Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 05.07.2013, 16:10   #1
Bischy
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



Hallo, ich brauche die Unterstützung von Euch Spezialisten. Bei der Googlesuche wurde ich bei den Links immer auf unbekannte Seiten weitergeleitet. Daraufhin habe ich Malwarebytes uns Spybot laufen lassen.
Gefunden wurde Adware.DomaIQ und in Quarantäne gestellt. Das Problem ist geblieben.
Zitat:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.04.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: ***-HP [Administrator]

Schutz: Aktiviert

05.07.2013 12:05:01
mbam-log-2013-07-05 (12-05-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 675597
Laufzeit: 43 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\***\Downloads\FlashPlayer_V.35516924c.exe (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Zitat:
OTL logfile created on: 05.07.2013 13:58:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,86 Gb Total Physical Memory | 5,97 Gb Available Physical Memory | 76,00% Memory free
15,72 Gb Paging File | 13,67 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,95 Gb Total Space | 13,13 Gb Free Space | 5,52% Space Free | Partition Type: NTFS

Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.07.05 13:39:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2013.07.04 23:10:44 | 000,274,328 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.06.16 21:47:37 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
PRC - [2013.05.16 10:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013.05.16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013.05.16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013.05.02 11:59:52 | 001,053,848 | ---- | M] () -- C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
PRC - [2013.04.11 15:04:26 | 000,235,072 | ---- | M] (Visicom Media Inc.) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
PRC - [2013.04.04 17:28:40 | 003,022,464 | ---- | M] () -- C:\Program Files (x86)\Digital Trends Club\HI-epanel-Reporting.exe
PRC - [2013.04.04 17:28:38 | 001,377,920 | ---- | M] () -- C:\Program Files (x86)\Digital Trends Club\HI-epanel-Updater.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.01.27 23:38:26 | 000,037,088 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
PRC - [2013.01.27 23:38:26 | 000,032,480 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
PRC - [2013.01.27 21:16:48 | 000,140,512 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2012.11.22 17:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe
PRC - [2012.11.22 17:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe
PRC - [2012.11.19 19:29:12 | 000,084,480 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe
PRC - [2012.11.19 19:27:22 | 000,017,408 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe
PRC - [2012.08.20 11:48:46 | 000,179,048 | ---- | M] (RapidSolution Software AG) -- C:\Program Files (x86)\RapidSolution\Audials 9\VCDWriter\64\VCDAudioService.exe
PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.07.25 10:46:44 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2012.07.25 10:46:42 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2011.12.06 23:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011.12.06 23:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011.09.19 15:58:26 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010.10.19 12:26:46 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) -- C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2010.08.20 17:57:28 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.05.06 02:30:26 | 011,268,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2010.05.06 02:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2010.03.15 15:05:30 | 000,331,000 | ---- | M] (QUALCOMM, Inc.) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
PRC - [2010.02.25 15:18:20 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe


========== Modules (No Company Name) ==========

MOD - [2013.07.04 23:10:44 | 003,417,496 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.06.16 21:47:37 | 016,033,160 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
MOD - [2013.05.16 10:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2013.05.16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013.05.16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012.12.21 20:06:44 | 006,307,952 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.12.06 23:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012.09.11 19:13:02 | 001,494,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2012.04.25 14:02:52 | 000,031,000 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012.04.23 17:23:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012.03.15 07:09:20 | 000,659,976 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2010.09.08 01:05:34 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STacSV64.exe -- (STacSV)
SRV:64bit: - [2010.07.16 14:54:06 | 000,462,160 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV:64bit: - [2010.02.18 15:52:30 | 002,045,232 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.02 01:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013.07.04 23:10:44 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.16 21:47:38 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.02 11:59:52 | 001,053,848 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ieconfig_1und1_svc.exe -- (serviceIEConfig)
SRV - [2013.04.04 17:28:40 | 003,022,464 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Digital Trends Club\HI-epanel-Reporting.exe -- (HI-epanel-Reporting-Service)
SRV - [2013.04.04 17:28:38 | 001,377,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Digital Trends Club\HI-epanel-Updater.exe -- (HI-epanel-Update-Service)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.01.27 23:38:26 | 000,037,088 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe -- (PSUAService)
SRV - [2013.01.27 21:16:48 | 000,140,512 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2012.11.22 17:58:14 | 001,522,312 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.11.22 17:56:10 | 000,905,864 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2012.08.20 11:48:46 | 000,179,048 | ---- | M] (RapidSolution Software AG) [Auto | Running] -- C:\Program Files (x86)\RapidSolution\Audials 9\VCDWriter\64\VCDAudioService.exe -- (Virtual CDAudio Service)
SRV - [2012.07.25 10:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2012.07.25 10:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.12.06 23:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011.09.19 15:58:26 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.12.20 13:08:36 | 001,083,824 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.12.20 13:04:54 | 001,914,264 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe -- (AcronisAgent)
SRV - [2010.12.20 12:45:18 | 004,599,752 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe -- (MMS)
SRV - [2010.10.19 12:26:46 | 000,032,768 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2010.08.20 17:57:28 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.05.06 02:30:06 | 000,298,496 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.15 15:05:30 | 000,331,000 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe -- (QDLService2kHP)
SRV - [2010.02.18 15:26:46 | 001,664,304 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.04.25 12:06:26 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.02.18 10:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.01.09 22:46:02 | 000,095,712 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSHttps.sys -- (NNSHTTPS)
DRV:64bit: - [2012.11.28 15:04:05 | 000,232,488 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSStrm.sys -- (NNSSTRM)
DRV:64bit: - [2012.11.28 15:04:04 | 000,069,160 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\NNSPihsw.sys -- (NNSPIHSW)
DRV:64bit: - [2012.11.26 17:49:11 | 000,105,000 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNStlsc.sys -- (NNSTLSC)
DRV:64bit: - [2012.11.26 17:49:10 | 000,116,776 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSPrv.sys -- (NNSPRV)
DRV:64bit: - [2012.11.26 17:49:10 | 000,114,216 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV:64bit: - [2012.11.26 17:49:09 | 000,306,216 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSProt.sys -- (NNSPROT)
DRV:64bit: - [2012.11.26 17:49:09 | 000,118,312 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSPop3.sys -- (NNSPOP3)
DRV:64bit: - [2012.11.26 17:49:08 | 000,094,248 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSpicc.sys -- (NNSPICC)
DRV:64bit: - [2012.11.26 17:49:07 | 000,114,728 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSHttp.sys -- (NNSHTTP)
DRV:64bit: - [2012.11.26 17:49:07 | 000,114,216 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSIds.sys -- (NNSIDS)
DRV:64bit: - [2012.11.26 17:49:07 | 000,089,640 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NNSAlpc.sys -- (NNSALPC)
DRV:64bit: - [2012.11.09 20:01:13 | 000,204,328 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2012.11.09 20:01:13 | 000,133,160 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINProt)
DRV:64bit: - [2012.11.09 20:01:13 | 000,123,944 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINProc)
DRV:64bit: - [2012.11.09 20:01:12 | 000,167,976 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAflt)
DRV:64bit: - [2012.11.09 20:01:12 | 000,119,848 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFile)
DRV:64bit: - [2012.11.07 10:00:05 | 000,058,360 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\PSKMAD.sys -- (PSKMAD)
DRV:64bit: - [2012.10.22 13:09:23 | 000,033,320 | ---- | M] (Panda Security, S.L.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NNSNAHSL.sys -- (NNSNAHSL)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.20 11:48:46 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012.08.20 11:48:46 | 000,045,160 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rsvcdwdr.sys -- (rsvcdwdr)
DRV:64bit: - [2012.08.20 11:48:22 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012.08.20 11:48:22 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2012.06.27 10:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012.06.27 10:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012.06.27 10:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012.06.27 10:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012.06.27 10:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012.06.19 19:03:21 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012.06.19 19:00:23 | 000,278,112 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012.06.03 08:33:44 | 011,499,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012.04.25 14:02:52 | 000,043,800 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.04.25 14:02:52 | 000,030,488 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012.03.15 06:02:46 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.03.15 06:02:46 | 000,198,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.02 10:43:02 | 000,509,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2011.11.08 12:59:12 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2011.10.21 19:30:03 | 012,310,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.08.23 15:12:57 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.07.20 18:37:54 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011.04.04 14:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011.03.31 14:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.28 14:26:38 | 000,037,456 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 02:57:44 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.20 02:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.09.08 01:05:34 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.09.01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.06.04 02:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.04.01 14:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010.03.15 14:02:30 | 000,242,176 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbnethp2k.sys -- (qcusbnethp2k)
DRV:64bit: - [2010.03.15 14:02:30 | 000,121,600 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbserhp2k.sys -- (qcusbserhp2k)
DRV:64bit: - [2010.03.15 14:02:30 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcfilterhp2k.sys -- (qcfilterhp2k)
DRV:64bit: - [2010.02.25 15:18:58 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.09.18 04:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.09.18 04:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.20 16:05:50 | 000,059,008 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rismcx64.sys -- (rismcx64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.07.10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009.06.25 18:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.08 11:56:26 | 000,053,632 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motodrv.sys -- (MotDev)
DRV:64bit: - [2009.01.29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009.01.29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007.11.02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.07.24 11:39:42 | 000,108,648 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt - ) [Driver] [Kernel | System | Running] -- C:\Windows\SleeN1864.sys -- (SLEE_18_DRIVER)
DRV - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10013&barid={E52D54FE-F074-11E1-A800-402CF4770FFC}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10013&barid={E52D54FE-F074-11E1-A800-402CF4770FFC}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FC F1 AD 87 9F 40 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\..\SearchScopes,DefaultScope = {A7E23AC4-C748-4AEF-BE4E-B65BD35779BF}
IE - HKCU\..\SearchScopes\{5F22A7E4-D2D7-481F-97BB-52EEFB5447B4}: "URL" = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_ minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg
IE - HKCU\..\SearchScopes\{A7E23AC4-C748-4AEF-BE4E-B65BD35779BF}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{D74733AE-E0CD-4CFD-993E-0E7E0E07D534}: "URL" = hxxp://www.youtube.de/results?search_query={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 24.0a1\extensions\\Components: C:\PROGRAM FILES\NIGHTLY\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 24.0a1\extensions\\Plugins: C:\PROGRAM FILES\NIGHTLY\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2012.06.02 12:39:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gacela2@nurago.com: C:\Program Files (x86)\Digital Trends Club [2013.07.05 13:59:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012.12.04 16:22:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013.07.04 22:36:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2013.07.04 22:36:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\2ioox3kv.default\extensions
[2013.07.04 22:36:54 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\2ioox3kv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.07.04 23:10:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.07.04 23:10:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (Digital Trends Club) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\x64\Gacela2.dll (HI-epanel)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Digital Trends Club) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\Gacela2.dll (HI-epanel)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\SysWOW64\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Visicom Media Inc.)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SAFE2012 File Redirection Starter] C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe (Steganos Software GmbH)
O4 - HKLM..\Run: [SAFE2012 HotKeys] C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe (Steganos Software GmbH)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Ãœber Digital Trends Club - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\x64\Gacela2.dll (HI-epanel)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Über Digital Trends Club - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\Gacela2.dll (HI-epanel)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab (GMNRev Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FADDEA44-B0E6-474E-A8A9-3AB4918B6D27}: DhcpNameServer = 140.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF1BD632-F5CC-42A6-A04A-F7C865EA950B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.07.05 13:29:17 | 000,058,360 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\PSKMAD.sys
[2013.07.05 12:00:39 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe
[2013.07.05 10:44:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.05 10:44:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.07.05 10:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.05 10:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.07.05 10:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.07.05 10:31:12 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013.07.05 10:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.07.04 23:10:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.04 22:36:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mozilla
[2013.07.04 22:36:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Mozilla
[2013.07.04 22:35:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.07.04 22:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.07.04 11:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Gigaset QuickSync
[2013.07.04 11:14:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Gigaset_Communications_Gm
[2013.07.04 11:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync
[2013.07.04 11:10:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigaset QuickSync
[2013.06.18 09:13:16 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{C11C18BC-354E-4E46-9033-B0BE9EB2ABB7}
[2013.06.14 17:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013.06.13 13:03:03 | 000,000,000 | ---D | C] -- C:\5837c53b64889be127
[4 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.07.05 13:57:48 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2013.07.05 13:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.05 13:36:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 13:36:29 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 13:36:18 | 009,482,862 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.05 13:36:18 | 000,694,664 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2013.07.05 13:36:18 | 000,693,688 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2013.07.05 13:36:18 | 000,691,426 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2013.07.05 13:36:18 | 000,689,960 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2013.07.05 13:36:18 | 000,689,342 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013.07.05 13:36:18 | 000,679,576 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2013.07.05 13:36:18 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.05 13:36:18 | 000,623,378 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.05 13:36:18 | 000,617,802 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2013.07.05 13:36:18 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.05 13:36:18 | 000,462,406 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2013.07.05 13:36:18 | 000,448,820 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat
[2013.07.05 13:36:18 | 000,433,622 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2013.07.05 13:36:18 | 000,137,296 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2013.07.05 13:36:18 | 000,135,074 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2013.07.05 13:36:18 | 000,133,986 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2013.07.05 13:36:18 | 000,133,174 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2013.07.05 13:36:18 | 000,130,374 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2013.07.05 13:36:18 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.05 13:36:18 | 000,127,378 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013.07.05 13:36:18 | 000,123,974 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2013.07.05 13:36:18 | 000,122,022 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.05 13:36:18 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.05 13:36:18 | 000,082,382 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2013.07.05 13:36:18 | 000,080,038 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2013.07.05 13:36:18 | 000,077,330 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat
[2013.07.05 13:29:40 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.05 13:29:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.05 13:29:06 | 4143,321,087 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.05 13:24:35 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.05 12:00:41 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe
[2013.07.05 10:44:40 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.07.05 10:31:16 | 000,001,379 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.07.04 15:33:18 | 000,112,431 | ---- | M] () -- C:\Users\***\Documents\aaa_krankenkosten2.ods
[2013.07.03 16:32:50 | 000,073,126 | ---- | M] () -- C:\Users\***\Documents\Amazon.de - Rücksendezentrum.pdf
[2013.07.02 13:11:53 | 000,001,219 | ---- | M] () -- C:\Users\***\Desktop\***.lnk
[2013.06.29 09:51:27 | 000,019,737 | ---- | M] () -- C:\Users\***\Documents\20130629_sinja -nachbarn.odt
[2013.06.25 20:11:08 | 001,092,011 | ---- | M] () -- C:\Users\***\Documents\Arbeitgeberbescheinigung.pdf
[2013.06.25 16:56:48 | 000,076,694 | ---- | M] () -- C:\Users\***\Documents\Antrag auf Kindergeld.pdf
[2013.06.21 07:10:58 | 000,019,225 | ---- | M] () -- C:\Users\***\Documents\Telefonbuch_ Googel.pdf
[2013.06.21 07:09:41 | 000,021,963 | ---- | M] () -- C:\Users\***\Documents\FRITZ!Box_Anrufliste.csv
[4 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.05 13:57:48 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2013.07.05 10:44:40 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.07.05 10:31:16 | 000,001,391 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.07.05 10:31:16 | 000,001,379 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.07.04 22:35:56 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.07.03 16:13:26 | 000,073,126 | ---- | C] () -- C:\Users\***\Documents\Amazon.de - Rücksendezentrum.pdf
[2013.06.29 09:51:25 | 000,019,737 | ---- | C] () -- C:\Users\***\Documents\20130629_sinja -nachbarn.odt
[2013.06.25 20:11:08 | 001,092,011 | ---- | C] () -- C:\Users\***\Documents\Arbeitgeberbescheinigung.pdf
[2013.06.25 16:56:47 | 000,076,694 | ---- | C] () -- C:\Users\***\Documents\Antrag auf Kindergeld.pdf
[2013.06.21 07:10:57 | 000,019,225 | ---- | C] () -- C:\Users\***\Documents\Telefonbuch_ Googel.pdf
[2013.06.21 07:09:41 | 000,021,963 | ---- | C] () -- C:\Users\***\Documents\FRITZ!Box_Anrufliste.csv
[2013.06.16 21:47:39 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.05 11:54:49 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2013.05.02 11:59:52 | 001,053,848 | ---- | C] () -- C:\Windows\SysWow64\ieconfig_1und1_svc.exe
[2013.03.13 00:35:45 | 000,007,597 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2012.11.28 15:17:24 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.11.28 15:17:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.11.28 15:17:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.11.28 15:17:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.11.28 15:17:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.10.15 16:49:41 | 000,000,990 | ---- | C] () -- C:\Windows\wiso.ini
[2012.09.15 18:49:57 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.08.22 14:54:30 | 000,118,784 | RHS- | C] () -- C:\Windows\SysWow64\MFPlays.dll
[2012.07.09 18:17:39 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.03 14:34:24 | 000,002,706 | ---- | C] () -- C:\Users\***\AppData\Local\recently-used.xbel

