Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ansage das ich eine MaleWare hätte

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.07.2013, 13:32   #1
Bloodwolf
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Hey Trojan-Board Team

undzwar bin ich etwas paranoid da sich in letzter Zeit immer wieder mein FireFox öffnet und mir sagt ich hätte MaleWare.Jetzt weiß ich nicht ob es nur Werbung ist oder nicht hoffe ihr könntet mir helfen das zu pfüfen und es mir zu sagen

Alt 08.07.2013, 13:34   #2
markusg
/// Malware-holic
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Hi
du warst ja eig vor nem Monat hier, da dürftest du doch wissen was wir am Anfang gerne sehen wollen.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 09.07.2013, 16:09   #3
Bloodwolf
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Deshalb wundert es mich ja weil ich erst vor kurzem da war.

Logs:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 09.07.2013 16:49:20 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sharkoon\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,23 Gb Available Physical Memory | 77,91% Memory free
16,00 Gb Paging File | 14,23 Gb Available in Paging File | 88,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 203,28 Gb Free Space | 43,65% Space Free | Partition Type: NTFS
Drive D: | 7,14 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: SHARKOON-PC | User Name: Sharkoon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.09 16:48:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sharkoon\Downloads\OTL.exe
PRC - [2013.07.08 23:31:02 | 000,559,016 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013.07.08 23:31:00 | 001,672,616 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.05.21 17:14:23 | 001,992,328 | ---- | M] () -- C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
PRC - [2013.05.16 16:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013.05.16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013.05.16 16:38:28 | 001,213,216 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.03.15 14:42:52 | 000,147,704 | ---- | M] (AMD) -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2012.03.15 14:42:52 | 000,131,320 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2012.03.15 14:42:50 | 000,131,320 | ---- | M] (AMD) -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2012.03.15 14:42:50 | 000,073,976 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.07.09 03:35:52 | 020,624,808 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.07.08 23:31:02 | 001,121,704 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2013.07.01 18:20:48 | 000,652,800 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.06.15 01:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013.06.15 01:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013.06.15 01:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2013.05.21 17:14:23 | 001,992,328 | ---- | M] () -- C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.04.16 10:47:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.07.08 23:31:02 | 000,559,016 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.06.28 14:46:32 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.06.12 17:11:14 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.16 16:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.03.15 14:42:52 | 000,131,320 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2011.08.05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011.08.05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011.08.05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.06.28 13:24:26 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.06.28 13:24:26 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.06.28 13:24:26 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013.05.01 11:18:13 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2013.05.01 11:18:13 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2013.04.17 17:28:48 | 000,030,112 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV:64bit: - [2013.02.25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.08.17 19:39:00 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2E DA 73 D3 7F 37 CE 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=34B4A0F3C182DF1E&affID=119357&tsp=4930
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.05.22 20:47:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.04.12 15:17:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sharkoon\AppData\Roaming\mozilla\Extensions
[2013.07.01 16:42:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sharkoon\AppData\Roaming\mozilla\Firefox\Profiles\5wh39cxd.default\extensions
[2013.07.01 16:40:33 | 000,006,505 | ---- | M] () -- C:\Users\Sharkoon\AppData\Roaming\mozilla\firefox\profiles\5wh39cxd.default\searchplugins\babylon.xml
[2013.07.01 16:40:44 | 000,001,294 | ---- | M] () -- C:\Users\Sharkoon\AppData\Roaming\mozilla\firefox\profiles\5wh39cxd.default\searchplugins\delta.xml
[2013.07.01 16:40:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
[2013.06.28 14:46:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.06.28 14:46:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.22 20:47:39 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: Babylon Search
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameEU.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Docs = C:\Users\Sharkoon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\Sharkoon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Sharkoon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Sharkoon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Delta Toolbar = C:\Users\Sharkoon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0\
CHR - Extension: DealPly Shopping = C:\Users\Sharkoon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.0.0_0\
CHR - Extension: Google Mail = C:\Users\Sharkoon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013.05.21 19:44:06 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (DealPly) - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F6E3D00E-7DA6-474F-9745-3115E8D238D9}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.10 09:50:04 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 19:03:48 | 000,000,054 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} - .NET Framework
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpReg: Spotify - hkey= - key= - C:\Users\Sharkoon\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
MsConfig:64bit - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\Sharkoon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.01 18:05:26 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Local\NVIDIA
[2013.07.01 17:40:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013.07.01 16:41:17 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\DealPly
[2013.07.01 16:41:15 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
[2013.07.01 16:41:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DealPly
[2013.07.01 16:40:42 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\BabSolution
[2013.07.01 16:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image Converter
[2013.07.01 16:40:23 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\AppData\Roaming\Babylon
[2013.07.01 16:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.06.28 14:46:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.06.22 11:12:58 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Desktop\Neuer Ordner (2)
[2013.06.18 21:41:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en
[2013.06.18 21:41:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409
[2013.06.18 21:41:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\sk-SK
[2013.06.18 21:41:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US
[2013.06.18 21:41:14 | 000,000,000 | ---D | C] -- C:\Windows\sk-SK
[2013.06.18 21:41:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en
[2013.06.18 21:41:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409
[2013.06.18 21:41:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sk-SK
[2013.06.18 21:41:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2013.06.18 21:35:13 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\en-US\pscr.sys.mui
[2013.06.18 21:34:34 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\en-US\BrSerIb.sys.mui
[2013.06.18 21:34:33 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\en-US\BrSerId.sys.mui
[2013.06.18 21:34:33 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\en-US\BrParwdm.sys.mui
[2013.06.15 07:59:26 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Documents\My Games
[2013.06.15 07:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2013.06.15 07:47:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.06.09 19:47:14 | 000,000,000 | ---D | C] -- C:\Users\Sharkoon\Desktop\Originals
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.09 16:41:44 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013.07.09 16:41:43 | 000,000,005 | ---- | M] () -- C:\Users\Sharkoon\AppData\Roaming\WBPU-TTL.DAT
[2013.07.09 16:11:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.09 16:04:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.09 16:04:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.09 15:11:15 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.09 15:11:15 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.09 15:01:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.09 15:01:11 | 2146,934,783 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.01 16:53:04 | 000,017,408 | -H-- | M] () -- C:\Users\Sharkoon\Desktop\photothumb.db
[2013.07.01 16:47:18 | 000,009,026 | ---- | M] () -- C:\Users\Sharkoon\AppData\Local\recently-used.xbel
[2013.07.01 16:40:39 | 000,000,000 | ---- | M] () -- C:\END
[2013.06.28 13:24:26 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.06.28 13:24:26 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.06.28 13:24:26 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.06.28 13:24:26 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.06.28 13:24:26 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.06.28 13:24:26 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.06.23 10:31:23 | 001,618,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.23 10:31:23 | 000,698,688 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.23 10:31:23 | 000,653,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.23 10:31:23 | 000,148,828 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.23 10:31:23 | 000,121,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.21 14:06:36 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.06.21 14:06:36 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.06.21 14:06:36 | 000,021,578 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013.06.20 18:00:28 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.06.20 06:17:49 | 003,253,909 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.06.15 07:59:51 | 000,000,772 | ---- | M] () -- C:\Users\Sharkoon\Desktop\Borderlands - Verknüpfung.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.01 16:47:18 | 000,009,026 | ---- | C] () -- C:\Users\Sharkoon\AppData\Local\recently-used.xbel
[2013.07.01 16:40:26 | 000,000,000 | ---- | C] () -- C:\END
[2013.06.28 13:24:26 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum
[2013.06.26 20:48:08 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum
[2013.06.26 20:48:08 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum
[2013.06.16 10:02:20 | 000,000,005 | ---- | C] () -- C:\Users\Sharkoon\AppData\Roaming\WBPU-TTL.DAT
[2013.06.15 07:59:51 | 000,000,772 | ---- | C] () -- C:\Users\Sharkoon\Desktop\Borderlands - Verknüpfung.lnk
[2013.05.05 18:38:56 | 000,007,604 | ---- | C] () -- C:\Users\Sharkoon\AppData\Local\Resmon.ResmonCfg
[2013.04.22 20:14:52 | 000,003,584 | ---- | C] () -- C:\Users\Sharkoon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.12 20:39:44 | 001,591,896 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.12 15:36:00 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\BeepApp.exe
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2004.01.26 17:15:29 | 000,233,472 | R--- | C] () -- C:\Users\Sharkoon\AppData\Roaming\MafiaSetup.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.07.01 16:40:43 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\BabSolution
[2013.07.01 16:40:23 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\Babylon
[2013.07.01 16:41:17 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\DealPly
[2013.05.28 10:02:14 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\DSite
[2013.05.09 11:51:09 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\DVDVideoSoft
[2013.06.15 07:57:55 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\MPHCA Loader
[2013.04.22 20:02:05 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\PhotoScape
[2013.04.21 18:23:37 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\player
[2013.04.27 13:18:42 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\Sierra
[2013.07.07 15:54:47 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\Spotify
[2013.07.07 20:27:26 | 000,000,000 | ---D | M] -- C:\Users\Sharkoon\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2013.05.22 20:32:50 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2013.05.05 18:36:47 | 000,000,000 | ---D | M] -- C:\AMD
[2013.04.12 15:31:28 | 000,000,000 | ---D | M] -- C:\ATI
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2013.04.12 15:01:16 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.05.21 17:41:46 | 000,000,000 | ---D | M] -- C:\Download
[2013.05.21 21:24:09 | 000,000,000 | ---D | M] -- C:\Fraps
[2013.05.21 17:41:51 | 000,000,000 | ---D | M] -- C:\Nexon
[2013.04.12 15:22:02 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2013.04.22 19:51:14 | 000,000,000 | ---D | M] -- C:\output
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.05.22 20:47:17 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.07.06 15:59:13 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2013.07.01 17:26:57 | 000,000,000 | ---D | M] -- C:\ProgramData
[2013.04.12 15:01:16 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.04.12 15:01:16 | 000,000,000 | ---D | M] -- C:\Recovery
[2013.07.09 16:50:42 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.04.12 15:29:48 | 000,000,000 | R--D | M] -- C:\Users
[2013.06.07 13:40:34 | 000,000,000 | ---D | M] -- C:\UT2003
[2013.07.02 14:24:26 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013.04.12 16:02:27 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.22 20:48:13 | 000,001,110 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.22 20:48:14 | 000,001,114 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.28 10:02:14 | 000,000,298 | ---- | C] () -- C:\Windows\Tasks\DSite.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\erdnt\cache86\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\erdnt\cache64\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2013.07.09 16:53:31 | 003,932,160 | -HS- | M] () -- C:\Users\Sharkoon\NTUSER.DAT
[2013.07.09 16:53:31 | 000,262,144 | -HS- | M] () -- C:\Users\Sharkoon\ntuser.dat.LOG1
[2013.04.12 15:02:17 | 000,000,000 | -HS- | M] () -- C:\Users\Sharkoon\ntuser.dat.LOG2
[2013.04.12 15:02:48 | 000,065,536 | -HS- | M] () -- C:\Users\Sharkoon\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2013.04.12 15:02:48 | 000,524,288 | -HS- | M] () -- C:\Users\Sharkoon\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2013.04.12 15:02:48 | 000,524,288 | -HS- | M] () -- C:\Users\Sharkoon\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2013.04.12 20:01:12 | 000,065,536 | -HS- | M] () -- C:\Users\Sharkoon\NTUSER.DAT{b67414db-a39a-11e2-932d-a0f3c182df1e}.TM.blf
[2013.04.12 20:01:12 | 000,524,288 | -HS- | M] () -- C:\Users\Sharkoon\NTUSER.DAT{b67414db-a39a-11e2-932d-a0f3c182df1e}.TMContainer00000000000000000001.regtrans-ms
[2013.04.12 20:01:12 | 000,524,288 | -HS- | M] () -- C:\Users\Sharkoon\NTUSER.DAT{b67414db-a39a-11e2-932d-a0f3c182df1e}.TMContainer00000000000000000002.regtrans-ms
[2013.04.12 15:02:17 | 000,000,020 | -HS- | M] () -- C:\Users\Sharkoon\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
         
