maik\NTUSER.DAT
[2013.06.16 21:24:22 | 000,262,144 | -HS- | M] () -- C:\Users\Maik\ntuser.dat.LOG1
[2013.04.06 13:24:34 | 000,000,000 | -HS- | M] () -- C:\Users\Maik\ntuser.dat.LOG2
[2013.04.06 13:45:51 | 000,065,536 | -HS- | M] () -- C:\Users\Maik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2013.04.06 13:45:51 | 000,524,288 | -HS- | M] () -- C:\Users\Maik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2013.04.06 13:45:51 | 000,524,288 | -HS- | M] () -- C:\Users\Maik\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2013.04.06 13:24:34 | 000,000,020 | -HS- | M] () -- C:\Users\Maik\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---

Zitat:
21:39:26.0420 4820 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:39:26.0809 4820 ============================================================
21:39:26.0809 4820 Current date / time: 2013/06/16 21:39:26.0809
21:39:26.0809 4820 SystemInfo:
21:39:26.0809 4820
21:39:26.0809 4820 OS Version: 6.1.7601 ServicePack: 1.0
21:39:26.0809 4820 Product type: Workstation
21:39:26.0809 4820 ComputerName: MAIK-PC
21:39:26.0809 4820 UserName: Maik
21:39:26.0809 4820 Windows directory: C:\Windows
21:39:26.0809 4820 System windows directory: C:\Windows
21:39:26.0809 4820 Running under WOW64
21:39:26.0809 4820 Processor architecture: Intel x64
21:39:26.0809 4820 Number of processors: 8
21:39:26.0809 4820 Page size: 0x1000
21:39:26.0809 4820 Boot type: Normal boot
21:39:26.0809 4820 ============================================================
21:39:27.0028 4820 Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 (55.90 Gb), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:39:27.0036 4820 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:39:27.0042 4820 ============================================================
21:39:27.0042 4820 \Device\Harddisk0\DR0:
21:39:27.0042 4820 MBR partitions:
21:39:27.0042 4820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:39:27.0042 4820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6F99800
21:39:27.0042 4820 \Device\Harddisk1\DR1:
21:39:27.0042 4820 MBR partitions:
21:39:27.0042 4820 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
21:39:27.0042 4820 ============================================================
21:39:27.0043 4820 C: <-> \Device\Harddisk0\DR0\Partition2
21:39:27.0054 4820 D: <-> \Device\Harddisk1\DR1\Partition1
21:39:27.0054 4820 ============================================================
21:39:27.0054 4820 Initialize success
21:39:27.0054 4820 ============================================================
21:39:58.0681 1928 ============================================================
21:39:58.0681 1928 Scan started
21:39:58.0681 1928 Mode: Manual; SigCheck; TDLFS;
21:39:58.0681 1928 ============================================================
21:39:58.0977 1928 ================ Scan system memory ========================
21:39:58.0977 1928 System memory - ok
21:39:58.0977 1928 ================ Scan services =============================
21:39:59.0009 1928 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:39:59.0055 1928 1394ohci - ok
21:39:59.0071 1928 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:39:59.0071 1928 ACPI - ok
21:39:59.0087 1928 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:39:59.0087 1928 AcpiPmi - ok
21:39:59.0118 1928 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:39:59.0133 1928 AdobeFlashPlayerUpdateSvc - ok
21:39:59.0133 1928 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:39:59.0149 1928 adp94xx - ok
21:39:59.0165 1928 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:39:59.0180 1928 adpahci - ok
21:39:59.0180 1928 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:39:59.0196 1928 adpu320 - ok
21:39:59.0196 1928 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:39:59.0227 1928 AeLookupSvc - ok
21:39:59.0227 1928 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:39:59.0243 1928 AFD - ok
21:39:59.0258 1928 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:39:59.0258 1928 agp440 - ok
21:39:59.0258 1928 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:39:59.0274 1928 ALG - ok
21:39:59.0274 1928 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:39:59.0289 1928 aliide - ok
21:39:59.0289 1928 [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:39:59.0305 1928 AMD External Events Utility - ok
21:39:59.0321 1928 AMD FUEL Service - ok
21:39:59.0321 1928 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:39:59.0336 1928 amdide - ok
21:39:59.0336 1928 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
21:39:59.0352 1928 amdiox64 - ok
21:39:59.0352 1928 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:39:59.0367 1928 AmdK8 - ok
21:39:59.0508 1928 [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:39:59.0695 1928 amdkmdag - ok
21:39:59.0711 1928 [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:39:59.0726 1928 amdkmdap - ok
21:39:59.0726 1928 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:39:59.0742 1928 AmdPPM - ok
21:39:59.0742 1928 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:39:59.0757 1928 amdsata - ok
21:39:59.0757 1928 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:39:59.0773 1928 amdsbs - ok
21:39:59.0773 1928 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:39:59.0789 1928 amdxata - ok
21:39:59.0789 1928 [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
21:39:59.0804 1928 amd_sata - ok
21:39:59.0804 1928 [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
21:39:59.0804 1928 amd_xata - ok
21:39:59.0820 1928 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:39:59.0820 1928 AntiVirSchedulerService - ok
21:39:59.0835 1928 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:39:59.0835 1928 AntiVirService - ok
21:39:59.0835 1928 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:39:59.0851 1928 AODDriver4.01 - ok
21:39:59.0851 1928 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
21:39:59.0867 1928 AODDriver4.2 - ok
21:39:59.0867 1928 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:39:59.0898 1928 AppID - ok
21:39:59.0898 1928 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:39:59.0929 1928 AppIDSvc - ok
21:39:59.0929 1928 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
21:39:59.0945 1928 Appinfo - ok
21:39:59.0945 1928 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:39:59.0960 1928 AppMgmt - ok
21:39:59.0960 1928 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:39:59.0976 1928 arc - ok
21:39:59.0976 1928 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:39:59.0991 1928 arcsas - ok
21:39:59.0991 1928 [ 6FE3237C1177E66437E7AD0E8AC1A6E5 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
21:40:00.0007 1928 asmthub3 - ok
21:40:00.0007 1928 [ C4043E39A2ABBC56581CA25DF161E9F7 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
21:40:00.0023 1928 asmtxhci - ok
21:40:00.0023 1928 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:40:00.0054 1928 AsyncMac - ok
21:40:00.0069 1928 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:40:00.0069 1928 atapi - ok
21:40:00.0069 1928 [ ED3A041014FBBFDC23D6C04F9C7A5D79 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:40:00.0085 1928 AtiHDAudioService - ok
21:40:00.0101 1928 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:40:00.0132 1928 AudioEndpointBuilder - ok
21:40:00.0147 1928 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:40:00.0179 1928 AudioSrv - ok
21:40:00.0179 1928 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:40:00.0179 1928 avgntflt - ok
21:40:00.0194 1928 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:40:00.0194 1928 avipbb - ok
21:40:00.0210 1928 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:40:00.0210 1928 avkmgr - ok
21:40:00.0210 1928 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:40:00.0225 1928 AxInstSV - ok
21:40:00.0241 1928 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:40:00.0257 1928 b06bdrv - ok
21:40:00.0257 1928 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:40:00.0272 1928 b57nd60a - ok
21:40:00.0272 1928 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:40:00.0288 1928 BDESVC - ok
21:40:00.0288 1928 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:40:00.0319 1928 Beep - ok
21:40:00.0335 1928 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:40:00.0366 1928 BFE - ok
21:40:00.0381 1928 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:40:00.0413 1928 BITS - ok
21:40:00.0413 1928 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:40:00.0428 1928 blbdrive - ok
21:40:00.0428 1928 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:40:00.0444 1928 bowser - ok
21:40:00.0444 1928 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:40:00.0459 1928 BrFiltLo - ok
21:40:00.0459 1928 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:40:00.0475 1928 BrFiltUp - ok
21:40:00.0475 1928 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:40:00.0491 1928 Browser - ok
21:40:00.0491 1928 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:40:00.0506 1928 Brserid - ok
21:40:00.0506 1928 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:40:00.0522 1928 BrSerWdm - ok
21:40:00.0522 1928 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:40:00.0537 1928 BrUsbMdm - ok
21:40:00.0537 1928 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:40:00.0553 1928 BrUsbSer - ok
