Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   GVU Trojaner 2.07 komplett entfernen? Win 7 64bit (https://www.trojaner-board.de/119655-gvu-trojaner-2-07-komplett-entfernen-win-7-64bit.html)

2ndSkin 16.07.2012 18:15
GVU Trojaner 2.07 komplett entfernen? Win 7 64bit
 
Hallo,

ich würde mich sehr über eine Hilfe zum o.g. Problem freuen.

Leider hat mir avast Internet Security 7 (Vollversion) den Trojaner zwar angezeigt, aber nicht verhindert, dass er meinen Bildschirm sperren konnte. Ich habe dann mit Malwarebytes eine Löschung vorgenommen.

Log dazu:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.16.08

Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Lib :: LIB-PC [Administrator]

16.07.2012 18:04:29
mbam-log-2012-07-16 (18-04-29).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 251409
Laufzeit: 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Lib\AppData\Local\Temp\fest0r_ot.exe (Spyware.Zbot.DG) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Lib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Danach noch mal einen vollen Scan:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.16.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Lib :: LIB-PC [Administrator]

16.07.2012 18:33:31
mbam-log-2012-07-16 (18-33-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 544289
Laufzeit: 35 Minute(n), 24 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

OTL kann ich leider nicht starten, da ich den Fehler erhalte, es sei keine zulässige 32bit Anwendung.

Wie muss ich jetzt weiter vorgehen?

Danke schon mal im Voraus.

t'john 16.07.2012 19:10
:hallo:

Lade OTL von hier:
OTL Download - OTL 3.2.53.1 und erstelle das Log wie hier OTL.exe beschrieben.

2ndSkin 16.07.2012 19:36
So. Im Anhang die Logs (hoffentlich alles richtig gemacht). Was muss ich jetzt weiter unternehmen?

t'john 16.07.2012 19:55
Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo.com/search?fr=chr-panda&q={searchTerms}&ei=UTF-8&type=PCAFSI1190
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=244506"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: widgetruntime@surfsecret.com:1.0
FF - prefs.js..extensions.enabledItems: activities@kaply.com:0.7.7
FF - prefs.js..extensions.enabledItems: autopager@mozilla.org:0.6.2.6
FF - prefs.js..extensions.enabledItems: bettergmail2@ginatrapani.org:1.2
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..extensions.enabledItems: extension@virtusdesigns.com:3.6.7
FF - prefs.js..extensions.enabledItems: kosa@kallout.com:2.0.1.1
FF - prefs.js..extensions.enabledItems: max@subfighter.com:1.0.3
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.2.44026
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.8
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.49
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: rein@notiz.jp:3.6.1
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81b1}:2.2
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91
FF - prefs.js..extensions.enabledItems: {239c61a8-e55f-11db-8314-0800200c9a66}:2.1.4
FF - prefs.js..extensions.enabledItems: {35f30c76-35d4-56d9-8dbc-000a6e787ef4}:1.2.2
FF - prefs.js..extensions.enabledItems: {3713a489-0634-4472-8456-dc7abd7eba00}:1.3.1
FF - prefs.js..extensions.enabledItems: {5c876f30-10ce-11dd-bd0b-0800200c9a66}:3.6.7
FF - prefs.js..extensions.enabledItems: {6e00410e-1176-11dc-8314-0800200c9a66}:1.6.2
FF - prefs.js..extensions.enabledItems: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.6.7
FF - prefs.js..extensions.enabledItems: {9998A493-980E-4716-81BC-F0C77001E9B7}:3.13
FF - prefs.js..extensions.enabledItems: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.6.3
FF - prefs.js..keyword.URL: "http://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.http: "212.233.184.189"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
O4 - HKCU..\Run: [KiesHelper] F:\Kies\KiesHelper.exe /s File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O27:64bit: - HKLM IFEO\hirezgamesdiagandsupport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hirezlauncherui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\kies.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pccompanion.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hirezgamesdiagandsupport.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hirezlauncherui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\kies.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pccompanion.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{48d1e49d-5989-11e1-911d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{48d1e49d-5989-11e1-911d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\assetup.exe

@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:0FF263E8

[2012.07.16 18:02:21 | 004,503,728 | ---- | M] () -- C:\ProgramData\to_r0tsef.pad
[2012.07.16 17:23:09 | 004,503,728 | ---- | C] () -- C:\ProgramData\to_r0tsef.pad

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

2ndSkin 16.07.2012 20:14
Falscher Vorgang (edit)

t'john 16.07.2012 20:19
FALSCH!

du hast das MBAM LOG stat des FIX eigegeben!