--- --- ---
War kein Extra.txt dabei
__________________

Alt 09.07.2013, 16:13   #4
markusg
/// Malware-holic
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Hi,
1. wie lautet die genaue Meldung, als Text bitte.
2.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.07.2013, 16:17   #5
Bloodwolf
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



1. Achtung auf ihrem PC wurde Maleware erkannt !
Und dann blinkt mitten in der Homepage immer so ein dickes fettes Ausrufezeichen
2.Wurde nichts gefunden


Alt 09.07.2013, 16:26   #6
markusg
/// Malware-holic
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



wo ist das Log? und bitte drauf achten das der TDSS Killer auch nach Anleitung ausgeführt wurde
__________________
--> Ansage das ich eine MaleWare hätte

Alt 09.07.2013, 16:34   #7
Bloodwolf
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Sorry hatte wohl das im jeden Fall überlesen war wohl zu hastig :/

Naja alle guten dinge sind 2

Immernoch nichts gefunden und Log:
17:30:59.0704 4572 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:30:59.0864 4572 ============================================================
17:30:59.0864 4572 Current date / time: 2013/07/09 17:30:59.0864
17:30:59.0864 4572 SystemInfo:
17:30:59.0864 4572
17:30:59.0864 4572 OS Version: 6.1.7601 ServicePack: 1.0
17:30:59.0864 4572 Product type: Workstation
17:30:59.0864 4572 ComputerName: SHARKOON-PC
17:30:59.0864 4572 UserName: Sharkoon
17:30:59.0864 4572 Windows directory: C:\Windows
17:30:59.0864 4572 System windows directory: C:\Windows
17:30:59.0864 4572 Running under WOW64
17:30:59.0864 4572 Processor architecture: Intel x64
17:30:59.0864 4572 Number of processors: 4
17:30:59.0864 4572 Page size: 0x1000
17:30:59.0864 4572 Boot type: Normal boot
17:30:59.0864 4572 ============================================================
17:31:00.0644 4572 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:31:00.0654 4572 ============================================================
17:31:00.0654 4572 \Device\Harddisk0\DR0:
17:31:00.0654 4572 MBR partitions:
17:31:00.0654 4572 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:31:00.0654 4572 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
17:31:00.0654 4572 ============================================================
17:31:00.0674 4572 C: <-> \Device\Harddisk0\DR0\Partition2
17:31:00.0674 4572 ============================================================
17:31:00.0674 4572 Initialize success
17:31:00.0674 4572 ============================================================
17:31:08.0954 4972 ============================================================
17:31:08.0954 4972 Scan started
17:31:08.0954 4972 Mode: Manual; SigCheck; TDLFS;
17:31:08.0954 4972 ============================================================
17:31:09.0494 4972 ================ Scan system memory ========================
17:31:09.0494 4972 System memory - ok
17:31:09.0494 4972 ================ Scan services =============================
17:31:09.0604 4972 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:31:09.0684 4972 1394ohci - ok
17:31:09.0714 4972 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:31:09.0724 4972 ACPI - ok
17:31:09.0754 4972 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:31:09.0794 4972 AcpiPmi - ok
17:31:09.0904 4972 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:31:09.0924 4972 AdobeFlashPlayerUpdateSvc - ok
17:31:09.0954 4972 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:31:09.0974 4972 adp94xx - ok
17:31:09.0994 4972 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:31:10.0014 4972 adpahci - ok
17:31:10.0024 4972 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:31:10.0034 4972 adpu320 - ok
17:31:10.0054 4972 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:31:10.0114 4972 AeLookupSvc - ok
17:31:10.0144 4972 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:31:10.0184 4972 AFD - ok
17:31:10.0224 4972 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:31:10.0234 4972 agp440 - ok
17:31:10.0234 4972 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:31:10.0274 4972 ALG - ok
17:31:10.0304 4972 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:31:10.0314 4972 aliide - ok
17:31:10.0374 4972 AMD FUEL Service - ok
17:31:10.0384 4972 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:31:10.0394 4972 amdide - ok
17:31:10.0424 4972 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:31:10.0464 4972 AmdK8 - ok
17:31:10.0474 4972 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:31:10.0514 4972 AmdPPM - ok
17:31:10.0534 4972 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:31:10.0554 4972 amdsata - ok
17:31:10.0564 4972 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:31:10.0584 4972 amdsbs - ok
17:31:10.0594 4972 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:31:10.0604 4972 amdxata - ok
17:31:10.0654 4972 [ A3A98FCEED641EF7978ED850549F77F6 ] AMD_RAIDXpert C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
17:31:10.0674 4972 AMD_RAIDXpert - ok
17:31:10.0704 4972 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:31:10.0874 4972 AODDriver4.2 - ok
17:31:10.0914 4972 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:31:10.0994 4972 AppID - ok
17:31:11.0024 4972 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:31:11.0084 4972 AppIDSvc - ok
17:31:11.0114 4972 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
17:31:11.0164 4972 Appinfo - ok
17:31:11.0184 4972 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:31:11.0214 4972 AppMgmt - ok
17:31:11.0234 4972 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:31:11.0254 4972 arc - ok
17:31:11.0264 4972 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:31:11.0274 4972 arcsas - ok
17:31:11.0354 4972 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:31:11.0374 4972 aspnet_state - ok
17:31:11.0414 4972 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:31:11.0424 4972 aswFsBlk - ok
17:31:11.0464 4972 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:31:11.0484 4972 aswMonFlt - ok
17:31:11.0494 4972 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
17:31:11.0514 4972 aswRdr - ok
17:31:11.0534 4972 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
17:31:11.0544 4972 aswRvrt - ok
17:31:11.0574 4972 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:31:11.0594 4972 aswSnx - ok
17:31:11.0624 4972 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:31:11.0634 4972 aswSP - ok
17:31:11.0664 4972 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:31:11.0674 4972 aswTdi - ok
17:31:11.0704 4972 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
17:31:11.0714 4972 aswVmm - ok
17:31:11.0744 4972 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:31:11.0794 4972 AsyncMac - ok
17:31:11.0824 4972 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:31:11.0834 4972 atapi - ok
17:31:11.0884 4972 [ 7D89B0C443F6068E5B27AA3B972069FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
17:31:11.0944 4972 athr - ok
17:31:11.0974 4972 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
17:31:11.0994 4972 atksgt - ok
17:31:12.0024 4972 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:31:12.0094 4972 AudioEndpointBuilder - ok
17:31:12.0104 4972 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:31:12.0134 4972 AudioSrv - ok
17:31:12.0214 4972 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:31:12.0224 4972 avast! Antivirus - ok
17:31:12.0274 4972 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:31:12.0324 4972 AxInstSV - ok
17:31:12.0354 4972 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:31:12.0384 4972 b06bdrv - ok
17:31:12.0404 4972 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:31:12.0434 4972 b57nd60a - ok
17:31:12.0464 4972 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:31:12.0484 4972 BDESVC - ok
17:31:12.0494 4972 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:31:12.0574 4972 Beep - ok
17:31:12.0614 4972 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:31:12.0664 4972 BFE - ok
17:31:12.0704 4972 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:31:12.0784 4972 BITS - ok
17:31:12.0824 4972 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:31:12.0864 4972 blbdrive - ok
17:31:12.0984 4972 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:31:13.0014 4972 bowser - ok
17:31:13.0034 4972 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:31:13.0064 4972 BrFiltLo - ok
17:31:13.0064 4972 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:31:13.0104 4972 BrFiltUp - ok
17:31:13.0134 4972 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:31:13.0184 4972 BridgeMP - ok
17:31:13.0204 4972 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:31:13.0224 4972 Browser - ok
17:31:13.0234 4972 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:31:13.0264 4972 Brserid - ok
17:31:13.0264 4972 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:31:13.0294 4972 BrSerWdm - ok
17:31:13.0304 4972 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:31:13.0324 4972 BrUsbMdm - ok
17:31:13.0334 4972 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:31:13.0344 4972 BrUsbSer - ok
17:31:13.0344 4972 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:31:13.0374 4972 BTHMODEM - ok
17:31:13.0404 4972 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:31:13.0464 4972 bthserv - ok
17:31:13.0484 4972 catchme - ok