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.06.19 19:24:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Acronis
[2013.01.29 22:13:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ALFBanCo5
[2012.09.21 18:54:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2012.12.04 16:22:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\APP_NAME_NON_STRING
[2012.09.16 16:07:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Audacity
[2012.08.27 14:34:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Auslogics
[2013.06.24 00:44:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BOM
[2012.06.02 11:28:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Buhl Data Service
[2012.12.13 14:05:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Buhl Data Service GmbH
[2012.06.11 17:17:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canon
[2012.06.02 12:43:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DigitalPersona
[2012.08.31 17:02:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.07.04 19:27:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.06.21 06:24:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2013.05.23 07:46:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Foxit Software
[2012.08.21 15:04:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GoPro
[2013.01.08 14:19:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\K-Pacs-Lite
[2012.08.22 18:17:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2012.09.18 15:42:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Motorola
[2012.06.04 11:02:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2012.09.12 14:23:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2012.06.02 13:24:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Panda Security
[2013.01.03 14:16:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PDF Architect
[2013.01.17 15:02:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pdfforge
[2012.08.23 08:56:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\proDAD
[2012.08.23 09:48:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2013.03.12 19:55:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung
[2013.03.06 17:39:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Steganos
[2012.09.15 18:48:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2013.03.12 18:17:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\VSRevoGroup

========== Purity Check ==========



< End of report >OTL Extras logfile created on: 05.07.2013 13:58:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,86 Gb Total Physical Memory | 5,97 Gb Available Physical Memory | 76,00% Memory free
15,72 Gb Paging File | 13,67 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,95 Gb Total Space | 13,13 Gb Free Space | 5,52% Space Free | Partition Type: NTFS

Computer Name: ***-HP | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05E819B9-ED58-4E6E-A059-502B783E2DCD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{07FA0D16-83F7-4AF5-97D7-0F6A409B917E}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 |
"{100A4214-335E-46E7-AEB6-D78274C657A1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{109EB181-F4DA-4283-A568-4031AFBF1D45}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{19EAF951-03DC-49ED-8726-FC8BFE324553}" = rport=138 | protocol=17 | dir=out | app=system |
"{1C4AA784-4016-4AEE-8C63-AD329EBF0FA3}" = rport=137 | protocol=17 | dir=out | app=system |
"{445A19F3-287E-458A-A090-9488D6E603EA}" = rport=139 | protocol=6 | dir=out | app=system |
"{50178192-7409-4AC0-9F2E-C25A17443C95}" = lport=137 | protocol=17 | dir=in | app=system |
"{52378427-5DCE-4CE7-A98F-1438FB01A582}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{662960CC-0DB9-419F-BF18-F70E166590AF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{677C171E-B21D-4B62-92B1-6E6A177C08F3}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 |
"{679FBFB6-4EF0-4F46-884B-4D74B0EDFDF1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7F14A2CF-C0CF-462A-BFF6-6366EC753FE0}" = lport=139 | protocol=6 | dir=in | app=system |
"{8CA37ADB-3B6B-4075-9809-CFFF515C36D7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9C10D237-8424-4A7D-B689-4594D2B7BE23}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{A4B7A411-B5DC-424E-AEC5-276221FF99F8}" = rport=445 | protocol=6 | dir=out | app=system |
"{C6196713-5C57-43A4-BE0A-66C5DE174ADA}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 |
"{D327E1C3-5B3A-450A-8AE6-5601A183AA6A}" = lport=445 | protocol=6 | dir=in | app=system |
"{D67D4598-FF9A-41C2-B62E-0CFED9886084}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DA9692ED-6FA1-43BC-A2AC-2DFC405F2DF4}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C088F21-A6E0-4BD2-9F31-583A7AAEDBB4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{179EA6DE-6839-49B8-8458-E8AFFC101DAD}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1C012BCA-A403-4AA7-A581-D388B4D51A4B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{20CAF6E4-D92B-450E-9D2C-769DA3DBB792}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{22EAF70A-9A10-4345-8251-CF4D4A8B1F44}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{243BAE48-9B7A-4CE3-852F-E989CD1D515F}" = protocol=6 | dir=in | app=c:\program files (x86)\acronis\backupandrecovery\mms.exe |
"{332B18B2-5C0D-42A5-961D-F2DC3DB348F1}" = protocol=17 | dir=in | app=c:\program files (x86)\pandasecuritytb\dtuser.exe |
"{50DDA11F-85B0-4A99-8304-14B8A2C929EE}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\acronis\agent\agent.exe |
"{5BFA6ABB-D69F-4300-BC26-4A7275E3E475}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6932664B-1F26-4A30-9309-825CE696C235}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{731F2A28-DD45-4B8B-8BEF-473FA95209FE}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{795605EA-F830-4256-88D1-300A69D6F9B8}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{841D7096-C35F-49CE-B7F7-218C91FEAFDC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8ECEC0FB-E6DB-4719-BD5C-0F959279ABBE}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe |
"{924104F2-63ED-464F-A831-4CB5F26E9B7E}" = protocol=17 | dir=in | app=c:\program files (x86)\panda security\panda security toolbar\dtuser.exe |
"{996D9528-FDC9-450D-86AF-6DEF0EDA2910}" = dir=in | app=c:\users\***\appdata\local\microsoft\skydrive\skydrive.exe |
"{A03E017C-DCE5-4676-8A46-719918FD2975}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{A4262B88-162F-4916-84C7-D8A991C7F8EF}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{A8438688-C713-4346-ADEA-8739DB5ABA78}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\acronis\agent\agent.exe |
"{AA624F7A-5EE1-4C08-91FD-842A70B51BAF}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{AC2BFDAD-B028-4776-9AE8-A552CD0DFC45}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{BB523A99-7E38-48D6-9ED6-D4E3A880FF6D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C484D671-A1D0-4B13-85A5-760E77B4623B}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{C50CD7B0-85FD-41F3-BA71-20E092DC5AC4}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C6CA24BF-2C97-47AD-9362-0CF57ABE8519}" = protocol=6 | dir=in | app=c:\program files (x86)\pandasecuritytb\dtuser.exe |
"{CB211861-DE2C-4644-AB09-A7B63AF195E3}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe |
"{CD4EB905-FFA0-4FF3-8EF2-C7CF6E43B747}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CE73992E-E575-48AD-A843-9555987623F7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D797CEDF-919F-4010-8B7A-07ABDA1B40F7}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{DC602146-C1BD-433F-8DBA-723B9EAE2848}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{DDC80090-73D9-4B17-B870-2CF401B7F198}" = protocol=6 | dir=in | app=c:\program files (x86)\panda security\panda security toolbar\dtuser.exe |
"{DF70B43F-53A6-46F9-A131-35338BEAEEA8}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe |
"{EFDDECF3-1AB7-4947-900E-E1F043705AA0}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{F2B03197-EFAE-42DE-9C32-C80EA1D6BBA9}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe |
"{F740BC2F-3C1A-4297-BCF2-EA5CF47DA010}" = protocol=17 | dir=in | app=c:\program files (x86)\acronis\backupandrecovery\mms.exe |
"{FAF95BCD-7F51-4E64-B5D4-335F185D656F}" = dir=in | app=c:\program files (x86)\rapidsolution\audials 9\audials.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.6.6957 (3975d54) (64-bit)
"{50150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75126DE9-C8EC-46B2-949F-EFA770AAFD9B}" = HP ProtectTools Security Manager
"{7B4DEBE1-E3E3-45BD-88E6-6C3CA9EEED36}" = HP 3D DriveGuard
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0C6CCC9-0BAB-4636-A06F-B43B6FBC25DF}" = Motorola Mobile Drivers Installation 5.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{b49e8cfb-f094-4467-925a-97c23972cb50}" = Gigaset QuickSync
"{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}" = Validity Fingerprint Driver
"{DEE69E05-EF81-4B86-8385-BE448339227F}" = Panda Cloud Antivirus
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0B624A43DD66DBF5CF3EDFA9741A364E688062A4" = Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )
"1F64724E4D591A125651B4B68C84B9CCE9619004" = Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )
"CCleaner" = CCleaner
"HPProtectTools" = HP ProtectTools Security Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Office Professional 15 (Technical Preview) - en-us" = Microsoft Office 365 Home Premium Preview - en-us
"Nightly 24.0a1 (x64 en-US)" = Nightly 24.0a1 (x64 en-US)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 12.12.1707" = Opera 12.12
"Opera 12.15.1748" = Opera 12.15
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0665E2D2-2CF0-47C3-A0BA-11DCEFB0636F}" = Acronis Backup & Recovery 10 Upgrade Tool
"{07F6BABF-0653-41A0-BCB7-8C2148AD2F1A}" = Acronis Backup & Recovery 10 Tray Monitor
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BFEE7F5-4593-4C04-8373-EB3450C8885D}" = Acronis Backup & Recovery 10 Universal Restore
"{0C66E1AE-155D-4F1D-B342-C38709DF3BFE}" = MAGIX Video deluxe MX Premium Sonderedition (Demo)
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{24371D30-7CFF-11DE-B053-005056C00008}" = Paragon Drive Copy™ 11 Professional
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung SSD Magician
"{2EF095CE-24AF-4AAA-BB82-85F988EC51C0}" = 1und1 Internet Explorer Add-On
"{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}" = PDF Architect
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B5BD380-FDD0-4F64-9865-753C12C3A198}" = MAGIX Video deluxe MX Premium Sonderedition (Tutorials)
"{400A8665-D505-4E8F-A5F3-F0AE1F47E477}" = MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Art Effects)
"{46DD6CB5-C129-40A5-9427-2E67A400888E}" = Qualcomm Gobi 2000 Package for HP
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ABAFE68-F02E-4B18-9E07-B3108A00A76C}" = MAGIX Video deluxe MX Premium Sonderedition (Filmvorlagen)
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{7079DFD0-20D5-429D-910E-76E2F83E9DFE}" = MAGIX Video deluxe MX Premium Sonderedition (Red Giant Magic Bullet Quick Looks)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73ABAA0E-70F0-4048-AD43-A5F5A13A198D}" = Audials
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7F43056B-4140-4E3A-82EE-B301019FDE71}" = MAGIX Video deluxe MX Premium Sonderedition (Titeleffekte)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84CC007E-3907-4786-94A0-78BA0CDFD014}" = MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 2)
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DEB9117-680F-4485-9318-3CA76C4BEB09}" = MAGIX Video deluxe MX Premium Sonderedition (proDAD Adorage Starter Paket)
"{8EDFDCE3-5D60-46B1-B80D-A8E78C3722AC}" = MAGIX Video deluxe MX Premium Sonderedition (proDAD VitaScene 2 MAGIX Edition)
"{901F9AB8-1E4E-4740-B579-740D12C0FE2D}" = Acronis Backup & Recovery 10 Bootable Media Builder
"{92A24899-49F5-4EBD-864F-6498D39A2EE2}" = MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{97F43E74-EA3E-4CE6-B9D7-64159299BF68}" = MAGIX Video deluxe MX Premium Sonderedition (Überblendeffekte)
"{989FB5FD-9B00-4B32-8663-849CB1370DD1}" = Google Drive
"{9904831C-EA01-422C-A4AC-4AD4B6652F67}" = MAGIX Video deluxe MX Premium Sonderedition (Individuelle Menüvorlagen)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A6F0720-739C-408B-966F-93091631A918}" = HP Broadband Kit
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EF762D2-2D12-4865-91C4-87705F91C28F}" = Acronis Backup & Recovery 10 Agent
"{A000AFE6-CF54-4721-A453-5927B675CD36}" = MAGIX Video deluxe MX Premium Sonderedition (Soundtrack Maker-Stile)
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A8B8AB0A-3819-4DB7-9CB6-7F4C4A0C91AD}" = MAGIX Video deluxe MX Premium Sonderedition (Designelemente)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B7B84970-F129-4529-9A6B-EB19F76CDBE3}" = MAGIX Video deluxe MX Premium Sonderedition
"{BDF81CCC-815B-4ED3-899D-FCC0DD1EE313}" = MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 2)
"{BEEE0ED7-FBAD-4BBB-BF0B-884CA40510E2}" = MAGIX Screenshare
"{BFE7E085-7327-43D8-B0A3-4A0DDC97D652}" = Acronis Backup & Recovery 10 Standalone Management Console
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CAE6AB4A-5141-456A-8EC6-D4DF64E24A5C}" = MAGIX Speed burnR (MSI)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2A2E5CD-801A-4B8D-8119-F79449A09B67}" = HP System Default Settings
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}" = WISO Steuer-Sparbuch 2013
"{DAC580DB-6629-43B9-98DD-8BABA515B958}" = WISO Mein Geld 2013 Professional
"{DF4D51B9-9C93-4198-A264-C2DE30849D35}" = MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 1)
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EAC93E1D-4807-43E2-B39A-8170B731B7D0}" = RSDLite
"{EAE2F608-89AD-481A-98A3-32A0D9C0C2F6}" = MAGIX Video deluxe MX Premium Sonderedition (Red Giant Movie Makers Look Pack)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FADC3DC0-BCD9-4F6A-BB9D-360D695C5791}" = Steganos Safe 2012
"{FCE63E73-11F6-4C91-BD6C-83EF0E4AB2EC}" = MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Light Blends)
"1&1 EasyLogin" = 1&1 EasyLogin
"1und1 Internet Explorer Add-On" = 1und1 Internet Explorer Add-On
"39992AD7-103F-4308-8BB7-3F65F543604D" = Digital Trends Club
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Audacity_is1" = Audacity 2.0
"AudibleDownloadManager" = Audible Download Manager
"Biet-O-Matic v2.14.12" = Biet-O-Matic v2.14.12
"CompeGPS_is1" = CompeGPS LAND 7.5
"CompeGPSDownloader_is1" = CompeGPSDownloader version 1.10
"Duplicate Cleaner Free" = Duplicate Cleaner Free 3.0.1
"Foxit Reader_is1" = Foxit Reader
"Free Audio Converter_is1" = Free Audio Converter version 5.0.17.825
"Free Studio_is1" = Free Studio version 5.6.2.627
"Free Video to JPG Converter_is1" = Free Video to JPG Converter version 5.0.15.706
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.26.706
"GoPro CineForm Studio" = GoPro CineForm Studio 1.2.1
"GPSMapEdit_is1" = GPSMapEdit Version 1.1.75.1
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"MAGIX_{0C66E1AE-155D-4F1D-B342-C38709DF3BFE}" = MAGIX Video deluxe MX Premium Sonderedition (Demo)
"MAGIX_{3B5BD380-FDD0-4F64-9865-753C12C3A198}" = MAGIX Video deluxe MX Premium Sonderedition (Tutorials)
"MAGIX_{400A8665-D505-4E8F-A5F3-F0AE1F47E477}" = MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Art Effects)
"MAGIX_{6ABAFE68-F02E-4B18-9E07-B3108A00A76C}" = MAGIX Video deluxe MX Premium Sonderedition (Filmvorlagen)
"MAGIX_{7079DFD0-20D5-429D-910E-76E2F83E9DFE}" = MAGIX Video deluxe MX Premium Sonderedition (Red Giant Magic Bullet Quick Looks)
"MAGIX_{7F43056B-4140-4E3A-82EE-B301019FDE71}" = MAGIX Video deluxe MX Premium Sonderedition (Titeleffekte)
"MAGIX_{84CC007E-3907-4786-94A0-78BA0CDFD014}" = MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 2)
"MAGIX_{8DEB9117-680F-4485-9318-3CA76C4BEB09}" = MAGIX Video deluxe MX Premium Sonderedition (proDAD Adorage Starter Paket)
"MAGIX_{8EDFDCE3-5D60-46B1-B80D-A8E78C3722AC}" = MAGIX Video deluxe MX Premium Sonderedition (proDAD VitaScene 2 MAGIX Edition)
"MAGIX_{92A24899-49F5-4EBD-864F-6498D39A2EE2}" = MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 1)
"MAGIX_{97F43E74-EA3E-4CE6-B9D7-64159299BF68}" = MAGIX Video deluxe MX Premium Sonderedition (Überblendeffekte)
"MAGIX_{9904831C-EA01-422C-A4AC-4AD4B6652F67}" = MAGIX Video deluxe MX Premium Sonderedition (Individuelle Menüvorlagen)
"MAGIX_{A000AFE6-CF54-4721-A453-5927B675CD36}" = MAGIX Video deluxe MX Premium Sonderedition (Soundtrack Maker-Stile)
"MAGIX_{A8B8AB0A-3819-4DB7-9CB6-7F4C4A0C91AD}" = MAGIX Video deluxe MX Premium Sonderedition (Designelemente)
"MAGIX_{B7B84970-F129-4529-9A6B-EB19F76CDBE3}" = MAGIX Video deluxe MX Premium Sonderedition
"MAGIX_{BDF81CCC-815B-4ED3-899D-FCC0DD1EE313}" = MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 2)
"MAGIX_{BEEE0ED7-FBAD-4BBB-BF0B-884CA40510E2}" = MAGIX Screenshare
"MAGIX_{CAE6AB4A-5141-456A-8EC6-D4DF64E24A5C}" = MAGIX Speed burnR (MSI)
"MAGIX_{DF4D51B9-9C93-4198-A264-C2DE30849D35}" = MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 1)
"MAGIX_{EAE2F608-89AD-481A-98A3-32A0D9C0C2F6}" = MAGIX Video deluxe MX Premium Sonderedition (Red Giant Movie Makers Look Pack)
"MAGIX_{FCE63E73-11F6-4C91-BD6C-83EF0E4AB2EC}" = MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Light Blends)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MotoHelper" = MotoHelper 2.1.32 Driver 5.4.0
"Mozilla Firefox 23.0 (x86 de)" = Mozilla Firefox 23.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Panda Security URL Filtering" = Panda Security URL Filtering
"Panda Universal Agent Endpoint" = Panda Cloud Antivirus
"pandasecuritytb" = Panda Security Toolbar
"Picasa 3" = Picasa 3
"proDAD-Adorage-3.0" = proDAD Adorage 3.0
"Revo Uninstaller" = Revo Uninstaller 1.94
"RobertsFileRenamer_is1" = Roberts File Renamer 1.8.2
"Secunia PSI" = Secunia PSI (3.0.0.3001)
"Toolbar Cleaner" = Toolbar Cleaner 1.0
"VLC media player" = VLC media player 2.0.6
"WinLiveSuite" = Windows Live Essentials
"WISO Mein Geld 2013 Professional" = WISO Mein Geld 2013 Professional