NOCHMAL: http://www.trojaner-board.de/119655-...tml#post866767

2ndSkin 16.07.2012 20:50
Jetzt startet der Rechner nicht mehr richtig. Das Log wurde noch angezeigt, der Bildschirm bleibt schwarz, aber die Kontrolllampe suggeriert Aktivität....

t'john 16.07.2012 21:03
Hast du nun den Fix ausgefuehrt?

Dort muesste das Logfile sein: C:\_OTL\MovedFiles\

Ggf. im abgesichertem Modus starten.

Dein Browser wurde ueber Rumaenien geleitet
Zitat:
prefs.js..network.proxy.http: "212.233.184.189"
war das absichtlich so eingestellt?

2ndSkin 16.07.2012 21:06
Ja, also gefixed hat er wohl. Wie gesagt, es wurde ein Bericht angezeigt (für ca. 10 Sek.). Ich mache mal ein Hardreset und boote neu.

Mit Rumänien habe ich allerdings nix am Hut und auch keine Ahnung warum das so ist...

t'john 16.07.2012 21:08
Gut,

versuch das Logfile zu finden


danach:

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

2ndSkin 16.07.2012 21:12
Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "foxsearch" removed from browser.search.defaultenginename
Prefs.js: "MyAshampoo Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "foxsearch" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=244506" removed from browser.search.param.yahoo-fr
Prefs.js: "foxsearch" removed from browser.search.selectedEngine
Prefs.js: false removed from browser.search.suggest.enabled
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "about:home" removed from browser.startup.homepage
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: widgetruntime@surfsecret.com:1.0 removed from extensions.enabledItems
Prefs.js: activities@kaply.com:0.7.7 removed from extensions.enabledItems
Prefs.js: autopager@mozilla.org:0.6.2.6 removed from extensions.enabledItems
Prefs.js: bettergmail2@ginatrapani.org:1.2 removed from extensions.enabledItems
Prefs.js: de-DE@dictionaries.addons.mozilla.org:2.0.2 removed from extensions.enabledItems
Prefs.js: DeviceDetection@logitech.com:1.20.0.66 removed from extensions.enabledItems
Prefs.js: extension@virtusdesigns.com:3.6.7 removed from extensions.enabledItems
Prefs.js: kosa@kallout.com:2.0.1.1 removed from extensions.enabledItems
Prefs.js: max@subfighter.com:1.0.3 removed from extensions.enabledItems
Prefs.js: personas@christopher.beard:1.6.2 removed from extensions.enabledItems
Prefs.js: piclens@cooliris.com:1.12.2.44026 removed from extensions.enabledItems
Prefs.js: smarterwiki@wikiatic.com:4.1.8 removed from extensions.enabledItems
Prefs.js: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1 removed from extensions.enabledItems
Prefs.js: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4 removed from extensions.enabledItems
Prefs.js: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7 removed from extensions.enabledItems
Prefs.js: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.14.2 removed from extensions.enabledItems
Prefs.js: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 removed from extensions.enabledItems
Prefs.js: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10 removed from extensions.enabledItems
Prefs.js: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 removed from extensions.enabledItems
Prefs.js: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}:1.0 removed from extensions.enabledItems
Prefs.js: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4 removed from extensions.enabledItems
Prefs.js: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 removed from extensions.enabledItems
Prefs.js: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.49 removed from extensions.enabledItems
Prefs.js: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8 removed from extensions.enabledItems
Prefs.js: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2 removed from extensions.enabledItems
Prefs.js: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2 removed from extensions.enabledItems
Prefs.js: wrc@avast.com:20110101 removed from extensions.enabledItems
Prefs.js: rein@notiz.jp:3.6.1 removed from extensions.enabledItems
Prefs.js: {07b2a769-ed19-4483-87ce-c643914c81b1}:2.2 removed from extensions.enabledItems
Prefs.js: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91 removed from extensions.enabledItems
Prefs.js: {239c61a8-e55f-11db-8314-0800200c9a66}:2.1.4 removed from extensions.enabledItems
Prefs.js: {35f30c76-35d4-56d9-8dbc-000a6e787ef4}:1.2.2 removed from extensions.enabledItems
Prefs.js: {3713a489-0634-4472-8456-dc7abd7eba00}:1.3.1 removed from extensions.enabledItems
Prefs.js: {5c876f30-10ce-11dd-bd0b-0800200c9a66}:3.6.7 removed from extensions.enabledItems
Prefs.js: {6e00410e-1176-11dc-8314-0800200c9a66}:1.6.2 removed from extensions.enabledItems
Prefs.js: {7694c49c-9fbd-11dc-8314-0800200c9a66}:3.6.7 removed from extensions.enabledItems
Prefs.js: {9998A493-980E-4716-81BC-F0C77001E9B7}:3.13 removed from extensions.enabledItems
Prefs.js: {c1dffba0-628e-11d9-9669-0800200c9a66}:3.6.3 removed from extensions.enabledItems
Prefs.js: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" removed from keyword.URL
Prefs.js: "212.233.184.189" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: "localhost, 127.0.0.1, stealthy.co" removed from network.proxy.no_proxies_on
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: 0 removed from network.proxy.type
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
File C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hirezgamesdiagandsupport.exe\ deleted successfully.
C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hirezlauncherui.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kies.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstlink.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstview.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pccompanion.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\ deleted successfully.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hirezgamesdiagandsupport.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hirezlauncherui.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kies.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstlink.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstview.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pccompanion.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\ not found.
File C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48d1e49d-5989-11e1-911d-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48d1e49d-5989-11e1-911d-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48d1e49d-5989-11e1-911d-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48d1e49d-5989-11e1-911d-806e6f6e6963}\ not found.
File D:\Bin\assetup.exe not found.
ADS C:\ProgramData\TEMP:0FF263E8 deleted successfully.
C:\ProgramData\to_r0tsef.pad moved successfully.
File C:\ProgramData\to_r0tsef.pad not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\***\Desktop\cmd.bat deleted successfully.
C:\Users\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 111188 bytes
->Temporary Internet Files folder emptied: 323961 bytes
->Java cache emptied: 0 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 25889766 bytes
->Temporary Internet Files folder emptied: 885138 bytes
->Java cache emptied: 2771705 bytes
->FireFox cache emptied: 61491035 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 567 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1824 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 47770674 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 133,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Default
 