21:40:00.0553 1928 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:40:00.0569 1928 BTHMODEM - ok
21:40:00.0569 1928 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:40:00.0600 1928 bthserv - ok
21:40:00.0600 1928 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:40:00.0631 1928 cdfs - ok
21:40:00.0631 1928 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:40:00.0647 1928 cdrom - ok
21:40:00.0647 1928 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:40:00.0678 1928 CertPropSvc - ok
21:40:00.0678 1928 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:40:00.0693 1928 circlass - ok
21:40:00.0693 1928 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:40:00.0709 1928 CLFS - ok
21:40:00.0725 1928 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:40:00.0725 1928 clr_optimization_v2.0.50727_32 - ok
21:40:00.0740 1928 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:40:00.0740 1928 clr_optimization_v2.0.50727_64 - ok
21:40:00.0756 1928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:40:00.0756 1928 clr_optimization_v4.0.30319_32 - ok
21:40:00.0771 1928 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:40:00.0771 1928 clr_optimization_v4.0.30319_64 - ok
21:40:00.0787 1928 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:40:00.0787 1928 CmBatt - ok
21:40:00.0787 1928 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:40:00.0803 1928 cmdide - ok
21:40:00.0803 1928 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:40:00.0834 1928 CNG - ok
21:40:00.0834 1928 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:40:00.0834 1928 Compbatt - ok
21:40:00.0849 1928 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:40:00.0849 1928 CompositeBus - ok
21:40:00.0865 1928 COMSysApp - ok
21:40:00.0865 1928 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:40:00.0865 1928 crcdisk - ok
21:40:00.0881 1928 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:40:00.0896 1928 CryptSvc - ok
21:40:00.0896 1928 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
21:40:00.0912 1928 CSC - ok
21:40:00.0927 1928 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
21:40:00.0943 1928 CscService - ok
21:40:00.0943 1928 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:40:00.0990 1928 DcomLaunch - ok
21:40:00.0990 1928 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:40:01.0021 1928 defragsvc - ok
21:40:01.0021 1928 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:40:01.0052 1928 DfsC - ok
21:40:01.0052 1928 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:40:01.0068 1928 Dhcp - ok
21:40:01.0083 1928 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:40:01.0099 1928 discache - ok
21:40:01.0115 1928 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:40:01.0115 1928 Disk - ok
21:40:01.0115 1928 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:40:01.0130 1928 dmvsc - ok
21:40:01.0130 1928 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:40:01.0146 1928 Dnscache - ok
21:40:01.0146 1928 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:40:01.0177 1928 dot3svc - ok
21:40:01.0193 1928 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:40:01.0208 1928 DPS - ok
21:40:01.0224 1928 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:40:01.0224 1928 drmkaud - ok
21:40:01.0239 1928 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:40:01.0255 1928 DXGKrnl - ok
21:40:01.0271 1928 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:40:01.0302 1928 EapHost - ok
21:40:01.0317 1928 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:40:01.0364 1928 ebdrv - ok
21:40:01.0364 1928 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:40:01.0395 1928 EFS - ok
21:40:01.0395 1928 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:40:01.0411 1928 ehRecvr - ok
21:40:01.0427 1928 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:40:01.0427 1928 ehSched - ok
21:40:01.0442 1928 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:40:01.0458 1928 elxstor - ok
21:40:01.0458 1928 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:40:01.0473 1928 ErrDev - ok
21:40:01.0473 1928 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:40:01.0505 1928 EventSystem - ok
21:40:01.0520 1928 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:40:01.0536 1928 exfat - ok
21:40:01.0551 1928 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:40:01.0583 1928 fastfat - ok
21:40:01.0583 1928 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:40:01.0614 1928 Fax - ok
21:40:01.0614 1928 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:40:01.0614 1928 fdc - ok
21:40:01.0629 1928 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:40:01.0645 1928 fdPHost - ok
21:40:01.0661 1928 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:40:01.0676 1928 FDResPub - ok
21:40:01.0692 1928 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:40:01.0692 1928 FileInfo - ok
21:40:01.0692 1928 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:40:01.0723 1928 Filetrace - ok
21:40:01.0723 1928 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:40:01.0739 1928 flpydisk - ok
21:40:01.0739 1928 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:40:01.0754 1928 FltMgr - ok
21:40:01.0770 1928 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:40:01.0785 1928 FontCache - ok
21:40:01.0801 1928 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:40:01.0801 1928 FontCache3.0.0.0 - ok
21:40:01.0801 1928 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:40:01.0817 1928 FsDepends - ok
21:40:01.0817 1928 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:40:01.0832 1928 Fs_Rec - ok
21:40:01.0832 1928 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:40:01.0848 1928 fvevol - ok
21:40:01.0848 1928 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:40:01.0863 1928 gagp30kx - ok
21:40:01.0879 1928 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:40:01.0910 1928 gpsvc - ok
21:40:01.0910 1928 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:40:01.0926 1928 hcw85cir - ok
21:40:01.0926 1928 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:40:01.0941 1928 HdAudAddService - ok
21:40:01.0941 1928 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:40:01.0957 1928 HDAudBus - ok
21:40:01.0957 1928 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:40:01.0973 1928 HidBatt - ok
21:40:01.0973 1928 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:40:01.0988 1928 HidBth - ok
21:40:01.0988 1928 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:40:02.0004 1928 HidIr - ok
21:40:02.0004 1928 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:40:02.0035 1928 hidserv - ok
21:40:02.0035 1928 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:40:02.0051 1928 HidUsb - ok
21:40:02.0051 1928 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:40:02.0082 1928 hkmsvc - ok
21:40:02.0082 1928 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:40:02.0097 1928 HomeGroupListener - ok
21:40:02.0113 1928 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:40:02.0113 1928 HomeGroupProvider - ok
21:40:02.0129 1928 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:40:02.0129 1928 HpSAMD - ok
21:40:02.0144 1928 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:40:02.0175 1928 HTTP - ok
21:40:02.0175 1928 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:40:02.0191 1928 hwpolicy - ok
21:40:02.0191 1928 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:40:02.0207 1928 i8042prt - ok
21:40:02.0207 1928 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:40:02.0222 1928 iaStorV - ok
21:40:02.0238 1928 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:40:02.0253 1928 idsvc - ok
21:40:02.0253 1928 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:40:02.0269 1928 iirsp - ok
21:40:02.0269 1928 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:40:02.0316 1928 IKEEXT - ok
21:40:02.0331 1928 [ 245F0288792486CC37924908AF19A553 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:40:02.0378 1928 IntcAzAudAddService - ok
21:40:02.0378 1928 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:40:02.0394 1928 intelide - ok
21:40:02.0394 1928 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
21:40:02.0409 1928 intelppm - ok
21:40:02.0409 1928 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:40:02.0441 1928 IPBusEnum - ok
21:40:02.0441 1928 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:40:02.0472 1928 IpFilterDriver - ok
21:40:02.0487 1928 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:40:02.0503 1928 iphlpsvc - ok
21:40:02.0503 1928 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:40:02.0519 1928 IPMIDRV - ok
21:40:02.0519 1928 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:40:02.0550 1928 IPNAT - ok
21:40:02.0550 1928 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:40:02.0565 1928 IRENUM - ok
21:40:02.0565 1928 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:40:02.0565 1928 isapnp - ok
21:40:02.0581 1928 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:40:02.0597 1928 iScsiPrt - ok
21:40:02.0597 1928 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:40:02.0597 1928 kbdclass - ok
21:40:02.0612 1928 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:40:02.0612 1928 kbdhid - ok
21:40:02.0612 1928 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:40:02.0628 1928 KeyIso - ok