17:31:13.0504 4972 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:31:13.0564 4972 cdfs - ok
17:31:13.0614 4972 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:31:13.0644 4972 cdrom - ok
17:31:13.0684 4972 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:31:13.0734 4972 CertPropSvc - ok
17:31:13.0764 4972 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:31:13.0784 4972 circlass - ok
17:31:13.0804 4972 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:31:13.0824 4972 CLFS - ok
17:31:13.0854 4972 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:31:13.0874 4972 clr_optimization_v2.0.50727_32 - ok
17:31:13.0894 4972 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:31:13.0904 4972 clr_optimization_v2.0.50727_64 - ok
17:31:13.0964 4972 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:31:13.0984 4972 clr_optimization_v4.0.30319_32 - ok
17:31:14.0004 4972 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:31:14.0014 4972 clr_optimization_v4.0.30319_64 - ok
17:31:14.0044 4972 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:31:14.0074 4972 CmBatt - ok
17:31:14.0104 4972 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:31:14.0124 4972 cmdide - ok
17:31:14.0154 4972 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:31:14.0184 4972 CNG - ok
17:31:14.0194 4972 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:31:14.0214 4972 Compbatt - ok
17:31:14.0244 4972 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:31:14.0294 4972 CompositeBus - ok
17:31:14.0304 4972 COMSysApp - ok
17:31:14.0324 4972 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:31:14.0334 4972 crcdisk - ok
17:31:14.0364 4972 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:31:14.0404 4972 CryptSvc - ok
17:31:14.0434 4972 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:31:14.0464 4972 CSC - ok
17:31:14.0504 4972 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:31:14.0544 4972 CscService - ok
17:31:14.0584 4972 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:31:14.0634 4972 DcomLaunch - ok
17:31:14.0664 4972 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:31:14.0724 4972 defragsvc - ok
17:31:14.0774 4972 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:31:14.0824 4972 DfsC - ok
17:31:14.0864 4972 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:31:14.0904 4972 Dhcp - ok
17:31:14.0934 4972 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:31:15.0014 4972 discache - ok
17:31:15.0034 4972 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:31:15.0044 4972 Disk - ok
17:31:15.0064 4972 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:31:15.0124 4972 Dnscache - ok
17:31:15.0154 4972 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:31:15.0204 4972 dot3svc - ok
17:31:15.0244 4972 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:31:15.0304 4972 DPS - ok
17:31:15.0334 4972 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:31:15.0354 4972 drmkaud - ok
17:31:15.0394 4972 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:31:15.0424 4972 DXGKrnl - ok
17:31:15.0454 4972 EagleX64 - ok
17:31:15.0484 4972 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:31:15.0524 4972 EapHost - ok
17:31:15.0584 4972 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:31:15.0654 4972 ebdrv - ok
17:31:15.0684 4972 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:31:15.0734 4972 EFS - ok
17:31:15.0784 4972 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:31:15.0834 4972 ehRecvr - ok
17:31:15.0864 4972 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:31:15.0914 4972 ehSched - ok
17:31:15.0944 4972 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:31:15.0964 4972 elxstor - ok
17:31:15.0984 4972 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:31:16.0004 4972 ErrDev - ok
17:31:16.0044 4972 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:31:16.0094 4972 EventSystem - ok
17:31:16.0104 4972 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:31:16.0134 4972 exfat - ok
17:31:16.0144 4972 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:31:16.0184 4972 fastfat - ok
17:31:16.0244 4972 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:31:16.0264 4972 Fax - ok
17:31:16.0264 4972 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:31:16.0304 4972 fdc - ok
17:31:16.0324 4972 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:31:16.0394 4972 fdPHost - ok
17:31:16.0404 4972 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:31:16.0454 4972 FDResPub - ok
17:31:16.0474 4972 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:31:16.0484 4972 FileInfo - ok
17:31:16.0494 4972 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:31:16.0534 4972 Filetrace - ok
17:31:16.0554 4972 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:31:16.0564 4972 flpydisk - ok
17:31:16.0604 4972 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:31:16.0624 4972 FltMgr - ok
17:31:16.0664 4972 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
17:31:16.0694 4972 FontCache - ok
17:31:16.0744 4972 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:31:16.0754 4972 FontCache3.0.0.0 - ok
17:31:16.0774 4972 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:31:16.0794 4972 FsDepends - ok
17:31:16.0824 4972 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:31:16.0834 4972 Fs_Rec - ok
17:31:16.0864 4972 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:31:16.0894 4972 fvevol - ok
17:31:16.0904 4972 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:31:16.0924 4972 gagp30kx - ok
17:31:16.0944 4972 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:31:16.0994 4972 gpsvc - ok
17:31:17.0054 4972 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:31:17.0074 4972 gupdate - ok
17:31:17.0074 4972 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:31:17.0094 4972 gupdatem - ok
17:31:17.0094 4972 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:31:17.0114 4972 hcw85cir - ok
17:31:17.0164 4972 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:31:17.0204 4972 HdAudAddService - ok
17:31:17.0224 4972 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:31:17.0264 4972 HDAudBus - ok
17:31:17.0274 4972 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:31:17.0284 4972 HidBatt - ok
17:31:17.0294 4972 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:31:17.0314 4972 HidBth - ok
17:31:17.0314 4972 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:31:17.0334 4972 HidIr - ok
17:31:17.0354 4972 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:31:17.0414 4972 hidserv - ok
17:31:17.0454 4972 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:31:17.0464 4972 HidUsb - ok
17:31:17.0484 4972 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:31:17.0534 4972 hkmsvc - ok
17:31:17.0574 4972 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:31:17.0594 4972 HomeGroupListener - ok
17:31:17.0634 4972 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:31:17.0674 4972 HomeGroupProvider - ok
17:31:17.0714 4972 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:31:17.0724 4972 HpSAMD - ok
17:31:17.0764 4972 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:31:17.0814 4972 HTTP - ok
17:31:17.0834 4972 [ 51ACD072EC7863BFDE2B5B6A5383F945 ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
17:31:17.0844 4972 HWiNFO32 - ok
17:31:17.0874 4972 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:31:17.0884 4972 hwpolicy - ok
17:31:17.0914 4972 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:31:17.0934 4972 i8042prt - ok
17:31:17.0964 4972 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:31:17.0974 4972 iaStorV - ok
17:31:18.0084 4972 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:31:18.0114 4972 idsvc - ok
17:31:18.0174 4972 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:31:18.0184 4972 iirsp - ok
17:31:18.0214 4972 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:31:18.0274 4972 IKEEXT - ok
17:31:18.0374 4972 [ 6BDCC85422817FA53CD705ADE312CE6A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:31:18.0444 4972 IntcAzAudAddService - ok
17:31:18.0464 4972 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:31:18.0474 4972 intelide - ok
17:31:18.0494 4972 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:31:18.0524 4972 intelppm - ok
17:31:18.0544 4972 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:31:18.0604 4972 IPBusEnum - ok
17:31:18.0624 4972 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:31:18.0674 4972 IpFilterDriver - ok
17:31:18.0704 4972 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:31:18.0724 4972 iphlpsvc - ok
17:31:18.0744 4972 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:31:18.0774 4972 IPMIDRV - ok
17:31:18.0794 4972 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:31:18.0844 4972 IPNAT - ok
17:31:18.0864 4972 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:31:18.0894 4972 IRENUM - ok
17:31:18.0904 4972 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:31:18.0914 4972 isapnp - ok
17:31:18.0934 4972 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:31:18.0944 4972 iScsiPrt - ok
17:31:18.0964 4972 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:31:18.0974 4972 kbdclass - ok
17:31:18.0994 4972 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:31:19.0014 4972 kbdhid - ok
17:31:19.0024 4972 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:31:19.0034 4972 KeyIso - ok