User: Default User
 
User: ***
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.54.0 log created on 07162012_212450
Code:
# AdwCleaner v1.702 - Logfile created 07/16/2012 at 22:13:03
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : *** - ***-PC
# Running from : C:\Users\***\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\Conduit
Folder Found : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\ConduitEngine
Folder Found : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\WinampToolbarData
Folder Found : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
File Found : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\searchplugins\Conduit.xml

***** [Registry] *****

Key Found : HKLM\SOFTWARE\DT Soft
Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
[x64] Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Type***\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[x64] Key Found : HKLM\SOFTWARE\Classes\Type***\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\prefs.js

Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/868510/864310/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874426/870225/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874430/870228/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874431/870229/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874435/870233/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874437/870235/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874438/870236/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874439/870237/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874440/870238/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874441/870239/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874443/870241/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2475029", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481020", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2475029/CT2475029[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2481020/CT2475029[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"6c43e594350b8cbfad8e[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"834ad08fb6b554b5c7e[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"0fd81af39cadfc7507c[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"d6739014f847336d8fa[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"33826f9181124e5a81e[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"141c9c47d8bfd93153e[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"3b537a8dedd7323a76ac6[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"3310b3d566d4bd39f603d[...]
Found : user_pref("CommunityToolbar.EngineOwner", "");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2475029");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "myashampoo");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?fr=panda&[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
Found : user_pref("CommunityToolbar.ToolbarsList2", "");
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jan 27 2011 02:43:20 GMT+0100");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jan 26 2011 23:51:33 GMT+0100");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "439c7628-8e08-47d6-b3ff-b4ee51cf9051");
Found : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100"[...]
Found : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100")[...]
Found : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100")[...]
Found : user_pref("ConduitEngine.FirstServerDate", "01/27/2011 01");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Wed Jan 26 2011 23:51:34 GMT+0100");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Jan 26 2011 23:51:34 GMT+0100");
Found : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Jan 27 2011 16:25:50 GMT+0100");
Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jan 27 2011 16:25:46 GMT+0100");
Found : user_pref("ConduitEngine.UserID", "UN15566717195960056");
Found : user_pref("ConduitEngine.engineLocale", "de");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Jan 26 2011 23:51:34 GMT+0100");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("bettergmail2.enabled.inboxcount", true);
Found : user_pref("bettergmail2.enabled.inboxcountfirst", true);
Found : user_pref("easygestures.customizations.searchQuery1", "hxxp://www.google.de/search?q=%s&ie=UTF-8&hl=[...]
Found : user_pref("easygestures.customizations.searchQuery2", "hxxp://de.wikipedia.org/wiki/Spezial:Search?s[...]
Found : user_pref("easygestures.customizations.searchQuery3", "");
Found : user_pref("easygestures.customizations.searchQuery4", "");
Found : user_pref("easygestures.customizations.searchQuery5", "");
Found : user_pref("easygestures.customizations.searchQuery6", "");
Found : user_pref("easygestures.customizations.translateQuery", "hxxp://info.babylon.com/cgi-bin/info.cgi?ot[...]

