Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Werbung überall

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.08.2013, 17:15   #1
Fire112
 
Werbung überall - Standard

Werbung überall



Habe auf jeder Seite Werbung sogar auf Google und allem, oder einzelne Worte werden verklinkt mit werbung wie krieg ich das weg?

Alt 09.08.2013, 18:03   #2
markusg
/// Malware-holic
 
Werbung überall - Standard

Werbung überall



Hi, du warst doch schon mal hier, da solltest du doch noch unsere Anleitung zum start kennen...
Beginnen wir wie folgt:
Es folgt gleich eine Anleitung zu FRST, ich benötige folgene zusätzliche Info für die Additions.txt


Empfehlungen fürs Deinstallieren
Bitte kopiere die Liste der installierten Programme aus der additions.txt hier in deinen Thread. Notiere mir bitte
hinter jede Zeile, ob folgendes Kategorie zutrifft: Unbekannt, Nötig, Unnötig

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 09.08.2013, 18:34   #3
Fire112
 
Werbung überall - Standard

Werbung überall



7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) Nötig
Adobe AIR (x32 Version: 1.5.0.7220) Unbekannt
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224) Nötig
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224) Nötig
Adobe Photoshop Elements 8.0 (x32 Version: 8.0) Hm Nötig/Unnötig ka xD
Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4) Nötig
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95) Unbekannt
Audacity 2.0 (x32) Unbekannt
Audiograbber 1.83 SE (x32 Version: 1.83 SE ) Unnötig
Avira Free Antivirus (x32 Version: 12.1.9.2500) nötig
AVM FRITZ!WLAN (x32) Nötog
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95) Unbekannt
Build-a-lot 2 (x32 Version: 2.2.0.95) Unbekannt
Bundled software uninstaller (x32) Unbekannt
Cheat Engine 6.1 (x32) unnötig
Chuzzle Deluxe (x32 Version: 2.2.0.95) Unbekannt
CyberLink MediaShow (x32 Version: 5.0.1308) unbekannt
D3DX10 (x32 Version: 15.4.2368.0902) Unbekannt
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95) Unbekannt
Emergency 2013 (x32) Nötig
eReg (x32 Version: 1.20.138.34) Unbekannt
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287) Unnötig
Farm Frenzy (x32 Version: 2.2.0.95) Unbekannt
FATE (x32 Version: 2.2.0.95) Unbekannt
Final Drive Nitro (x32 Version: 2.2.0.95) Unbekannt
Fraps (remove only) (x32) Nötig
Google Update Helper (x32 Version: 1.3.21.153) Unbekannt
GUILD WARS (x32) Nötig
Hotkey Utility (x32 Version: 2.05.3009) Unbekannt
Identity Card (x32 Version: 1.00.3003) Unbekannt
ImagXpress (x32 Version: 7.0.74.0) Unbekannt
Insaniquarium Deluxe (x32 Version: 2.2.0.95) Unbekannt
Intel(R) Management Engine Components (x32 Version: 7.0.0.1118) Unbekannt
Intel(R) Network Connections 16.4.69.0 (Version: 16.4.69.0) Unbekannt
Intel(R) Rapid Storage Technology (x32 Version: 10.1.0.1008) Unbekannt
Java 7 Update 21 (64-bit) (Version: 7.0.210) Nötig
Java 7 Update 25 (x32 Version: 7.0.250) Nötig
Java Auto Updater (x32 Version: 2.1.9.5) Unbekannt
JavaFX 2.1.1 (x32 Version: 2.1.1) Unbekannt
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95) Unbekannt
John Deere Drive Green (x32 Version: 2.2.0.95) Unbekannt
League of Legends (x32 Version: 3.0.1) Nötig
Logitech Flow Scroll 4.0 (Version: 4.00.33) Unbekannt
Logitech G35 (Version: 1.1.178) Nötig
Logitech GamePanel Software 3.06.109 (Version: 3.06.109) Nötig
Logitech SetPoint 6.32 (Version: 6.32.20) Nötig
Logitech Unifying-Software 2.10 (Version: 2.10.37) Ntöig
Lyrics-Pal (x32) Unbekannt
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Nötig
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Unbekann
Microsoft Application Error Reporting (Version: 12.0.6015.5000)Unbekannt
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)Unbekannt
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)Unbekannt
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)Unbekannt
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)Unbekannt
Microsoft Silverlight (Version: 5.1.20513.0)Nötig
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)Unbekannt
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)Unbekannt
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)Unbekannt
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Unbekannt
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)Unbekannt
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)Unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.307Unbekannt29)Unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)Unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)Unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Unbekannt
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)Unbekannt
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)Unbekannt
mIRC (x32 Version: 7.19)Nötig
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0) Nötig
Mozilla Maintenance Service (x32 Version: 22.0) Unbekannt
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7) Nötig
MSVCRT (x32 Version: 15.4.2862.0708) Unbekannt
MSVCRT Redists (x32 Version: 1.0) Unbekannt
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) Unbekannt
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)Unbekannt
neroxml (x32 Version: 1.0.0)Unbekannt
Nexon Game Manager (x32)Unbekannt
Nostale(DE) (x32)Nötig
NVIDIA 3D Vision Controller-Treiber 306.97 (Version: 306.97) Nötig
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06) Nötig
NVIDIA Display Control Panel (Version: 6.14.12.5933) Nötig
NVIDIA Grafiktreiber 311.06 (Version: 311.06) Nötig
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0) Nötig
NVIDIA Install Application (Version: 2.1002.108.688) Nötig
NVIDIA PhysX (x32 Version: 9.12.0604) Nötig
NVIDIA PhysX-Systemsoftware 9.12.0604 (Version: 9.12.0604) Nötig
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106) Nötig
NVIDIA Systemsteuerung 311.06 (Version: 311.06) Nötig
NVIDIA Update 1.11.3 (Version: 1.11.3) Nötig
NVIDIA Update Components (Version: 1.11.3) Nötig
OpenOffice.org 3.4 (x32 Version: 3.4.9590) Nötig
Packard Bell Game Console (x32) Unbekannt
Packard Bell InfoCentre (x32 Version: 3.02.3000)Unbekannt
Packard Bell Recovery Management (x32 Version: 4.05.3013)Unbekannt
Packard Bell Registration (x32 Version: 1.03.3003)Unbekannt
Packard Bell Software Suite SE (x32 Version: 2.01.3003)Unbekannt
Packard Bell Updater (x32 Version: 1.02.3001)Unbekannt
Pando Media Booster (x32 Version: 2.6.0.7)Unbekannt
Penguins! (x32 Version: 2.2.0.95)Unbekannt
Personal Backup 5.4 (Version: 5.3)Unbekannt
Photo Frame (x32 Version: 5.0.0.8)Unbekannt
Plants vs. Zombies (x32 Version: 2.2.0.95)Unbekannt
Polar Bowler (x32 Version: 2.2.0.95)Unbekannt
Polar Golfer (x32 Version: 2.2.0.95)Unbekannt
PricePeep (x32 Version: 2.2.0.2)Unbekannt
QuickTime (x32 Version: 7.73.80.64)Unbekannt
raggler (Version: 2.10)Unbekannt
Realtek Ethernet Controller Driver (x32 Version: 7.36.1224.2010)Nötig
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6215)Nötig
Recuva (Version: 1.45)Nötig
Sandboxie 3.76 (64-bit) (Version: 3.76)Nötig
Skype™ 6.5 (x32 Version: 6.5.158)Nötig
SmartSound Quicktracks 5 (x32 Version: 5.1.8)Unbekannt
TeamSpeak 3 Client (Version: 3.0.10.1)Nötig
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)Unbekannt
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)Unbekannt
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)Unbekannt
Vegas Pro 10.0 (x32 Version: 10.0.469)Nötig
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95)Unbekannt
VLC media player 1.1.11 (x32 Version: 1.1.11)Nötig
Welcome Center (x32 Version: 1.02.3005)Unbekannt
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live Essentials (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)Unbekannt
Windows Live Installer (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live Language Selector (Version: 15.4.3502.0922)Unbekannt
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live Photo Common (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live SOXE (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live UX Platform (x32 Version: 15.4.3502.0922)Unbekannt
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)Unbekannt
Yahoo! Detect (x32)Unbekannt
Zuma Deluxe (x32 Version: 2.2.0.95)Unbekannt
Zuma's Revenge (x32 Version: 2.2.0.95)Unbekannt





Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2013 02
Ran by Rene at 2013-08-09 19:18:39
Running from C:\Users\Rene\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0)
Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95)
Audacity 2.0 (x32)
Audiograbber 1.83 SE  (x32 Version: 1.83 SE )
Avira Free Antivirus (x32 Version: 12.1.9.2500)
AVM FRITZ!WLAN (x32)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Build-a-lot 2 (x32 Version: 2.2.0.95)
Bundled software uninstaller (x32)
Cheat Engine 6.1 (x32)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
CyberLink MediaShow (x32 Version: 5.0.1308)
D3DX10 (x32 Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
Emergency 2013 (x32)
eReg (x32 Version: 1.20.138.34)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Farm Frenzy (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.95)
Final Drive Nitro (x32 Version: 2.2.0.95)
Fraps (remove only) (x32)
Google Update Helper (x32 Version: 1.3.21.153)
GUILD WARS (x32)
Hotkey Utility (x32 Version: 2.05.3009)
Identity Card (x32 Version: 1.00.3003)
ImagXpress (x32 Version: 7.0.74.0)
Insaniquarium Deluxe (x32 Version: 2.2.0.95)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1118)
Intel(R) Network Connections 16.4.69.0 (Version: 16.4.69.0)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.0.1008)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95)
John Deere Drive Green (x32 Version: 2.2.0.95)
League of Legends (x32 Version: 3.0.1)
Logitech Flow Scroll 4.0 (Version: 4.00.33)
Logitech G35 (Version: 1.1.178)
Logitech GamePanel Software 3.06.109 (Version: 3.06.109)
Logitech SetPoint 6.32 (Version: 6.32.20)
Logitech Unifying-Software 2.10 (Version: 2.10.37)
Lyrics-Pal (x32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
mIRC (x32 Version: 7.19)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT Redists (x32 Version: 1.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
neroxml (x32 Version: 1.0.0)
Nexon Game Manager (x32)
Nostale(DE) (x32)
NVIDIA 3D Vision Controller-Treiber 306.97 (Version: 306.97)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5933)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.12.0604)
NVIDIA PhysX-Systemsoftware 9.12.0604 (Version: 9.12.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenOffice.org 3.4 (x32 Version: 3.4.9590)
Packard Bell Game Console (x32)
Packard Bell InfoCentre (x32 Version: 3.02.3000)
Packard Bell Recovery Management (x32 Version: 4.05.3013)
Packard Bell Registration (x32 Version: 1.03.3003)
Packard Bell Software Suite SE (x32 Version: 2.01.3003)
Packard Bell Updater (x32 Version: 1.02.3001)
Pando Media Booster (x32 Version: 2.6.0.7)
Penguins! (x32 Version: 2.2.0.95)
Personal Backup 5.4 (Version: 5.3)
Photo Frame (x32 Version: 5.0.0.8)
Plants vs. Zombies (x32 Version: 2.2.0.95)
Polar Bowler (x32 Version: 2.2.0.95)
Polar Golfer (x32 Version: 2.2.0.95)
PricePeep (x32 Version: 2.2.0.2)
QuickTime (x32 Version: 7.73.80.64)
raggler (Version: 2.10)
Realtek Ethernet Controller Driver (x32 Version: 7.36.1224.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6215)
Recuva (Version: 1.45)
Sandboxie 3.76 (64-bit) (Version: 3.76)
Skype™ 6.5 (x32 Version: 6.5.158)
SmartSound Quicktracks 5 (x32 Version: 5.1.8)
TeamSpeak 3 Client (Version: 3.0.10.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Vegas Pro 10.0 (x32 Version: 10.0.469)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95)
VLC media player 1.1.11 (x32 Version: 1.1.11)
Welcome Center (x32 Version: 1.02.3005)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)
Yahoo! Detect (x32)
Zuma Deluxe (x32 Version: 2.2.0.95)
Zuma's Revenge (x32 Version: 2.2.0.95)