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.06.2013 07:18:01 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 15.06.2013 06:34:34 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 16.06.2013 06:34:34 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 17.06.2013 12:34:25 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 18.06.2013 02:18:23 | Computer Name = ***-HP | Source = Application Hang | ID = 1002
Description = Programm setup.exe, Version 3.9.136.20 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1864 Startzeit:
01ce6b851d76dc7d Endzeit: 0 Anwendungspfad: C:\Users\***\AppData\Local\Google\Picasa2\update\LifescapeUpdater\setup.exe

Berichts-ID:


Error - 18.06.2013 06:34:35 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 19.06.2013 06:34:34 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 20.06.2013 06:34:34 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 21.06.2013 06:34:35 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 22.06.2013 06:34:34 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 23.06.2013 06:49:00 | Computer Name = ***-HP | Source = Office 2013 Licensing Service | ID = 0
Description =

[ System Events ]
Error - 10.10.2012 14:21:20 | Computer Name = ***-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error - 10.10.2012 14:21:22 | Computer Name = ***-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error - 04.11.2012 19:57:26 | Computer Name = ***-HP | Source = Service Control Manager | ID = 7034
Description = Dienst "Google Update-Dienst (gupdate)" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.

Error - 04.11.2012 19:57:55 | Computer Name = ***-HP | Source = DCOM | ID = 10010
Description =

Error - 06.11.2012 17:53:37 | Computer Name = ***-HP | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 06.11.2012 17:54:51 | Computer Name = ***-HP | Source = VDS Dynamic Provider | ID = 16908310
Description =

Error - 14.11.2012 10:27:17 | Computer Name = ***-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR43
gefunden.

Error - 14.11.2012 10:27:18 | Computer Name = ***-HP | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR43
gefunden.

Error - 15.11.2012 04:24:32 | Computer Name = ***-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070005 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
4 unter Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server
2008, Windows Server 2008 R2 für x64-basierte Systeme (KB2737019)

Error - 16.11.2012 06:23:30 | Computer Name = ***-HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.


< End of report >
Gmer 2.1.19163.exe geht leider nicht!
Fehlermeldung:
Zitat:
Gmer2.1.19163.exe wird aufgrund eines Problems nicht richtig ausgeführt. Das Problem wird geschlossen und sie werden benachrichtigt, wenn eine Lösung verfügbar ist.
Ich habe keine Ahnung, was ich noch machen soll.
Danke bereits jetzt, an alle, die sich um eine Lösung bemühen.

Alt 05.07.2013, 16:13   #2
markusg
/// Malware-holic
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 05.07.2013, 16:30   #3
Bischy
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