-\\ Google Chrome v20.0.1132.57

File : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found :          "name": "Winamp Application Detector",
Found :          "name": "Winamp Application Detector"

-\\ Opera v [Unable to get version]

File : C:\Users\***\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [11946 octets] - [16/07/2012 22:13:03]

########## EOF - C:\AdwCleaner[R1].txt - [12075 octets] ##########

t'john 16.07.2012 21:34
Sehr gut! :daumenhoc

Wie laeuft der Rechner?


  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

2ndSkin 16.07.2012 21:35
So far - so good :abklatsch:

Melde mich gleich noch mal.

Code:
# AdwCleaner v1.702 - Logfile created 07/16/2012 at 22:36:44
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : *** - ***-PC
# Running from : C:\Users\***\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\Conduit
Folder Deleted : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\ConduitEngine
Folder Deleted : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\WinampToolbarData
Folder Deleted : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
File Deleted : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\searchplugins\Conduit.xml

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\DT Soft
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Type***\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\prefs.js

C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fg4op894.default\user.js ... Deleted !

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/868510/864310/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874426/870225/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874430/870228/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874431/870229/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874435/870233/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874437/870235/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874438/870236/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874439/870237/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874440/870238/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874441/870239/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874443/870241/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2475029", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2481020", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2475029/CT2475029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2481020/CT2475029[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"6c43e594350b8cbfad8e[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"834ad08fb6b554b5c7e[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"0fd81af39cadfc7507c[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"d6739014f847336d8fa[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"33826f9181124e5a81e[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"141c9c47d8bfd93153e[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"3b537a8dedd7323a76ac6[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"3310b3d566d4bd39f603d[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2475029");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "myashampoo");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.yahoo.com/search?fr=panda&[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jan 27 2011 02:43:20 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jan 26 2011 23:51:33 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "439c7628-8e08-47d6-b3ff-b4ee51cf9051");
Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100"[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100")[...]
Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Wed Jan 26 2011 23:51:38 GMT+0100")[...]
Deleted : user_pref("ConduitEngine.FirstServerDate", "01/27/2011 01");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Wed Jan 26 2011 23:51:34 GMT+0100");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Jan 26 2011 23:51:34 GMT+0100");
Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Thu Jan 27 2011 16:25:50 GMT+0100");
Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Jan 27 2011 16:25:46 GMT+0100");
Deleted : user_pref("ConduitEngine.UserID", "UN15566717195960056");
Deleted : user_pref("ConduitEngine.engineLocale", "de");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Jan 26 2011 23:51:34 GMT+0100");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("bettergmail2.enabled.inboxcount", true);
Deleted : user_pref("bettergmail2.enabled.inboxcountfirst", true);
Deleted : user_pref("easygestures.customizations.searchQuery1", "hxxp://www.google.de/search?q=%s&ie=UTF-8&hl=[...]
Deleted : user_pref("easygestures.customizations.searchQuery2", "hxxp://de.wikipedia.org/wiki/Spezial:Search?s[...]
Deleted : user_pref("easygestures.customizations.searchQuery3", "");
Deleted : user_pref("easygestures.customizations.searchQuery4", "");
Deleted : user_pref("easygestures.customizations.searchQuery5", "");
Deleted : user_pref("easygestures.customizations.searchQuery6", "");
Deleted : user_pref("easygestures.customizations.translateQuery", "hxxp://info.babylon.com/cgi-bin/info.cgi?ot[...]