==================== Restore Points  =========================

22-07-2013 21:36:25 Windows Update
26-07-2013 11:54:56 Windows Update
30-07-2013 09:09:16 Windows Update
02-08-2013 18:40:31 Windows Update
07-08-2013 05:19:27 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-07-02 15:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {29167BCC-DD9B-44E7-8CE4-4DA604B652B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-02] (Adobe Systems Incorporated)
Task: {6178E5FA-F4D1-4DFE-B781-9B7323E2D731} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-20] (Google Inc.)
Task: {625C2353-41EA-41E2-8F30-E947B645DE0C} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {65738F87-BCEB-4C77-9401-EA952C7634E6} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {80E680BF-FB09-4B9D-9F69-62424CB0EA21} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {CED70DB7-B670-4621-BA7C-28987B6560F2} - System32\Tasks\Lyrics-Pal Update => C:\Program Files (x86)\LyricsPal\Lyrics.exe [2013-08-06] ()
Task: {E1779CF2-CBF8-43B7-99F1-EDEC2041569E} - System32\Tasks\User_Feed_Synchronization-{EBCA0B2F-EB0C-42F6-B99B-7B40F6563B87} => C:\Windows\system32\msfeedssync.exe [2013-03-30] (Microsoft Corporation)
Task: {EDB056E6-CC01-4393-94CC-C34F1A752BAD} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe No File
Task: {F097FDE0-9F48-4F5C-89E9-8B4DAE79FC2F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe No File
Task: {FFC5FF38-E4D7-4965-B323-D8950085C9DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-20] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics-Pal Update.job => C:\Program Files (x86)\LyricsPal\Lyrics.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SAMSUNG Mobile USB Composite Device 
Description: SAMSUNG Mobile USB Composite Device 
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: SAMSUNG Electronics Co., Ltd. 
Service: dg_ssudbus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/09/2013 07:41:14 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (08/08/2013 09:44:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe, Version: 11.7.700.224, Zeitstempel: 0x51a67447
Name des fehlerhaften Moduls: NPSWF32_11_7_700_224.dll, Version: 11.7.700.224, Zeitstempel: 0x51a6761e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007a859c
ID des fehlerhaften Prozesses: 0xfec
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_11_7_700_224.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_11_7_700_224.exe2
Berichtskennung: FlashPlayerPlugin_11_7_700_224.exe3

Error: (08/08/2013 08:35:48 PM) (Source: Application Hang) (User: )
Description: Programm BetterInstaller.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d48

Startzeit: 01ce9465f8027f6b

Endzeit: 16

Anwendungspfad: C:\Users\Rene\AppData\Local\Temp\BetterInstaller.exe

Berichts-ID:

Error: (08/06/2013 07:20:55 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (08/02/2013 10:21:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe, Version: 11.7.700.224, Zeitstempel: 0x51a67447
Name des fehlerhaften Moduls: NPSWF32_11_7_700_224.dll, Version: 11.7.700.224, Zeitstempel: 0x51a6761e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007a854c
ID des fehlerhaften Prozesses: 0x1d28
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_11_7_700_224.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_11_7_700_224.exe2
Berichtskennung: FlashPlayerPlugin_11_7_700_224.exe3

Error: (07/31/2013 11:08:25 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (07/31/2013 03:07:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe, Version: 11.7.700.224, Zeitstempel: 0x51a67447
Name des fehlerhaften Moduls: NPSWF32_11_7_700_224.dll, Version: 11.7.700.224, Zeitstempel: 0x51a6761e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007a850a
ID des fehlerhaften Prozesses: 0x17c0
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_11_7_700_224.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_11_7_700_224.exe2
Berichtskennung: FlashPlayerPlugin_11_7_700_224.exe3

Error: (07/27/2013 11:50:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (07/27/2013 00:18:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 22.0.0.4917, Zeitstempel: 0x51c06b1b
Name des fehlerhaften Moduls: xul.dll, Version: 22.0.0.4917, Zeitstempel: 0x51c06a5b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00173668
ID des fehlerhaften Prozesses: 0x1f18
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (07/26/2013 03:05:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe, Version: 11.7.700.224, Zeitstempel: 0x51a67447
Name des fehlerhaften Moduls: NPSWF32_11_7_700_224.dll, Version: 11.7.700.224, Zeitstempel: 0x51a6761e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007b5b0e
ID des fehlerhaften Prozesses: 0x1090
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_11_7_700_224.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_11_7_700_224.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_11_7_700_224.exe2
Berichtskennung: FlashPlayerPlugin_11_7_700_224.exe3


System errors:
=============
Error: (08/09/2013 04:24:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/09/2013 04:24:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/09/2013 04:22:54 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (08/09/2013 01:06:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/09/2013 01:06:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/09/2013 01:04:21 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (08/09/2013 07:18:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/09/2013 07:18:50 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/09/2013 07:16:48 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SBRE

Error: (08/08/2013 07:49:58 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069


Microsoft Office Sessions:
=========================
Error: (08/09/2013 07:41:14 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (08/08/2013 09:44:33 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_7_700_224.exe11.7.700.22451a67447NPSWF32_11_7_700_224.dll11.7.700.22451a6761ec0000005007a859cfec01ce94678cabc29aC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dllf2806c3b-0062-11e3-ac75-bc05430be1a6

Error: (08/08/2013 08:35:48 PM) (Source: Application Hang)(User: )
Description: BetterInstaller.exe1.0.0.11d4801ce9465f8027f6b16C:\Users\Rene\AppData\Local\Temp\BetterInstaller.exe

Error: (08/06/2013 07:20:55 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (08/02/2013 10:21:13 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_7_700_224.exe11.7.700.22451a67447NPSWF32_11_7_700_224.dll11.7.700.22451a6761ec0000005007a854c1d2801ce8fb3c38cbc5eC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll13702312-fbb1-11e2-859d-bc05430be1a6

Error: (07/31/2013 11:08:25 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/31/2013 03:07:21 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_7_700_224.exe11.7.700.22451a67447NPSWF32_11_7_700_224.dll11.7.700.22451a6761ec0000005007a850a17c001ce8dc11f4b08a1C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll22614797-f9e2-11e2-ab09-bc05430be1a6

Error: (07/27/2013 11:50:13 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (07/27/2013 00:18:00 AM) (Source: Application Error)(User: )
Description: firefox.exe22.0.0.491751c06b1bxul.dll22.0.0.491751c06a5bc0000005001736681f1801ce8a4d6ee8f221C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll3aab6524-f641-11e2-abb3-bc05430be1a6

Error: (07/26/2013 03:05:20 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_7_700_224.exe11.7.700.22451a67447NPSWF32_11_7_700_224.dll11.7.700.22451a6761ec0000005007b5b0e109001ce89f6acbb8577C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll05c65ea6-f5f4-11e2-abb3-bc05430be1a6


CodeIntegrity Errors:
===================================
  Date: 2013-07-02 15:27:51.660
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-02 15:27:51.583
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 59%
Total physical RAM: 6126.04 MB
Available physical RAM: 2453.05 MB
Total Pagefile: 12250.25 MB
Available Pagefile: 8282.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:689.95 GB) (Free:511.75 GB) NTFS (Disk=0 Partition=3)
Drive d: (DATA) (Fixed) (Total:690.21 GB) (Free:688.46 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 63632FAD)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=690 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2013 02
Ran by Rene (administrator) on 09-08-2013 19:17:45
Running from C:\Users\Rene\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointG\SetPointII.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(mIRC Co. Ltd.) C:\Program Files (x86)\mIRC\mirc.exe
(Entwell) C:\Program Files (x86)\NosTale(DE)\nostalex.dat
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Launch LgDeviceAgent] - C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Software Suite SE] - C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe [2275360 2009-09-29] (Acer Incorporated)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [x]
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [x]
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [x]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=10E3BC05430BE1A6&affID=123976&tt=070813_wt3&tsp=4968
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Lyrics-Pal - {b54e96c1-85c3-410a-8db1-c276bc3535c4} - C:\Program Files (x86)\LyricsPal\126.dll (Lyrics-Pal)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default
FF user.js: detected! => C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\user.js
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/firefox
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF NetworkProxy: "no_proxies_on", "fritz.box,127.0.0.1:9421,localhost,127.0.0.1"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Rene\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\searchplugins\babylon.xml
FF Extension: PricePeep - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\Extensions\pricepeep@getpricepeep.com
FF Extension: pricepeep - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\Extensions\pricepeep@getpricepeep.com.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF HKCU\...\Firefox\Extensions: [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}] C:\Program Files (x86)\LyricsPal\126.xpi
FF Extension: No Name - C:\Program Files (x86)\LyricsPal\126.xpi