21:40:02.0628 1928 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:40:02.0643 1928 KSecDD - ok
21:40:02.0643 1928 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:40:02.0659 1928 KSecPkg - ok
21:40:02.0659 1928 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:40:02.0690 1928 ksthunk - ok
21:40:02.0690 1928 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:40:02.0721 1928 KtmRm - ok
21:40:02.0737 1928 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:40:02.0768 1928 LanmanServer - ok
21:40:02.0768 1928 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:40:02.0799 1928 LanmanWorkstation - ok
21:40:02.0799 1928 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
21:40:02.0815 1928 LGBusEnum - ok
21:40:02.0815 1928 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
21:40:02.0815 1928 LGVirHid - ok
21:40:02.0815 1928 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:40:02.0846 1928 lltdio - ok
21:40:02.0862 1928 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:40:02.0893 1928 lltdsvc - ok
21:40:02.0893 1928 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:40:02.0924 1928 lmhosts - ok
21:40:02.0924 1928 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:40:02.0940 1928 LSI_FC - ok
21:40:02.0940 1928 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:40:02.0955 1928 LSI_SAS - ok
21:40:02.0955 1928 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:40:02.0955 1928 LSI_SAS2 - ok
21:40:02.0971 1928 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:40:02.0971 1928 LSI_SCSI - ok
21:40:02.0971 1928 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:40:03.0002 1928 luafv - ok
21:40:03.0018 1928 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:40:03.0018 1928 Mcx2Svc - ok
21:40:03.0018 1928 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:40:03.0033 1928 megasas - ok
21:40:03.0033 1928 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:40:03.0049 1928 MegaSR - ok
21:40:03.0049 1928 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:40:03.0080 1928 MMCSS - ok
21:40:03.0080 1928 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:40:03.0111 1928 Modem - ok
21:40:03.0111 1928 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:40:03.0127 1928 monitor - ok
21:40:03.0127 1928 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:40:03.0143 1928 mouclass - ok
21:40:03.0143 1928 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:40:03.0158 1928 mouhid - ok
21:40:03.0158 1928 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:40:03.0174 1928 mountmgr - ok
21:40:03.0174 1928 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:40:03.0189 1928 mpio - ok
21:40:03.0189 1928 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:40:03.0221 1928 mpsdrv - ok
21:40:03.0221 1928 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:40:03.0267 1928 MpsSvc - ok
21:40:03.0267 1928 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:40:03.0283 1928 MRxDAV - ok
21:40:03.0283 1928 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:40:03.0299 1928 mrxsmb - ok
21:40:03.0299 1928 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:40:03.0314 1928 mrxsmb10 - ok
21:40:03.0314 1928 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:40:03.0330 1928 mrxsmb20 - ok
21:40:03.0330 1928 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:40:03.0345 1928 msahci - ok
21:40:03.0345 1928 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
21:40:03.0345 1928 MSCamSvc - ok
21:40:03.0361 1928 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:40:03.0361 1928 msdsm - ok
21:40:03.0377 1928 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:40:03.0377 1928 MSDTC - ok
21:40:03.0392 1928 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:40:03.0408 1928 Msfs - ok
21:40:03.0423 1928 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:40:03.0439 1928 mshidkmdf - ok
21:40:03.0455 1928 [ 55218F924E55FD2786ED40EDF4ED79C3 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
21:40:03.0455 1928 MSHUSBVideo - ok
21:40:03.0455 1928 MSICDSetup - ok
21:40:03.0470 1928 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:40:03.0470 1928 msisadrv - ok
21:40:03.0470 1928 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:40:03.0501 1928 MSiSCSI - ok
21:40:03.0501 1928 msiserver - ok
21:40:03.0517 1928 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:40:03.0533 1928 MSKSSRV - ok
21:40:03.0548 1928 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:40:03.0564 1928 MSPCLOCK - ok
21:40:03.0579 1928 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:40:03.0595 1928 MSPQM - ok
21:40:03.0611 1928 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:40:03.0611 1928 MsRPC - ok
21:40:03.0626 1928 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:40:03.0626 1928 mssmbios - ok
21:40:03.0642 1928 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:40:03.0657 1928 MSTEE - ok
21:40:03.0657 1928 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:40:03.0673 1928 MTConfig - ok
21:40:03.0673 1928 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:40:03.0689 1928 Mup - ok
21:40:03.0689 1928 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:40:03.0720 1928 napagent - ok
21:40:03.0735 1928 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:40:03.0751 1928 NativeWifiP - ok
21:40:03.0767 1928 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:40:03.0782 1928 NDIS - ok
21:40:03.0782 1928 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:40:03.0813 1928 NdisCap - ok
21:40:03.0813 1928 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:40:03.0845 1928 NdisTapi - ok
21:40:03.0845 1928 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:40:03.0876 1928 Ndisuio - ok
21:40:03.0876 1928 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:40:03.0907 1928 NdisWan - ok
21:40:03.0907 1928 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:40:03.0938 1928 NDProxy - ok
21:40:03.0938 1928 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:40:03.0969 1928 NetBIOS - ok
21:40:03.0969 1928 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:40:04.0001 1928 NetBT - ok
21:40:04.0001 1928 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:40:04.0016 1928 Netlogon - ok
21:40:04.0032 1928 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:40:04.0063 1928 Netman - ok
21:40:04.0063 1928 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:40:04.0094 1928 netprofm - ok
21:40:04.0094 1928 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:40:04.0110 1928 NetTcpPortSharing - ok
21:40:04.0125 1928 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:40:04.0125 1928 nfrd960 - ok
21:40:04.0141 1928 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:40:04.0141 1928 NlaSvc - ok
21:40:04.0157 1928 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:40:04.0172 1928 Npfs - ok
21:40:04.0188 1928 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:40:04.0203 1928 nsi - ok
21:40:04.0219 1928 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:40:04.0235 1928 nsiproxy - ok
21:40:04.0266 1928 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:40:04.0297 1928 Ntfs - ok
21:40:04.0297 1928 NTIOLib_1_0_C - ok
21:40:04.0297 1928 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:40:04.0328 1928 Null - ok
21:40:04.0328 1928 [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
21:40:04.0344 1928 nusb3hub - ok
21:40:04.0344 1928 [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
21:40:04.0359 1928 nusb3xhc - ok
21:40:04.0359 1928 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:40:04.0375 1928 nvraid - ok
21:40:04.0375 1928 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:40:04.0391 1928 nvstor - ok
21:40:04.0391 1928 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:40:04.0406 1928 nv_agp - ok
21:40:04.0406 1928 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:40:04.0406 1928 ohci1394 - ok
21:40:04.0422 1928 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:40:04.0437 1928 p2pimsvc - ok
21:40:04.0437 1928 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:40:04.0453 1928 p2psvc - ok
21:40:04.0469 1928 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:40:04.0469 1928 Parport - ok
21:40:04.0469 1928 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:40:04.0484 1928 partmgr - ok
21:40:04.0484 1928 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:40:04.0500 1928 PcaSvc - ok
21:40:04.0515 1928 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:40:04.0515 1928 pci - ok
21:40:04.0531 1928 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:40:04.0531 1928 pciide - ok
21:40:04.0531 1928 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:40:04.0547 1928 pcmcia - ok
21:40:04.0547 1928 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:40:04.0562 1928 pcw - ok
21:40:04.0562 1928 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:40:04.0609 1928 PEAUTH - ok
21:40:04.0625 1928 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:40:04.0640 1928 PeerDistSvc - ok
21:40:04.0671 1928 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:40:04.0687 1928 PerfHost - ok
21:40:04.0703 1928 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:40:04.0749 1928 pla - ok
21:40:04.0765 1928 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:40:04.0765 1928 PlugPlay - ok