17:31:19.0064 4972 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:31:19.0074 4972 KSecDD - ok
17:31:19.0084 4972 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:31:19.0094 4972 KSecPkg - ok
17:31:19.0114 4972 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:31:19.0154 4972 ksthunk - ok
17:31:19.0174 4972 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:31:19.0224 4972 KtmRm - ok
17:31:19.0274 4972 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:31:19.0334 4972 LanmanServer - ok
17:31:19.0354 4972 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:31:19.0404 4972 LanmanWorkstation - ok
17:31:19.0434 4972 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
17:31:19.0444 4972 lirsgt - ok
17:31:19.0464 4972 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:31:19.0514 4972 lltdio - ok
17:31:19.0544 4972 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:31:19.0584 4972 lltdsvc - ok
17:31:19.0594 4972 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:31:19.0634 4972 lmhosts - ok
17:31:19.0654 4972 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:31:19.0664 4972 LSI_FC - ok
17:31:19.0684 4972 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:31:19.0694 4972 LSI_SAS - ok
17:31:19.0704 4972 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:31:19.0714 4972 LSI_SAS2 - ok
17:31:19.0714 4972 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:31:19.0724 4972 LSI_SCSI - ok
17:31:19.0744 4972 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:31:19.0784 4972 luafv - ok
17:31:19.0804 4972 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:31:19.0844 4972 Mcx2Svc - ok
17:31:19.0854 4972 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:31:19.0864 4972 megasas - ok
17:31:19.0874 4972 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:31:19.0884 4972 MegaSR - ok
17:31:19.0914 4972 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:31:19.0984 4972 MMCSS - ok
17:31:19.0994 4972 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:31:20.0044 4972 Modem - ok
17:31:20.0064 4972 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:31:20.0084 4972 monitor - ok
17:31:20.0104 4972 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:31:20.0114 4972 mouclass - ok
17:31:20.0134 4972 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:31:20.0154 4972 mouhid - ok
17:31:20.0184 4972 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:31:20.0204 4972 mountmgr - ok
17:31:20.0254 4972 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:31:20.0264 4972 MozillaMaintenance - ok
17:31:20.0294 4972 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:31:20.0304 4972 mpio - ok
17:31:20.0314 4972 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:31:20.0344 4972 mpsdrv - ok
17:31:20.0374 4972 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:31:20.0424 4972 MpsSvc - ok
17:31:20.0454 4972 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:31:20.0484 4972 MRxDAV - ok
17:31:20.0514 4972 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:31:20.0554 4972 mrxsmb - ok
17:31:20.0564 4972 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:31:20.0584 4972 mrxsmb10 - ok
17:31:20.0584 4972 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:31:20.0604 4972 mrxsmb20 - ok
17:31:20.0624 4972 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:31:20.0634 4972 msahci - ok
17:31:20.0644 4972 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:31:20.0654 4972 msdsm - ok
17:31:20.0664 4972 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:31:20.0694 4972 MSDTC - ok
17:31:20.0744 4972 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:31:20.0784 4972 Msfs - ok
17:31:20.0794 4972 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:31:20.0834 4972 mshidkmdf - ok
17:31:20.0844 4972 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:31:20.0854 4972 msisadrv - ok
17:31:20.0894 4972 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:31:20.0934 4972 MSiSCSI - ok
17:31:20.0934 4972 msiserver - ok
17:31:20.0954 4972 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:31:20.0994 4972 MSKSSRV - ok
17:31:20.0994 4972 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:31:21.0024 4972 MSPCLOCK - ok
17:31:21.0034 4972 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:31:21.0064 4972 MSPQM - ok
17:31:21.0104 4972 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:31:21.0114 4972 MsRPC - ok
17:31:21.0154 4972 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:31:21.0164 4972 mssmbios - ok
17:31:21.0174 4972 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:31:21.0214 4972 MSTEE - ok
17:31:21.0214 4972 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:31:21.0254 4972 MTConfig - ok
17:31:21.0274 4972 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:31:21.0284 4972 Mup - ok
17:31:21.0314 4972 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:31:21.0364 4972 napagent - ok
17:31:21.0384 4972 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:31:21.0404 4972 NativeWifiP - ok
17:31:21.0444 4972 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:31:21.0484 4972 NDIS - ok
17:31:21.0494 4972 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:31:21.0534 4972 NdisCap - ok
17:31:21.0554 4972 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:31:21.0614 4972 NdisTapi - ok
17:31:21.0654 4972 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:31:21.0704 4972 Ndisuio - ok
17:31:21.0734 4972 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:31:21.0784 4972 NdisWan - ok
17:31:21.0814 4972 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:31:21.0854 4972 NDProxy - ok
17:31:21.0884 4972 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:31:21.0944 4972 NetBIOS - ok
17:31:21.0984 4972 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:31:22.0024 4972 NetBT - ok
17:31:22.0034 4972 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:31:22.0044 4972 Netlogon - ok
17:31:22.0074 4972 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:31:22.0124 4972 Netman - ok
17:31:22.0154 4972 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:22.0164 4972 NetMsmqActivator - ok
17:31:22.0174 4972 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:22.0184 4972 NetPipeActivator - ok
17:31:22.0194 4972 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:31:22.0264 4972 netprofm - ok
17:31:22.0264 4972 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:22.0284 4972 NetTcpActivator - ok
17:31:22.0284 4972 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:31:22.0304 4972 NetTcpPortSharing - ok
17:31:22.0334 4972 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:31:22.0344 4972 nfrd960 - ok
17:31:22.0354 4972 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:31:22.0384 4972 NlaSvc - ok
17:31:22.0404 4972 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:31:22.0434 4972 Npfs - ok
17:31:22.0444 4972 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:31:22.0494 4972 nsi - ok
17:31:22.0494 4972 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:31:22.0534 4972 nsiproxy - ok
17:31:22.0584 4972 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:31:22.0614 4972 Ntfs - ok
17:31:22.0644 4972 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:31:22.0684 4972 Null - ok
17:31:22.0724 4972 [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:31:22.0734 4972 NVHDA - ok
17:31:22.0934 4972 [ EE6B7B6A54BCAFF516E30B1C15467495 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:31:23.0084 4972 nvlddmkm - ok
17:31:23.0114 4972 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:31:23.0124 4972 nvraid - ok
17:31:23.0164 4972 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:31:23.0184 4972 nvstor - ok
17:31:23.0224 4972 [ 25626309AD2F81D47C829CCB5E46E478 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:31:23.0244 4972 nvsvc - ok
17:31:23.0324 4972 [ A9AFE5B0648C8D7A411A72D8222F7F6E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:31:23.0364 4972 nvUpdatusService - ok
17:31:23.0384 4972 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:31:23.0394 4972 nv_agp - ok
17:31:23.0424 4972 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:31:23.0444 4972 ohci1394 - ok
17:31:23.0474 4972 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:31:23.0494 4972 p2pimsvc - ok
17:31:23.0514 4972 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:31:23.0534 4972 p2psvc - ok
17:31:23.0554 4972 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:31:23.0574 4972 Parport - ok
17:31:23.0594 4972 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:31:23.0604 4972 partmgr - ok
17:31:23.0614 4972 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:31:23.0644 4972 PcaSvc - ok
17:31:23.0664 4972 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:31:23.0674 4972 pci - ok
17:31:23.0694 4972 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:31:23.0704 4972 pciide - ok
17:31:23.0734 4972 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:31:23.0744 4972 pcmcia - ok
17:31:23.0754 4972 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:31:23.0764 4972 pcw - ok
17:31:23.0774 4972 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:31:23.0824 4972 PEAUTH - ok
17:31:23.0874 4972 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:31:23.0904 4972 PeerDistSvc - ok
17:31:23.0964 4972 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:31:23.0984 4972 PerfHost - ok