Hier die Log von TDSS
Zitat:
16:24:26.0404 12268 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:24:27.0370 12268 ============================================================
16:24:27.0370 12268 Current date / time: 2013/07/05 16:24:27.0370
16:24:27.0370 12268 SystemInfo:
16:24:27.0370 12268
16:24:27.0370 12268 OS Version: 6.1.7601 ServicePack: 1.0
16:24:27.0370 12268 Product type: Workstation
16:24:27.0370 12268 ComputerName: ***-HP
16:24:27.0371 12268 UserName: ***
16:24:27.0371 12268 Windows directory: C:\Windows
16:24:27.0371 12268 System windows directory: C:\Windows
16:24:27.0371 12268 Running under WOW64
16:24:27.0371 12268 Processor architecture: Intel x64
16:24:27.0371 12268 Number of processors: 4
16:24:27.0371 12268 Page size: 0x1000
16:24:27.0371 12268 Boot type: Normal boot
16:24:27.0371 12268 ============================================================
16:24:27.0637 12268 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:24:27.0643 12268 ============================================================
16:24:27.0643 12268 \Device\Harddisk0\DR0:
16:24:27.0643 12268 MBR partitions:
16:24:27.0643 12268 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x10E000
16:24:27.0643 12268 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10F000, BlocksNum 0x1DBE42B0
16:24:27.0643 12268 ============================================================
16:24:27.0645 12268 C: <-> \Device\Harddisk0\DR0\Partition2
16:24:27.0645 12268 ============================================================
16:24:27.0645 12268 Initialize success
16:24:27.0645 12268 ============================================================
16:25:30.0512 6180 ============================================================
16:25:30.0512 6180 Scan started
16:25:30.0512 6180 Mode: Manual; SigCheck; TDLFS;
16:25:30.0512 6180 ============================================================
16:25:30.0747 6180 ================ Scan system memory ========================
16:25:30.0747 6180 System memory - ok
16:25:30.0748 6180 ================ Scan services =============================
16:25:30.0783 6180 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:25:30.0834 6180 1394ohci - ok
16:25:30.0839 6180 [ 733CA4DF8BE48A1009B86FA442551CA4 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:25:30.0857 6180 Accelerometer - ok
16:25:30.0865 6180 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:25:30.0880 6180 ACPI - ok
16:25:30.0883 6180 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:25:30.0897 6180 AcpiPmi - ok
16:25:30.0921 6180 [ 54A9E86E705BC7A6617528DA033E2A29 ] AcronisAgent C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
16:25:30.0962 6180 AcronisAgent - ok
16:25:30.0978 6180 [ 78A549FE57D6C1681BA66D1C6E5A3EC1 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
16:25:31.0004 6180 AcrSch2Svc - ok
16:25:31.0028 6180 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:25:31.0037 6180 AdobeFlashPlayerUpdateSvc - ok
16:25:31.0046 6180 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:25:31.0064 6180 adp94xx - ok
16:25:31.0071 6180 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:25:31.0086 6180 adpahci - ok
16:25:31.0091 6180 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:25:31.0103 6180 adpu320 - ok
16:25:31.0108 6180 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:25:31.0143 6180 AeLookupSvc - ok
16:25:31.0149 6180 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
16:25:31.0159 6180 AESTFilters - ok
16:25:31.0168 6180 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:25:31.0184 6180 AFD - ok
16:25:31.0199 6180 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
16:25:31.0227 6180 AgereSoftModem - ok
16:25:31.0231 6180 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:25:31.0242 6180 agp440 - ok
16:25:31.0246 6180 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:25:31.0259 6180 ALG - ok
16:25:31.0266 6180 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:25:31.0274 6180 aliide - ok
16:25:31.0279 6180 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:25:31.0288 6180 amdide - ok
16:25:31.0292 6180 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:25:31.0304 6180 AmdK8 - ok
16:25:31.0308 6180 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:25:31.0318 6180 AmdPPM - ok
16:25:31.0323 6180 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:25:31.0333 6180 amdsata - ok
16:25:31.0338 6180 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:25:31.0350 6180 amdsbs - ok
16:25:31.0354 6180 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:25:31.0363 6180 amdxata - ok
16:25:31.0369 6180 [ D46391F209DE0A98A97D1D1765F53438 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
16:25:31.0379 6180 AMPPAL - ok
16:25:31.0384 6180 [ D46391F209DE0A98A97D1D1765F53438 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
16:25:31.0393 6180 AMPPALP - ok
16:25:31.0403 6180 [ EDFB061F7D553B84731B8263077FD520 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:25:31.0420 6180 AMPPALR3 - ok
16:25:31.0424 6180 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
16:25:31.0434 6180 androidusb - ok
16:25:31.0438 6180 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:25:31.0471 6180 AppID - ok
16:25:31.0475 6180 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:25:31.0508 6180 AppIDSvc - ok
16:25:31.0512 6180 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
16:25:31.0522 6180 Appinfo - ok
16:25:31.0529 6180 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:25:31.0540 6180 AppMgmt - ok
16:25:31.0544 6180 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:25:31.0554 6180 arc - ok
16:25:31.0559 6180 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:25:31.0569 6180 arcsas - ok
16:25:31.0573 6180 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:25:31.0604 6180 AsyncMac - ok
16:25:31.0608 6180 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:25:31.0616 6180 atapi - ok
16:25:31.0628 6180 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:25:31.0667 6180 AudioEndpointBuilder - ok
16:25:31.0676 6180 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:25:31.0712 6180 AudioSrv - ok
16:25:31.0717 6180 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:25:31.0733 6180 AxInstSV - ok
16:25:31.0742 6180 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:25:31.0758 6180 b06bdrv - ok
16:25:31.0764 6180 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:25:31.0778 6180 b57nd60a - ok
16:25:31.0784 6180 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:25:31.0794 6180 BDESVC - ok
16:25:31.0798 6180 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:25:31.0829 6180 Beep - ok
16:25:31.0840 6180 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:25:31.0881 6180 BFE - ok
16:25:31.0896 6180 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:25:31.0939 6180 BITS - ok
16:25:31.0944 6180 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:25:31.0953 6180 blbdrive - ok
16:25:31.0958 6180 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:25:31.0968 6180 bowser - ok
16:25:31.0971 6180 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:25:31.0984 6180 BrFiltLo - ok
16:25:31.0988 6180 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:25:32.0000 6180 BrFiltUp - ok
16:25:32.0005 6180 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:25:32.0016 6180 Browser - ok
16:25:32.0023 6180 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:25:32.0037 6180 Brserid - ok
16:25:32.0041 6180 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:25:32.0054 6180 BrSerWdm - ok
16:25:32.0058 6180 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:25:32.0070 6180 BrUsbMdm - ok
16:25:32.0074 6180 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:25:32.0084 6180 BrUsbSer - ok
16:25:32.0088 6180 [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
16:25:32.0099 6180 BTCFilterService - ok
16:25:32.0103 6180 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:25:32.0115 6180 BthEnum - ok
16:25:32.0120 6180 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:25:32.0133 6180 BTHMODEM - ok
16:25:32.0138 6180 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:25:32.0151 6180 BthPan - ok
16:25:32.0160 6180 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:25:32.0177 6180 BTHPORT - ok
16:25:32.0181 6180 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:25:32.0214 6180 bthserv - ok
16:25:32.0219 6180 [ A3BC030FC526643DFDCA27299F75544B ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:25:32.0227 6180 BTHSSecurityMgr - ok
16:25:32.0231 6180 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:25:32.0241 6180 BTHUSB - ok
16:25:32.0245 6180 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:25:32.0278 6180 cdfs - ok
16:25:32.0283 6180 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:25:32.0295 6180 cdrom - ok
16:25:32.0302 6180 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:25:32.0335 6180 CertPropSvc - ok
16:25:32.0339 6180 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:25:32.0352 6180 circlass - ok
16:25:32.0359 6180 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:25:32.0374 6180 CLFS - ok
16:25:32.0381 6180 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:25:32.0389 6180 clr_optimization_v2.0.50727_32 - ok
16:25:32.0396 6180 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:25:32.0404 6180 clr_optimization_v2.0.50727_64 - ok
16:25:32.0411 6180 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:25:32.0420 6180 clr_optimization_v4.0.30319_32 - ok
16:25:32.0426 6180 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:25:32.0434 6180 clr_optimization_v4.0.30319_64 - ok
16:25:32.0438 6180 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:25:32.0448 6180 CmBatt - ok
16:25:32.0452 6180 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:25:32.0461 6180 cmdide - ok
16:25:32.0470 6180 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
16:25:32.0490 6180 CNG - ok
16:25:32.0497 6180 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
16:25:32.0506 6180 Com4QLBEx - ok
16:25:32.0511 6180 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:25:32.0519 6180 Compbatt - ok
16:25:32.0523 6180 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:25:32.0536 6180 CompositeBus - ok
16:25:32.0539 6180 COMSysApp - ok
16:25:32.0544 6180 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:25:32.0553 6180 crcdisk - ok
16:25:32.0560 6180 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:25:32.0571 6180 CryptSvc - ok
16:25:32.0580 6180 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
16:25:32.0595 6180 CSC - ok
16:25:32.0606 6180 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
16:25:32.0624 6180 CscService - ok
16:25:32.0635 6180 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:25:32.0673 6180 DcomLaunch - ok
16:25:32.0680 6180 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:25:32.0717 6180 defragsvc - ok
16:25:32.0724 6180 [ 74C1305F6F784A725B0A40D693FF4A09 ] DeviceMonitorService C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
16:25:32.0732 6180 DeviceMonitorService - ok
16:25:32.0737 6180 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:25:32.0769 6180 DfsC - ok
16:25:32.0776 6180 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:25:32.0788 6180 Dhcp - ok
16:25:32.0793 6180 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:25:32.0825 6180 discache - ok
16:25:32.0830 6180 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:25:32.0839 6180 Disk - ok
16:25:32.0844 6180 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:25:32.0855 6180 dmvsc - ok
16:25:32.0860 6180 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:25:32.0872 6180 Dnscache - ok
16:25:32.0879 6180 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:25:32.0914 6180 dot3svc - ok
16:25:32.0926 6180 [ E0E65ED0985A28FB18128D6099E985C4 ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
16:25:32.0938 6180 DpHost - ok
16:25:32.0943 6180 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:25:32.0976 6180 DPS - ok
16:25:32.0980 6180 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:25:32.0993 6180 drmkaud - ok
16:25:33.0007 6180 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:25:33.0029 6180 DXGKrnl - ok
16:25:33.0037 6180 [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:25:33.0049 6180 e1cexpress - ok
16:25:33.0058 6180 [ 324FCD2DD8A4229DDEF3CC954FF12FA5 ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
16:25:33.0071 6180 e1kexpress - ok
16:25:33.0076 6180 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:25:33.0109 6180 EapHost - ok
16:25:33.0143 6180 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:25:33.0196 6180 ebdrv - ok
16:25:33.0200 6180 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:25:33.0210 6180 EFS - ok
16:25:33.0219 6180 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:25:33.0237 6180 elxstor - ok
16:25:33.0240 6180 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:25:33.0251 6180 ErrDev - ok
16:25:33.0262 6180 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:25:33.0299 6180 EventSystem - ok
16:25:33.0305 6180 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:25:33.0341 6180 exfat - ok
16:25:33.0346 6180 Fabs - ok
16:25:33.0352 6180 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:25:33.0387 6180 fastfat - ok
16:25:33.0399 6180 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:25:33.0418 6180 Fax - ok
16:25:33.0422 6180 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:25:33.0432 6180 fdc - ok
16:25:33.0436 6180 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:25:33.0467 6180 fdPHost - ok
16:25:33.0471 6180 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:25:33.0503 6180 FDResPub - ok
16:25:33.0507 6180 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:25:33.0517 6180 FileInfo - ok
16:25:33.0522 6180 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:25:33.0554 6180 Filetrace - ok
16:25:33.0584 6180 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
16:25:33.0627 6180 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
16:25:33.0627 6180 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
16:25:33.0631 6180 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:25:33.0642 6180 flpydisk - ok
16:25:33.0649 6180 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:25:33.0662 6180 FltMgr - ok
16:25:33.0677 6180 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
16:25:33.0703 6180 FontCache - ok
16:25:33.0707 6180 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:25:33.0716 6180 FontCache3.0.0.0 - ok
16:25:33.0720 6180 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:25:33.0730 6180 FsDepends - ok
16:25:33.0733 6180 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:25:33.0743 6180 Fs_Rec - ok
16:25:33.0749 6180 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:25:33.0764 6180 fvevol - ok
16:25:33.0768 6180 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:25:33.0778 6180 gagp30kx - ok
16:25:33.0782 6180 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:25:33.0789 6180 GEARAspiWDM - ok
16:25:33.0795 6180 [ B93252C4C5A3733ECD5522CAF88DE02D ] GigasetGenericUSB_x64 C:\Windows\system32\DRIVERS\GigasetGenericUSB_x64.sys
16:25:33.0803 6180 GigasetGenericUSB_x64 - ok
16:25:33.0815 6180 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:25:33.0856 6180 gpsvc - ok
16:25:33.0861 6180 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:25:33.0869 6180 gupdate - ok
16:25:33.0873 6180 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:25:33.0880 6180 gupdatem - ok
16:25:33.0884 6180 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:25:33.0895 6180 gusvc - ok
16:25:33.0898 6180 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:25:33.0910 6180 hcw85cir - ok
16:25:33.0918 6180 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:25:33.0935 6180 HdAudAddService - ok
16:25:33.0940 6180 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:25:33.0954 6180 HDAudBus - ok
16:25:33.0958 6180 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:25:33.0966 6180 HECIx64 - ok
16:25:33.0998 6180 [ 8D5012A70F02C30434FDFB6A2E248ADA ] HI-epanel-Reporting-Service C:\Program Files (x86)\Digital Trends Club\HI-epanel-Reporting.exe
16:25:34.0058 6180 HI-epanel-Reporting-Service - ok
16:25:34.0075 6180 [ 1036C3EB8810E3E371ED5B1B376F8867 ] HI-epanel-Update-Service C:\Program Files (x86)\Digital Trends Club\HI-epanel-Updater.exe
16:25:34.0106 6180 HI-epanel-Update-Service - ok
16:25:34.0110 6180 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:25:34.0120 6180 HidBatt - ok
16:25:34.0125 6180 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:25:34.0138 6180 HidBth - ok
16:25:34.0142 6180 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:25:34.0155 6180 HidIr - ok
16:25:34.0159 6180 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:25:34.0192 6180 hidserv - ok
16:25:34.0196 6180 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:25:34.0206 6180 HidUsb - ok
16:25:34.0211 6180 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:25:34.0243 6180 hkmsvc - ok
16:25:34.0249 6180 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:25:34.0261 6180 HomeGroupListener - ok
16:25:34.0267 6180 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:25:34.0280 6180 HomeGroupProvider - ok
16:25:34.0284 6180 [ 650C9C80F40A4C3B63A500393F11EB23 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys
16:25:34.0291 6180 hotcore3 - ok
16:25:34.0297 6180 [ 657E81DF0625198C97F91C09AE9611FC ] HP ProtectTools Service C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
16:25:34.0302 6180 HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - warning
16:25:34.0302 6180 HP ProtectTools Service - detected UnsignedFile.Multi.Generic (1)
16:25:34.0307 6180 [ A48A151D3FA7CB032A51453F087221C7 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:25:34.0314 6180 HPDrvMntSvc.exe - ok
16:25:34.0318 6180 [ BDFE112FA2F3422842E83DA631065B37 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:25:34.0325 6180 hpdskflt - ok
16:25:34.0332 6180 [ E123B122D5217F724B1D2641010C9D3C ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
16:25:34.0339 6180 HPFSService ( UnsignedFile.Multi.Generic ) - warning
16:25:34.0339 6180 HPFSService - detected UnsignedFile.Multi.Generic (1)
16:25:34.0344 6180 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:25:34.0352 6180 HpqKbFiltr - ok
16:25:34.0363 6180 [ 71BD8A611E0677175D3938C9CEA7339A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:25:34.0379 6180 hpqwmiex - ok
16:25:34.0384 6180 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:25:34.0394 6180 HpSAMD - ok
16:25:34.0399 6180 [ A92D6DE158BC0671D9336580F6414044 ] hpsrv C:\Windows\system32\Hpservice.exe
16:25:34.0407 6180 hpsrv - ok
16:25:34.0419 6180 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:25:34.0459 6180 HTTP - ok
16:25:34.0463 6180 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:25:34.0472 6180 hwpolicy - ok
16:25:34.0477 6180 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:25:34.0487 6180 i8042prt - ok
16:25:34.0497 6180 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:25:34.0513 6180 iaStorV - ok
16:25:34.0525 6180 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:25:34.0530 6180 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:25:34.0530 6180 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:25:34.0544 6180 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:25:34.0566 6180 idsvc - ok
16:25:34.0703 6180 [ 0089B53F1BEFD34B7D8CA4AB021335FA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:25:34.0901 6180 igfx - ok
16:25:34.0910 6180 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:25:34.0919 6180 iirsp - ok
16:25:34.0932 6180 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:25:34.0973 6180 IKEEXT - ok