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-05-02] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
S3 GameConsoleService; C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-06-27] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-04-25] (Avira GmbH)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-27] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-04-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-05-02] (Avira GmbH)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH)
R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-07-20] (ManyCam LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-07-20] (ManyCam LLC)
S3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
S3 SBFWIMCLMP; C:\Windows\System32\DRIVERS\SBFWIM.sys [84568 2011-02-08] (Sunbelt Software, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 PDNSp50a64; System32\Drivers\PDNSp50a64.sys [x]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-09 19:16 - 2013-08-09 19:16 - 01790169 _____ (Farbar) C:\Users\Rene\Downloads\FRST64.exe
2013-08-08 20:38 - 2013-08-08 20:38 - 00000000 ____D C:\Users\Rene\Documents\My Cheat Tables
2013-08-08 20:36 - 2013-08-08 20:36 - 00001097 _____ C:\Users\Rene\Desktop\Cheat Engine.lnk
2013-08-08 20:36 - 2013-08-08 20:36 - 00000000 ____D C:\Program Files (x86)\PricePeep
2013-08-08 20:36 - 2013-08-08 20:36 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.1
2013-08-08 20:35 - 2013-08-09 16:23 - 00000372 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-08-08 20:35 - 2013-08-08 20:35 - 00003018 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-08-08 20:35 - 2013-08-08 20:35 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Babylon
2013-08-08 20:35 - 2013-08-08 20:35 - 00000000 ____D C:\ProgramData\Babylon
2013-08-08 20:35 - 2013-08-08 20:35 - 00000000 ____D C:\Program Files (x86)\LyricsPal
2013-08-08 20:34 - 2013-08-08 20:34 - 00606624 _____ (www.download-sponsor.de) C:\Users\Rene\Downloads\Cheat Engine - CHIP-Downloader.exe
2013-08-04 00:04 - 2013-08-04 00:04 - 00000011 _____ C:\Users\Rene\Desktop\Neues Textdokument (4).TXT
2013-07-28 17:54 - 2013-07-28 17:54 - 00007387 _____ C:\Users\Rene\Desktop\Standards im Ticket.TXT
2013-07-25 21:23 - 2013-07-25 21:23 - 00000237 _____ C:\Users\Rene\Desktop\Neues Textdokument (3).TXT
2013-07-21 13:34 - 2013-07-21 13:34 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-07-21 13:34 - 2013-07-21 13:34 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-21 13:34 - 2013-07-21 13:34 - 00000000 ____D C:\Riot Games
2013-07-21 13:31 - 2013-08-07 16:58 - 00000000 ____D C:\Users\Rene\AppData\Local\PMB Files
2013-07-21 13:31 - 2013-08-07 16:57 - 00000000 ____D C:\ProgramData\PMB Files
2013-07-21 13:31 - 2013-07-21 13:31 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Riot Games
2013-07-21 12:51 - 2013-07-21 12:52 - 34888568 _____ (Riot Games) C:\Users\Rene\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-07-20 20:47 - 2013-07-20 20:47 - 00001779 _____ C:\Users\Rene\Documents\OnlineGamesNet Account.eml
2013-07-13 18:21 - 2013-07-13 18:26 - 00000000 ____D C:\Users\Rene\Desktop\Lehrgang TH
2013-07-12 11:59 - 2013-07-22 22:04 - 00001287 _____ C:\Users\Rene\Desktop\Neues Textdokument (2).TXT
2013-07-12 01:10 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-12 01:10 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-12 01:10 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-12 01:10 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-12 01:10 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-12 01:10 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-12 01:10 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-12 01:10 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-12 01:10 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-12 01:10 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-12 01:10 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-12 01:10 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-12 01:10 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-12 01:10 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 01:10 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 01:10 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-12 01:10 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 01:10 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-12 01:10 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-12 01:10 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-12 01:10 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 01:10 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-11 13:12 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 13:12 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 13:12 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-11 13:12 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-11 13:12 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-11 13:12 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-11 13:12 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

==================== One Month Modified Files and Folders =======

2013-08-09 19:17 - 2013-08-09 19:17 - 00000000 ____D C:\FRST
2013-08-09 19:16 - 2013-08-09 19:16 - 01790169 _____ (Farbar) C:\Users\Rene\Downloads\FRST64.exe
2013-08-09 19:06 - 2013-02-12 15:43 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-09 19:06 - 2011-08-01 21:36 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Skype
2013-08-09 18:31 - 2013-06-21 15:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-09 18:19 - 2011-08-01 23:17 - 00000000 ____D C:\Users\Rene\AppData\Roaming\mIRC
2013-08-09 17:56 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-09 17:56 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-09 17:55 - 2011-08-01 23:53 - 00000000 ____D C:\Program Files (x86)\NosTale(DE)
2013-08-09 17:52 - 2013-07-02 18:54 - 00005010 _____ C:\Windows\setupact.log
2013-08-09 17:52 - 2011-03-30 10:13 - 01589068 _____ C:\Windows\WindowsUpdate.log
2013-08-09 17:06 - 2013-02-12 15:43 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-09 16:23 - 2013-08-08 20:35 - 00000372 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-08-09 16:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-08-09 16:22 - 2012-11-07 08:15 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-09 16:22 - 2011-08-01 21:18 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-08-09 16:22 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-09 07:16 - 2013-07-02 19:05 - 00003450 _____ C:\Windows\PFRO.log
2013-08-08 21:44 - 2011-08-06 21:44 - 00000000 ____D C:\Users\Rene\AppData\Local\CrashDumps
2013-08-08 20:38 - 2013-08-08 20:38 - 00000000 ____D C:\Users\Rene\Documents\My Cheat Tables
2013-08-08 20:36 - 2013-08-08 20:36 - 00001097 _____ C:\Users\Rene\Desktop\Cheat Engine.lnk
2013-08-08 20:36 - 2013-08-08 20:36 - 00000000 ____D C:\Program Files (x86)\PricePeep
2013-08-08 20:36 - 2013-08-08 20:36 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.1
2013-08-08 20:35 - 2013-08-08 20:35 - 00003018 _____ C:\Windows\System32\Tasks\Lyrics-Pal Update
2013-08-08 20:35 - 2013-08-08 20:35 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Babylon
2013-08-08 20:35 - 2013-08-08 20:35 - 00000000 ____D C:\ProgramData\Babylon
2013-08-08 20:35 - 2013-08-08 20:35 - 00000000 ____D C:\Program Files (x86)\LyricsPal
2013-08-08 20:35 - 2013-07-03 00:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-08 20:34 - 2013-08-08 20:34 - 00606624 _____ (www.download-sponsor.de) C:\Users\Rene\Downloads\Cheat Engine - CHIP-Downloader.exe
2013-08-08 18:40 - 2011-08-04 23:02 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{EBCA0B2F-EB0C-42F6-B99B-7B40F6563B87}
2013-08-07 16:58 - 2013-07-21 13:31 - 00000000 ____D C:\Users\Rene\AppData\Local\PMB Files
2013-08-07 16:57 - 2013-07-21 13:31 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-04 00:04 - 2013-08-04 00:04 - 00000011 _____ C:\Users\Rene\Desktop\Neues Textdokument (4).TXT
2013-07-31 22:04 - 2011-09-11 21:31 - 00000000 ____D C:\Users\Rene\AppData\Roaming\TS3Client
2013-07-28 17:54 - 2013-07-28 17:54 - 00007387 _____ C:\Users\Rene\Desktop\Standards im Ticket.TXT
2013-07-25 21:23 - 2013-07-25 21:23 - 00000237 _____ C:\Users\Rene\Desktop\Neues Textdokument (3).TXT
2013-07-22 22:04 - 2013-07-12 11:59 - 00001287 _____ C:\Users\Rene\Desktop\Neues Textdokument (2).TXT
2013-07-21 13:34 - 2013-07-21 13:34 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-07-21 13:34 - 2013-07-21 13:34 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-07-21 13:34 - 2013-07-21 13:34 - 00000000 ____D C:\Riot Games
2013-07-21 13:31 - 2013-07-21 13:31 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Riot Games
2013-07-21 12:52 - 2013-07-21 12:51 - 34888568 _____ (Riot Games) C:\Users\Rene\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2013-07-20 20:47 - 2013-07-20 20:47 - 00001779 _____ C:\Users\Rene\Documents\OnlineGamesNet Account.eml
2013-07-15 15:17 - 2011-03-29 03:12 - 00654594 _____ C:\Windows\system32\perfh007.dat
2013-07-15 15:17 - 2011-03-29 03:12 - 00130208 _____ C:\Windows\system32\perfc007.dat
2013-07-15 15:17 - 2009-07-14 07:13 - 01500254 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-13 18:26 - 2013-07-13 18:21 - 00000000 ____D C:\Users\Rene\Desktop\Lehrgang TH
2013-07-13 17:01 - 2013-02-12 15:43 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 17:01 - 2013-02-12 15:43 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-12 11:39 - 2009-07-14 06:45 - 00309336 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 11:39 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-07-12 11:38 - 2012-09-06 12:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 11:38 - 2012-09-06 12:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-12 11:38 - 2009-07-14 09:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-12 11:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-12 11:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-12 01:11 - 2011-08-02 00:57 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-02 00:00

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 09.08.2013, 18:53   #4
markusg
/// Malware-holic
 
Werbung überall - Standard

Werbung überall



Hi,
wichtig:
wenn du in Zukunft Software instalierst, mache das direkt vom Hersteller, nich über Seiten wie Chip.de
- wenn du ein Programm instalierst, google dies mit dem Stichwort Adware, dass kann bereits helfen auszufiltern.
- Lies die Lizenz bzw AGB's suche nach Drittanbietersoftware.
- instaliere immer benutzerdefiniert, um evtl. Toolbars etc abwählen zu können.
Der Trend bei kostenloser Software Toolbars oder sonstigen Unsinn einzufügen wird immer "stärker" werden und da seit ihr als Nutzer gefragt, wenn ihr nicht ständig irgendwelchen Unsinn auf dem PC haben wollt :-(
es sind 2 Logs zu erstellen, bitte gleichzeitig posten.
1. deinstaliere:
Wenn es Probleme bei der deinstalation eines Programmes gibt, nutze Rewo.
Revo Uninstaller - Download - Filepony

Adobe Photoshop
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Agatha
Audacity
Audiograbber
Bejeweled
Bundled
Cheat
Chuzzle
CyberLink : falls für dich unnötig
Diner
Facebook
Farm
FATE
Insaniquarium
Java 7 Update 21
Jewel
John
Lyrics-Pal
Penguins
Personal
Photo Frame
Plants vs
Polar Bowler
Polar Golfer
PricePeep
raggler
Virtual Villagers
Yahoo: beide
Zuma
Neustart.
2.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


3.
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.08.2013, 13:55   #5
Fire112
 
Werbung überall - Standard

Werbung überall



Konnte nicht alle Programme entfernen, sprich wurden nicht alle angezeigt. Hier die Logs:

Combofix
Code:
ATTFilter
ComboFix 13-08-09.02 - Rene 09.08.2013  21:12:14.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6126.4498 [GMT 2:00]
ausgeführt von:: c:\users\Rene\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\extensions\pricepeep@getpricepeep.com.xpi
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-07-09 bis 2013-08-09  ))))))))))))))))))))))))))))))
.
.
2013-08-09 19:16 . 2013-08-09 19:16	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-08-09 19:16 . 2013-08-09 19:16	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-08-09 19:16 . 2013-08-09 19:16	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-09 18:42 . 2013-08-09 18:45	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-09 18:42 . 2013-08-09 18:45	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-09 18:25 . 2013-08-09 18:25	--------	d-----w-	c:\program files (x86)\VS Revo Group
2013-08-09 18:19 . 2013-08-09 18:19	--------	d-----w-	c:\users\Rene\AppData\Roaming\Avira
2013-08-09 18:14 . 2013-08-09 18:14	83672	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-08-09 18:13 . 2013-08-09 18:09	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-08-09 18:13 . 2013-08-09 18:09	130016	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-08-09 18:13 . 2013-08-09 18:09	100712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-08-09 18:13 . 2013-08-09 18:13	--------	d-----w-	c:\program files (x86)\Avira
2013-08-09 17:17 . 2013-08-09 17:17	--------	d-----w-	C:\FRST
2013-08-08 18:35 . 2013-08-08 18:35	--------	d-----w-	c:\users\Rene\AppData\Roaming\Babylon
2013-08-08 18:35 . 2013-08-08 18:35	--------	d-----w-	c:\programdata\Babylon
2013-08-08 18:35 . 2013-08-08 18:35	--------	d-----w-	c:\program files (x86)\LyricsPal
2013-08-07 05:19 . 2013-07-02 08:34	9460976	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FED3C661-3431-454A-BE54-DCA807FA8097}\mpengine.dll
2013-07-21 11:34 . 2013-07-21 11:34	--------	d-sh--w-	c:\windows\SysWow64\AI_RecycleBin
2013-07-21 11:34 . 2013-07-21 11:34	--------	d-----w-	C:\Riot Games
2013-07-21 11:31 . 2013-08-07 14:58	--------	d-----w-	c:\users\Rene\AppData\Local\PMB Files
2013-07-21 11:31 . 2013-08-07 14:57	--------	d-----w-	c:\programdata\PMB Files
2013-07-21 11:31 . 2013-07-21 11:31	--------	d-----w-	c:\users\Rene\AppData\Roaming\Riot Games
2013-07-11 11:12 . 2013-06-04 06:00	624128	----a-w-	c:\windows\system32\qedit.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-11 23:11 . 2011-08-01 22:57	78185248	----a-w-	c:\windows\system32\MRT.exe
2013-06-27 12:09 . 2013-06-20 19:15	45856	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2013-06-12 19:48 . 2012-05-09 05:46	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48 . 2011-08-17 21:48	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-06-20 19:20	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-20 15:24 . 2012-06-12 14:50	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2013-05-18 18:12 . 2010-06-24 09:33	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 05:51 . 2013-06-12 11:42	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 11:42	1464320	----a-w-	c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 11:42	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 11:42	52224	----a-w-	c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 11:42	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 11:42	1160192	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 11:42	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 11:42	1192448	----a-w-	c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 11:42	903168	----a-w-	c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 11:42	43008	----a-w-	c:\windows\SysWow64\certenc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{b54e96c1-85c3-410a-8db1-c276bc3535c4}]
2013-08-06 20:58	137728	----a-w-	c:\program files (x86)\LyricsPal\126.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Software Suite SE"="c:\program files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" [2009-09-29 2275360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-08-09 345144]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys;c:\windows\SYSNATIVE\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 PDNSp50a64;PDNSp50a64 NDIS Protocol Driver;c:\windows\system32\Drivers\PDNSp50a64.sys;c:\windows\SYSNATIVE\Drivers\PDNSp50a64.sys [x]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys;c:\windows\SYSNATIVE\DRIVERS\sbfwim.sys [x]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys;c:\windows\SYSNATIVE\DRIVERS\SBFWIM.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]
S3 fwlanusb4;FRITZ!WLAN N/G;c:\windows\system32\DRIVERS\fwlanusb4.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb4.sys [x]
S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-09 18:45]
.
2013-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 22:21]
.
2013-08-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-19 22:21]
.
2013-08-09 c:\windows\Tasks\Lyrics-Pal Update.job
- c:\program files (x86)\LyricsPal\Lyrics.exe [2013-08-06 20:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.bing.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = fritz.box;127.0.0.1:9421;<local>
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-08-08 20:35; {9309FA47-1B48-4768-AFA4-9E0556F5DC81}; c:\program files (x86)\LyricsPal\126.xpi
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 10e3a21a000000000000bc05430be1a6
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15925
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.020:35
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=123976&tt=070813_wt3&tsp=4968
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-09  21:18:26
ComboFix-quarantined-files.txt  2013-08-09 19:18
.
Vor Suchlauf: 20 Verzeichnis(se), 550.795.546.624 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 552.040.083.456 Bytes frei
.
- - End Of File - - D5444B1499B598B7BC827FC3214FC233
D41D8CD98F00B204E9800998ECF8427E
         