-\\ Google Chrome v20.0.1132.57

File : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted :          "name": "Winamp Application Detector",
Deleted :          "name": "Winamp Application Detector"

-\\ Opera v [Unable to get version]

File : C:\Users\***\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12071 octets] - [16/07/2012 22:13:03]
AdwCleaner[S1].txt - [12114 octets] - [16/07/2012 22:36:44]

########## EOF - C:\AdwCleaner[S1].txt - [12243 octets] ##########

t'john 16.07.2012 21:46
Sehr gut! :daumenhoc

zur Kontrolle:

Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

2ndSkin 16.07.2012 22:07
Scan bei 50%. Zwei Funde so weit. Als Laie sage ich mal "unkritisch"...

Code:
Emsisoft Anti-Malware - Version 6.6
Letztes Update: 16.07.2012 22:52:19

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, E:\, F:\, G:\, H:\, I:\, J:\
Archiv Scan: An
ADS Scan: An

Scan Beginn:        16.07.2012 22:52:27

Key: hkey_current_user\software\microsoft\wab        gefunden: Trace.Registry.win32.zbot!E1
E:\Old\Users\Crash\Desktop\arc\files\zergRush        gefunden: Exploit.Linux.Lotoor!E2
F:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe        gefunden: Adware.Win32.Toolbar.Dealio.AMN!E1
H:\Users\Crash\Desktop\arc\files\zergRush        gefunden: Exploit.Linux.Lotoor!E2

Gescannt        730236
Gefunden        4

Scan Ende:        17.07.2012 00:45:26
Scan Zeit:        1:52:59
Was Rumänien angeht: Ich könnte mir vorstellen, dass das mit dem Firefox Addon Stealthy zu tun hat...

t'john 17.07.2012 16:36
OK, lasse die Funde entfernen.


TDSSKiller von Kaspersky
- Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
- Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
- deaktiviere vorübergehend dein AntiVirus-Programm
- Starte die TDSSKiller.exe durch Doppelklick.
- Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
- Bestätige das ggfs. mit Y(es).
- Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
- Poste den Inhalt von C:\TDSSKiller.txt hier in den Thread.
Hier findest Du eine ausführlichere TDSSKiller Anleitung.

2ndSkin 17.07.2012 17:14
Werde ich so machen!
Muss ich jetzt noch mal komplett scannen? Es befinden sich keine Dateien in der Quarantäne...

Kaspersky hat beim Scan nichts gefunden. Also auch kein Reboot und kein Log.

t'john 17.07.2012 19:32
Es gibt immer ein Log

Zitat:
- Poste den Inhalt von C:\TDSSKiller.txt hier in den Thread.

2ndSkin 17.07.2012 19:36
´tschuldigung. Mein Fehler :stirn: Habe ich übersehen...