21:40:04.0781 1928 PnkBstrA - ok
21:40:04.0781 1928 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:40:04.0796 1928 PNRPAutoReg - ok
21:40:04.0796 1928 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:40:04.0812 1928 PNRPsvc - ok
21:40:04.0812 1928 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:40:04.0843 1928 PolicyAgent - ok
21:40:04.0859 1928 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:40:04.0890 1928 Power - ok
21:40:04.0890 1928 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:40:04.0921 1928 PptpMiniport - ok
21:40:04.0921 1928 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:40:04.0937 1928 Processor - ok
21:40:04.0937 1928 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:40:04.0952 1928 ProfSvc - ok
21:40:04.0952 1928 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:40:04.0968 1928 ProtectedStorage - ok
21:40:04.0968 1928 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:40:04.0999 1928 Psched - ok
21:40:05.0015 1928 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:40:05.0046 1928 ql2300 - ok
21:40:05.0046 1928 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:40:05.0061 1928 ql40xx - ok
21:40:05.0061 1928 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:40:05.0077 1928 QWAVE - ok
21:40:05.0077 1928 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:40:05.0093 1928 QWAVEdrv - ok
21:40:05.0093 1928 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:40:05.0124 1928 RasAcd - ok
21:40:05.0124 1928 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:40:05.0155 1928 RasAgileVpn - ok
21:40:05.0155 1928 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:40:05.0186 1928 RasAuto - ok
21:40:05.0202 1928 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:40:05.0217 1928 Rasl2tp - ok
21:40:05.0233 1928 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:40:05.0264 1928 RasMan - ok
21:40:05.0264 1928 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:40:05.0295 1928 RasPppoe - ok
21:40:05.0295 1928 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:40:05.0327 1928 RasSstp - ok
21:40:05.0327 1928 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:40:05.0358 1928 rdbss - ok
21:40:05.0358 1928 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:40:05.0373 1928 rdpbus - ok
21:40:05.0373 1928 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:40:05.0405 1928 RDPCDD - ok
21:40:05.0405 1928 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:40:05.0420 1928 RDPDR - ok
21:40:05.0420 1928 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:40:05.0451 1928 RDPENCDD - ok
21:40:05.0451 1928 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:40:05.0483 1928 RDPREFMP - ok
21:40:05.0483 1928 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:40:05.0498 1928 RDPWD - ok
21:40:05.0514 1928 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:40:05.0514 1928 rdyboost - ok
21:40:05.0514 1928 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:40:05.0545 1928 RemoteAccess - ok
21:40:05.0561 1928 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:40:05.0576 1928 RemoteRegistry - ok
21:40:05.0592 1928 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:40:05.0623 1928 RpcEptMapper - ok
21:40:05.0623 1928 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:40:05.0639 1928 RpcLocator - ok
21:40:05.0639 1928 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:40:05.0670 1928 RpcSs - ok
21:40:05.0670 1928 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:40:05.0701 1928 rspndr - ok
21:40:05.0717 1928 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:40:05.0717 1928 RTL8167 - ok
21:40:05.0732 1928 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:40:05.0732 1928 s3cap - ok
21:40:05.0732 1928 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:40:05.0748 1928 SamSs - ok
21:40:05.0748 1928 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:40:05.0763 1928 sbp2port - ok
21:40:05.0763 1928 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:40:05.0795 1928 SCardSvr - ok
21:40:05.0795 1928 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:40:05.0826 1928 scfilter - ok
21:40:05.0841 1928 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:40:05.0873 1928 Schedule - ok
21:40:05.0888 1928 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:40:05.0904 1928 SCPolicySvc - ok
21:40:05.0919 1928 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:40:05.0919 1928 SDRSVC - ok
21:40:05.0935 1928 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:40:05.0951 1928 secdrv - ok
21:40:05.0966 1928 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:40:05.0982 1928 seclogon - ok
21:40:05.0997 1928 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:40:06.0013 1928 SENS - ok
21:40:06.0029 1928 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:40:06.0029 1928 SensrSvc - ok
21:40:06.0044 1928 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:40:06.0044 1928 Serenum - ok
21:40:06.0044 1928 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:40:06.0060 1928 Serial - ok
21:40:06.0060 1928 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:40:06.0075 1928 sermouse - ok
21:40:06.0075 1928 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:40:06.0107 1928 SessionEnv - ok
21:40:06.0122 1928 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:40:06.0122 1928 sffdisk - ok
21:40:06.0122 1928 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:40:06.0138 1928 sffp_mmc - ok
21:40:06.0138 1928 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:40:06.0153 1928 sffp_sd - ok
21:40:06.0153 1928 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:40:06.0169 1928 sfloppy - ok
21:40:06.0169 1928 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:40:06.0200 1928 SharedAccess - ok
21:40:06.0216 1928 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:40:06.0247 1928 ShellHWDetection - ok
21:40:06.0247 1928 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:40:06.0263 1928 SiSRaid2 - ok
21:40:06.0263 1928 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:40:06.0263 1928 SiSRaid4 - ok
21:40:06.0278 1928 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:40:06.0278 1928 SkypeUpdate - ok
21:40:06.0294 1928 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:40:06.0309 1928 Smb - ok
21:40:06.0325 1928 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:40:06.0341 1928 SNMPTRAP - ok
21:40:06.0341 1928 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:40:06.0341 1928 spldr - ok
21:40:06.0356 1928 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:40:06.0372 1928 Spooler - ok
21:40:06.0403 1928 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:40:06.0481 1928 sppsvc - ok
21:40:06.0481 1928 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:40:06.0512 1928 sppuinotify - ok
21:40:06.0528 1928 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:40:06.0543 1928 srv - ok
21:40:06.0543 1928 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:40:06.0559 1928 srv2 - ok
21:40:06.0559 1928 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:40:06.0575 1928 srvnet - ok
21:40:06.0575 1928 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:40:06.0606 1928 SSDPSRV - ok
21:40:06.0606 1928 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:40:06.0637 1928 SstpSvc - ok
21:40:06.0637 1928 Steam Client Service - ok
21:40:06.0653 1928 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:40:06.0653 1928 stexstor - ok
21:40:06.0668 1928 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:40:06.0684 1928 stisvc - ok
21:40:06.0684 1928 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:40:06.0699 1928 storflt - ok
21:40:06.0699 1928 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
21:40:06.0715 1928 StorSvc - ok
21:40:06.0715 1928 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:40:06.0731 1928 storvsc - ok
21:40:06.0731 1928 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:40:06.0731 1928 swenum - ok
21:40:06.0746 1928 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:40:06.0777 1928 swprv - ok
21:40:06.0793 1928 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:40:06.0840 1928 SysMain - ok
21:40:06.0840 1928 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:40:06.0855 1928 TabletInputService - ok
21:40:06.0855 1928 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:40:06.0887 1928 TapiSrv - ok
21:40:06.0887 1928 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:40:06.0918 1928 TBS - ok
21:40:06.0949 1928 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:40:06.0980 1928 Tcpip - ok
21:40:06.0996 1928 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:40:07.0027 1928 TCPIP6 - ok
21:40:07.0027 1928 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:40:07.0043 1928 tcpipreg - ok
21:40:07.0043 1928 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:40:07.0058 1928 TDPIPE - ok
21:40:07.0058 1928 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:40:07.0074 1928 TDTCP - ok
21:40:07.0074 1928 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:40:07.0105 1928 tdx - ok
21:40:07.0105 1928 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:40:07.0121 1928 TermDD - ok
21:40:07.0121 1928 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:40:07.0167 1928 TermService - ok
21:40:07.0167 1928 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:40:07.0183 1928 Themes - ok