17:31:24.0034 4972 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:31:24.0104 4972 pla - ok
17:31:24.0134 4972 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:31:24.0164 4972 PlugPlay - ok
17:31:24.0194 4972 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:31:24.0214 4972 PNRPAutoReg - ok
17:31:24.0234 4972 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:31:24.0244 4972 PNRPsvc - ok
17:31:24.0284 4972 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:31:24.0334 4972 PolicyAgent - ok
17:31:24.0344 4972 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:31:24.0394 4972 Power - ok
17:31:24.0424 4972 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:31:24.0484 4972 PptpMiniport - ok
17:31:24.0494 4972 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:31:24.0514 4972 Processor - ok
17:31:24.0544 4972 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:31:24.0564 4972 ProfSvc - ok
17:31:24.0574 4972 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:31:24.0594 4972 ProtectedStorage - ok
17:31:24.0644 4972 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:31:24.0694 4972 Psched - ok
17:31:24.0734 4972 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:31:24.0774 4972 ql2300 - ok
17:31:24.0774 4972 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:31:24.0784 4972 ql40xx - ok
17:31:24.0814 4972 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:31:24.0854 4972 QWAVE - ok
17:31:24.0874 4972 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:31:24.0894 4972 QWAVEdrv - ok
17:31:24.0904 4972 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:31:24.0954 4972 RasAcd - ok
17:31:24.0974 4972 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:31:25.0014 4972 RasAgileVpn - ok
17:31:25.0024 4972 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:31:25.0054 4972 RasAuto - ok
17:31:25.0074 4972 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:31:25.0124 4972 Rasl2tp - ok
17:31:25.0144 4972 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:31:25.0194 4972 RasMan - ok
17:31:25.0214 4972 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:31:25.0254 4972 RasPppoe - ok
17:31:25.0254 4972 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:31:25.0304 4972 RasSstp - ok
17:31:25.0334 4972 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:31:25.0384 4972 rdbss - ok
17:31:25.0394 4972 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:31:25.0404 4972 rdpbus - ok
17:31:25.0414 4972 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:31:25.0454 4972 RDPCDD - ok
17:31:25.0484 4972 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:31:25.0504 4972 RDPDR - ok
17:31:25.0534 4972 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:31:25.0574 4972 RDPENCDD - ok
17:31:25.0574 4972 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:31:25.0604 4972 RDPREFMP - ok
17:31:25.0654 4972 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:31:25.0684 4972 RdpVideoMiniport - ok
17:31:25.0714 4972 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:31:25.0734 4972 RDPWD - ok
17:31:25.0784 4972 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:31:25.0804 4972 rdyboost - ok
17:31:25.0824 4972 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:31:25.0894 4972 RemoteAccess - ok
17:31:25.0924 4972 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:31:25.0984 4972 RemoteRegistry - ok
17:31:25.0994 4972 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:31:26.0044 4972 RpcEptMapper - ok
17:31:26.0064 4972 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:31:26.0094 4972 RpcLocator - ok
17:31:26.0124 4972 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:31:26.0164 4972 RpcSs - ok
17:31:26.0194 4972 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:31:26.0224 4972 rspndr - ok
17:31:26.0244 4972 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:31:26.0274 4972 s3cap - ok
17:31:26.0294 4972 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:31:26.0304 4972 SamSs - ok
17:31:26.0324 4972 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:31:26.0334 4972 sbp2port - ok
17:31:26.0354 4972 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:31:26.0404 4972 SCardSvr - ok
17:31:26.0434 4972 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:31:26.0494 4972 scfilter - ok
17:31:26.0534 4972 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:31:26.0614 4972 Schedule - ok
17:31:26.0634 4972 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:31:26.0664 4972 SCPolicySvc - ok
17:31:26.0704 4972 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:31:26.0734 4972 SDRSVC - ok
17:31:26.0764 4972 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:31:26.0824 4972 secdrv - ok
17:31:26.0864 4972 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:31:26.0934 4972 seclogon - ok
17:31:26.0954 4972 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:31:26.0994 4972 SENS - ok
17:31:27.0014 4972 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:31:27.0024 4972 SensrSvc - ok
17:31:27.0034 4972 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:31:27.0054 4972 Serenum - ok
17:31:27.0094 4972 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:31:27.0124 4972 Serial - ok
17:31:27.0124 4972 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:31:27.0154 4972 sermouse - ok
17:31:27.0204 4972 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:31:27.0274 4972 SessionEnv - ok
17:31:27.0284 4972 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:31:27.0314 4972 sffdisk - ok
17:31:27.0334 4972 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:31:27.0354 4972 sffp_mmc - ok
17:31:27.0374 4972 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:31:27.0394 4972 sffp_sd - ok
17:31:27.0414 4972 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:31:27.0424 4972 sfloppy - ok
17:31:27.0454 4972 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:31:27.0514 4972 SharedAccess - ok
17:31:27.0544 4972 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:31:27.0594 4972 ShellHWDetection - ok
17:31:27.0614 4972 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:31:27.0624 4972 SiSRaid2 - ok
17:31:27.0634 4972 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:31:27.0644 4972 SiSRaid4 - ok
17:31:27.0664 4972 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:31:27.0714 4972 Smb - ok
17:31:27.0744 4972 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:31:27.0774 4972 SNMPTRAP - ok
17:31:27.0784 4972 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:31:27.0794 4972 spldr - ok
17:31:27.0824 4972 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:31:27.0844 4972 Spooler - ok
17:31:27.0924 4972 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:31:27.0994 4972 sppsvc - ok
17:31:28.0014 4972 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:31:28.0054 4972 sppuinotify - ok
17:31:28.0074 4972 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:31:28.0104 4972 srv - ok
17:31:28.0124 4972 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:31:28.0154 4972 srv2 - ok
17:31:28.0174 4972 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:31:28.0194 4972 srvnet - ok
17:31:28.0244 4972 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:31:28.0294 4972 SSDPSRV - ok
17:31:28.0314 4972 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:31:28.0354 4972 SstpSvc - ok
17:31:28.0374 4972 Steam Client Service - ok
17:31:28.0434 4972 [ 2222073BE0232E70A397B8302293AA9D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:31:28.0454 4972 Stereo Service - ok
17:31:28.0494 4972 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:31:28.0504 4972 stexstor - ok
17:31:28.0544 4972 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:31:28.0584 4972 stisvc - ok
17:31:28.0614 4972 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:31:28.0624 4972 storflt - ok
17:31:28.0644 4972 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:31:28.0654 4972 storvsc - ok
17:31:28.0684 4972 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:31:28.0694 4972 swenum - ok
17:31:28.0714 4972 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:31:28.0764 4972 swprv - ok
17:31:28.0784 4972 Synth3dVsc - ok
17:31:28.0834 4972 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:31:28.0894 4972 SysMain - ok
17:31:28.0924 4972 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:31:28.0954 4972 TabletInputService - ok
17:31:28.0994 4972 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:31:29.0044 4972 TapiSrv - ok
17:31:29.0064 4972 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:31:29.0114 4972 TBS - ok
17:31:29.0154 4972 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:31:29.0194 4972 Tcpip - ok
17:31:29.0234 4972 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:31:29.0264 4972 TCPIP6 - ok
17:31:29.0294 4972 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:31:29.0324 4972 tcpipreg - ok
17:31:29.0344 4972 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:31:29.0374 4972 TDPIPE - ok
17:31:29.0404 4972 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:31:29.0434 4972 TDTCP - ok
17:31:29.0454 4972 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:31:29.0514 4972 tdx - ok
17:31:29.0544 4972 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:31:29.0564 4972 TermDD - ok
17:31:29.0594 4972 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:31:29.0644 4972 TermService - ok