Code:
20:22:52.0466 6288        TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
20:22:52.0746 6288        ============================================================
20:22:52.0746 6288        Current date / time: 2012/07/17 20:22:52.0746
20:22:52.0746 6288        SystemInfo:
20:22:52.0746 6288       
20:22:52.0746 6288        OS Version: 6.1.7601 ServicePack: 1.0
20:22:52.0746 6288        Product type: Workstation
20:22:52.0746 6288        ComputerName: ***-PC
20:22:52.0746 6288        UserName: ***
20:22:52.0746 6288        Windows directory: C:\Windows
20:22:52.0746 6288        System windows directory: C:\Windows
20:22:52.0746 6288        Running under WOW64
20:22:52.0746 6288        Processor architecture: Intel x64
20:22:52.0746 6288        Number of processors: 4
20:22:52.0746 6288        Page size: 0x1000
20:22:52.0746 6288        Boot type: Normal boot
20:22:52.0746 6288        ============================================================
20:22:52.0887 6288        Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:22:52.0918 6288        Drive \Device\Harddisk1\DR1 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:22:52.0918 6288        Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:22:52.0934 6288        ============================================================
20:22:52.0934 6288        \Device\Harddisk0\DR0:
20:22:52.0934 6288        MBR partitions:
20:22:52.0934 6288        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:22:52.0934 6288        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
20:22:52.0934 6288        \Device\Harddisk1\DR1:
20:22:52.0934 6288        MBR partitions:
20:22:52.0934 6288        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x88B8000
20:22:52.0934 6288        \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x88B8800, BlocksNum 0x186A0000
20:22:52.0934 6288        \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x20F58800, BlocksNum 0xD9E0000
20:22:52.0934 6288        \Device\Harddisk2\DR2:
20:22:52.0934 6288        MBR partitions:
20:22:52.0934 6288        \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A749978
20:22:52.0934 6288        \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3A74A000, BlocksNum 0x30D3800
20:22:52.0934 6288        \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x3D81E000, BlocksNum 0x36EE8000
20:22:52.0934 6288        ============================================================
20:22:52.0934 6288        C: <-> \Device\Harddisk0\DR0\Partition1
20:22:52.0949 6288        E: <-> \Device\Harddisk1\DR1\Partition0
20:22:52.0965 6288        F: <-> \Device\Harddisk1\DR1\Partition1
20:22:53.0012 6288        G: <-> \Device\Harddisk1\DR1\Partition2
20:22:53.0027 6288        H: <-> \Device\Harddisk2\DR2\Partition0
20:22:53.0090 6288        I: <-> \Device\Harddisk2\DR2\Partition1
20:22:53.0308 6288        J: <-> \Device\Harddisk2\DR2\Partition2
20:22:53.0308 6288        ============================================================
20:22:53.0308 6288        Initialize success
20:22:53.0308 6288        ============================================================
20:23:18.0580 5796        ============================================================
20:23:18.0580 5796        Scan started
20:23:18.0580 5796        Mode: Manual;
20:23:18.0580 5796        ============================================================
20:23:18.0892 5796        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:23:18.0908 5796        1394ohci - ok
20:23:18.0908 5796        a2acc          (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
20:23:18.0908 5796        a2acc - ok
20:23:18.0970 5796        a2AntiMalware  (8b75ba256bcada2b73ffa5bd77aa9e6c) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
20:23:18.0970 5796        a2AntiMalware - ok
20:23:18.0986 5796        A2DDA          (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
20:23:18.0986 5796        A2DDA - ok
20:23:19.0001 5796        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:23:19.0001 5796        ACPI - ok
20:23:19.0017 5796        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:23:19.0017 5796        AcpiPmi - ok
20:23:19.0017 5796        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:23:19.0017 5796        AdobeARMservice - ok
20:23:19.0033 5796        AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:23:19.0033 5796        AdobeFlashPlayerUpdateSvc - ok
20:23:19.0048 5796        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:23:19.0048 5796        adp94xx - ok
20:23:19.0064 5796        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:23:19.0064 5796        adpahci - ok
20:23:19.0064 5796        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:23:19.0064 5796        adpu320 - ok
20:23:19.0079 5796        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:23:19.0079 5796        AeLookupSvc - ok
20:23:19.0095 5796        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:23:19.0095 5796        AFD - ok
20:23:19.0095 5796        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:23:19.0095 5796        agp440 - ok
20:23:19.0095 5796        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:23:19.0095 5796        ALG - ok
20:23:19.0095 5796        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:23:19.0095 5796        aliide - ok
20:23:19.0111 5796        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:23:19.0111 5796        amdide - ok