16:25:35.0005 6180 [ F2744FD54BE1580BE05916D1C755C92A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:25:35.0064 6180 IntcAzAudAddService - ok
16:25:35.0072 6180 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
16:25:35.0083 6180 IntcDAud - ok
16:25:35.0087 6180 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:25:35.0096 6180 intelide - ok
16:25:35.0100 6180 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:25:35.0110 6180 intelppm - ok
16:25:35.0115 6180 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:25:35.0147 6180 IPBusEnum - ok
16:25:35.0152 6180 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:25:35.0183 6180 IpFilterDriver - ok
16:25:35.0192 6180 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:25:35.0210 6180 iphlpsvc - ok
16:25:35.0214 6180 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:25:35.0225 6180 IPMIDRV - ok
16:25:35.0229 6180 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:25:35.0262 6180 IPNAT - ok
16:25:35.0277 6180 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:25:35.0299 6180 iPod Service - ok
16:25:35.0303 6180 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:25:35.0318 6180 IRENUM - ok
16:25:35.0322 6180 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:25:35.0331 6180 isapnp - ok
16:25:35.0337 6180 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:25:35.0351 6180 iScsiPrt - ok
16:25:35.0357 6180 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:25:35.0367 6180 kbdclass - ok
16:25:35.0371 6180 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:25:35.0381 6180 kbdhid - ok
16:25:35.0385 6180 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:25:35.0395 6180 KeyIso - ok
16:25:35.0401 6180 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:25:35.0411 6180 KSecDD - ok
16:25:35.0417 6180 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:25:35.0428 6180 KSecPkg - ok
16:25:35.0431 6180 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:25:35.0462 6180 ksthunk - ok
16:25:35.0469 6180 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:25:35.0505 6180 KtmRm - ok
16:25:35.0512 6180 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:25:35.0546 6180 LanmanServer - ok
16:25:35.0551 6180 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:25:35.0583 6180 LanmanWorkstation - ok
16:25:35.0589 6180 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:25:35.0621 6180 lltdio - ok
16:25:35.0629 6180 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:25:35.0665 6180 lltdsvc - ok
16:25:35.0669 6180 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:25:35.0701 6180 lmhosts - ok
16:25:35.0709 6180 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:25:35.0719 6180 LSI_FC - ok
16:25:35.0724 6180 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:25:35.0734 6180 LSI_SAS - ok
16:25:35.0738 6180 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:25:35.0747 6180 LSI_SAS2 - ok
16:25:35.0752 6180 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:25:35.0763 6180 LSI_SCSI - ok
16:25:35.0767 6180 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:25:35.0801 6180 luafv - ok
16:25:35.0806 6180 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:25:35.0814 6180 MBAMProtector - ok
16:25:35.0823 6180 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:25:35.0836 6180 MBAMScheduler - ok
16:25:35.0847 6180 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:25:35.0865 6180 MBAMService - ok
16:25:35.0869 6180 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:25:35.0878 6180 megasas - ok
16:25:35.0885 6180 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:25:35.0899 6180 MegaSR - ok
16:25:35.0903 6180 [ B6AC71AAA2B10848F57FC49D55A651AF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
16:25:35.0912 6180 MEIx64 - ok
16:25:35.0917 6180 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:25:35.0949 6180 MMCSS - ok
16:25:35.0996 6180 [ A65DBD7FACF05B422D6950A4658C7A4C ] MMS C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
16:25:36.0083 6180 MMS - ok
16:25:36.0088 6180 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:25:36.0120 6180 Modem - ok
16:25:36.0124 6180 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:25:36.0136 6180 monitor - ok
16:25:36.0140 6180 [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb C:\Windows\system32\Drivers\motoandroid.sys
16:25:36.0153 6180 motandroidusb - ok
16:25:36.0156 6180 [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp C:\Windows\system32\DRIVERS\motccgp.sys
16:25:36.0169 6180 motccgp - ok
16:25:36.0172 6180 [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl C:\Windows\system32\DRIVERS\motccgpfl.sys
16:25:36.0185 6180 motccgpfl - ok
16:25:36.0188 6180 [ 3CC500C9B0E4D476802D277353CB2C89 ] MotDev C:\Windows\system32\DRIVERS\motodrv.sys
16:25:36.0201 6180 MotDev - ok
16:25:36.0204 6180 [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem C:\Windows\system32\DRIVERS\motmodem.sys
16:25:36.0217 6180 motmodem - ok
16:25:36.0226 6180 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
16:25:36.0235 6180 MotoHelper - ok
16:25:36.0239 6180 [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
16:25:36.0248 6180 MotoSwitchService - ok
16:25:36.0251 6180 [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet C:\Windows\system32\DRIVERS\Motousbnet.sys
16:25:36.0260 6180 Motousbnet - ok
16:25:36.0263 6180 [ D075B1D964A314D240F5498773EE89DF ] motusbdevice C:\Windows\system32\DRIVERS\motusbdevice.sys
16:25:36.0276 6180 motusbdevice - ok
16:25:36.0280 6180 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:25:36.0290 6180 mouclass - ok
16:25:36.0293 6180 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:25:36.0303 6180 mouhid - ok
16:25:36.0308 6180 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:25:36.0318 6180 mountmgr - ok
16:25:36.0323 6180 [ ADE67764E0E2F3592D4D059B69FD02C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:25:36.0333 6180 MozillaMaintenance - ok
16:25:36.0338 6180 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:25:36.0349 6180 mpio - ok
16:25:36.0353 6180 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:25:36.0385 6180 mpsdrv - ok
16:25:36.0398 6180 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:25:36.0441 6180 MpsSvc - ok
16:25:36.0446 6180 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:25:36.0462 6180 MRxDAV - ok
16:25:36.0467 6180 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:25:36.0477 6180 mrxsmb - ok
16:25:36.0484 6180 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:25:36.0497 6180 mrxsmb10 - ok
16:25:36.0502 6180 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:25:36.0512 6180 mrxsmb20 - ok
16:25:36.0516 6180 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:25:36.0525 6180 msahci - ok
16:25:36.0530 6180 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:25:36.0542 6180 msdsm - ok
16:25:36.0547 6180 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:25:36.0560 6180 MSDTC - ok
16:25:36.0567 6180 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:25:36.0599 6180 Msfs - ok
16:25:36.0603 6180 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:25:36.0635 6180 mshidkmdf - ok
16:25:36.0639 6180 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:25:36.0648 6180 msisadrv - ok
16:25:36.0653 6180 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:25:36.0687 6180 MSiSCSI - ok
16:25:36.0691 6180 msiserver - ok
16:25:36.0695 6180 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:25:36.0728 6180 MSKSSRV - ok
16:25:36.0732 6180 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:25:36.0764 6180 MSPCLOCK - ok
16:25:36.0768 6180 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:25:36.0801 6180 MSPQM - ok
16:25:36.0808 6180 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:25:36.0822 6180 MsRPC - ok
16:25:36.0828 6180 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:25:36.0837 6180 mssmbios - ok
16:25:36.0844 6180 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:25:36.0876 6180 MSTEE - ok
16:25:36.0880 6180 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:25:36.0890 6180 MTConfig - ok
16:25:36.0894 6180 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:25:36.0903 6180 Mup - ok
16:25:36.0913 6180 [ C2B5B6D9AF274E85DE29D719CF5BC3D6 ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
16:25:36.0922 6180 NanoServiceMain - ok
16:25:36.0931 6180 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:25:36.0968 6180 napagent - ok
16:25:36.0975 6180 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:25:36.0993 6180 NativeWifiP - ok
16:25:37.0007 6180 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:25:37.0032 6180 NDIS - ok
16:25:37.0036 6180 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:25:37.0070 6180 NdisCap - ok
16:25:37.0074 6180 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:25:37.0105 6180 NdisTapi - ok
16:25:37.0109 6180 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:25:37.0140 6180 Ndisuio - ok
16:25:37.0145 6180 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:25:37.0177 6180 NdisWan - ok
16:25:37.0181 6180 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:25:37.0212 6180 NDProxy - ok
16:25:37.0216 6180 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:25:37.0247 6180 NetBIOS - ok
16:25:37.0254 6180 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:25:37.0287 6180 NetBT - ok
16:25:37.0291 6180 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:25:37.0302 6180 Netlogon - ok
16:25:37.0309 6180 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:25:37.0346 6180 Netman - ok
16:25:37.0355 6180 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:25:37.0394 6180 netprofm - ok
16:25:37.0398 6180 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:25:37.0407 6180 NetTcpPortSharing - ok
16:25:37.0515 6180 [ 219A40EEEA50D638BA9D08680C354A0C ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
16:25:37.0695 6180 NETwNs64 - ok
16:25:37.0703 6180 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:25:37.0713 6180 nfrd960 - ok
16:25:37.0720 6180 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:25:37.0734 6180 NlaSvc - ok
16:25:37.0738 6180 [ 87F8298487F4210D04A38C487C2F5359 ] NNSALPC C:\Windows\system32\DRIVERS\NNSAlpc.sys
16:25:37.0747 6180 NNSALPC - ok
16:25:37.0751 6180 [ 41FEE67AD7BE51EA9E5A0B4117D6B5D6 ] NNSHTTP C:\Windows\system32\DRIVERS\NNSHttp.sys
16:25:37.0759 6180 NNSHTTP - ok
16:25:37.0764 6180 [ 7D4C70A6702177405E959CB4F4C25A29 ] NNSHTTPS C:\Windows\system32\DRIVERS\NNSHttps.sys
16:25:37.0772 6180 NNSHTTPS - ok
16:25:37.0776 6180 [ 3F70928E3768A90BF9EB045B187D63E9 ] NNSIDS C:\Windows\system32\DRIVERS\NNSIds.sys
16:25:37.0784 6180 NNSIDS - ok
16:25:37.0788 6180 [ 0DCF0AF0ABBF324928B6DC7B022155D6 ] NNSNAHSL C:\Windows\system32\DRIVERS\NNSNAHSL.sys
16:25:37.0796 6180 NNSNAHSL - ok
16:25:37.0800 6180 [ CAD7013B6F412410FC24F05EE407DDD1 ] NNSPICC C:\Windows\system32\DRIVERS\NNSPicc.sys
16:25:37.0809 6180 NNSPICC - ok
16:25:37.0813 6180 [ F4F6ED88A6B6B35B190379E0E2DAB20A ] NNSPIHSW C:\Windows\system32\DRIVERS\NNSPihsw.sys
16:25:37.0821 6180 NNSPIHSW - ok
16:25:37.0826 6180 [ C6FDEFB1782D45F0DB61E3B452A0F44F ] NNSPOP3 C:\Windows\system32\DRIVERS\NNSPop3.sys
16:25:37.0834 6180 NNSPOP3 - ok
16:25:37.0840 6180 [ BC0528473288AA09038885B246635F6C ] NNSPROT C:\Windows\system32\DRIVERS\NNSProt.sys
16:25:37.0851 6180 NNSPROT - ok
16:25:37.0856 6180 [ 19B03363DB7DB49303DD4030C89A443C ] NNSPRV C:\Windows\system32\DRIVERS\NNSPrv.sys
16:25:37.0865 6180 NNSPRV - ok
16:25:37.0869 6180 [ CE3492308030C9636463043DBAF7363B ] NNSSMTP C:\Windows\system32\DRIVERS\NNSSmtp.sys
16:25:37.0879 6180 NNSSMTP - ok
16:25:37.0884 6180 [ 7FC75CA8BE069260BD58DD4347B93814 ] NNSSTRM C:\Windows\system32\DRIVERS\NNSStrm.sys
16:25:37.0894 6180 NNSSTRM - ok
16:25:37.0899 6180 [ 16C98D2003BA60713C97D764C8ED4BE0 ] NNSTLSC C:\Windows\system32\DRIVERS\NNSTlsc.sys
16:25:37.0907 6180 NNSTLSC - ok
16:25:37.0913 6180 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:25:37.0946 6180 Npfs - ok
16:25:37.0949 6180 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:25:37.0983 6180 nsi - ok
16:25:37.0986 6180 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:25:38.0018 6180 nsiproxy - ok
16:25:38.0040 6180 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:25:38.0079 6180 Ntfs - ok
16:25:38.0084 6180 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:25:38.0115 6180 Null - ok
16:25:38.0121 6180 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:25:38.0130 6180 NVHDA - ok
16:25:38.0271 6180 [ 8E6247F418B4C8AE9EEB0B532CABCC21 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:25:38.0460 6180 nvlddmkm - ok
16:25:38.0468 6180 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:25:38.0480 6180 nvraid - ok
16:25:38.0485 6180 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:25:38.0497 6180 nvstor - ok
16:25:38.0511 6180 [ 41B97DCE2B2D113B831EB197F02A7398 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:25:38.0535 6180 nvsvc - ok
16:25:38.0540 6180 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:25:38.0551 6180 nv_agp - ok
16:25:38.0572 6180 [ 71C97F97A909A990C7F60C77908BAFF9 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
16:25:38.0608 6180 OfficeSvc - ok
16:25:38.0612 6180 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:25:38.0623 6180 ohci1394 - ok
16:25:38.0629 6180 [ FF93D67903FDEABCD4470CD82F44ACFA ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:25:38.0640 6180 ose - ok
16:25:38.0690 6180 [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:25:38.0790 6180 osppsvc - ok
16:25:38.0800 6180 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:25:38.0815 6180 p2pimsvc - ok
16:25:38.0824 6180 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:25:38.0841 6180 p2psvc - ok
16:25:38.0845 6180 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:25:38.0856 6180 Parport - ok
16:25:38.0860 6180 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:25:38.0870 6180 partmgr - ok
16:25:38.0876 6180 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:25:38.0892 6180 PcaSvc - ok
16:25:38.0898 6180 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:25:38.0912 6180 pci - ok
16:25:38.0916 6180 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:25:38.0925 6180 pciide - ok
16:25:38.0931 6180 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:25:38.0943 6180 pcmcia - ok
16:25:38.0947 6180 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:25:38.0957 6180 pcw - ok
16:25:38.0976 6180 [ 98655F862BB07CFB1CCC9262DA621AE1 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
16:25:39.0010 6180 PDF Architect Helper Service - ok
16:25:39.0023 6180 [ 73406F96E946F2B38615375269EF286F ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
16:25:39.0045 6180 PDF Architect Service - ok
16:25:39.0055 6180 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:25:39.0097 6180 PEAUTH - ok
16:25:39.0114 6180 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:25:39.0144 6180 PeerDistSvc - ok
16:25:39.0170 6180 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:25:39.0180 6180 PerfHost - ok
16:25:39.0203 6180 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:25:39.0255 6180 pla - ok
16:25:39.0263 6180 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:25:39.0278 6180 PlugPlay - ok
16:25:39.0282 6180 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:25:39.0293 6180 PNRPAutoReg - ok
16:25:39.0300 6180 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:25:39.0312 6180 PNRPsvc - ok
16:25:39.0324 6180 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:25:39.0360 6180 PolicyAgent - ok
16:25:39.0367 6180 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:25:39.0403 6180 Power - ok
16:25:39.0408 6180 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:25:39.0441 6180 PptpMiniport - ok
16:25:39.0445 6180 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:25:39.0455 6180 Processor - ok
16:25:39.0461 6180 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:25:39.0472 6180 ProfSvc - ok
16:25:39.0476 6180 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:25:39.0486 6180 ProtectedStorage - ok
16:25:39.0491 6180 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:25:39.0522 6180 Psched - ok
16:25:39.0529 6180 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
16:25:39.0536 6180 PSI - ok
16:25:39.0542 6180 [ 061E8188D41E24E094F941199E725531 ] PSINAflt C:\Windows\system32\DRIVERS\PSINAflt.sys
16:25:39.0551 6180 PSINAflt - ok
16:25:39.0556 6180 [ 98A6F5515BB8E84BF3D8097D71358FAF ] PSINFile C:\Windows\system32\DRIVERS\PSINFile.sys
16:25:39.0564 6180 PSINFile - ok
16:25:39.0570 6180 [ 836EEBF961B44FF5A394A6D118B606BA ] PSINKNC C:\Windows\system32\DRIVERS\psinknc.sys
16:25:39.0579 6180 PSINKNC - ok
16:25:39.0584 6180 [ 5DD7B2CC193DB76E8F913866AA75A74B ] PSINProc C:\Windows\system32\DRIVERS\PSINProc.sys
16:25:39.0592 6180 PSINProc - ok
16:25:39.0597 6180 [ 6324C85D8CAB05333DCDF3DA09BE7724 ] PSINProt C:\Windows\system32\DRIVERS\PSINProt.sys
16:25:39.0605 6180 PSINProt - ok
16:25:39.0610 6180 [ B3D55D17538F0FE4373206E82600D612 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
16:25:39.0617 6180 PSKMAD - ok
16:25:39.0621 6180 [ 650F1D071C4420FD2B8FA465027510A8 ] PSUAService C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
16:25:39.0628 6180 PSUAService - ok
16:25:39.0632 6180 [ 75E33C3FFAEEC715B4839159163912BD ] qcfilterhp2k C:\Windows\system32\DRIVERS\qcfilterhp2k.sys
16:25:39.0639 6180 qcfilterhp2k - ok
16:25:39.0645 6180 [ BA7506BA4EDB61F84D6C7834775FC144 ] qcusbnethp2k C:\Windows\system32\DRIVERS\qcusbnethp2k.sys
16:25:39.0656 6180 qcusbnethp2k - ok
16:25:39.0661 6180 [ 08BEEDEEE06C19CFF940FEEBB020BAE5 ] qcusbserhp2k C:\Windows\system32\DRIVERS\qcusbserhp2k.sys
16:25:39.0669 6180 qcusbserhp2k - ok
16:25:39.0676 6180 [ 4111315A446BAFEE833E8699267A4196 ] QDLService2kHP C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
16:25:39.0687 6180 QDLService2kHP - ok
16:25:39.0706 6180 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:25:39.0742 6180 ql2300 - ok
16:25:39.0747 6180 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:25:39.0759 6180 ql40xx - ok
16:25:39.0765 6180 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:25:39.0782 6180 QWAVE - ok
16:25:39.0786 6180 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:25:39.0801 6180 QWAVEdrv - ok
16:25:39.0804 6180 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:25:39.0837 6180 RasAcd - ok
16:25:39.0842 6180 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:25:39.0873 6180 RasAgileVpn - ok
16:25:39.0877 6180 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:25:39.0912 6180 RasAuto - ok
16:25:39.0917 6180 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:25:39.0951 6180 Rasl2tp - ok
16:25:39.0958 6180 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:25:39.0994 6180 RasMan - ok
16:25:39.0998 6180 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:25:40.0031 6180 RasPppoe - ok
16:25:40.0036 6180 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:25:40.0069 6180 RasSstp - ok
16:25:40.0075 6180 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:25:40.0111 6180 rdbss - ok
16:25:40.0115 6180 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:25:40.0128 6180 rdpbus - ok
16:25:40.0131 6180 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:25:40.0164 6180 RDPCDD - ok
16:25:40.0170 6180 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:25:40.0182 6180 RDPDR - ok
16:25:40.0185 6180 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:25:40.0216 6180 RDPENCDD - ok
16:25:40.0221 6180 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:25:40.0252 6180 RDPREFMP - ok
16:25:40.0258 6180 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:25:40.0267 6180 RdpVideoMiniport - ok