17:31:29.0674 4972 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:31:29.0694 4972 Themes - ok
17:31:29.0714 4972 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:31:29.0744 4972 THREADORDER - ok
17:31:29.0764 4972 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:31:29.0804 4972 TrkWks - ok
17:31:29.0854 4972 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:31:29.0914 4972 TrustedInstaller - ok
17:31:29.0944 4972 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:31:29.0984 4972 tssecsrv - ok
17:31:30.0004 4972 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:31:30.0024 4972 TsUsbFlt - ok
17:31:30.0044 4972 tsusbhub - ok
17:31:30.0084 4972 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:31:30.0134 4972 tunnel - ok
17:31:30.0174 4972 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:31:30.0184 4972 uagp35 - ok
17:31:30.0214 4972 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:31:30.0274 4972 udfs - ok
17:31:30.0304 4972 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:31:30.0324 4972 UI0Detect - ok
17:31:30.0344 4972 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:31:30.0354 4972 uliagpkx - ok
17:31:30.0384 4972 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:31:30.0414 4972 umbus - ok
17:31:30.0434 4972 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:31:30.0444 4972 UmPass - ok
17:31:30.0474 4972 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:31:30.0504 4972 UmRdpService - ok
17:31:30.0534 4972 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:31:30.0574 4972 upnphost - ok
17:31:30.0604 4972 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:31:30.0624 4972 usbccgp - ok
17:31:30.0644 4972 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:31:30.0654 4972 usbcir - ok
17:31:30.0684 4972 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:31:30.0704 4972 usbehci - ok
17:31:30.0744 4972 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:31:30.0754 4972 usbhub - ok
17:31:30.0774 4972 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:31:30.0794 4972 usbohci - ok
17:31:30.0814 4972 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:31:30.0834 4972 usbprint - ok
17:31:30.0844 4972 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:31:30.0854 4972 USBSTOR - ok
17:31:30.0874 4972 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:31:30.0894 4972 usbuhci - ok
17:31:30.0924 4972 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:31:30.0984 4972 UxSms - ok
17:31:31.0004 4972 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:31:31.0014 4972 VaultSvc - ok
17:31:31.0044 4972 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:31:31.0054 4972 vdrvroot - ok
17:31:31.0084 4972 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:31:31.0134 4972 vds - ok
17:31:31.0164 4972 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:31:31.0174 4972 vga - ok
17:31:31.0194 4972 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:31:31.0224 4972 VgaSave - ok
17:31:31.0254 4972 VGPU - ok
17:31:31.0274 4972 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:31:31.0294 4972 vhdmp - ok
17:31:31.0324 4972 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:31:31.0334 4972 viaide - ok
17:31:31.0354 4972 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:31:31.0364 4972 vmbus - ok
17:31:31.0374 4972 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:31:31.0394 4972 VMBusHID - ok
17:31:31.0414 4972 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:31:31.0424 4972 volmgr - ok
17:31:31.0454 4972 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:31:31.0474 4972 volmgrx - ok
17:31:31.0494 4972 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:31:31.0504 4972 volsnap - ok
17:31:31.0544 4972 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:31:31.0554 4972 vsmraid - ok
17:31:31.0604 4972 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:31:31.0664 4972 VSS - ok
17:31:31.0674 4972 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:31:31.0694 4972 vwifibus - ok
17:31:31.0704 4972 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:31:31.0724 4972 vwififlt - ok
17:31:31.0754 4972 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:31:31.0794 4972 W32Time - ok
17:31:31.0824 4972 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:31:31.0854 4972 WacomPen - ok
17:31:31.0894 4972 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:31:31.0954 4972 WANARP - ok
17:31:31.0964 4972 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:31:31.0994 4972 Wanarpv6 - ok
17:31:32.0034 4972 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:31:32.0074 4972 wbengine - ok
17:31:32.0094 4972 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:31:32.0114 4972 WbioSrvc - ok
17:31:32.0144 4972 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:31:32.0174 4972 wcncsvc - ok
17:31:32.0194 4972 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:31:32.0214 4972 WcsPlugInService - ok
17:31:32.0234 4972 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:31:32.0244 4972 Wd - ok
17:31:32.0274 4972 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:31:32.0304 4972 Wdf01000 - ok
17:31:32.0304 4972 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:31:32.0334 4972 WdiServiceHost - ok
17:31:32.0344 4972 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:31:32.0354 4972 WdiSystemHost - ok
17:31:32.0384 4972 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:31:32.0414 4972 WebClient - ok
17:31:32.0414 4972 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:31:32.0454 4972 Wecsvc - ok
17:31:32.0464 4972 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:31:32.0504 4972 wercplsupport - ok
17:31:32.0524 4972 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:31:32.0574 4972 WerSvc - ok
17:31:32.0604 4972 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:31:32.0634 4972 WfpLwf - ok
17:31:32.0644 4972 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:31:32.0654 4972 WIMMount - ok
17:31:32.0684 4972 WinDefend - ok
17:31:32.0704 4972 WinHttpAutoProxySvc - ok
17:31:32.0744 4972 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:31:32.0794 4972 Winmgmt - ok
17:31:32.0844 4972 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:31:32.0924 4972 WinRM - ok
17:31:32.0974 4972 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
17:31:32.0994 4972 WinUSB - ok
17:31:33.0014 4972 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:31:33.0054 4972 Wlansvc - ok
17:31:33.0144 4972 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:31:33.0194 4972 wlidsvc - ok
17:31:33.0224 4972 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:31:33.0234 4972 WmiAcpi - ok
17:31:33.0264 4972 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:31:33.0284 4972 wmiApSrv - ok
17:31:33.0314 4972 WMPNetworkSvc - ok
17:31:33.0434 4972 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
17:31:33.0454 4972 WMZuneComm - ok
17:31:33.0474 4972 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:31:33.0494 4972 WPCSvc - ok
17:31:33.0524 4972 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:31:33.0544 4972 WPDBusEnum - ok
17:31:33.0574 4972 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:31:33.0614 4972 ws2ifsl - ok
17:31:33.0624 4972 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:31:33.0654 4972 wscsvc - ok
17:31:33.0664 4972 WSearch - ok
17:31:33.0724 4972 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:31:33.0764 4972 wuauserv - ok
17:31:33.0794 4972 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:31:33.0804 4972 WudfPf - ok
17:31:33.0834 4972 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:31:33.0854 4972 WUDFRd - ok
17:31:33.0864 4972 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:31:33.0884 4972 wudfsvc - ok
17:31:33.0914 4972 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:31:33.0934 4972 WwanSvc - ok
17:31:34.0094 4972 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
17:31:34.0204 4972 ZuneNetworkSvc - ok
17:31:34.0244 4972 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
17:31:34.0264 4972 ZuneWlanCfgSvc - ok
17:31:34.0274 4972 ================ Scan global ===============================
17:31:34.0294 4972 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:31:34.0314 4972 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:31:34.0324 4972 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:31:34.0364 4972 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:31:34.0384 4972 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:31:34.0394 4972 [Global] - ok
17:31:34.0394 4972 ================ Scan MBR ==================================
17:31:34.0404 4972 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:31:34.0574 4972 \Device\Harddisk0\DR0 - ok
17:31:34.0574 4972 ================ Scan VBR ==================================
17:31:34.0584 4972 [ D90F97BF1CF0A3EE547AEC8AAE66AB14 ] \Device\Harddisk0\DR0\Partition1
17:31:34.0584 4972 \Device\Harddisk0\DR0\Partition1 - ok
17:31:34.0604 4972 [ B256A61BEB5EF6C46866DC509E02F885 ] \Device\Harddisk0\DR0\Partition2
17:31:34.0614 4972 \Device\Harddisk0\DR0\Partition2 - ok
17:31:34.0614 4972 ============================================================
17:31:34.0614 4972 Scan finished
17:31:34.0614 4972 ============================================================
17:31:34.0624 4580 Detected object count: 0
17:31:34.0624 4580 Actual detected object count: 0