TDSSKILLER
Code:
ATTFilter
21:20:54.0472 2532  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:20:54.0715 2532  ============================================================
21:20:54.0715 2532  Current date / time: 2013/08/09 21:20:54.0715
21:20:54.0715 2532  SystemInfo:
21:20:54.0715 2532  
21:20:54.0716 2532  OS Version: 6.1.7601 ServicePack: 1.0
21:20:54.0716 2532  Product type: Workstation
21:20:54.0716 2532  ComputerName: COMPUTER
21:20:54.0716 2532  UserName: Rene
21:20:54.0716 2532  Windows directory: C:\Windows
21:20:54.0716 2532  System windows directory: C:\Windows
21:20:54.0716 2532  Running under WOW64
21:20:54.0716 2532  Processor architecture: Intel x64
21:20:54.0716 2532  Number of processors: 8
21:20:54.0716 2532  Page size: 0x1000
21:20:54.0716 2532  Boot type: Normal boot
21:20:54.0716 2532  ============================================================
21:20:55.0023 2532  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:20:55.0059 2532  ============================================================
21:20:55.0059 2532  \Device\Harddisk0\DR0:
21:20:55.0059 2532  MBR partitions:
21:20:55.0059 2532  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2200800, BlocksNum 0x32000
21:20:55.0059 2532  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2232800, BlocksNum 0x563E7000
21:20:55.0059 2532  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x58619800, BlocksNum 0x5646D800
21:20:55.0059 2532  ============================================================
21:20:55.0076 2532  C: <-> \Device\Harddisk0\DR0\Partition2
21:20:55.0116 2532  D: <-> \Device\Harddisk0\DR0\Partition3
21:20:55.0116 2532  ============================================================
21:20:55.0116 2532  Initialize success
21:20:55.0116 2532  ============================================================
21:21:19.0522 1060  ============================================================
21:21:19.0522 1060  Scan started
21:21:19.0522 1060  Mode: Manual; SigCheck; TDLFS; 
21:21:19.0522 1060  ============================================================
21:21:19.0734 1060  ================ Scan system memory ========================
21:21:19.0734 1060  System memory - ok
21:21:19.0735 1060  ================ Scan services =============================
21:21:19.0866 1060  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:21:19.0938 1060  1394ohci - ok
21:21:19.0958 1060  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:21:19.0972 1060  ACPI - ok
21:21:19.0983 1060  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:21:20.0022 1060  AcpiPmi - ok
21:21:20.0102 1060  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:21:20.0115 1060  AdobeARMservice - ok
21:21:20.0202 1060  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:21:20.0216 1060  AdobeFlashPlayerUpdateSvc - ok
21:21:20.0255 1060  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:21:20.0268 1060  adp94xx - ok
21:21:20.0288 1060  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:21:20.0299 1060  adpahci - ok
21:21:20.0312 1060  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:21:20.0321 1060  adpu320 - ok
21:21:20.0336 1060  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:21:20.0358 1060  AeLookupSvc - ok
21:21:20.0397 1060  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:21:20.0434 1060  AFD - ok
21:21:20.0446 1060  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:21:20.0452 1060  agp440 - ok
21:21:20.0461 1060  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:21:20.0480 1060  ALG - ok
21:21:20.0490 1060  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:21:20.0496 1060  aliide - ok
21:21:20.0501 1060  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:21:20.0507 1060  amdide - ok
21:21:20.0521 1060  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:21:20.0553 1060  AmdK8 - ok
21:21:20.0565 1060  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:21:20.0596 1060  AmdPPM - ok
21:21:20.0617 1060  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:21:20.0629 1060  amdsata - ok
21:21:20.0650 1060  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:21:20.0658 1060  amdsbs - ok
21:21:20.0671 1060  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:21:20.0677 1060  amdxata - ok
21:21:20.0696 1060  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
21:21:20.0716 1060  androidusb - ok
21:21:20.0871 1060  [ FE9932692FC61C2203EC9884D414F700 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:21:20.0881 1060  AntiVirSchedulerService - ok
21:21:20.0963 1060  [ B1F8B58F27971B7E316DD316687886EC ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:21:20.0973 1060  AntiVirService - ok
21:21:21.0035 1060  [ 53DDEA96AA407C3E2BCEF68A44E31A59 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
21:21:21.0054 1060  AntiVirWebService - ok
21:21:21.0077 1060  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:21:21.0144 1060  AppID - ok
21:21:21.0167 1060  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:21:21.0225 1060  AppIDSvc - ok
21:21:21.0250 1060  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
21:21:21.0284 1060  Appinfo - ok
21:21:21.0291 1060  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:21:21.0305 1060  arc - ok
21:21:21.0310 1060  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:21:21.0317 1060  arcsas - ok
21:21:21.0336 1060  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:21:21.0359 1060  AsyncMac - ok
21:21:21.0386 1060  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:21:21.0393 1060  atapi - ok
21:21:21.0426 1060  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:21:21.0457 1060  AudioEndpointBuilder - ok
21:21:21.0464 1060  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:21:21.0488 1060  AudioSrv - ok
21:21:21.0549 1060  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:21:21.0563 1060  avgntflt - ok
21:21:21.0594 1060  [ 34E9A86B0EF71BA72B58D72215EBFABC ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
21:21:21.0608 1060  avgtp - ok
21:21:21.0644 1060  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:21:21.0659 1060  avipbb - ok
21:21:21.0687 1060  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
21:21:21.0699 1060  avkmgr - ok
21:21:21.0742 1060  [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:21:21.0766 1060  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
21:21:21.0766 1060  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
21:21:21.0792 1060  [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject        C:\Windows\system32\drivers\avmeject.sys
21:21:21.0804 1060  avmeject - ok
21:21:21.0828 1060  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:21:21.0865 1060  AxInstSV - ok
21:21:21.0893 1060  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:21:21.0925 1060  b06bdrv - ok
21:21:21.0939 1060  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:21:21.0964 1060  b57nd60a - ok
21:21:21.0977 1060  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:21:21.0991 1060  BDESVC - ok
21:21:22.0004 1060  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:21:22.0062 1060  Beep - ok
21:21:22.0109 1060  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:21:22.0172 1060  BFE - ok
21:21:22.0201 1060  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
21:21:22.0228 1060  BITS - ok
21:21:22.0231 1060  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:21:22.0247 1060  blbdrive - ok
21:21:22.0273 1060  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:21:22.0318 1060  bowser - ok
21:21:22.0336 1060  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:21:22.0376 1060  BrFiltLo - ok
21:21:22.0379 1060  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:21:22.0393 1060  BrFiltUp - ok
21:21:22.0397 1060  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:21:22.0432 1060  BridgeMP - ok
21:21:22.0469 1060  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:21:22.0477 1060  Browser - ok
21:21:22.0490 1060  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:21:22.0505 1060  Brserid - ok
21:21:22.0519 1060  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:21:22.0528 1060  BrSerWdm - ok
21:21:22.0530 1060  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:21:22.0544 1060  BrUsbMdm - ok
21:21:22.0547 1060  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:21:22.0554 1060  BrUsbSer - ok
21:21:22.0565 1060  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:21:22.0574 1060  BTHMODEM - ok
21:21:22.0589 1060  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:21:22.0610 1060  bthserv - ok
21:21:22.0636 1060  catchme - ok
21:21:22.0650 1060  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:21:22.0672 1060  cdfs - ok
21:21:22.0689 1060  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:21:22.0708 1060  cdrom - ok
21:21:22.0727 1060  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:21:22.0749 1060  CertPropSvc - ok
21:21:22.0763 1060  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:21:22.0773 1060  circlass - ok
21:21:22.0784 1060  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:21:22.0793 1060  CLFS - ok
21:21:22.0853 1060  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:21:22.0866 1060  clr_optimization_v2.0.50727_32 - ok
21:21:22.0896 1060  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:21:22.0906 1060  clr_optimization_v2.0.50727_64 - ok
21:21:22.0982 1060  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:21:22.0990 1060  clr_optimization_v4.0.30319_32 - ok
21:21:23.0012 1060  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:21:23.0019 1060  clr_optimization_v4.0.30319_64 - ok
21:21:23.0026 1060  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:21:23.0041 1060  CmBatt - ok
21:21:23.0051 1060  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:21:23.0058 1060  cmdide - ok
21:21:23.0079 1060  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:21:23.0110 1060  CNG - ok
21:21:23.0125 1060  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:21:23.0132 1060  Compbatt - ok
21:21:23.0154 1060  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:21:23.0165 1060  CompositeBus - ok
21:21:23.0177 1060  COMSysApp - ok
21:21:23.0195 1060  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:21:23.0203 1060  crcdisk - ok
21:21:23.0231 1060  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:21:23.0240 1060  CryptSvc - ok
21:21:23.0296 1060  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:21:23.0312 1060  cvhsvc - ok
21:21:23.0332 1060  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:21:23.0357 1060  DcomLaunch - ok
21:21:23.0368 1060  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:21:23.0402 1060  defragsvc - ok
21:21:23.0423 1060  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:21:23.0444 1060  DfsC - ok
21:21:23.0461 1060  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:21:23.0467 1060  dg_ssudbus - ok
21:21:23.0503 1060  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:21:23.0512 1060  Dhcp - ok
21:21:23.0527 1060  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:21:23.0557 1060  discache - ok
21:21:23.0569 1060  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:21:23.0576 1060  Disk - ok
21:21:23.0602 1060  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:21:23.0631 1060  Dnscache - ok
21:21:23.0657 1060  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:21:23.0706 1060  dot3svc - ok
21:21:23.0743 1060  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:21:23.0765 1060  DPS - ok
21:21:23.0788 1060  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:21:23.0820 1060  drmkaud - ok
21:21:23.0855 1060  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:21:23.0885 1060  DXGKrnl - ok
21:21:23.0918 1060  [ 426A0AE0B9F4F1CF4BA6FAF4EE28E5B0 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
21:21:23.0935 1060  e1cexpress - ok
21:21:23.0939 1060  EagleX64 - ok
21:21:23.0946 1060  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:21:23.0973 1060  EapHost - ok
21:21:24.0053 1060  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:21:24.0096 1060  ebdrv - ok
21:21:24.0122 1060  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:21:24.0129 1060  EFS - ok
21:21:24.0183 1060  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:21:24.0196 1060  ehRecvr - ok
21:21:24.0222 1060  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:21:24.0243 1060  ehSched - ok
21:21:24.0259 1060  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:21:24.0270 1060  elxstor - ok
21:21:24.0285 1060  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:21:24.0305 1060  ErrDev - ok
21:21:24.0329 1060  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:21:24.0353 1060  EventSystem - ok
21:21:24.0363 1060  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:21:24.0386 1060  exfat - ok
21:21:24.0396 1060  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:21:24.0426 1060  fastfat - ok
21:21:24.0488 1060  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:21:24.0509 1060  Fax - ok
21:21:24.0524 1060  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:21:24.0531 1060  fdc - ok
21:21:24.0542 1060  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:21:24.0564 1060  fdPHost - ok
21:21:24.0566 1060  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:21:24.0587 1060  FDResPub - ok
21:21:24.0611 1060  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:21:24.0617 1060  FileInfo - ok
21:21:24.0624 1060  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:21:24.0645 1060  Filetrace - ok
21:21:24.0680 1060  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:21:24.0693 1060  FLEXnet Licensing Service - ok
21:21:24.0695 1060  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:21:24.0702 1060  flpydisk - ok
21:21:24.0726 1060  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:21:24.0735 1060  FltMgr - ok
21:21:24.0776 1060  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
21:21:24.0804 1060  FontCache - ok
21:21:24.0865 1060  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:21:24.0876 1060  FontCache3.0.0.0 - ok
21:21:24.0893 1060  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:21:24.0900 1060  FsDepends - ok
21:21:24.0925 1060  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:21:24.0932 1060  Fs_Rec - ok
21:21:24.0961 1060  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:21:24.0972 1060  fvevol - ok
21:21:25.0002 1060  [ 4632BB93B668004965246D7911E2DD05 ] fwlanusb4       C:\Windows\system32\DRIVERS\fwlanusb4.sys
21:21:25.0022 1060  fwlanusb4 - ok
21:21:25.0033 1060  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:21:25.0040 1060  gagp30kx - ok
21:21:25.0093 1060  [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
21:21:25.0107 1060  GameConsoleService - ok
21:21:25.0137 1060  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:21:25.0180 1060  gpsvc - ok
21:21:25.0213 1060  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
21:21:25.0224 1060  GREGService - ok
21:21:25.0270 1060  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:21:25.0283 1060  gupdate - ok
21:21:25.0302 1060  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:21:25.0314 1060  gupdatem - ok
21:21:25.0342 1060  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
21:21:25.0353 1060  hamachi - ok
21:21:25.0371 1060  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:21:25.0390 1060  hcw85cir - ok
21:21:25.0422 1060  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:21:25.0445 1060  HdAudAddService - ok
21:21:25.0457 1060  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:21:25.0491 1060  HDAudBus - ok
21:21:25.0506 1060  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:21:25.0520 1060  HidBatt - ok
21:21:25.0540 1060  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:21:25.0566 1060  HidBth - ok
21:21:25.0570 1060  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:21:25.0592 1060  HidIr - ok
21:21:25.0616 1060  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
21:21:25.0657 1060  hidserv - ok
21:21:25.0697 1060  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:21:25.0711 1060  HidUsb - ok
21:21:25.0747 1060  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:21:25.0792 1060  hkmsvc - ok
21:21:25.0831 1060  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:21:25.0842 1060  HomeGroupListener - ok
21:21:25.0859 1060  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:21:25.0877 1060  HomeGroupProvider - ok
21:21:25.0885 1060  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:21:25.0893 1060  HpSAMD - ok
21:21:25.0936 1060  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:21:25.0979 1060  HTTP - ok
21:21:25.0990 1060  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:21:25.0998 1060  hwpolicy - ok
21:21:26.0028 1060  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:21:26.0038 1060  i8042prt - ok