21:40:07.0183 1928 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:40:07.0214 1928 THREADORDER - ok
21:40:07.0214 1928 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:40:07.0245 1928 TrkWks - ok
21:40:07.0245 1928 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:40:07.0277 1928 TrustedInstaller - ok
21:40:07.0277 1928 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:40:07.0308 1928 tssecsrv - ok
21:40:07.0308 1928 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:40:07.0323 1928 TsUsbFlt - ok
21:40:07.0323 1928 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:40:07.0339 1928 TsUsbGD - ok
21:40:07.0339 1928 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:40:07.0370 1928 tunnel - ok
21:40:07.0370 1928 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:40:07.0386 1928 uagp35 - ok
21:40:07.0386 1928 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:40:07.0417 1928 udfs - ok
21:40:07.0417 1928 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:40:07.0433 1928 UI0Detect - ok
21:40:07.0433 1928 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:40:07.0448 1928 uliagpkx - ok
21:40:07.0448 1928 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:40:07.0464 1928 umbus - ok
21:40:07.0464 1928 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:40:07.0479 1928 UmPass - ok
21:40:07.0479 1928 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
21:40:07.0495 1928 UmRdpService - ok
21:40:07.0495 1928 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:40:07.0526 1928 upnphost - ok
21:40:07.0542 1928 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:40:07.0557 1928 usbaudio - ok
21:40:07.0557 1928 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:40:07.0557 1928 usbccgp - ok
21:40:07.0573 1928 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:40:07.0573 1928 usbcir - ok
21:40:07.0589 1928 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:40:07.0589 1928 usbehci - ok
21:40:07.0604 1928 [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
21:40:07.0604 1928 usbfilter - ok
21:40:07.0604 1928 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:40:07.0620 1928 usbhub - ok
21:40:07.0620 1928 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:40:07.0635 1928 usbohci - ok
21:40:07.0635 1928 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:40:07.0651 1928 usbprint - ok
21:40:07.0651 1928 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:40:07.0667 1928 USBSTOR - ok
21:40:07.0667 1928 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:40:07.0682 1928 usbuhci - ok
21:40:07.0682 1928 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:40:07.0698 1928 usbvideo - ok
21:40:07.0698 1928 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:40:07.0729 1928 UxSms - ok
21:40:07.0729 1928 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:40:07.0745 1928 VaultSvc - ok
21:40:07.0745 1928 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:40:07.0760 1928 vdrvroot - ok
21:40:07.0760 1928 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:40:07.0791 1928 vds - ok
21:40:07.0807 1928 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:40:07.0807 1928 vga - ok
21:40:07.0823 1928 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:40:07.0838 1928 VgaSave - ok
21:40:07.0854 1928 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:40:07.0854 1928 vhdmp - ok
21:40:07.0854 1928 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:40:07.0869 1928 viaide - ok
21:40:07.0869 1928 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:40:07.0885 1928 vmbus - ok
21:40:07.0885 1928 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:40:07.0901 1928 VMBusHID - ok
21:40:07.0901 1928 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:40:07.0916 1928 volmgr - ok
21:40:07.0916 1928 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:40:07.0932 1928 volmgrx - ok
21:40:07.0932 1928 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:40:07.0947 1928 volsnap - ok
21:40:07.0947 1928 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:40:07.0963 1928 vsmraid - ok
21:40:07.0979 1928 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:40:08.0025 1928 VSS - ok
21:40:08.0025 1928 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:40:08.0041 1928 vwifibus - ok
21:40:08.0041 1928 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:40:08.0072 1928 W32Time - ok
21:40:08.0088 1928 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:40:08.0088 1928 WacomPen - ok
21:40:08.0103 1928 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:40:08.0119 1928 WANARP - ok
21:40:08.0135 1928 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:40:08.0150 1928 Wanarpv6 - ok
21:40:08.0181 1928 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:40:08.0213 1928 wbengine - ok
21:40:08.0213 1928 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:40:08.0228 1928 WbioSrvc - ok
21:40:08.0244 1928 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:40:08.0259 1928 wcncsvc - ok
21:40:08.0259 1928 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:40:08.0275 1928 WcsPlugInService - ok
21:40:08.0275 1928 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:40:08.0275 1928 Wd - ok
21:40:08.0291 1928 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:40:08.0306 1928 Wdf01000 - ok
21:40:08.0322 1928 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:40:08.0337 1928 WdiServiceHost - ok
21:40:08.0337 1928 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:40:08.0353 1928 WdiSystemHost - ok
21:40:08.0353 1928 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:40:08.0369 1928 WebClient - ok
21:40:08.0384 1928 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:40:08.0415 1928 Wecsvc - ok
21:40:08.0415 1928 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:40:08.0447 1928 wercplsupport - ok
21:40:08.0447 1928 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:40:08.0478 1928 WerSvc - ok
21:40:08.0478 1928 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:40:08.0509 1928 WfpLwf - ok
21:40:08.0509 1928 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:40:08.0525 1928 WIMMount - ok
21:40:08.0525 1928 WinDefend - ok
21:40:08.0525 1928 WinHttpAutoProxySvc - ok
21:40:08.0540 1928 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:40:08.0571 1928 Winmgmt - ok
21:40:08.0587 1928 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:40:08.0634 1928 WinRM - ok
21:40:08.0649 1928 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:40:08.0681 1928 Wlansvc - ok
21:40:08.0681 1928 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:40:08.0681 1928 WmiAcpi - ok
21:40:08.0696 1928 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:40:08.0712 1928 wmiApSrv - ok
21:40:08.0712 1928 WMPNetworkSvc - ok
21:40:08.0712 1928 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:40:08.0727 1928 WPCSvc - ok
21:40:08.0727 1928 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:40:08.0743 1928 WPDBusEnum - ok
21:40:08.0743 1928 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:40:08.0774 1928 ws2ifsl - ok
21:40:08.0774 1928 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:40:08.0790 1928 wscsvc - ok
21:40:08.0790 1928 WSearch - ok
21:40:08.0821 1928 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:40:08.0868 1928 wuauserv - ok
21:40:08.0868 1928 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:40:08.0883 1928 WudfPf - ok
21:40:08.0883 1928 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:40:08.0899 1928 WUDFRd - ok
21:40:08.0899 1928 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:40:08.0915 1928 wudfsvc - ok
21:40:08.0915 1928 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:40:08.0930 1928 WwanSvc - ok
21:40:08.0930 1928 ================ Scan global ===============================
21:40:08.0930 1928 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:40:08.0946 1928 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:40:08.0946 1928 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:40:08.0946 1928 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:40:08.0961 1928 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:40:08.0961 1928 [Global] - ok
21:40:08.0961 1928 ================ Scan MBR ==================================
21:40:08.0961 1928 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:40:09.0086 1928 \Device\Harddisk0\DR0 - ok
21:40:09.0102 1928 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:40:09.0180 1928 \Device\Harddisk1\DR1 - ok
21:40:09.0180 1928 ================ Scan VBR ==================================
21:40:09.0180 1928 [ 011530248503F51A02D63E8A1393BCB0 ] \Device\Harddisk0\DR0\Partition1
21:40:09.0180 1928 \Device\Harddisk0\DR0\Partition1 - ok
21:40:09.0180 1928 [ 96D5DCE9327DBF1B3E5AEB4E87424818 ] \Device\Harddisk0\DR0\Partition2
21:40:09.0195 1928 \Device\Harddisk0\DR0\Partition2 - ok
21:40:09.0211 1928 [ 14DE71D5ED4EA054C21C34176A27A490 ] \Device\Harddisk1\DR1\Partition1
21:40:09.0211 1928 \Device\Harddisk1\DR1\Partition1 - ok
21:40:09.0211 1928 ============================================================
21:40:09.0211 1928 Scan finished
21:40:09.0211 1928 ============================================================
21:40:09.0227 1876 Detected object count: 0
21:40:09.0227 1876 Actual detected object count: 0