Warum hats das den jetzt so gepostet und nicht in diesem Rahmen ?

Alt 09.07.2013, 16:47   #8
markusg
/// Malware-holic
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.07.2013, 17:10   #9
Bloodwolf
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Combofix Logfile:
Code:
ATTFilter
ComboFix 13-07-09.01 - Sharkoon 09.07.2013  17:51:17.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8191.5955 [GMT 2:00]
ausgeführt von:: c:\users\Sharkoon\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPly.xpi
c:\program files (x86)\DealPly\DealPlyIE.dll
c:\program files (x86)\DealPly\DealPlyIE64.dll
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\DealPlyUpdateVer.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-09 bis 2013-07-09  ))))))))))))))))))))))))))))))
.
.
2013-07-09 15:58 . 2013-07-09 15:58	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-07-09 15:58 . 2013-07-09 15:58	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-07-09 15:58 . 2013-07-09 15:58	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-07-09 13:08 . 2013-06-12 03:08	9552976	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{2962887A-E076-4874-99D5-A549921F8E5E}\mpengine.dll
2013-07-01 16:05 . 2013-07-01 16:05	--------	d-----w-	c:\users\Sharkoon\AppData\Local\NVIDIA
2013-07-01 15:40 . 2013-07-01 15:40	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2013-07-01 14:41 . 2013-07-01 14:41	--------	d-----w-	c:\users\Sharkoon\AppData\Roaming\DealPly
2013-07-01 14:40 . 2013-07-01 14:40	--------	d-----w-	c:\users\Sharkoon\AppData\Roaming\BabSolution
2013-07-01 14:40 . 2013-07-01 14:40	--------	d-----w-	c:\program files (x86)\Image Converter
2013-07-01 14:40 . 2013-07-01 14:40	--------	d-----w-	c:\users\Sharkoon\AppData\Roaming\Babylon
2013-07-01 14:40 . 2013-07-01 14:40	--------	d-----w-	c:\programdata\Babylon
2013-06-21 03:16 . 2013-06-21 03:16	566048	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\SysWow64\en
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\SysWow64\0409
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\SysWow64\drivers\UMDF\en-US
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\SysWow64\drivers\sk-SK
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\SysWow64\wbem\sk-SK
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\sk-SK
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\system32\en
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\system32\0409
2013-06-18 19:41 . 2013-06-19 15:49	--------	d-----w-	c:\windows\system32\drivers\en-US
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\system32\drivers\sk-SK
2013-06-18 19:41 . 2013-06-18 19:41	--------	d-----w-	c:\windows\system32\wbem\sk-SK
2013-06-18 19:35 . 2009-07-13 16:26	6144	----a-w-	c:\windows\system32\drivers\UMDF\en-US\WUDFUsbccidDriver.dll.mui
2013-06-18 19:35 . 2009-07-13 16:24	2560	----a-w-	c:\windows\system32\drivers\UMDF\en-US\WpdMtpDr.dll.mui
2013-06-18 19:35 . 2009-07-13 16:30	3584	----a-w-	c:\windows\system32\Spool\prtprocs\x64\en-US\LXKPTPRC.DLL.mui
2013-06-15 05:49 . 2013-06-15 05:49	--------	d-----w-	c:\program files (x86)\2K Games
2013-06-15 05:47 . 2013-06-15 05:47	--------	d-----w-	c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2013-06-15 05:47 . 2013-06-15 05:47	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-06-12 13:58 . 2013-05-08 06:39	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-28 11:24 . 2013-05-22 18:48	378944	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-06-28 11:24 . 2013-05-22 18:48	1030952	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-06-28 11:24 . 2013-05-22 18:48	189936	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-06-21 12:06 . 2013-04-12 13:28	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-06-21 12:06 . 2013-04-12 13:28	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-06-21 12:06 . 2013-04-12 13:28	15920536	----a-w-	c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-04-12 13:28	15144928	----a-w-	c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-04-12 13:28	13411896	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-04-12 13:28	1059560	----a-w-	c:\windows\system32\nvumdshimx.dll
2013-06-21 12:06 . 2013-04-12 13:28	2936208	----a-w-	c:\windows\system32\nvapi64.dll
2013-06-21 12:06 . 2013-04-12 13:28	2597856	----a-w-	c:\windows\SysWow64\nvapi.dll
2013-06-21 10:23 . 2013-04-12 13:29	6496544	----a-w-	c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2013-04-12 13:29	3514656	----a-w-	c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2013-04-12 13:29	884512	----a-w-	c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2013-04-12 13:29	63776	----a-w-	c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2013-04-12 13:29	2555680	----a-w-	c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2013-04-12 13:29	237856	----a-w-	c:\windows\system32\nvmctray.dll
2013-06-20 04:17 . 2013-04-12 13:29	3253909	----a-w-	c:\windows\system32\nvcoproc.bin
2013-06-12 16:08 . 2013-05-23 06:55	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-12 15:11 . 2013-04-12 14:02	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 15:11 . 2013-04-12 14:02	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-23 09:21 . 2013-05-23 09:21	97280	----a-w-	c:\windows\system32\mshtmled.dll
2013-05-23 09:21 . 2013-05-23 09:21	92160	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2013-05-23 09:21 . 2013-05-23 09:21	905728	----a-w-	c:\windows\system32\mshtmlmedia.dll
2013-05-23 09:21 . 2013-05-23 09:21	81408	----a-w-	c:\windows\system32\icardie.dll
2013-05-23 09:21 . 2013-05-23 09:21	77312	----a-w-	c:\windows\system32\tdc.ocx
2013-05-23 09:21 . 2013-05-23 09:21	762368	----a-w-	c:\windows\system32\ieapfltr.dll
2013-05-23 09:21 . 2013-05-23 09:21	73728	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-23 09:21 . 2013-05-23 09:21	719360	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2013-05-23 09:21 . 2013-05-23 09:21	62976	----a-w-	c:\windows\system32\pngfilt.dll
2013-05-23 09:21 . 2013-05-23 09:21	61952	----a-w-	c:\windows\SysWow64\tdc.ocx
2013-05-23 09:21 . 2013-05-23 09:21	599552	----a-w-	c:\windows\system32\vbscript.dll
2013-05-23 09:21 . 2013-05-23 09:21	523264	----a-w-	c:\windows\SysWow64\vbscript.dll
2013-05-23 09:21 . 2013-05-23 09:21	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2013-05-23 09:21 . 2013-05-23 09:21	51200	----a-w-	c:\windows\system32\imgutil.dll
2013-05-23 09:21 . 2013-05-23 09:21	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2013-05-23 09:21 . 2013-05-23 09:21	48640	----a-w-	c:\windows\system32\mshtmler.dll
2013-05-23 09:21 . 2013-05-23 09:21	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2013-05-23 09:21 . 2013-05-23 09:21	441856	----a-w-	c:\windows\system32\html.iec
2013-05-23 09:21 . 2013-05-23 09:21	38400	----a-w-	c:\windows\SysWow64\imgutil.dll
2013-05-23 09:21 . 2013-05-23 09:21	361984	----a-w-	c:\windows\SysWow64\html.iec
2013-05-23 09:21 . 2013-05-23 09:21	281600	----a-w-	c:\windows\system32\dxtrans.dll
2013-05-23 09:21 . 2013-05-23 09:21	27648	----a-w-	c:\windows\system32\licmgr10.dll
2013-05-23 09:21 . 2013-05-23 09:21	270848	----a-w-	c:\windows\system32\iedkcs32.dll
2013-05-23 09:21 . 2013-05-23 09:21	247296	----a-w-	c:\windows\system32\webcheck.dll
2013-05-23 09:21 . 2013-05-23 09:21	235008	----a-w-	c:\windows\system32\url.dll
2013-05-23 09:21 . 2013-05-23 09:21	23040	----a-w-	c:\windows\SysWow64\licmgr10.dll
2013-05-23 09:21 . 2013-05-23 09:21	226304	----a-w-	c:\windows\system32\elshyph.dll
2013-05-23 09:21 . 2013-05-23 09:21	216064	----a-w-	c:\windows\system32\msls31.dll
2013-05-23 09:21 . 2013-05-23 09:21	197120	----a-w-	c:\windows\system32\msrating.dll
2013-05-23 09:21 . 2013-05-23 09:21	185344	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-05-23 09:21 . 2013-05-23 09:21	173568	----a-w-	c:\windows\system32\ieUnatt.exe
2013-05-23 09:21 . 2013-05-23 09:21	167424	----a-w-	c:\windows\system32\iexpress.exe
2013-05-23 09:21 . 2013-05-23 09:21	158720	----a-w-	c:\windows\SysWow64\msls31.dll
2013-05-23 09:21 . 2013-05-23 09:21	1509376	----a-w-	c:\windows\system32\inetcpl.cpl
2013-05-23 09:21 . 2013-05-23 09:21	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2013-05-23 09:21 . 2013-05-23 09:21	149504	----a-w-	c:\windows\system32\occache.dll
2013-05-23 09:21 . 2013-05-23 09:21	144896	----a-w-	c:\windows\system32\wextract.exe
2013-05-23 09:21 . 2013-05-23 09:21	1441280	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2013-05-23 09:21 . 2013-05-23 09:21	1400416	----a-w-	c:\windows\system32\ieapfltr.dat
2013-05-23 09:21 . 2013-05-23 09:21	138752	----a-w-	c:\windows\SysWow64\wextract.exe
2013-05-23 09:21 . 2013-05-23 09:21	13824	----a-w-	c:\windows\system32\mshta.exe
2013-05-23 09:21 . 2013-05-23 09:21	137216	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2013-05-23 09:21 . 2013-05-23 09:21	136192	----a-w-	c:\windows\system32\iepeers.dll
2013-05-23 09:21 . 2013-05-23 09:21	135680	----a-w-	c:\windows\system32\IEAdvpack.dll
2013-05-23 09:21 . 2013-05-23 09:21	12800	----a-w-	c:\windows\SysWow64\mshta.exe
2013-05-23 09:21 . 2013-05-23 09:21	12800	----a-w-	c:\windows\system32\msfeedssync.exe
2013-05-23 09:21 . 2013-05-23 09:21	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2013-05-23 09:21 . 2013-05-23 09:21	1054720	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-23 09:21 . 2013-05-23 09:21	102912	----a-w-	c:\windows\system32\inseng.dll
2013-05-23 09:20 . 2013-05-23 09:20	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2013-05-23 09:20 . 2013-05-23 09:20	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2013-05-23 09:20 . 2013-05-23 09:20	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-23 09:20 . 2013-05-23 09:20	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2013-05-23 09:20 . 2013-05-23 09:20	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2013-05-23 09:20 . 2013-05-23 09:20	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-23 09:20 . 2013-05-23 09:20	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-23 09:20 . 2013-05-23 09:20	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2013-05-23 09:20 . 2013-05-23 09:20	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2013-05-23 09:20 . 2013-05-23 09:20	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2013-05-23 09:20 . 2013-05-23 09:20	3928064	----a-w-	c:\windows\system32\d2d1.dll
2013-05-23 09:20 . 2013-05-23 09:20	363008	----a-w-	c:\windows\system32\dxgi.dll
2013-05-23 09:20 . 2013-05-23 09:20	3419136	----a-w-	c:\windows\SysWow64\d2d1.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-07-08 1672616]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2013-05-21 438272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-14 307200]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-16 642656]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 09592210
*NewlyCreated* - 65878209
*NewlyCreated* - 82009047
*Deregistered* - 09592210
*Deregistered* - 65878209
*Deregistered* - 82009047
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-20 15:58	1165776	----a-w-	c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-12 15:11]
.
2013-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22 18:48]
.
2013-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22 18:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58	133840	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-13 12936848]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=34B4A0F3C182DF1E&affID=119357&tsp=4930
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\Sharkoon\AppData\Roaming\Mozilla\Firefox\Profiles\5wh39cxd.default\
FF - ExtSQL: 2013-05-22 20:47; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 34b48092000000000000a0f3c182df1e
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15887
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.516:40
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119357&tsp=4930
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{EF7BD87A-8024-11E2-F316-F3E56188709B} - c:\program files (x86)\DealPly\DealPlyIE.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-141241485-278047787-3552748171-1000\Software\SecuROM\License information*]
"datasecu"=hex:0b,30,e6,25,95,44,15,53,bd,af,d1,f7,ec,8a,09,22,50,ff,42,b8,cc,
   54,ee,8b,67,c4,f3,7d,f4,ac,3e,b0,59,b7,6b,fb,df,7a,77,40,b5,b8,7a,77,7a,0d,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-07-09  18:08:53
ComboFix-quarantined-files.txt  2013-07-09 16:08
.
Vor Suchlauf: 16 Verzeichnis(se), 219.371.520.000 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 220.780.908.544 Bytes frei
.
- - End Of File - - D7851C534E1264D563F902C109B9C888
         