21:21:26.0078 1060  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:21:26.0097 1060  iaStor - ok
21:21:26.0128 1060  [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:21:26.0136 1060  IAStorDataMgrSvc - ok
21:21:26.0162 1060  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:21:26.0177 1060  iaStorV - ok
21:21:26.0219 1060  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:21:26.0239 1060  idsvc - ok
21:21:26.0256 1060  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:21:26.0266 1060  iirsp - ok
21:21:26.0305 1060  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:21:26.0361 1060  IKEEXT - ok
21:21:26.0441 1060  [ C03463214D23B46B991F582821C8DF69 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:21:26.0482 1060  IntcAzAudAddService - ok
21:21:26.0513 1060  [ FB2DE1F382BA4BF0B4E30A006C8B925E ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
21:21:26.0520 1060  Intel(R) PROSet Monitoring Service - ok
21:21:26.0544 1060  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:21:26.0551 1060  intelide - ok
21:21:26.0553 1060  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:21:26.0576 1060  intelppm - ok
21:21:26.0606 1060  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:21:26.0629 1060  IPBusEnum - ok
21:21:26.0659 1060  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:21:26.0686 1060  IpFilterDriver - ok
21:21:26.0716 1060  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:21:26.0741 1060  iphlpsvc - ok
21:21:26.0756 1060  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:21:26.0764 1060  IPMIDRV - ok
21:21:26.0775 1060  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:21:26.0805 1060  IPNAT - ok
21:21:26.0835 1060  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:21:26.0896 1060  IRENUM - ok
21:21:26.0904 1060  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:21:26.0911 1060  isapnp - ok
21:21:26.0923 1060  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:21:26.0933 1060  iScsiPrt - ok
21:21:26.0964 1060  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:21:26.0971 1060  kbdclass - ok
21:21:26.0978 1060  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:21:27.0002 1060  kbdhid - ok
21:21:27.0014 1060  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:21:27.0023 1060  KeyIso - ok
21:21:27.0046 1060  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:21:27.0054 1060  KSecDD - ok
21:21:27.0080 1060  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:21:27.0089 1060  KSecPkg - ok
21:21:27.0095 1060  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:21:27.0121 1060  ksthunk - ok
21:21:27.0167 1060  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:21:27.0233 1060  KtmRm - ok
21:21:27.0273 1060  [ 86DCBF8A41C78561A1DA07AB5E7B1CCC ] LADF_DHP2       C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
21:21:27.0284 1060  LADF_DHP2 - ok
21:21:27.0297 1060  [ 175C04C7813CE64616B5CB046E5E1383 ] LADF_SBVM       C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
21:21:27.0312 1060  LADF_SBVM - ok
21:21:27.0349 1060  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:21:27.0400 1060  LanmanServer - ok
21:21:27.0415 1060  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:21:27.0437 1060  LanmanWorkstation - ok
21:21:27.0539 1060  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:21:27.0557 1060  LBTServ - ok
21:21:27.0585 1060  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
21:21:27.0597 1060  LGBusEnum - ok
21:21:27.0637 1060  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
21:21:27.0648 1060  LGVirHid - ok
21:21:27.0659 1060  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:21:27.0671 1060  LHidFilt - ok
21:21:27.0695 1060  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:21:27.0739 1060  lltdio - ok
21:21:27.0772 1060  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:21:27.0813 1060  lltdsvc - ok
21:21:27.0823 1060  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:21:27.0853 1060  lmhosts - ok
21:21:27.0864 1060  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:21:27.0872 1060  LMouFilt - ok
21:21:27.0916 1060  [ 926EBA26A8B49D1597751CED06B50862 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:21:27.0933 1060  LMS - ok
21:21:27.0950 1060  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:21:27.0962 1060  LSI_FC - ok
21:21:27.0969 1060  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:21:27.0980 1060  LSI_SAS - ok
21:21:27.0999 1060  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:21:28.0010 1060  LSI_SAS2 - ok
21:21:28.0025 1060  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:21:28.0037 1060  LSI_SCSI - ok
21:21:28.0071 1060  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:21:28.0113 1060  luafv - ok
21:21:28.0135 1060  [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
21:21:28.0142 1060  ManyCam - ok
21:21:28.0205 1060  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:21:28.0215 1060  MBAMProtector - ok
21:21:28.0258 1060  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:21:28.0271 1060  MBAMScheduler - ok
21:21:28.0293 1060  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:21:28.0309 1060  MBAMService - ok
21:21:28.0336 1060  [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
21:21:28.0364 1060  mcaudrv_simple - ok
21:21:28.0394 1060  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:21:28.0416 1060  Mcx2Svc - ok
21:21:28.0429 1060  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:21:28.0442 1060  megasas - ok
21:21:28.0456 1060  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:21:28.0474 1060  MegaSR - ok
21:21:28.0487 1060  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:21:28.0494 1060  MEIx64 - ok
21:21:28.0514 1060  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:21:28.0542 1060  MMCSS - ok
21:21:28.0558 1060  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:21:28.0585 1060  Modem - ok
21:21:28.0605 1060  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:21:28.0614 1060  monitor - ok
21:21:28.0620 1060  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:21:28.0627 1060  mouclass - ok
21:21:28.0633 1060  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:21:28.0640 1060  mouhid - ok
21:21:28.0663 1060  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:21:28.0670 1060  mountmgr - ok
21:21:28.0719 1060  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:21:28.0732 1060  MozillaMaintenance - ok
21:21:28.0746 1060  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:21:28.0757 1060  mpio - ok
21:21:28.0775 1060  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:21:28.0803 1060  mpsdrv - ok
21:21:28.0844 1060  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:21:28.0876 1060  MpsSvc - ok
21:21:28.0902 1060  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:21:28.0913 1060  MRxDAV - ok
21:21:28.0942 1060  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:21:28.0967 1060  mrxsmb - ok
21:21:29.0000 1060  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:21:29.0022 1060  mrxsmb10 - ok
21:21:29.0035 1060  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:21:29.0054 1060  mrxsmb20 - ok
21:21:29.0077 1060  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:21:29.0086 1060  msahci - ok
21:21:29.0106 1060  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:21:29.0117 1060  msdsm - ok
21:21:29.0131 1060  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:21:29.0150 1060  MSDTC - ok
21:21:29.0174 1060  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:21:29.0212 1060  Msfs - ok
21:21:29.0230 1060  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:21:29.0277 1060  mshidkmdf - ok
21:21:29.0284 1060  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:21:29.0292 1060  msisadrv - ok
21:21:29.0313 1060  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:21:29.0336 1060  MSiSCSI - ok
21:21:29.0338 1060  msiserver - ok
21:21:29.0361 1060  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:21:29.0383 1060  MSKSSRV - ok
21:21:29.0395 1060  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:21:29.0416 1060  MSPCLOCK - ok
21:21:29.0431 1060  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:21:29.0465 1060  MSPQM - ok
21:21:29.0481 1060  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:21:29.0491 1060  MsRPC - ok
21:21:29.0509 1060  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:21:29.0515 1060  mssmbios - ok
21:21:29.0517 1060  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:21:29.0579 1060  MSTEE - ok
21:21:29.0592 1060  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:21:29.0615 1060  MTConfig - ok
21:21:29.0645 1060  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:21:29.0654 1060  Mup - ok
21:21:29.0683 1060  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:21:29.0742 1060  napagent - ok
21:21:29.0782 1060  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:21:29.0816 1060  NativeWifiP - ok
21:21:29.0855 1060  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:21:29.0875 1060  NDIS - ok
21:21:29.0890 1060  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:21:29.0919 1060  NdisCap - ok
21:21:29.0938 1060  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:21:29.0959 1060  NdisTapi - ok
21:21:29.0999 1060  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:21:30.0020 1060  Ndisuio - ok
21:21:30.0040 1060  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:21:30.0062 1060  NdisWan - ok
21:21:30.0098 1060  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:21:30.0141 1060  NDProxy - ok
21:21:30.0155 1060  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:21:30.0197 1060  NetBIOS - ok
21:21:30.0210 1060  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:21:30.0245 1060  NetBT - ok
21:21:30.0254 1060  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:21:30.0261 1060  Netlogon - ok
21:21:30.0289 1060  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:21:30.0312 1060  Netman - ok
21:21:30.0331 1060  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:21:30.0369 1060  netprofm - ok
21:21:30.0394 1060  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:21:30.0400 1060  NetTcpPortSharing - ok
21:21:30.0420 1060  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:21:30.0426 1060  nfrd960 - ok
21:21:30.0450 1060  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:21:30.0459 1060  NlaSvc - ok
21:21:30.0462 1060  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:21:30.0483 1060  Npfs - ok
21:21:30.0500 1060  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:21:30.0522 1060  nsi - ok
21:21:30.0532 1060  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:21:30.0563 1060  nsiproxy - ok
21:21:30.0616 1060  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:21:30.0650 1060  Ntfs - ok
21:21:30.0660 1060  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:21:30.0681 1060  Null - ok
21:21:30.0716 1060  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:21:30.0724 1060  NVHDA - ok
21:21:30.0920 1060  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:21:31.0036 1060  nvlddmkm - ok
21:21:31.0074 1060  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:21:31.0081 1060  nvraid - ok
21:21:31.0097 1060  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:21:31.0105 1060  nvstor - ok
21:21:31.0146 1060  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:21:31.0161 1060  nvsvc - ok
21:21:31.0217 1060  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:21:31.0235 1060  nvUpdatusService - ok
21:21:31.0255 1060  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:21:31.0262 1060  nv_agp - ok
21:21:31.0286 1060  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:21:31.0301 1060  ohci1394 - ok
21:21:31.0341 1060  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:21:31.0354 1060  ose - ok
21:21:31.0462 1060  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:21:31.0518 1060  osppsvc - ok
21:21:31.0551 1060  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:21:31.0561 1060  p2pimsvc - ok
21:21:31.0575 1060  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:21:31.0588 1060  p2psvc - ok
21:21:31.0607 1060  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:21:31.0631 1060  Parport - ok
21:21:31.0649 1060  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:21:31.0659 1060  partmgr - ok
21:21:31.0669 1060  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:21:31.0693 1060  PcaSvc - ok
21:21:31.0697 1060  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:21:31.0707 1060  pci - ok
21:21:31.0719 1060  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:21:31.0725 1060  pciide - ok
21:21:31.0743 1060  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:21:31.0751 1060  pcmcia - ok
21:21:31.0766 1060  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:21:31.0773 1060  pcw - ok
21:21:31.0790 1060  PDNSp50a64 - ok
21:21:31.0806 1060  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:21:31.0832 1060  PEAUTH - ok
21:21:31.0910 1060  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:21:31.0926 1060  PerfHost - ok
21:21:31.0977 1060  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:21:32.0032 1060  pla - ok
21:21:32.0058 1060  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:21:32.0090 1060  PlugPlay - ok
21:21:32.0100 1060  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:21:32.0113 1060  PNRPAutoReg - ok
21:21:32.0120 1060  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:21:32.0136 1060  PNRPsvc - ok
21:21:32.0156 1060  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:21:32.0193 1060  PolicyAgent - ok
21:21:32.0212 1060  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:21:32.0241 1060  Power - ok
21:21:32.0268 1060  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:21:32.0296 1060  PptpMiniport - ok
21:21:32.0313 1060  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:21:32.0328 1060  Processor - ok
21:21:32.0347 1060  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:21:32.0369 1060  ProfSvc - ok
21:21:32.0378 1060  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:21:32.0385 1060  ProtectedStorage - ok
21:21:32.0402 1060  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:21:32.0423 1060  Psched - ok
21:21:32.0463 1060  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:21:32.0484 1060  ql2300 - ok
21:21:32.0500 1060  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:21:32.0507 1060  ql40xx - ok
21:21:32.0519 1060  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:21:32.0531 1060  QWAVE - ok
21:21:32.0541 1060  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:21:32.0551 1060  QWAVEdrv - ok
21:21:32.0565 1060  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:21:32.0586 1060  RasAcd - ok
21:21:32.0622 1060  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:21:32.0654 1060  RasAgileVpn - ok
21:21:32.0682 1060  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:21:32.0732 1060  RasAuto - ok
21:21:32.0751 1060  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:21:32.0772 1060  Rasl2tp - ok
21:21:32.0790 1060  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:21:32.0813 1060  RasMan - ok
21:21:32.0827 1060  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:21:32.0849 1060  RasPppoe - ok
21:21:32.0852 1060  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:21:32.0874 1060  RasSstp - ok
21:21:32.0901 1060  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:21:32.0924 1060  rdbss - ok
21:21:32.0935 1060  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:21:32.0945 1060  rdpbus - ok
21:21:32.0958 1060  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:21:32.0992 1060  RDPCDD - ok
21:21:33.0009 1060  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:21:33.0031 1060  RDPENCDD - ok
21:21:33.0034 1060  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:21:33.0055 1060  RDPREFMP - ok
21:21:33.0078 1060  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:21:33.0086 1060  RDPWD - ok
21:21:33.0109 1060  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:21:33.0118 1060  rdyboost - ok
21:21:33.0141 1060  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:21:33.0171 1060  RemoteAccess - ok
21:21:33.0175 1060  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:21:33.0197 1060  RemoteRegistry - ok
21:21:33.0214 1060  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:21:33.0236 1060  RpcEptMapper - ok
21:21:33.0259 1060  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:21:33.0267 1060  RpcLocator - ok
21:21:33.0280 1060  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:21:33.0304 1060  RpcSs - ok
21:21:33.0323 1060  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:21:33.0344 1060  rspndr - ok