16:25:40.0273 6180 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:25:40.0285 6180 RDPWD - ok
16:25:40.0291 6180 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:25:40.0303 6180 rdyboost - ok
16:25:40.0308 6180 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:25:40.0341 6180 RemoteAccess - ok
16:25:40.0350 6180 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:25:40.0384 6180 RemoteRegistry - ok
16:25:40.0389 6180 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:25:40.0403 6180 RFCOMM - ok
16:25:40.0408 6180 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
16:25:40.0417 6180 rimmptsk - ok
16:25:40.0421 6180 [ D018844DC53D8428410A2FEEEEE9373E ] rismcx64 C:\Windows\system32\DRIVERS\rismcx64.sys
16:25:40.0429 6180 rismcx64 - ok
16:25:40.0435 6180 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:25:40.0467 6180 RpcEptMapper - ok
16:25:40.0471 6180 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:25:40.0482 6180 RpcLocator - ok
16:25:40.0491 6180 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:25:40.0526 6180 RpcSs - ok
16:25:40.0530 6180 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
16:25:40.0538 6180 RRNetCap - ok
16:25:40.0540 6180 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
16:25:40.0547 6180 RRNetCapMP - ok
16:25:40.0557 6180 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:25:40.0590 6180 rspndr - ok
16:25:40.0594 6180 [ 53F59CDD096E963B839A1D314000368C ] rsvcdwdr C:\Windows\system32\DRIVERS\rsvcdwdr.sys
16:25:40.0601 6180 rsvcdwdr - ok
16:25:40.0605 6180 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:25:40.0614 6180 s3cap - ok
16:25:40.0618 6180 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:25:40.0627 6180 SamSs - ok
16:25:40.0632 6180 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:25:40.0642 6180 sbp2port - ok
16:25:40.0648 6180 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:25:40.0683 6180 SCardSvr - ok
16:25:40.0687 6180 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:25:40.0719 6180 scfilter - ok
16:25:40.0733 6180 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:25:40.0781 6180 Schedule - ok
16:25:40.0785 6180 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:25:40.0816 6180 SCPolicySvc - ok
16:25:40.0821 6180 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:25:40.0835 6180 sdbus - ok
16:25:40.0841 6180 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:25:40.0852 6180 SDRSVC - ok
16:25:40.0876 6180 [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
16:25:40.0907 6180 SDScannerService - ok
16:25:40.0922 6180 [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:25:40.0942 6180 SDUpdateService - ok
16:25:40.0947 6180 [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
16:25:40.0958 6180 SDWSCService - ok
16:25:40.0961 6180 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:25:40.0995 6180 secdrv - ok
16:25:40.0998 6180 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:25:41.0030 6180 seclogon - ok
16:25:41.0050 6180 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:25:41.0078 6180 Secunia PSI Agent - ok
16:25:41.0090 6180 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
16:25:41.0106 6180 Secunia Update Agent - ok
16:25:41.0110 6180 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:25:41.0144 6180 SENS - ok
16:25:41.0148 6180 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:25:41.0160 6180 SensrSvc - ok
16:25:41.0164 6180 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:25:41.0174 6180 Serenum - ok
16:25:41.0179 6180 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:25:41.0190 6180 Serial - ok
16:25:41.0193 6180 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:25:41.0204 6180 sermouse - ok
16:25:41.0208 6180 serviceIEConfig - ok
16:25:41.0221 6180 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:25:41.0253 6180 SessionEnv - ok
16:25:41.0257 6180 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:25:41.0271 6180 sffdisk - ok
16:25:41.0274 6180 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:25:41.0287 6180 sffp_mmc - ok
16:25:41.0291 6180 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:25:41.0304 6180 sffp_sd - ok
16:25:41.0308 6180 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:25:41.0319 6180 sfloppy - ok
16:25:41.0327 6180 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:25:41.0365 6180 SharedAccess - ok
16:25:41.0373 6180 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:25:41.0409 6180 ShellHWDetection - ok
16:25:41.0413 6180 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:25:41.0423 6180 SiSRaid2 - ok
16:25:41.0428 6180 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:25:41.0438 6180 SiSRaid4 - ok
16:25:41.0442 6180 [ A42C09C8E60FCDCCE04B722FDD4E8694 ] SLEE_18_DRIVER C:\Windows\Sleen1864.sys
16:25:41.0451 6180 SLEE_18_DRIVER - ok
16:25:41.0456 6180 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:25:41.0490 6180 Smb - ok
16:25:41.0499 6180 [ 667E48A616AB221141C0DF7588A0DF6A ] snapman C:\Windows\system32\DRIVERS\snapman.sys
16:25:41.0511 6180 snapman - ok
16:25:41.0514 6180 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:25:41.0526 6180 SNMPTRAP - ok
16:25:41.0529 6180 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:25:41.0538 6180 spldr - ok
16:25:41.0548 6180 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:25:41.0565 6180 Spooler - ok
16:25:41.0600 6180 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:25:41.0678 6180 sppsvc - ok
16:25:41.0682 6180 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:25:41.0716 6180 sppuinotify - ok
16:25:41.0727 6180 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:25:41.0742 6180 srv - ok
16:25:41.0751 6180 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:25:41.0766 6180 srv2 - ok
16:25:41.0771 6180 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:25:41.0783 6180 srvnet - ok
16:25:41.0790 6180 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
16:25:41.0802 6180 ssadbus - ok
16:25:41.0806 6180 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
16:25:41.0817 6180 ssadmdfl - ok
16:25:41.0822 6180 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
16:25:41.0834 6180 ssadmdm - ok
16:25:41.0840 6180 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
16:25:41.0852 6180 ssadserd - ok
16:25:41.0858 6180 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:25:41.0894 6180 SSDPSRV - ok
16:25:41.0898 6180 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:25:41.0934 6180 SstpSvc - ok
16:25:41.0941 6180 [ F8807AAF697E1D20C9D7716A4941E574 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:25:41.0952 6180 STacSV - ok
16:25:41.0956 6180 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:25:41.0965 6180 stexstor - ok
16:25:41.0975 6180 [ 96DF19A03D37F8568141612D31F0D035 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
16:25:41.0990 6180 STHDA - ok
16:25:41.0999 6180 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:25:42.0023 6180 stisvc - ok
16:25:42.0027 6180 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:25:42.0036 6180 storflt - ok
16:25:42.0040 6180 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
16:25:42.0050 6180 StorSvc - ok
16:25:42.0054 6180 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:25:42.0064 6180 storvsc - ok
16:25:42.0082 6180 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:25:42.0091 6180 swenum - ok
16:25:42.0100 6180 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:25:42.0139 6180 swprv - ok
16:25:42.0157 6180 [ D268D2A0DB2A2BBE963E688D0B039267 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:25:42.0183 6180 SynTP - ok
16:25:42.0205 6180 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:25:42.0245 6180 SysMain - ok
16:25:42.0250 6180 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:25:42.0267 6180 TabletInputService - ok
16:25:42.0274 6180 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:25:42.0310 6180 TapiSrv - ok
16:25:42.0314 6180 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
16:25:42.0322 6180 tbhsd - ok
16:25:42.0326 6180 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:25:42.0359 6180 TBS - ok
16:25:42.0382 6180 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:25:42.0425 6180 Tcpip - ok
16:25:42.0447 6180 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:25:42.0480 6180 TCPIP6 - ok
16:25:42.0486 6180 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:25:42.0496 6180 tcpipreg - ok
16:25:42.0501 6180 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:25:42.0510 6180 TDPIPE - ok
16:25:42.0514 6180 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:25:42.0524 6180 TDTCP - ok
16:25:42.0529 6180 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:25:42.0561 6180 tdx - ok
16:25:42.0565 6180 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:25:42.0575 6180 TermDD - ok
16:25:42.0586 6180 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:25:42.0627 6180 TermService - ok
16:25:42.0631 6180 [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
16:25:42.0639 6180 TFsExDisk - ok
16:25:42.0643 6180 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:25:42.0657 6180 Themes - ok
16:25:42.0662 6180 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:25:42.0695 6180 THREADORDER - ok
16:25:42.0708 6180 [ 6ADC063FD51F03EF0CAB3E716A725BD2 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
16:25:42.0733 6180 timounter - ok
16:25:42.0737 6180 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
16:25:42.0747 6180 TPM - ok
16:25:42.0751 6180 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:25:42.0785 6180 TrkWks - ok
16:25:42.0791 6180 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:25:42.0827 6180 TrustedInstaller - ok
16:25:42.0833 6180 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:25:42.0865 6180 tssecsrv - ok
16:25:42.0870 6180 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:25:42.0881 6180 TsUsbFlt - ok
16:25:42.0884 6180 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:25:42.0893 6180 TsUsbGD - ok
16:25:42.0898 6180 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:25:42.0932 6180 tunnel - ok
16:25:42.0936 6180 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:25:42.0946 6180 uagp35 - ok
16:25:42.0953 6180 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:25:42.0989 6180 udfs - ok
16:25:42.0996 6180 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:25:43.0009 6180 UI0Detect - ok
16:25:43.0012 6180 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:25:43.0022 6180 uliagpkx - ok
16:25:43.0027 6180 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:25:43.0038 6180 umbus - ok
16:25:43.0042 6180 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:25:43.0052 6180 UmPass - ok
16:25:43.0058 6180 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
16:25:43.0071 6180 UmRdpService - ok
16:25:43.0078 6180 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:25:43.0116 6180 upnphost - ok
16:25:43.0121 6180 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:25:43.0135 6180 usbaudio - ok
16:25:43.0139 6180 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:25:43.0149 6180 usbccgp - ok
16:25:43.0154 6180 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:25:43.0167 6180 usbcir - ok
16:25:43.0171 6180 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:25:43.0181 6180 usbehci - ok
16:25:43.0189 6180 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:25:43.0202 6180 usbhub - ok
16:25:43.0206 6180 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:25:43.0216 6180 usbohci - ok
16:25:43.0220 6180 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:25:43.0232 6180 usbprint - ok
16:25:43.0238 6180 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:25:43.0252 6180 usbscan - ok
16:25:43.0258 6180 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:25:43.0268 6180 USBSTOR - ok
16:25:43.0273 6180 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:25:43.0283 6180 usbuhci - ok
16:25:43.0288 6180 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:25:43.0303 6180 usbvideo - ok
16:25:43.0307 6180 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:25:43.0340 6180 UxSms - ok
16:25:43.0344 6180 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:25:43.0353 6180 VaultSvc - ok
16:25:43.0375 6180 [ BBE2B5036D2FF45458C747FB2513591D ] vcsFPService C:\Windows\system32\vcsFPService.exe
16:25:43.0418 6180 vcsFPService - ok
16:25:43.0421 6180 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:25:43.0431 6180 vdrvroot - ok
16:25:43.0440 6180 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:25:43.0478 6180 vds - ok
16:25:43.0482 6180 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:25:43.0494 6180 vga - ok
16:25:43.0498 6180 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:25:43.0529 6180 VgaSave - ok
16:25:43.0535 6180 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:25:43.0547 6180 vhdmp - ok
16:25:43.0550 6180 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:25:43.0560 6180 viaide - ok
16:25:43.0568 6180 [ 4176BBECF39B4D6174D3189D00ADB015 ] Virtual CDAudio Service C:\Program Files (x86)\RapidSolution\Audials 9\VCDWriter\64\VCDAudioService.exe
16:25:43.0577 6180 Virtual CDAudio Service - ok
16:25:43.0583 6180 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:25:43.0595 6180 vmbus - ok
16:25:43.0598 6180 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:25:43.0608 6180 VMBusHID - ok
16:25:43.0612 6180 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:25:43.0621 6180 volmgr - ok
16:25:43.0629 6180 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:25:43.0644 6180 volmgrx - ok
16:25:43.0653 6180 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:25:43.0667 6180 volsnap - ok
16:25:43.0672 6180 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:25:43.0683 6180 vsmraid - ok
16:25:43.0703 6180 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:25:43.0756 6180 VSS - ok
16:25:43.0760 6180 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:25:43.0772 6180 vwifibus - ok
16:25:43.0776 6180 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:25:43.0791 6180 vwififlt - ok
16:25:43.0798 6180 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:25:43.0837 6180 W32Time - ok
16:25:43.0844 6180 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:25:43.0853 6180 WacomPen - ok
16:25:43.0862 6180 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:25:43.0894 6180 WANARP - ok
16:25:43.0897 6180 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:25:43.0931 6180 Wanarpv6 - ok
16:25:43.0947 6180 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:25:43.0979 6180 WatAdminSvc - ok
16:25:43.0998 6180 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:25:44.0028 6180 wbengine - ok
16:25:44.0034 6180 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:25:44.0052 6180 WbioSrvc - ok
16:25:44.0060 6180 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:25:44.0080 6180 wcncsvc - ok
16:25:44.0084 6180 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:25:44.0095 6180 WcsPlugInService - ok
16:25:44.0098 6180 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:25:44.0107 6180 Wd - ok
16:25:44.0120 6180 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:25:44.0143 6180 Wdf01000 - ok
16:25:44.0148 6180 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:25:44.0164 6180 WdiServiceHost - ok
16:25:44.0167 6180 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:25:44.0183 6180 WdiSystemHost - ok
16:25:44.0190 6180 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:25:44.0208 6180 WebClient - ok
16:25:44.0214 6180 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:25:44.0249 6180 Wecsvc - ok
16:25:44.0253 6180 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:25:44.0287 6180 wercplsupport - ok
16:25:44.0292 6180 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:25:44.0326 6180 WerSvc - ok
16:25:44.0330 6180 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:25:44.0361 6180 WfpLwf - ok
16:25:44.0365 6180 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:25:44.0374 6180 WIMMount - ok
16:25:44.0377 6180 WinDefend - ok
16:25:44.0382 6180 WinHttpAutoProxySvc - ok
16:25:44.0391 6180 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:25:44.0426 6180 Winmgmt - ok
16:25:44.0450 6180 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:25:44.0509 6180 WinRM - ok
16:25:44.0517 6180 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
16:25:44.0530 6180 WinUSB - ok
16:25:44.0543 6180 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:25:44.0570 6180 Wlansvc - ok
16:25:44.0597 6180 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:25:44.0636 6180 wlidsvc - ok
16:25:44.0640 6180 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:25:44.0650 6180 WmiAcpi - ok
16:25:44.0658 6180 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:25:44.0672 6180 wmiApSrv - ok
16:25:44.0676 6180 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:25:44.0686 6180 WPCSvc - ok
16:25:44.0691 6180 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:25:44.0704 6180 WPDBusEnum - ok
16:25:44.0707 6180 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:25:44.0740 6180 ws2ifsl - ok
16:25:44.0745 6180 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:25:44.0760 6180 wscsvc - ok
16:25:44.0763 6180 WSearch - ok
16:25:44.0794 6180 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:25:44.0848 6180 wuauserv - ok
16:25:44.0853 6180 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:25:44.0864 6180 WudfPf - ok
16:25:44.0869 6180 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:25:44.0881 6180 WUDFRd - ok
16:25:44.0885 6180 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:25:44.0897 6180 wudfsvc - ok
16:25:44.0905 6180 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:25:44.0917 6180 WwanSvc - ok
16:25:44.0937 6180 ================ Scan global ===============================
16:25:44.0940 6180 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:25:44.0945 6180 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:25:44.0952 6180 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:25:44.0956 6180 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:25:44.0963 6180 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:25:44.0967 6180 [Global] - ok
16:25:44.0967 6180 ================ Scan MBR ==================================
16:25:44.0969 6180 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:25:45.0241 6180 \Device\Harddisk0\DR0 - ok
16:25:45.0241 6180 ================ Scan VBR ==================================
16:25:45.0244 6180 [ 99D7FD1D833AF9DF3848FD88361E0DC8 ] \Device\Harddisk0\DR0\Partition1
16:25:45.0245 6180 \Device\Harddisk0\DR0\Partition1 - ok
16:25:45.0248 6180 [ 5DABE03C732B829F685FC47F8166E560 ] \Device\Harddisk0\DR0\Partition2
16:25:45.0249 6180 \Device\Harddisk0\DR0\Partition2 - ok
16:25:45.0250 6180 ============================================================
16:25:45.0250 6180 Scan finished
16:25:45.0250 6180 ============================================================
16:25:45.0260 6256 Detected object count: 4
16:25:45.0260 6256 Actual detected object count: 4
16:25:56.0035 6256 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:56.0035 6256 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:56.0035 6256 HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:56.0035 6256 HP ProtectTools Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:56.0035 6256 HPFSService ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:56.0035 6256 HPFSService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:56.0051 6256 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:56.0051 6256 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
__________________