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

Keine Beschwerden von ComboFix (ich benutze Avast Antivirus da es mir von euch empfohlen wurde.)

Alt 09.07.2013, 17:12   #10
markusg
/// Malware-holic
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Hi,
1.
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.

2.

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.07.2013, 17:14   #11
Bloodwolf
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Schnelle Zwischenfrage darf ich meinen Antivirus wieder anmachen ?

Alt 09.07.2013, 17:16   #12
markusg
/// Malware-holic
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



nicht während des Malwarebytes Scans.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.07.2013, 17:51   #13
Bloodwolf
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Solange das Maleware im Hintergrund läuft habe ich eine frage an Sie

Was ist eigentlich eine Maleware ? und was genau ist so gefährlich an ihnen ?

MFGaniel

Alt 09.07.2013, 18:00   #14
markusg
/// Malware-holic
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Malware ist der oberbegriff für schadsoftware.
Adware kann benutzerbezogene Daten sammeln und dann werbung schalten, Andere stehlen kreditkarten infos etc.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 09.07.2013, 18:05   #15
Bloodwolf
 
Ansage das ich eine MaleWare hätte - Standard

Ansage das ich eine MaleWare hätte



Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.07.09.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Sharkoon :: SHARKOON-PC [Administrator]

09.07.2013 18:20:24
mbam-log-2013-05-22 (18-34-49).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 510412
Laufzeit: 42 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPlyIE.dll.vir (PUP.DealPly) -> Keine Aktion durchgeführt.
C:\Users\Sharkoon\Desktop\QMacro\QMacro6.exe (Malware.Packer.as) -> Keine Aktion durchgeführt.
C:\Users\Sharkoon\Desktop\QMacro\QMacro6.exe.BAK (Malware.Packer.as) -> Keine Aktion durchgeführt.
C:\Users\Sharkoon\Downloads\FlashPlayer_V.80230669b.exe (Adware.DomaIQ) -> Keine Aktion durchgeführt.

(Ende)

Das mit dem CCleaner kommt gleich nach da ich den PC neu starten muss

Macht es Ihnen Umstände mir das mit dem CCleaner nochmals zu erklären habe nicht verstanden was ich machen sollte.

Ich beschreibe mal was passiert wenn ich den anweißungen folge
1.Ich starte CCleaner
2.Gehe ich auf Extras
3.Dann der buten recht unten Als Textdatei speichern
4.Und weiter weiß ich leider nicht mehr was ich machen soll

Antwort

Themen zu Ansage das ich eine MaleWare hätte
firefox, hoffe, immer wieder, könntet, maleware, paranoid, troja, werbung, öffnet



Ähnliche Themen: Ansage das ich eine MaleWare hätte


  1. Ich habe eine Meldung, dass ich pornographische Seiten besucht hätte und soll diese Seite aktualisieren. Alles ist blockiert.
    Plagegeister aller Art und deren Bekämpfung - 10.05.2015 (1)
  2. TrendMicro wird ohne Ansage abgeschaltet
    Log-Analyse und Auswertung - 21.04.2015 (17)
  3. TrendMicro wird ohne Ansage abgeschaltet
    Mülltonne - 15.04.2015 (2)
  4. Ein popupfenster sagt mir ich hätte eine Virus
    Plagegeister aller Art und deren Bekämpfung - 24.01.2015 (17)
  5. Was hätte ich ohne Schrauber gemacht?
    Lob, Kritik und Wünsche - 11.05.2014 (0)
  6. Was hätte ich ohne Schrauber getan..
    Lob, Kritik und Wünsche - 29.04.2014 (0)
  7. Spyhunter 4, Maleware oder Maleware Security Suite?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (5)
  8. Hätte gerne eine Auswertung meiner HJT-logfiles und meiner OTL+Extras-logfiles
    Log-Analyse und Auswertung - 26.07.2012 (15)
  9. Google Chrome auf Ansage geknackt
    Nachrichten - 08.03.2012 (0)
  10. Piepston, als ob AntiVir Virus erkannt hätte
    Log-Analyse und Auswertung - 15.09.2011 (3)
  11. Eine Bitte um Systemüberprüfung (Viren, oder Spuren von Maleware ausmachbar?)
    Log-Analyse und Auswertung - 16.06.2009 (0)
  12. HiJackThis meint ich hätte schädliche Programme auf dem Rechner
    Log-Analyse und Auswertung - 24.03.2009 (3)
  13. Ich hätte gern eine 2te Meinung
    Log-Analyse und Auswertung - 22.06.2008 (7)
  14. Microsoft.Windows.Security.InternetExplorer EINE MALEWARE?
    Antiviren-, Firewall- und andere Schutzprogramme - 07.02.2008 (0)
  15. Hätte gerne eine Auswertng zu meinem Logfile!
    Log-Analyse und Auswertung - 01.05.2007 (8)
  16. Hallo hätte noch einmal Fragen zu meiner Log
    Log-Analyse und Auswertung - 18.11.2004 (2)
  17. wuamgrd.exe,hätte da mal eine Frage
    Plagegeister aller Art und deren Bekämpfung - 24.05.2004 (9)

Zum Thema Ansage das ich eine MaleWare hätte - Hey Trojan-Board Team undzwar bin ich etwas paranoid da sich in letzter Zeit immer wieder mein FireFox öffnet und mir sagt ich hätte MaleWare.Jetzt weiß ich nicht ob es nur - Ansage das ich eine MaleWare hätte...
Archiv
Du betrachtest: Ansage das ich eine MaleWare hätte auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.