21:21:33.0347 1060  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:21:33.0354 1060  SamSs - ok
21:21:33.0371 1060  [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCL        C:\Windows\system32\DRIVERS\sbfwim.sys
21:21:33.0377 1060  SBFWIMCL - ok
21:21:33.0390 1060  [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCLMP      C:\Windows\system32\DRIVERS\SBFWIM.sys
21:21:33.0396 1060  SBFWIMCLMP - ok
21:21:33.0425 1060  [ CCBF62280DAF6D94A4C73E391CDAC68C ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
21:21:33.0434 1060  SbieDrv - ok
21:21:33.0446 1060  [ 8A1F63C6EC01C56C9EC4C681E593FE34 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
21:21:33.0452 1060  SbieSvc - ok
21:21:33.0484 1060  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:21:33.0491 1060  sbp2port - ok
21:21:33.0509 1060  SBRE - ok
21:21:33.0530 1060  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:21:33.0584 1060  SCardSvr - ok
21:21:33.0618 1060  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:21:33.0667 1060  scfilter - ok
21:21:33.0706 1060  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:21:33.0746 1060  Schedule - ok
21:21:33.0768 1060  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:21:33.0789 1060  SCPolicySvc - ok
21:21:33.0809 1060  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:21:33.0830 1060  SDRSVC - ok
21:21:33.0834 1060  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:21:33.0878 1060  secdrv - ok
21:21:33.0906 1060  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:21:33.0944 1060  seclogon - ok
21:21:33.0957 1060  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
21:21:33.0997 1060  SENS - ok
21:21:34.0010 1060  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:21:34.0037 1060  SensrSvc - ok
21:21:34.0046 1060  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:21:34.0060 1060  Serenum - ok
21:21:34.0083 1060  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:21:34.0092 1060  Serial - ok
21:21:34.0114 1060  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:21:34.0131 1060  sermouse - ok
21:21:34.0150 1060  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:21:34.0176 1060  SessionEnv - ok
21:21:34.0192 1060  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:21:34.0199 1060  sffdisk - ok
21:21:34.0205 1060  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:21:34.0227 1060  sffp_mmc - ok
21:21:34.0229 1060  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:21:34.0237 1060  sffp_sd - ok
21:21:34.0239 1060  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:21:34.0246 1060  sfloppy - ok
21:21:34.0299 1060  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
21:21:34.0325 1060  Sftfs - ok
21:21:34.0386 1060  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:21:34.0407 1060  sftlist - ok
21:21:34.0443 1060  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:21:34.0452 1060  Sftplay - ok
21:21:34.0469 1060  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:21:34.0478 1060  Sftredir - ok
21:21:34.0490 1060  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
21:21:34.0497 1060  Sftvol - ok
21:21:34.0511 1060  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:21:34.0522 1060  sftvsa - ok
21:21:34.0550 1060  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:21:34.0580 1060  SharedAccess - ok
21:21:34.0590 1060  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:21:34.0613 1060  ShellHWDetection - ok
21:21:34.0615 1060  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:21:34.0621 1060  SiSRaid2 - ok
21:21:34.0624 1060  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:21:34.0630 1060  SiSRaid4 - ok
21:21:34.0706 1060  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:21:34.0719 1060  SkypeUpdate - ok
21:21:34.0724 1060  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:21:34.0784 1060  Smb - ok
21:21:34.0815 1060  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:21:34.0832 1060  SNMPTRAP - ok
21:21:34.0850 1060  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:21:34.0863 1060  spldr - ok
21:21:34.0890 1060  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:21:34.0908 1060  Spooler - ok
21:21:34.0989 1060  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:21:35.0050 1060  sppsvc - ok
21:21:35.0070 1060  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:21:35.0092 1060  sppuinotify - ok
21:21:35.0111 1060  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:21:35.0133 1060  srv - ok
21:21:35.0144 1060  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:21:35.0169 1060  srv2 - ok
21:21:35.0173 1060  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:21:35.0189 1060  srvnet - ok
21:21:35.0222 1060  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
21:21:35.0231 1060  ssadbus - ok
21:21:35.0243 1060  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
21:21:35.0261 1060  ssadmdfl - ok
21:21:35.0287 1060  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
21:21:35.0309 1060  ssadmdm - ok
21:21:35.0341 1060  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
21:21:35.0370 1060  ssadserd - ok
21:21:35.0384 1060  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:21:35.0421 1060  SSDPSRV - ok
21:21:35.0447 1060  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:21:35.0481 1060  SstpSvc - ok
21:21:35.0502 1060  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:21:35.0510 1060  ssudmdm - ok
21:21:35.0544 1060  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:21:35.0553 1060  Stereo Service - ok
21:21:35.0569 1060  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:21:35.0576 1060  stexstor - ok
21:21:35.0609 1060  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:21:35.0649 1060  stisvc - ok
21:21:35.0679 1060  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:21:35.0692 1060  swenum - ok
21:21:35.0707 1060  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:21:35.0743 1060  swprv - ok
21:21:35.0790 1060  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:21:35.0836 1060  SysMain - ok
21:21:35.0855 1060  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:21:35.0869 1060  TabletInputService - ok
21:21:35.0884 1060  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:21:35.0909 1060  TapiSrv - ok
21:21:35.0926 1060  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:21:35.0949 1060  TBS - ok
21:21:35.0994 1060  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:21:36.0026 1060  Tcpip - ok
21:21:36.0075 1060  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:21:36.0111 1060  TCPIP6 - ok
21:21:36.0131 1060  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:21:36.0138 1060  tcpipreg - ok
21:21:36.0149 1060  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:21:36.0155 1060  TDPIPE - ok
21:21:36.0171 1060  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:21:36.0199 1060  TDTCP - ok
21:21:36.0217 1060  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:21:36.0242 1060  tdx - ok
21:21:36.0258 1060  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:21:36.0265 1060  TermDD - ok
21:21:36.0288 1060  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:21:36.0312 1060  TermService - ok
21:21:36.0328 1060  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:21:36.0351 1060  Themes - ok
21:21:36.0373 1060  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:21:36.0395 1060  THREADORDER - ok
21:21:36.0405 1060  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:21:36.0427 1060  TrkWks - ok
21:21:36.0457 1060  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:21:36.0495 1060  TrustedInstaller - ok
21:21:36.0512 1060  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:21:36.0539 1060  tssecsrv - ok
21:21:36.0570 1060  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:21:36.0577 1060  TsUsbFlt - ok
21:21:36.0618 1060  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:21:36.0655 1060  tunnel - ok
21:21:36.0674 1060  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:21:36.0681 1060  uagp35 - ok
21:21:36.0700 1060  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:21:36.0723 1060  udfs - ok
21:21:36.0742 1060  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:21:36.0772 1060  UI0Detect - ok
21:21:36.0793 1060  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:21:36.0807 1060  uliagpkx - ok
21:21:36.0829 1060  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
21:21:36.0845 1060  umbus - ok
21:21:36.0864 1060  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:21:36.0890 1060  UmPass - ok
21:21:36.0977 1060  [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:21:37.0024 1060  UNS - ok
21:21:37.0082 1060  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
21:21:37.0096 1060  Updater Service - ok
21:21:37.0111 1060  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:21:37.0173 1060  upnphost - ok
21:21:37.0192 1060  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:21:37.0218 1060  usbaudio - ok
21:21:37.0252 1060  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:21:37.0280 1060  usbccgp - ok
21:21:37.0295 1060  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:21:37.0307 1060  usbcir - ok
21:21:37.0319 1060  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:21:37.0326 1060  usbehci - ok
21:21:37.0343 1060  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:21:37.0352 1060  usbhub - ok
21:21:37.0366 1060  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:21:37.0379 1060  usbohci - ok
21:21:37.0404 1060  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:21:37.0414 1060  usbprint - ok
21:21:37.0462 1060  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:21:37.0480 1060  usbscan - ok
21:21:37.0498 1060  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:21:37.0512 1060  USBSTOR - ok
21:21:37.0525 1060  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:21:37.0545 1060  usbuhci - ok
21:21:37.0558 1060  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:21:37.0585 1060  UxSms - ok
21:21:37.0587 1060  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:21:37.0596 1060  VaultSvc - ok
21:21:37.0613 1060  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:21:37.0621 1060  vdrvroot - ok
21:21:37.0643 1060  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:21:37.0673 1060  vds - ok
21:21:37.0683 1060  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:21:37.0693 1060  vga - ok
21:21:37.0709 1060  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:21:37.0746 1060  VgaSave - ok
21:21:37.0758 1060  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:21:37.0766 1060  vhdmp - ok
21:21:37.0785 1060  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:21:37.0792 1060  viaide - ok
21:21:37.0816 1060  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:21:37.0823 1060  volmgr - ok
21:21:37.0857 1060  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:21:37.0867 1060  volmgrx - ok
21:21:37.0881 1060  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:21:37.0891 1060  volsnap - ok
21:21:37.0915 1060  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:21:37.0922 1060  vsmraid - ok
21:21:37.0958 1060  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:21:37.0992 1060  VSS - ok
21:21:38.0115 1060  [ 254E8F9BA44E9F55416B0E51DBFF3C5F ] vToolbarUpdater15.3.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
21:21:38.0143 1060  vToolbarUpdater15.3.0 - ok
21:21:38.0150 1060  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:21:38.0175 1060  vwifibus - ok
21:21:38.0195 1060  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:21:38.0220 1060  W32Time - ok
21:21:38.0236 1060  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:21:38.0243 1060  WacomPen - ok
21:21:38.0266 1060  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:21:38.0287 1060  WANARP - ok
21:21:38.0289 1060  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:21:38.0311 1060  Wanarpv6 - ok
21:21:38.0343 1060  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:21:38.0371 1060  wbengine - ok
21:21:38.0390 1060  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:21:38.0402 1060  WbioSrvc - ok
21:21:38.0434 1060  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:21:38.0460 1060  wcncsvc - ok
21:21:38.0474 1060  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:21:38.0489 1060  WcsPlugInService - ok
21:21:38.0502 1060  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:21:38.0508 1060  Wd - ok
21:21:38.0547 1060  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:21:38.0561 1060  Wdf01000 - ok
21:21:38.0568 1060  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:21:38.0579 1060  WdiServiceHost - ok
21:21:38.0581 1060  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:21:38.0592 1060  WdiSystemHost - ok
21:21:38.0609 1060  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:21:38.0621 1060  WebClient - ok
21:21:38.0632 1060  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:21:38.0667 1060  Wecsvc - ok
21:21:38.0683 1060  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:21:38.0711 1060  wercplsupport - ok
21:21:38.0734 1060  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:21:38.0772 1060  WerSvc - ok
21:21:38.0783 1060  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:21:38.0804 1060  WfpLwf - ok
21:21:38.0806 1060  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:21:38.0813 1060  WIMMount - ok
21:21:38.0827 1060  WinDefend - ok
21:21:38.0843 1060  WinHttpAutoProxySvc - ok
21:21:38.0885 1060  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:21:38.0931 1060  Winmgmt - ok
21:21:38.0983 1060  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:21:39.0040 1060  WinRM - ok
21:21:39.0093 1060  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:21:39.0109 1060  WinUsb - ok
21:21:39.0138 1060  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:21:39.0162 1060  Wlansvc - ok
21:21:39.0292 1060  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:21:39.0327 1060  wlidsvc - ok
21:21:39.0348 1060  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:21:39.0355 1060  WmiAcpi - ok
21:21:39.0373 1060  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:21:39.0382 1060  wmiApSrv - ok
21:21:39.0399 1060  WMPNetworkSvc - ok
21:21:39.0412 1060  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:21:39.0419 1060  WPCSvc - ok
21:21:39.0427 1060  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:21:39.0436 1060  WPDBusEnum - ok
21:21:39.0445 1060  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:21:39.0476 1060  ws2ifsl - ok
21:21:39.0491 1060  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
21:21:39.0512 1060  wscsvc - ok
21:21:39.0515 1060  WSearch - ok
21:21:39.0565 1060  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:21:39.0600 1060  wuauserv - ok
21:21:39.0619 1060  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:21:39.0626 1060  WudfPf - ok
21:21:39.0644 1060  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:21:39.0652 1060  WUDFRd - ok
21:21:39.0662 1060  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:21:39.0670 1060  wudfsvc - ok
21:21:39.0682 1060  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:21:39.0691 1060  WwanSvc - ok
21:21:39.0706 1060  ================ Scan global ===============================
21:21:39.0718 1060  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:21:39.0747 1060  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:21:39.0751 1060  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:21:39.0763 1060  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:21:39.0783 1060  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:21:39.0785 1060  [Global] - ok
21:21:39.0785 1060  ================ Scan MBR ==================================
21:21:39.0794 1060  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:21:40.0043 1060  \Device\Harddisk0\DR0 - ok
21:21:40.0044 1060  ================ Scan VBR ==================================
21:21:40.0046 1060  [ 91E4E51D1BEF86B0BEB21894E86E158A ] \Device\Harddisk0\DR0\Partition1
21:21:40.0048 1060  \Device\Harddisk0\DR0\Partition1 - ok
21:21:40.0055 1060  [ 17E2B3A729F0C3F2582333416D6F4FB8 ] \Device\Harddisk0\DR0\Partition2
21:21:40.0056 1060  \Device\Harddisk0\DR0\Partition2 - ok
21:21:40.0081 1060  [ A2952948BEB40E28E0A54F598F77ABD2 ] \Device\Harddisk0\DR0\Partition3
21:21:40.0083 1060  \Device\Harddisk0\DR0\Partition3 - ok
21:21:40.0084 1060  ============================================================
21:21:40.0084 1060  Scan finished
21:21:40.0084 1060  ============================================================
21:21:40.0093 1328  Detected object count: 1
21:21:40.0093 1328  Actual detected object count: 1
21:21:56.0075 1328  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:21:56.0075 1328  AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:22:10.0533 5500  Deinitialize success
         