Alt 05.07.2013, 16:31   #4
markusg
/// Malware-holic
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 16:53   #5
Bischy
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



So Combofix:
Code:
ATTFilter
ComboFix 13-07-04.01 - *** 05.07.2013  16:41:50.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8047.5593 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Panda Cloud Antivirus *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Cloud Antivirus *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\SysWow64\Inetde.dll
c:\windows\SysWow64\pt
c:\windows\SysWow64\pt\AuthFWSnapIn.Resources.dll
c:\windows\SysWow64\pt\AuthFWWizFwk.Resources.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-05 bis 2013-07-05  ))))))))))))))))))))))))))))))
.
.
2013-07-05 11:29 . 2012-11-07 08:00	58360	----a-w-	c:\windows\system32\drivers\PSKMAD.sys
2013-07-05 08:44 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-07-05 08:44 . 2013-07-05 08:44	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-05 08:32 . 2013-07-05 08:41	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2013-07-05 08:31 . 2009-01-25 11:14	17272	----a-w-	c:\windows\system32\sdnclean64.exe
2013-07-05 08:31 . 2013-07-05 08:38	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2013-07-04 20:36 . 2013-07-04 20:36	--------	d-----w-	c:\users\***\AppData\Local\Mozilla
2013-07-04 20:35 . 2013-07-05 11:29	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2013-07-04 09:16 . 2013-07-04 09:16	--------	d-----w-	c:\programdata\Gigaset QuickSync
2013-07-04 09:14 . 2013-07-04 09:14	--------	d-----w-	c:\users\***\AppData\Local\Gigaset_Communications_Gm
2013-07-04 09:10 . 2013-07-04 09:10	--------	d-----w-	c:\program files (x86)\Gigaset QuickSync
2013-06-24 18:09 . 2013-06-24 18:09	--------	d-----w-	c:\windows\SysWow64\GroupPolicy\Machine\Scripts\Shutdown\Pan3309.tmp
2013-06-23 19:56 . 2013-06-23 19:56	312232	----a-w-	c:\windows\system32\javaws.exe
2013-06-23 19:56 . 2013-06-23 19:56	189352	----a-w-	c:\windows\system32\javaw.exe
2013-06-23 19:56 . 2013-06-23 19:56	188840	----a-w-	c:\windows\system32\java.exe
2013-06-23 19:56 . 2013-06-23 19:56	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-12 12:23 . 2013-05-08 06:39	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-23 19:56 . 2012-08-27 06:48	972712	----a-w-	c:\windows\system32\deployJava1.dll
2013-06-23 19:56 . 2012-08-27 06:48	1093032	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-06-16 19:48 . 2012-06-02 09:11	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-16 19:48 . 2012-06-02 09:11	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-13 11:03 . 2012-01-03 11:33	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-05-18 12:27 . 2011-03-28 16:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-16 19:13 . 2012-10-09 11:12	16948616	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-02 09:59 . 2013-05-02 09:59	978576	----a-w-	c:\windows\SysWow64\ieconfig_1und1.dll
2013-05-02 09:59 . 2013-05-02 09:59	1053848	----a-w-	c:\windows\SysWow64\ieconfig_1und1_svc.exe
2013-04-25 10:35 . 2013-04-25 10:35	794112	----a-w-	c:\windows\system32\Gqstsp.tsp
2013-04-25 10:23 . 2013-04-25 10:23	495616	----a-w-	c:\windows\SysWow64\Gqstsp.tsp
2013-04-25 10:06 . 2013-04-25 10:06	54272	----a-w-	c:\windows\system32\drivers\GigasetGenericUSB_x64.sys
2013-04-13 05:49 . 2013-05-16 06:10	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 06:10	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 06:10	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 06:10	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 06:10	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 06:10	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 08:18	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-16 06:10	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-16 06:10	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-16 06:10	3153920	----a-w-	c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2013-01-08 15:56	87768	----a-w-	c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll" [2013-01-08 87768]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-21 20:14	220632	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-21 20:14	220632	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-21 20:14	220632	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-12-21 19:48	2042528	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-12-21 19:48	2042528	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-12-21 19:48	2042528	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2013-04-11 235072]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2010-05-06 11268096]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-02-25 287800]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-01-27 32480]
"SAFE2012 HotKeys"="c:\program files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe" [2012-11-19 84480]
"SAFE2012 File Redirection Starter"="c:\program files (x86)\Steganos Safe 2012\fredirstarter.exe" [2012-11-19 17408]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-05-16 3830224]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"panda4_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn" [X]
"panda4_0dn_XP"="reg.exe delete HKCU\Software\panda4_0dn" [X]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
Samsung SSD Magician.lnk - c:\program files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe  /AUTOHIDE [2012-6-13 1507328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-7-25 572000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
.
3;3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys;c:\windows\SYSNATIVE\DRIVERS\NNSNAHSL.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 GigasetGenericUSB_x64;GigasetGenericUSB_x64;c:\windows\system32\DRIVERS\GigasetGenericUSB_x64.sys;c:\windows\SYSNATIVE\DRIVERS\GigasetGenericUSB_x64.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys;c:\windows\SYSNATIVE\DRIVERS\motodrv.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 qcfilterhp2k;Gobi 2000 USB Composite Device Filter Driver(03F0-251D);c:\windows\system32\DRIVERS\qcfilterhp2k.sys;c:\windows\SYSNATIVE\DRIVERS\qcfilterhp2k.sys [x]
R3 qcusbnethp2k;Gobi 2000 USB-NDIS miniport(03F0-251D);c:\windows\system32\DRIVERS\qcusbnethp2k.sys;c:\windows\SYSNATIVE\DRIVERS\qcusbnethp2k.sys [x]
R3 qcusbserhp2k;Gobi 2000 USB Device for Legacy Serial Communication(03F0-251D);c:\windows\system32\DRIVERS\qcusbserhp2k.sys;c:\windows\SYSNATIVE\DRIVERS\qcusbserhp2k.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AcronisAgent;Acronis Remote Agent Service;c:\program files (x86)\Common Files\Acronis\Agent\agent.exe;c:\program files (x86)\Common Files\Acronis\Agent\agent.exe [x]
R4 MMS;Acronis Managed Machine Service;c:\program files (x86)\Acronis\BackupAndRecovery\mms.exe;c:\program files (x86)\Acronis\BackupAndRecovery\mms.exe [x]
R4 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPihsw.sys [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSAlpc.sys [x]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttp.sys [x]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys;c:\windows\SYSNATIVE\DRIVERS\NNSHttps.sys [x]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys;c:\windows\SYSNATIVE\DRIVERS\NNSIds.sys [x]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPicc.sys [x]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPop3.sys [x]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys;c:\windows\SYSNATIVE\DRIVERS\NNSProt.sys [x]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys;c:\windows\SYSNATIVE\DRIVERS\NNSPrv.sys [x]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys;c:\windows\SYSNATIVE\DRIVERS\NNSSmtp.sys [x]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys;c:\windows\SYSNATIVE\DRIVERS\NNSStrm.sys [x]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys;c:\windows\SYSNATIVE\DRIVERS\NNSTlsc.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys;c:\windows\SYSNATIVE\DRIVERS\psinknc.sys [x]
S1 SLEE_18_DRIVER;Steganos Live Encryption Engine 18 [Driver];c:\windows\Sleen1864.sys;c:\windows\Sleen1864.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 HI-epanel-Reporting-Service;HI-epanel-Reporting-Service;c:\program files (x86)\Digital Trends Club\HI-epanel-Reporting.exe;c:\program files (x86)\Digital Trends Club\HI-epanel-Reporting.exe [x]
S2 HI-epanel-Update-Service;HI-epanel-Update-Service;c:\program files (x86)\Digital Trends Club\HI-epanel-Updater.exe;c:\program files (x86)\Digital Trends Club\HI-epanel-Updater.exe [x]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [x]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [x]
S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys;c:\windows\SYSNATIVE\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys;c:\windows\SYSNATIVE\DRIVERS\PSINProt.sys [x]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [x]
S2 QDLService2kHP;Qualcomm Gobi 2000 Download Service (HP);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe;c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 serviceIEConfig;IEConfig 1und1 Edition;c:\windows\SysWOW64\ieconfig_1und1_svc.exe;c:\windows\SysWOW64\ieconfig_1und1_svc.exe [x]
S2 Virtual CDAudio Service;Virtual CDAudio Service;c:\program files (x86)\RapidSolution\Audials 9\VCDWriter\64\VCDAudioService.exe;c:\program files (x86)\RapidSolution\Audials 9\VCDWriter\64\VCDAudioService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x]
S3 rismcx64;RICOH Smart Card Reader;c:\windows\system32\DRIVERS\rismcx64.sys;c:\windows\SYSNATIVE\DRIVERS\rismcx64.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys;c:\windows\SYSNATIVE\DRIVERS\rsvcdwdr.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 67246821
*Deregistered* - 67246821
*Deregistered* - kwldrpod
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-02 19:47]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-10 11:22]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-10 11:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-21 20:14	244688	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-21 20:14	244688	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-21 20:14	244688	----a-w-	c:\users\***\AppData\Local\Microsoft\SkyDrive\16.4.6003.0710\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-12-21 20:10	2860192	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-12-21 20:10	2860192	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-12-21 20:10	2860192	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57	778192	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57	778192	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57	778192	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57	778192	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57	778192	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57	778192	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-28 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-28 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-28 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-09-07 489472]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-01-31 2041192]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10013&barid={E52D54FE-F074-11E1-A800-402CF4770FFC}
uInternet Settings,ProxyOverride = 192.168.*.*
uInternet Settings,ProxyServer = localhost:21320
uSearchAssistant = 
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\2ioox3kv.default\
FF - ExtSQL: 2013-07-04 22:17; gacela2@nurago.com; c:\program files (x86)\Digital Trends Club
FF - ExtSQL: 2013-07-04 22:36; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\2ioox3kv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-NPSStartup - (no file)
Notify-SDWinLogon - SDWinLogon.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\serviceIEConfig]
"ImagePath"="c:\windows\SysWOW64\ieconfig_1und1_svc.exe /startedbyscm:016FE01B-40E31F2D-serviceIEConfig"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-05  16:49:27
ComboFix-quarantined-files.txt  2013-07-05 14:49
.
Vor Suchlauf: 17 Verzeichnis(se), 13.803.732.992 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 13.667.893.248 Bytes frei
.
- - End Of File - - 3236BE36F38C393D8D121EC54B9E833E
A36C5E4F47E84449FF07ED3517B43A31
         