Alt 16.06.2013, 20:41   #6
markusg
/// Malware-holic
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



otl hatten wir doch schon, weiter mit dem tdss killer
__________________
--> Ist das ein Virus oder eine Art Fehler?

Alt 16.06.2013, 20:42   #7
Barney'
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Ist jetzt mit oben in dem Beitrag.
Ich habe das mit dem OTL nochmal gepostet, weil ich beim ersten Mal die Einstellungen verwendete, die nach der Installation eingestellt waren, beim zweiten Mal habe ich die genommen, die im Thread zu OTL stehen.

Wie sieht's aus?

Alt 16.06.2013, 20:51   #8
markusg
/// Malware-holic
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 16.06.2013, 21:00   #9
Barney'
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Combofix Logfile:
Code:
ATTFilter
ComboFix 13-06-15.01 - Maik 16.06.2013  21:54:58.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16354.14445 [GMT 2:00]
ausgeführt von:: c:\users\Maik\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-16 bis 2013-06-16  ))))))))))))))))))))))))))))))
.
.
2013-06-16 19:57 . 2013-06-16 19:57	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-16 19:55 . 2013-06-16 19:55	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{AD54938C-31EF-43F9-9641-1886FE6F33DC}\offreg.dll
2013-06-16 11:37 . 2013-06-16 11:37	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-06-16 11:37 . 2013-06-16 11:37	866720	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-06-16 11:37 . 2013-06-16 11:37	788896	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-06-16 11:37 . 2013-06-16 11:37	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-16 11:37 . 2013-06-16 11:37	--------	d-----w-	c:\program files (x86)\Java
2013-06-14 11:09 . 2013-05-13 06:37	9460464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{AD54938C-31EF-43F9-9641-1886FE6F33DC}\mpengine.dll
2013-06-12 15:05 . 2013-05-08 06:39	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-05 11:58 . 2013-06-05 11:58	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-27 17:50 . 2013-05-27 17:50	--------	d-----w-	c:\users\Maik\.thumbnails
2013-05-27 17:50 . 2013-05-27 17:50	--------	d-----w-	c:\users\Maik\AppData\Local\fontconfig
2013-05-27 17:50 . 2013-06-09 18:11	--------	d-----w-	c:\users\Maik\.gimp-2.8
2013-05-27 17:50 . 2013-05-27 17:50	--------	d-----w-	c:\users\Maik\AppData\Local\gegl-0.2
2013-05-27 17:48 . 2013-05-27 17:49	--------	d-----w-	c:\program files\GIMP 2
2013-05-27 17:48 . 2013-05-27 17:48	--------	d-----w-	c:\users\Maik\AppData\Local\Programs
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 17:29 . 2013-04-07 10:49	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-12 17:25 . 2013-04-06 22:02	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 17:25 . 2013-04-06 22:02	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-06 11:20 . 2013-05-06 11:20	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-05-02 00:06 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-04-23 17:23 . 2013-04-23 16:59	281288	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-04-23 17:23 . 2013-04-23 16:56	281288	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-04-23 17:08 . 2013-04-23 16:56	281288	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-04-23 17:05 . 2013-04-23 16:56	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-04-13 05:49 . 2013-05-15 18:54	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 18:54	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 18:54	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 18:54	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 18:54	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 18:54	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 11:27	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 18:54	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 18:54	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 18:53	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-03-29 02:37 . 2013-03-29 02:37	78432	----a-w-	c:\windows\system32\atimpc64.dll
2013-03-29 02:37 . 2013-03-29 02:37	78432	----a-w-	c:\windows\system32\amdpcom64.dll
2013-03-29 02:37 . 2013-03-29 02:37	71704	----a-w-	c:\windows\SysWow64\atimpc32.dll
2013-03-29 02:37 . 2013-03-29 02:37	71704	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2013-03-29 02:37 . 2012-02-15 02:12	139696	----a-w-	c:\windows\system32\atiuxp64.dll
2013-03-29 02:37 . 2013-03-29 02:37	118584	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2013-03-29 02:37 . 2013-03-29 02:37	112440	----a-w-	c:\windows\system32\atiu9p64.dll
2013-03-29 02:37 . 2012-02-15 02:12	92304	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2013-03-29 02:37 . 2012-02-15 03:17	1155264	----a-w-	c:\windows\system32\aticfx64.dll
2013-03-29 02:37 . 2012-02-15 03:18	970912	----a-w-	c:\windows\SysWow64\aticfx32.dll
2013-03-29 02:36 . 2012-02-15 02:52	8272136	----a-w-	c:\windows\system32\atidxx64.dll
2013-03-29 02:36 . 2013-03-29 02:36	7233336	----a-w-	c:\windows\SysWow64\atidxx32.dll
2013-03-29 02:36 . 2012-02-15 02:29	4450264	----a-w-	c:\windows\SysWow64\atiumdva.dll
2013-03-29 02:36 . 2012-02-15 02:34	5944264	----a-w-	c:\windows\SysWow64\atiumdag.dll
2013-03-29 02:36 . 2013-03-29 02:36	5000320	----a-w-	c:\windows\system32\atiumd6a.dll
2013-03-29 02:36 . 2013-03-29 02:36	6985624	----a-w-	c:\windows\system32\atiumd64.dll
2013-03-29 02:35 . 2013-03-29 02:35	11658752	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2013-03-29 02:13 . 2013-03-29 02:13	222720	----a-w-	c:\windows\system32\clinfo.exe
2013-03-29 02:13 . 2013-03-29 02:13	798734	----a-w-	c:\windows\SysWow64\amdocl_ld32.exe
2013-03-29 02:13 . 2013-03-29 02:13	1187342	----a-w-	c:\windows\system32\amdocl_as64.exe
2013-03-29 02:13 . 2013-03-29 02:13	1061902	----a-w-	c:\windows\system32\amdocl_ld64.exe
2013-03-29 02:13 . 2013-03-29 02:13	995342	----a-w-	c:\windows\SysWow64\amdocl_as32.exe
2013-03-29 02:13 . 2013-03-29 02:13	76288	----a-w-	c:\windows\system32\OpenVideo64.dll
2013-03-29 02:13 . 2013-03-29 02:13	65536	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2013-03-29 02:13 . 2013-03-29 02:13	64000	----a-w-	c:\windows\system32\OVDecode64.dll