Werbung ist immer nochüberall sogar hier auf der Seite in Massen!


Alt 12.08.2013, 15:57   #6
markusg
/// Malware-holic
 
Werbung überall - Standard

Werbung überall



Hi,
und sagst du mir vllt auch was nicht entfernt wurde, macht die arbeit ungemein leichter....
Schau auch mal mit Rewo ob du die Programme findest
__________________
--> Werbung überall

Alt 13.08.2013, 07:15   #7
Fire112
 
Werbung überall - Standard

Werbung überall



Auch mit Revo nicht das sind die ganzen Spiele und sowas also Bejewled etc.

Alt 13.08.2013, 17:22   #8
markusg
/// Malware-holic
 
Werbung überall - Standard

Werbung überall



Hi, ok weiter hiermit.
Es sind 3 Logs zu erstellen, poste sie gleichzeitig bitte.
1.
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Neustarten.
2.

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Neustarten
3.
HitmanPro - Download - Filepony
Hitmanpro laden, doppelklicken, Scan klicken.
Log speichern und posten, bzw als XML exportieren, packen und anhängen.
Hitmanpro schließen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.08.2013, 11:48   #9
Fire112
 
Werbung überall - Standard

Werbung überall



ADW
Code:
ATTFilter
# AdwCleaner v3.000 - Report created15/08/2013at12:33:42
# Updated 13/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Rene - COMPUTER
# Running from : C:\Users\Rene\Downloads\adwcleaner.exe

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\LyricsPal
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Rene\AppData\Roaming\Babylon

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\5a68bdae53eed10
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vegas-pro_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vegas-pro_RASMANCS
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5AC1A638-313E-4C1D-8579-D1687644E095}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5AC1A638-313E-4C1D-8579-D1687644E095}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{72082FCF-9791-4192-81CB-DA086C490CEB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b54e96c1-85c3-410a-8db1-c276bc3535c4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b54e96c1-85c3-410a-8db1-c276bc3535c4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4f78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\AVGRewards.AVGRewardsWorker
Key Deleted : HKLM\SOFTWARE\Classes\AVGRewards.AVGRewardsWorker.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\OCS
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lrcspal@lyricspal.co

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] No bad entry found.

-\\ Mozilla Firefox v22.0 (de)

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}]
File Deleted : C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\user.js

[ File : C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\prefs.js ]

Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "8");
Line Deleted : user_pref("extensions.delta.cntry", "DE");
Line Deleted : user_pref("extensions.delta.dfltLng", "de");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "1C1BD8561913FCD0A8FBDD8F023D6E05");
Line Deleted : user_pref("extensions.delta.id", "10e3a21a000000000000bc05430be1a6");
Line Deleted : user_pref("extensions.delta.instlDay", "15925");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.22.020:35:43");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "azb");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.22.0");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.22.020:35:43");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.22.0");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=123976&tt=070813_wt3&tsp=4968");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");

*************************

AdwCleaner[0].txt - [4680 octets] - [15/08/2013 12:33:42]

########## EOF - C:\AdwCleaner\AdwCleaner[0].txt - [4739 octets] ##########
         

JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.5 (08.13.2013:1)
OS: Windows 7 Home Premium x64
Ran by Rene on 15.08.2013 at 12:37:38,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricspal
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASDLG
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\Lyrics-Pal Update.job
Successfully deleted: [File] C:\Windows\prefetch\LYRICS.EXE-DC13D20B.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Rene\AppData\Roaming\mozilla\firefox\profiles\qkvom1zb.default\minidumps [41 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.08.2013 at 12:40:28,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

hitman Pro

Code:
ATTFilter
HitmanPro 3.7.7.203
www.hitmanpro.com

   Computer name . . . . : COMPUTER
   Windows . . . . . . . : 6.1.1.7601.X64/8
   User name . . . . . . : Computer\Rene
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2013-08-15 12:43:27
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 2m 39s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 7
   Traces  . . . . . . . : 819

   Objects scanned . . . : 1.509.107
   Files scanned . . . . : 21.617
   Remnants scanned  . . : 509.614 files / 977.876 keys

Malware _____________________________________________________________________

   C:\Users\Rene\Downloads\JRT.exe
      Size . . . . . . . : 1.158.897 bytes
      Age  . . . . . . . : 1.0 days (2013-08-14 13:21:55)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 4724C5E19DA74197D1B4A2A4851EE907548BA06ACFAB2B6D7B3C878A9052C8D7
      Product  . . . . . : Junkware Removal Tool
      Publisher  . . . . : Thisisu
    > Ikarus . . . . . . : Virus.Win32.PePatch!IK
      Fuzzy  . . . . . . : 117.0
      Forensic Cluster
         -19.2s C:\Users\Rene\Downloads\adwcleaner.exe
         -19.2s C:\Users\Rene\Downloads\adwcleaner.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         -1.0s C:\Users\Rene\Downloads\JRT.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         17.1s C:\Users\Rene\Downloads\HitmanPro_x64.exe
         33.6s C:\Users\Rene\Downloads\HitmanPro_x64(1).exe


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar)
   HKU\.DEFAULT\Software\Ask.com\ (AskBar)
   HKU\.DEFAULT\Software\AskToolbar\ (AskBar)
   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
   HKU\S-1-5-18\Software\Ask.com\ (AskBar)
   HKU\S-1-5-18\Software\AskToolbar\ (AskBar)
   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
   HKU\S-1-5-21-2156778911-2319240665-715706893-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)

Cookies _____________________________________________________________________

   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\2LY5HNQJ.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\31Q0IFSQ.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\5ATSS79A.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\5SZ7EAWV.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\BQ1UZV79.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\DSV83OQ8.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\E50A1OOO.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\JWAW3YQJ.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\JXHWXICP.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\KNGULQ32.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\LX8BBIBK.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\MJO8AJTN.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\OO336N75.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\QSUQ00ZV.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\RGNSTNII.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\S1TFDENX.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\SSP80E8E.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\VHUVXDDW.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\WL8FSJ7B.txt
   C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Cookies\XSH8C41T.txt
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:2o7.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ad-emea.doubleclick.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ad.360yield.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ad.ad-srv.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ad.dyntracker.de
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ad.movad.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ad.zanox.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:adopteunmec.solution.weborama.fr
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.aubi-plus.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.brandwire.tv
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.escinteractive.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.gameforge.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.p161.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.pointroll.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.us.e-planning.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ads.webme.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:adserv.me
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:adtech.de
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:adtechus.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:advertising.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:apmebf.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:at.atwola.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:atdmt.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:autoscout24.112.2o7.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:burstnet.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:c.atdmt.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:casalemedia.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:collective-media.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:content-ssl.yieldmanager.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:content.yieldmanager.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:de.sitestat.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:deutschepostag.112.2o7.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:doubleclick.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:eas.apm.emediate.eu
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:emjcd.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ero-advertising.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:exoclick.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ext.myshopres.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:fastclick.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:h.atdmt.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:invitemedia.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:linksynergy.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:livejasmin.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:media6degrees.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:mediaplex.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:pointroll.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:pool-eu-ie.creative-serving.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:questionmarket.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:revsci.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ru4.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:serving-sys.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:smartadserver.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:specificclick.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:statcounter.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:stats.computecmedia.de
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:track.adform.net
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:track.effiliation.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:track.tnm.de
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:tradedoubler.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:weborama.fr
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:ww251.smartadserver.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:www.etracker.de
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:www.googleadservices.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:xiti.com
   C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\qkvom1zb.default\cookies.sqlite:yadro.ru
         
Nach dem Adw Scan wurde nicht gerstartet auch nicht zwischen durch!

Alt 15.08.2013, 15:37   #10
markusg
/// Malware-holic
 
Werbung überall - Standard

Werbung überall



Hi,
bitte alle browser schließen, Hitmanpro alles gefundene löschen lassen.
Neustarten, neues FRST Log
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Werbung überall
einzelne, google, krieg, seite, werbung, worte, überall



Ähnliche Themen: Werbung überall


  1. Überall Werbung! Ein Virus?
    Plagegeister aller Art und deren Bekämpfung - 10.04.2015 (13)
  2. Windows Vista -64 Bit - Werbung, überall Werbung!
    Log-Analyse und Auswertung - 29.03.2015 (15)
  3. werbung taucht überall auf !
    Plagegeister aller Art und deren Bekämpfung - 16.03.2015 (8)
  4. Überall Werbung, Virus?
    Plagegeister aller Art und deren Bekämpfung - 01.03.2015 (17)
  5. Überall Werbung... Fenster öffnen sich automatisch mit werbung HILFE!!!
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (5)
  6. Pc langsam, überall Werbung, neue Fenster mit Werbung, Adblocker verschlimmerte alles
    Plagegeister aller Art und deren Bekämpfung - 14.11.2014 (3)
  7. Überall Werbung auf den Internetseiten
    Log-Analyse und Auswertung - 01.10.2014 (3)
  8. Werbung überall
    Log-Analyse und Auswertung - 13.04.2014 (1)
  9. Überall Werbung
    Plagegeister aller Art und deren Bekämpfung - 13.03.2014 (5)
  10. Internet-Überall Werbung
    Plagegeister aller Art und deren Bekämpfung - 03.03.2014 (1)
  11. Überall werbung im Browser
    Plagegeister aller Art und deren Bekämpfung - 20.09.2013 (13)
  12. Überall Werbung...Trojaner?
    Log-Analyse und Auswertung - 01.09.2013 (3)
  13. plötzlich überall werbung
    Mülltonne - 29.08.2013 (0)
  14. Im Browser ist überall Werbung
    Plagegeister aller Art und deren Bekämpfung - 13.08.2013 (17)
  15. Überall taucht Werbung auf!
    Plagegeister aller Art und deren Bekämpfung - 06.03.2013 (23)
  16. Plötzlich überall Werbung!
    Plagegeister aller Art und deren Bekämpfung - 16.01.2013 (19)
  17. Pc langsam, überall Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.01.2013 (16)

Zum Thema Werbung überall - Habe auf jeder Seite Werbung sogar auf Google und allem, oder einzelne Worte werden verklinkt mit werbung wie krieg ich das weg? - Werbung überall...
Archiv
Du betrachtest: Werbung überall auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.