Alt 05.07.2013, 16:58   #6
markusg
/// Malware-holic
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
--> Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!

Alt 05.07.2013, 17:45   #7
Bischy
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



So, hier das Ergebnis CCleaner:
Code:
ATTFilter
1&1 EasyLogin		02.05.2013										***unötig***
1und1 Internet Explorer Add-On	1&1 Internet AG	02.05.2013 							***unötig***	
Acronis Backup & Recovery 10 Bootable Media Builder	Acronis	19.06.2012	252MB	10.0.12705		***bekannt***
Acronis Backup & Recovery 10 Tray Monitor	Acronis	19.06.2012	5,98MB	10.0.12705			***bekannt***
Acronis Backup & Recovery 10 Upgrade Tool	Acronis	19.06.2012	21,2MB	10.0.12705			***bekannt***
Acronis Backup & Recovery 10* Agent	Acronis	19.06.2012	242MB	10.0.12705				***bekannt***
Acronis Backup & Recovery 10*Standalone*Management*Console	Acronis	19.06.2012	52,5MB	10.0.12705	***bekannt***
Acronis Backup & Recovery 10*Universal*Restore	Acronis	19.06.2012	2,13MB	10.0.12705			***bekannt***
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	16.06.2013	6,00MB	11.7.700.224		***unbekannt***
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	16.06.2013	6,00MB	11.7.700.224		***unbekannt***
Amazon MP3-Downloader 1.0.17	Amazon Services LLC	21.09.2012		1.0.17				***bekannt***
Audacity 2.0	Audacity Team	04.07.2012	42,8MB								***bekannt***
Audials	Audials AG	15.09.2012	267MB	9.1.31900.0							***bekannt***
Audible Download Manager	Audible, Inc.	31.08.2012		6.6.0.15				***bekannt***
Biet-O-Matic v2.14.12	BOM Development Team	05.06.2013	6,83MB	2.14.12					***bekannt***
Bonjour	Apple Inc.	20.09.2012	2,04MB	3.0.0.10							***unbekannt***
CanoScan Toolbox Ver4.9		28.02.2013									***bekannt***		
CCleaner	Piriform	19.06.2013		4.03							***bekannt***
CompeGPS LAND 7.5	CompeGPS TEAM, S.L.	15.04.2013	81,3MB	7.5					***bekannt***
CompeGPSDownloader version 1.10	CompeGPS TEAM, S.L.	16.08.2012	3,11MB	1.10				***bekannt***
Digital Trends Club	HI-epanel	24.08.2012		12.6.151					***bekannt***
Duplicate Cleaner Free 3.0.1	DigitalVolcano	13.03.2013		3.0.1					***unnötig***
File Sanitizer For HP ProtectTools	Hewlett-Packard	02.06.2012	27,6MB	5.0.1.4				***bekannt***
Firebird SQL Server - MAGIX Edition	MAGIX AG	22.08.2012	11,5MB	2.1.31.0			***bekannt***
Foxit Reader	Foxit Corporation	14.06.2013	88,9MB	6.0.3.524					***bekannt***
Free Audio Converter version 5.0.17.825	DVDVideoSoft Ltd.	31.08.2012	78,3MB	5.0.17.825		***bekannt***
Free Studio version 5.6.2.627	DVDVideoSoft Ltd.	04.07.2012	826MB	5.6.2.627			***bekannt***
Free Video to JPG Converter version 5.0.15.706	DVDVideoSoft Ltd.	11.07.2012	75,0MB	5.0.15.706	***bekannt***
Free YouTube to MP3 Converter version 3.11.26.706	DVDVideoSoft Ltd.	09.07.2012	92,0MB	3.11.26.706 ***bekannt***
Gigaset QuickSync	Gigaset Communications GmbH	04.07.2013	8,77MB	8.3.0868.3			***bekannt***
Google Drive	Google, Inc.	20.06.2013	32,1MB	1.10.4769.632						***bekannt***
GoPro CineForm Studio 1.2.1	CineForm, Inc & GoPro, Inc.	28.08.2012			1.2.1		***bekannt***
GPSMapEdit Version 1.1.75.1	Geopainting.com	22.08.2012	8,96MB	1.1.75.1				***bekannt***
HP 3D DriveGuard	Hewlett-Packard Company	01.05.2013	6,99MB	4.1.16.1				***bekannt***
HP Broadband Kit		05.01.2012		3.1.0.1							***unbekannt***
HP Product Detection	HP	13.06.2012	1,86MB	11.14.0001						***unbekannt***
HP ProtectTools Security Manager	Hewlett-Packard Company	02.06.2012	88,6MB	5.12.754		***bekannt***
HP Quick Launch Buttons	Hewlett-Packard Company	14.08.2012				6.50.17.1		***bekannt***
HP System Default Settings	Hewlett-Packard Company	01.05.2013	1,59MB	2.3.1.2				***unbekannt***
IDT Audio	IDT	28.03.2013		1.0.6300.0							***unbekannt***
Intel(R) Processor Graphics	Intel Corporation	02.01.2011		8.15.10.2559			***bekannt***
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed	Intel Corporation	01.05.2013	5,32MB	15.2.0.0284 ***bekannt***
iTunes	Apple Inc.	20.09.2012	182MB	10.7.0.21							***unnötig***
Java 7 Update 25 (64-bit)	Oracle	23.06.2013	128MB	7.0.250						***unbekannt***
MAGIX Screenshare	MAGIX AG	28.08.2012		4.3.6.1987					***bekannt***
MAGIX Speed burnR (MSI)	MAGIX AG	28.08.2012		7.0.2.6						***bekannt***
MAGIX Video deluxe MX Premium Sonderedition	MAGIX AG	28.08.2012		11.0.5.0		***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Demo)	MAGIX AG	28.08.2012		1.0.0.0		***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Designelemente)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Filmvorlagen)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 1)	MAGIX AG	28.08.2012		1.0.0.0 ***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 2)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Individuelle Menüvorlagen)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 1)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 2)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Art Effects)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Light Blends)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (proDAD Adorage Starter Paket)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (proDAD VitaScene 2 MAGIX Edition)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Red Giant Magic Bullet Quick Looks)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Red Giant Movie Makers Look Pack)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Soundtrack Maker-Stile)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Titeleffekte)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Tutorials)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
MAGIX Video deluxe MX Premium Sonderedition (Überblendeffekte)	MAGIX AG	28.08.2012		1.0.0.0	***bekannt***
Malwarebytes Anti-Malware Version 1.75.0.1300	Malwarebytes Corporation	05.07.2013	19,2MB	1.75.0.1300	***bekannt***
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	14.12.2012	38,8MB	4.0.30320		***unbekannt***
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	14.12.2012	2,93MB	4.0.30320	***unbekannt***
Microsoft Office 365 Home Premium Preview - en-us	Microsoft Corporation	21.12.2012		15.0.4128.1025	***unnötig***
Microsoft Silverlight	Microsoft Corporation	12.03.2013	100MB	5.1.20125.0				***unbekannt***
Microsoft SkyDrive	Microsoft Corporation	21.12.2012	24,9MB	16.4.6003.0710				***unbekannt***
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	29.06.2012	1,69MB	3.1.0000	***unbekannt***
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	22.08.2012	300KB	8.0.59193	***unbekannt***
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	21.08.2012	702KB	8.0.61000	***unbekannt***
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	04.06.2012	788KB	9.0.30729	***unbekannt***
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	29.06.2012	788KB	9.0.30729.6161	***unbekannt***
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411	Microsoft Corporation	04.06.2012	2,10MB	9.0.30411	***unbekannt***
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	20.06.2012	594KB	9.0.30729	***unbekannt***
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	15.10.2012	228KB	9.0.30729.4148	***unbekannt***
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	29.06.2012	600KB	9.0.30729.6161	***unbekannt***
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219	Microsoft Corporation	25.02.2013	13,8MB	10.0.40219	***unbekannt***
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	25.02.2013	15,0MB	10.0.40219	***unbekannt***
MotoHelper 2.1.32 Driver 5.4.0	Motorola	18.09.2012		2.1.32					***bekannt***
MOTOROLA MEDIA LINK	Motorola	18.09.2012	71,4MB	1.5.4090.2					***bekannt***
Mozilla Firefox 23.0 (x86 de)	Mozilla	05.07.2013	44,8MB	23.0						***bekannt***
Mozilla Maintenance Service	Mozilla	05.07.2013	333KB	23.0						***unbekannt***
MPC-HC 1.6.6.6957 (3975d54) (64-bit)	MPC-HC Team	18.03.2013	24,2MB	1.6.6.6957			***bekannt***
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	21.06.2012	1,27MB	4.20.9870.0			***unbekannt***
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	21.06.2012	1,33MB	4.20.9876.0			***unbekannt***
MSXML 4.0 SP3 Parser	Microsoft Corporation	22.08.2012	5,31MB	4.30.2100.0				***unbekannt***
MSXML 4.0 SP3 Parser (KB2721691)	Microsoft Corporation	23.08.2012	1,53MB	4.30.2114.0		***unbekannt***
MSXML 4.0 SP3 Parser (KB2758694)	Microsoft Corporation	10.01.2013	1,54MB	4.30.2117.0		***unbekannt***
Nightly 24.0a1 (x64 en-US)	Mozilla	23.06.2013	57,3MB	24.0a1						***unnötig***
NVIDIA Display Control Panel	NVIDIA Corporation	16.02.2012	135MB	6.14.12.6128			***unbekannt***
NVIDIA Grafiktreiber 307.83	NVIDIA Corporation	01.05.2013		307.83				***unbekannt***
NVIDIA HD-Audiotreiber 1.3.18.0	NVIDIA Corporation	01.05.2013		1.3.18.0			***unbekannt***
NVIDIA nView 136.53	NVIDIA Corporation	01.05.2013		136.53					***unbekannt***
NVIDIA PhysX-Systemsoftware 9.12.1031	NVIDIA Corporation	01.05.2013		9.12.1031		***unbekannt***
OpenOffice.org 3.4.1	Apache Software Foundation	20.09.2012	331MB	3.41.9593			***bekannt***
Opera 12.12	Opera Software ASA	21.12.2012		12.12.1707					***unnötig***
Opera 12.15	Opera Software ASA	07.04.2013		12.15.1748					***bekannt***
Panda Cloud Antivirus	Panda Security	06.03.2013		2.1.0						***bekannt***
Panda Security Toolbar	Panda Security and Visicom Media Inc.	06.03.2013		4.0.0.17		***unbekannt***
Panda Security URL Filtering	Panda Security	28.08.2012		2.0.0.14				***unbekannt***
Paragon Drive Copy™ 11 Professional	Paragon Software	12.06.2012	150MB	90.00.0003		***bekannt***
PDF Architect	pdfforge	04.12.2012	93,2MB	1.0.41.8362						***bekannt***
PDFCreator	pdfforge	17.01.2013		1.6.2							***bekannt***
Picasa 3	Google, Inc.	24.03.2013		3.9							***bekannt***
proDAD Adorage 3.0	proDAD GmbH	23.08.2012		3.0.92						***unbekannt***
Qualcomm Gobi 2000 Package for HP	QUALCOMM	13.06.2012	34,9MB	1.1.130				***unbekannt***
Revo Uninstaller 1.94	VS Revo Group	17.09.2012		1.94						***bekannt***
Roberts File Renamer 1.8.2	Robert Bliem	21.09.2012	2,74MB	1.8.2					***bekannt***
RSDLite	Motorola	22.12.2012	6,10MB	5.6								***unbekannt***
Samsung Kies	Samsung Electronics Co., Ltd.	14.12.2012	184MB	2.5.0.12114_1				***bekannt***
Samsung SSD Magician	Samsung Electronics	17.01.2013	45,8MB	3.2					***bekannt***
SAMSUNG USB Driver for Mobile Phones	SAMSUNG Electronics Co., Ltd.	14.12.2012	42,9MB	1.5.16.0	***unnötig***
Secunia PSI (3.0.0.3001)	Secunia	12.09.2012	5,77MB	3.0.0.3001					***unbekannt***
Spybot - Search & Destroy	Safer-Networking Ltd.	05.07.2013	120MB	2.1.19				***bekannt***
Steganos Safe 2012	Steganos Software GmbH	06.03.2013		13.0.5					***bekannt***
Synaptics Pointing Device Driver	Synaptics Incorporated	05.06.2012	46,4MB	15.0.24.0		***unbekannt***
Toolbar Cleaner 1.0	Visicom Media Inc.	28.08.2012							***unbekannt***		
Validity Fingerprint Driver	Validity Sensors, Inc.	05.01.2012	14,8MB	4.0.15.0			***bekannt***
VLC media player 2.0.6	VideoLAN	12.05.2013			2.0.6					***bekannt***
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 )	GoPro	21.08.2012		03/07/2012	***bekannt*** 
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 )	GoPro	21.08.2012		03/07/2012	***bekannt*** 
Windows Live Essentials	Microsoft Corporation	29.06.2012		15.4.3538.0513				***unbekannt***
WinRAR 4.20 (64-Bit)	win.rar GmbH	18.07.2012		4.20.0						***bekannt***
WISO Mein Geld 2013 Professional	Buhl Data Service GmbH	20.09.2012					***bekannt***		
WISO Steuer-Sparbuch 2012	Buhl Data Service GmbH	15.10.2012		19.00.7303			***bekannt***
WISO Steuer-Sparbuch 2013	Buhl Data Service GmbH	21.01.2013		20.00.8137			***bekannt***
         

Alt 05.07.2013, 17:49   #8
markusg
/// Malware-holic
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



was heißt bekannt, ich möchhte ja wissen obs nötig ist oder nicht.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 17:51   #9
Bischy
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



Sorry, ja so war es gemeint.
Nötig

Alt 05.07.2013, 17:55   #10
markusg
/// Malware-holic
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



b
Hi
ok wollt nur sicher gehen.
Deinstaliere:
1&1 beide
Duplicate
iTunes
Nightly
Panda Security Toolbar
Spybot : weg damit, bringt nichts.
Toolbar Cleaner

Öffne CCleaner, analysieren, starten, pc neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 18:46   #11
Bischy
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



adwcleaner Log:
Code:
ATTFilter
# AdwCleaner v2.304 - Datei am 05/07/2013 um 18:24:08 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : *** - ***-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Users\***\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10013&barid={E52D54FE-F074-11E1-A800-402CF4770FFC} --> hxxp://www.google.com

-\\ Mozilla Firefox v23.0 (de)

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\2ioox3kv.default\prefs.js

[OK] Die Datei ist sauber.

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\92dqwe90.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1463 octets] - [25/08/2012 10:03:04]
AdwCleaner[R2].txt - [1523 octets] - [25/08/2012 10:04:14]
AdwCleaner[S1].txt - [1390 octets] - [25/08/2012 20:23:05]
AdwCleaner[S2].txt - [2527 octets] - [05/07/2013 18:24:08]

########## EOF - C:\AdwCleaner[S2].txt - [2587 octets] ##########
         

Alt 05.07.2013, 18:47   #12
markusg
/// Malware-holic
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



neustarten bitte.
HitmanPro - Download - Filepony
Hitmanpro laden, doppelklicken, scan klicken.
Nichts löschen.
Auf weiter klicken, Log speichern und posten, bzw als XML exportiern, packen und anhängen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 19:01   #13
Bischy
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



hoffentlich hab ich nichts falsch gemacht. ausser Löschen gabs nur Ignorieren um auf Weiter zu clicken.
Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.6.201
www.hitmanpro.com

   Computer name . . . . : ***-HP
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : ***-HP\***
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2013-07-05 18:53:39
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 43s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 8
   Traces  . . . . . . . : 28

   Objects scanned . . . : 2.231.957
   Files scanned . . . . : 42.574
   Remnants scanned  . . : 716.542 files / 1.472.841 keys

Malware _____________________________________________________________________

   C:\Windows\SysWOW64\MFPlays.dll
      Size . . . . . . . : 118.784 bytes
      Age  . . . . . . . : 317.2 days (2012-08-22 14:54:30)
      Entropy  . . . . . : 5.7
      SHA-256  . . . . . : 11324FCC6A35E1E7C06C372F4BFC19F2549A22BBF0C3B258D14F86FB6265CCD6
    > G Data . . . . . . : Gen:Variant.Symmi.1409
    > Ikarus . . . . . . : Win32.SuspectCrc!IK
      Fuzzy  . . . . . . : 113.0


Cookies _____________________________________________________________________

   C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\92dqwe90.default\cookies.sqlite:apmebf.com
   C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\92dqwe90.default\cookies.sqlite:doubleclick.net
         

Alt 05.07.2013, 19:11   #14
markusg
/// Malware-holic
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



hi,
www.virustotal.com
dort prüfe
C:\Windows\SysWOW64\MFPlays.dll
falls datei bereits analysiert, klicke erneut prüfen, poste den Scanlink bitte
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 05.07.2013, 19:21   #15
Bischy
 
Adware.DomaIQ gefunden und in Quarantäne,  Googel-ergebnisse führen auf fremde Seiten! - Standard

Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!



Beim Hochladen in Firefox und Opera kommt die Meldung, dass ich nicht die Berechtigung habe, weil ich kein Admin bin. Dabei bin ich ein Adminuser.

Antwort

Themen zu Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!
adware.domaiq, antivirus, application/pdf:, bho, bonjour, browser, converter, desktop, error, excel, firefox, flash player, home, homepage, iexplore.exe, install.exe, kaspersky, launch, logfile, mozilla, msiexec.exe, object, office 2013, problem, programm, registry, safer networking, scan, secunia psi, security, software, soundtrack, svchost.exe, unbekannte seiten, windows xp



Ähnliche Themen: Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!


  1. Adware/Graftor.151675.8 von Avira gefunden und in Quarantäne verschoben (Windows 8), Probleme verschwunden, weitere Schritte?
    Log-Analyse und Auswertung - 15.10.2014 (9)
  2. Laptop beim Starten sehr langsam, ADWARE/InstallCore.Gen9 gefunden ->in Quarantäne
    Plagegeister aller Art und deren Bekämpfung - 11.09.2014 (19)
  3. Googel öffnet ungefragt unseriöse Seiten.
    Plagegeister aller Art und deren Bekämpfung - 16.08.2014 (17)
  4. Avira meldet ADWARE/DomaIQ.24569 + Defogger-Download blockiert
    Plagegeister aller Art und deren Bekämpfung - 07.04.2014 (13)
  5. Aktive Malware in meinem System gefunden? Objekt: svchost.exe Fund: ADWARE/Eprotektor.E --> In Quarantäne --->Bluescreen
    Log-Analyse und Auswertung - 07.12.2013 (12)
  6. Bprotector von sophos gefunden als Adware und in Quarantäne geschickt
    Log-Analyse und Auswertung - 03.09.2013 (5)
  7. Adware/DomaIQ von Antivir gefunden, Internet reagiert sehr langsam und z. T. seltsam
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (9)
  8. Malwarebytes hat 2 Adware.DomaIQ gefunden
    Log-Analyse und Auswertung - 06.08.2013 (7)
  9. DomaIQ,ESN Sonar und andere Adware entfernen!
    Log-Analyse und Auswertung - 18.07.2013 (26)
  10. ADWARE/DomaIQ.GK von Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 30.06.2013 (9)
  11. Malwarebytes hat 3 Adware.DomaIQ gefunden!HILFE!
    Log-Analyse und Auswertung - 17.06.2013 (13)
  12. Googel Links öffnen nie die Angezeigten Seiten
    Plagegeister aller Art und deren Bekämpfung - 27.12.2011 (3)
  13. Links führen auf falsche Seiten/Seiten öffnen sich automat. / HJT-Logfileseite nicht mehr nutzbar
    Plagegeister aller Art und deren Bekämpfung - 19.08.2010 (8)
  14. Googel verlinkt mich stets auf falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 09.12.2008 (17)
  15. Ergebnisse von Google führen nicht auf gewünschte URL
    Log-Analyse und Auswertung - 24.12.2007 (2)
  16. Googel und andere große Seiten können im IE nicht angezeigt werden...
    Log-Analyse und Auswertung - 05.05.2007 (5)
  17. Googel Links führen nicht zum Ziel
    Log-Analyse und Auswertung - 12.03.2006 (1)

Zum Thema Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten! - Hallo, ich brauche die Unterstützung von Euch Spezialisten. Bei der Googlesuche wurde ich bei den Links immer auf unbekannte Seiten weitergeleitet. Daraufhin habe ich Malwarebytes uns Spybot laufen lassen. Gefunden - Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten!...
Archiv
Du betrachtest: Adware.DomaIQ gefunden und in Quarantäne, Googel-ergebnisse führen auf fremde Seiten! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.