2013-03-29 02:12 . 2013-03-29 02:12	56320	----a-w-	c:\windows\SysWow64\OVDecode.dll
2013-03-29 02:12 . 2013-03-29 02:12	29150720	----a-w-	c:\windows\system32\amdocl64.dll
2013-03-29 02:10 . 2013-03-29 02:10	23810560	----a-w-	c:\windows\SysWow64\amdocl.dll
2013-03-29 02:09 . 2013-03-29 02:09	54784	----a-w-	c:\windows\system32\OpenCL.dll
2013-03-29 02:09 . 2013-03-29 02:09	50176	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-03-29 02:04 . 2012-02-15 03:21	24229376	----a-w-	c:\windows\system32\atio6axx.dll
2013-03-29 02:00 . 2013-03-29 02:00	76800	----a-w-	c:\windows\system32\coinst_12.104.dll
2013-03-29 01:57 . 2013-03-29 01:57	163840	----a-w-	c:\windows\system32\atiapfxx.exe
2013-03-29 01:55 . 2013-03-29 01:55	51200	----a-w-	c:\windows\system32\aticalrt64.dll
2013-03-29 01:55 . 2013-03-29 01:55	46080	----a-w-	c:\windows\SysWow64\aticalrt.dll
2013-03-29 01:55 . 2013-03-29 01:55	44544	----a-w-	c:\windows\system32\aticalcl64.dll
2013-03-29 01:55 . 2013-03-29 01:55	44032	----a-w-	c:\windows\SysWow64\aticalcl.dll
2013-03-29 01:55 . 2013-03-29 01:55	16082944	----a-w-	c:\windows\system32\aticaldd64.dll
2013-03-29 01:51 . 2013-03-29 01:51	13703168	----a-w-	c:\windows\SysWow64\aticaldd.dll
2013-03-29 01:48 . 2013-03-29 01:48	19870720	----a-w-	c:\windows\SysWow64\atioglxx.dll
2013-03-29 01:35 . 2013-03-29 01:35	442368	----a-w-	c:\windows\system32\atidemgy.dll
2013-03-29 01:35 . 2013-03-29 01:35	562688	----a-w-	c:\windows\system32\atieclxx.exe
2013-03-29 01:34 . 2013-03-29 01:34	241152	----a-w-	c:\windows\system32\atiesrxx.exe
2013-03-29 01:33 . 2013-03-29 01:33	120320	----a-w-	c:\windows\system32\atitmm64.dll
2013-03-29 01:32 . 2013-03-29 01:32	26112	----a-w-	c:\windows\system32\atimuixx.dll
2013-03-29 01:32 . 2013-03-29 01:32	59392	----a-w-	c:\windows\system32\atiedu64.dll
2013-03-29 01:32 . 2013-03-29 01:32	43520	----a-w-	c:\windows\SysWow64\ati2edxx.dll
2013-03-29 01:11 . 2013-03-29 01:11	79360	----a-w-	c:\windows\system32\amdave64.dll
2013-03-29 01:11 . 2013-03-29 01:11	78336	----a-w-	c:\windows\SysWow64\amdave32.dll
2013-03-29 01:11 . 2013-03-29 01:11	74240	----a-w-	c:\windows\system32\atisamu64.dll
2013-03-29 01:11 . 2013-03-29 01:11	71168	----a-w-	c:\windows\SysWow64\atisamu32.dll
2013-03-29 01:10 . 2012-02-15 02:14	636416	----a-w-	c:\windows\system32\atiadlxx.dll
2013-03-29 01:10 . 2013-03-29 01:10	430080	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2013-03-29 01:10 . 2012-02-15 02:13	17920	----a-w-	c:\windows\system32\atig6pxx.dll
2013-03-29 01:10 . 2013-03-29 01:10	14848	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2013-03-29 01:10 . 2013-03-29 01:10	14848	----a-w-	c:\windows\system32\atiglpxx.dll
2013-03-29 01:10 . 2012-02-15 02:13	44032	----a-w-	c:\windows\system32\atig6txx.dll
2013-03-29 01:09 . 2013-03-29 01:09	34816	----a-w-	c:\windows\SysWow64\atigktxx.dll
2013-03-29 01:09 . 2013-03-29 01:09	581120	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2013-03-29 01:07 . 2013-03-29 01:07	53248	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2013-03-19 06:04 . 2013-04-10 11:41	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:53 . 2013-05-15 18:53	48640	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-03-19 05:53 . 2013-05-15 18:53	230400	----a-w-	c:\windows\system32\wwansvc.dll
2013-03-19 05:46 . 2013-04-10 11:41	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 11:41	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 11:41	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 11:41	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 11:41	112640	----a-w-	c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-04-01 1521800]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2013-04-01 10:59	1521800	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-04-01 1521800]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Maik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-05-13 1105408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2013-04-01 1646216]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-06 345312]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 17473843
*Deregistered* - 17473843
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-06 17:25]
.
2013-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000Core.job
- c:\users\Maik\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-06 11:43]
.
2013-06-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1514262915-3440531814-3870741222-1000UA.job
- c:\users\Maik\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-06 11:43]
.
2013-04-13 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files (x86)\Ask.com\UpdateTask.exe [2013-04-01 10:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-10-25 7512680]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-02-28 7468784]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.dell.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-16  21:59:36
ComboFix-quarantined-files.txt  2013-06-16 19:59
.
Vor Suchlauf: 9 Verzeichnis(se), 10.117.951.488 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 10.034.622.464 Bytes frei
.
- - End Of File - - 858DBE161399705E7EF857122B071FAB
         
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
[/QUOTE]

Kannst du mir eine Zwischenbillanz geben?

Alt 17.06.2013, 11:15   #10
markusg
/// Malware-holic
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



sieht ok aus.
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.06.2013, 12:33   #11
Barney'
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Hier:
Zitat:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.17.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Maik :: MAIK-PC [Administrator]

17.06.2013 13:15:26
mbam-log-2013-06-17 (13-15-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 328093
Laufzeit: 14 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Alt 17.06.2013, 12:38   #12
markusg
/// Malware-holic
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.06.2013, 12:40   #13
Barney'
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Zitat:
Zitat von markusg Beitrag anzeigen
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
Was ist bei "uninstall Llist" gemeint?

MfG

Edit: Achso, ich weiß.
Kommt gleich.

Bei einigen Sachen weiß ich nicht, wofür sie da sind, daher schrieb ich dazu "Unbekannt (Die Funktion)".
Hier:
Zitat:
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 12.06.2013 6,00MB 11.7.700.224 Notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 12.06.2013 6,00MB 11.7.700.224 Notwendig
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 30.04.2013 26,3MB 8.0.911.0 Unbekannt (Die Funktion)
Asmedia ASM104x USB 3.0 Host Controller Driver Asmedia Technology 06.04.2013 2,22MB 1.10.1.0 Unbekannt (Die Funktion)
Avira Free Antivirus Avira 06.05.2013 137MB 13.0.0.3640 Notwendig
Avira SearchFree Toolbar plus Web Protection Ask.com 13.04.2013 9,01MB 1.15.24.0 Notwendig
Avira SearchFree Toolbar plus Web Protection Updater Ask.com 13.04.2013 1.2.5.42066 Notwendig
Call of Duty: Black Ops II 06.04.2013 Notwendig
Call of Duty: Black Ops II - Multiplayer 06.04.2013 Notwendig
Call of Duty: Black Ops II - Zombies 06.04.2013 Notwendig
Call of Duty: Modern Warfare 3 Infinity Ward - Sledgehammer Games 06.04.2013 Notwendig
Call of Duty: Modern Warfare 3 - Multiplayer Infinity Ward - Sledgehammer Games 06.04.2013 Notwendig
CCleaner Piriform 25.03.2013 4.00 Notwendig
GIMP 2.8.4 The GIMP Team 27.05.2013 244MB 2.8.4 Notwendig
Google Chrome Google Inc. 06.04.2013 27.0.1453.110 Notwendig
ICQ 8.0 (build 6008, für aktuellen Benutzer) Mail.Ru 06.04.2013 8.0.6008.0 Notwendig
Java 7 Update 21 Oracle 16.06.2013 129MB 7.0.210 Notwendig
Logitech Gaming Software 8.45 Logitech Inc. 06.04.2013 83,1MB 8.45.88 Notwendig
Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 17.06.2013 19,2MB 1.75.0.1300 Unnötig (Ich glaube, ich brauche es nicht mehr)
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 07.04.2013 38,8MB 4.0.30319 Unbekannt (Die Funktion)
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 07.04.2013 2,93MB 4.0.30319 Unbekannt (Die Funktion)
Microsoft LifeCam Microsoft Corporation 06.04.2013 60,5MB 3.22.270.0 Unnötig
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 23.04.2013 348KB 8.0.59193 Unbekannt (Die Funktion)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 06.04.2013 250KB 9.0.30729 Unbekannt (Die Funktion)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 06.04.2013 788KB 9.0.30729.6161 Unbekannt (Die Funktion)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 06.04.2013 594KB 9.0.30729 Unbekannt (Die Funktion)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 06.04.2013 600KB 9.0.30729.6161 Unbekannt (Die Funktion)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 06.04.2013 13,6MB 10.0.30319 Unbekannt (Die Funktion)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 06.04.2013 11,1MB 10.0.40219 Unbekannt (Die Funktion)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Corporation 23.04.2013 17,4MB 11.0.51106.1 Unbekannt (Die Funktion)
MSI Afterburner 2.1.0 MSI Co., LTD 06.04.2013 2.1.0 Unbekannt (Die Funktion)
NVIDIA PhysX NVIDIA Corporation 23.04.2013 79,8MB 9.10.0129 Notwendig
OpenOffice.org 3.4.1 Apache Software Foundation 06.04.2013 331MB 3.41.9593 Notwendig
PunkBuster Services Even Balance, Inc. 23.04.2013 0.993 Unbekannt (Die Funktion)
Realtek Ethernet Controller Driver Realtek 06.04.2013 7.46.610.2011 Unbekannt (Die Funktion)
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 06.04.2013 6.0.1.6487 Notwendig
Skype™ 6.3 Skype Technologies S.A. 20.05.2013 20,9MB 6.3.107 Notwendig
Spotify Spotify AB 13.05.2013 0.9.0.133.gd18ed589 Notwendig
Steam Valve Corporation 06.04.2013 35,4MB 1.0.0.0 Notwendig
Super-Charger MSI 06.04.2013 15,4MB 1.0.115 Unbekannt (Die FUnktion)
TeamSpeak 3 Client TeamSpeak Systems GmbH 26.05.2013 3.0.10.1 Notwendig
Winki MSI 06.04.2013 554MB 3.2.116 Unbekannt (Die Funktion)

Geändert von Barney' (17.06.2013 um 12:52 Uhr)

Alt 17.06.2013, 12:58   #14
markusg
/// Malware-holic
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



deinstaliere:
Avira SearchFree beide, toolbars haben auf nem PC nichts zu suchen
Malwarebytes

Öffne CCleaner, analysieren, starten, pc neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 17.06.2013, 13:02   #15
Barney'
 
Ist das ein Virus oder eine Art Fehler? - Standard

Ist das ein Virus oder eine Art Fehler?



Wieso haben die nichts auf dem PC zu suchen?
Und was ist mit Malwarebytes? Dahinter scheint was zu fehlen oder so.
Und was soll ich analysieren?

Antwort

Themen zu Ist das ein Virus oder eine Art Fehler?
anderes, eingebe, einiger, erschein, fehler, fehler?, nervige, problem, sonderzeichen, virus, wahrscheinlich, wegbekomme, zusätzliches



Ähnliche Themen: Ist das ein Virus oder eine Art Fehler?


  1. Festplatten Fehler? oder Virus?
    Plagegeister aller Art und deren Bekämpfung - 19.06.2015 (1)
  2. Windows XP: Rundll Fehler oder Virus?
    Plagegeister aller Art und deren Bekämpfung - 27.03.2015 (10)
  3. Ein Virus? oder doch nur eine Einstellungssache des Laptops?
    Plagegeister aller Art und deren Bekämpfung - 23.09.2013 (12)
  4. Ist diese Datei bzw. eine von ihnen ein Virus oder etwas ähnliches?
    Log-Analyse und Auswertung - 15.05.2013 (6)
  5. Internet Explorer - Ein Virus oder nur eine Meldung?
    Plagegeister aller Art und deren Bekämpfung - 13.03.2012 (53)
  6. Virus gefunden von MSE - Exploit:Win32/pdfjsc.WI? Oder Fehler?
    Plagegeister aller Art und deren Bekämpfung - 04.10.2011 (7)
  7. "BKA" Virus oder Spyeye? Gibt es eine lösung?
    Plagegeister aller Art und deren Bekämpfung - 24.08.2011 (1)
  8. Virus oder Malware: Bei benutzen eines Webbrowsers öffnet sich automatisch eine http://xn seite
    Plagegeister aller Art und deren Bekämpfung - 21.05.2011 (3)
  9. Habe ich eine Augen- oder Alkoholproblem oder ist es war?
    Lob, Kritik und Wünsche - 07.08.2010 (8)
  10. Windows Fehler oder Virus?
    Log-Analyse und Auswertung - 15.03.2010 (1)
  11. CSRSS.exe - Virus oder nur eine harmlose Datei?
    Plagegeister aller Art und deren Bekämpfung - 24.12.2009 (5)
  12. Trojaner Gorshok.a was nun Fehler oder doch echter Virus ?
    Plagegeister aller Art und deren Bekämpfung - 31.05.2008 (3)
  13. Virus oder Fehler ??
    Alles rund um Windows - 10.03.2008 (0)
  14. Hab ich nen Virus oder einfach nur ein Update Fehler
    Plagegeister aller Art und deren Bekämpfung - 27.12.2007 (0)
  15. Habe dauernd Fehler Meldungen nach neu inst. Viren oder ein anderer fehler ???
    Plagegeister aller Art und deren Bekämpfung - 07.05.2007 (17)
  16. [Problem]Virus oder eine Fehlerkennung?
    Plagegeister aller Art und deren Bekämpfung - 06.12.2006 (5)
  17. Virus oder doch Windows-Fehler??? Hilfe!!!
    Plagegeister aller Art und deren Bekämpfung - 12.11.2006 (1)

Zum Thema Ist das ein Virus oder eine Art Fehler? - Hallo Ich habe seit einiger Zeit das nervige Problem, dass wenn ich Sonderzeichen eingebe (z.B. "@") noch ein anderes zusätzliches dazu erscheint. Zum Beispiel "§", sodass am Ende statt "@" - Ist das ein Virus oder eine Art Fehler?...
Archiv
Du betrachtest: Ist das ein Virus oder eine Art Fehler? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.