20:23:19.0111 5796        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:23:19.0111 5796        AmdK8 - ok
20:23:19.0111 5796        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:23:19.0111 5796        AmdPPM - ok
20:23:19.0111 5796        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:23:19.0111 5796        amdsata - ok
20:23:19.0126 5796        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:23:19.0126 5796        amdsbs - ok
20:23:19.0126 5796        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:23:19.0126 5796        amdxata - ok
20:23:19.0126 5796        androidusb      (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
20:23:19.0126 5796        androidusb - ok
20:23:19.0126 5796        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:23:19.0126 5796        AppID - ok
20:23:19.0142 5796        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:23:19.0142 5796        AppIDSvc - ok
20:23:19.0142 5796        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:23:19.0142 5796        Appinfo - ok
20:23:19.0142 5796        Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:23:19.0142 5796        Apple Mobile Device - ok
20:23:19.0142 5796        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:23:19.0142 5796        arc - ok
20:23:19.0157 5796        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:23:19.0157 5796        arcsas - ok
20:23:19.0157 5796        ArvoFltr        (6053c47f327c78f7176d2797bbfa8348) C:\Windows\system32\drivers\ArvoFltr.sys
20:23:19.0157 5796        ArvoFltr - ok
20:23:19.0173 5796        asComSvc        (6e3f4538b33bc19259e99be1826286a3) C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
20:23:19.0173 5796        asComSvc - ok
20:23:19.0189 5796        asHmComSvc      (a63173897ea1a73a75d0e65036de5b15) C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
20:23:19.0204 5796        asHmComSvc - ok
20:23:19.0220 5796        AsIO            (fef9dd9ea587f8886ade43c1befbdafe) C:\Windows\syswow64\drivers\AsIO.sys
20:23:19.0220 5796        AsIO - ok
20:23:19.0235 5796        asmthub3        (0aa7a996792fb0287b33a57a8093ae44) C:\Windows\system32\DRIVERS\asmthub3.sys
20:23:19.0235 5796        asmthub3 - ok
20:23:19.0251 5796        asmtxhci        (125dc3abf5bfccfe82ad17d078e0b9ec) C:\Windows\system32\DRIVERS\asmtxhci.sys
20:23:19.0251 5796        asmtxhci - ok
20:23:19.0267 5796        AsSysCtrlService (5c31dfb196cb3a488a041881634d86d2) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
20:23:19.0267 5796        AsSysCtrlService - ok
20:23:19.0282 5796        AsUpIO          (1392b92179b07b672720763d9b1028a5) C:\Windows\syswow64\drivers\AsUpIO.sys
20:23:19.0282 5796        AsUpIO - ok
20:23:19.0298 5796        aswFsBlk        (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
20:23:19.0298 5796        aswFsBlk - ok
20:23:19.0313 5796        aswFW          (f3cfbc0aa2b8bd665a2ccf1ba9e65919) C:\Windows\system32\drivers\aswFW.sys
20:23:19.0313 5796        aswFW - ok
20:23:19.0313 5796        aswKbd          (c42d45089fd2ec63d13571362c258dc6) C:\Windows\system32\drivers\aswKbd.sys
20:23:19.0313 5796        aswKbd - ok
20:23:19.0313 5796        aswMonFlt      (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
20:23:19.0313 5796        aswMonFlt - ok
20:23:19.0313 5796        aswNdis        (518b8d447a1975ab46da093a2e743256) C:\Windows\system32\DRIVERS\aswNdis.sys
20:23:19.0313 5796        aswNdis - ok
20:23:19.0329 5796        aswNdis2        (80a43cef831664c404c73564ccf4b8b1) C:\Windows\system32\drivers\aswNdis2.sys
20:23:19.0329 5796        aswNdis2 - ok
20:23:19.0329 5796        aswRdr          (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
20:23:19.0329 5796        aswRdr - ok
20:23:19.0345 5796        aswSnx          (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
20:23:19.0345 5796        aswSnx - ok
20:23:19.0360 5796        aswSP          (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
20:23:19.0360 5796        aswSP - ok
20:23:19.0360 5796        aswTdi          (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
20:23:19.0360 5796        aswTdi - ok
20:23:19.0360 5796        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:23:19.0376 5796        AsyncMac - ok
20:23:19.0376 5796        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:23:19.0376 5796        atapi - ok
20:23:19.0391 5796        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:23:19.0391 5796        AudioEndpointBuilder - ok
20:23:19.0391 5796        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:23:19.0391 5796        AudioSrv - ok
20:23:19.0469 5796        avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) F:\Tools\Internet\AVAST\AvastSvc.exe
20:23:19.0469 5796        avast! Antivirus - ok
20:23:19.0501 5796        avast! Firewall (465a17095eb3b9e101429b669f495d01) F:\Tools\Internet\AVAST\afwServ.exe
20:23:19.0501 5796        avast! Firewall - ok
20:23:19.0516 5796        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:23:19.0516 5796        AxInstSV - ok
20:23:19.0532 5796        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:23:19.0532 5796        b06bdrv - ok
20:23:19.0532 5796        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:23:19.0532 5796        b57nd60a - ok
20:23:19.0547 5796        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:23:19.0547 5796        BDESVC - ok
20:23:19.0547 5796        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:23:19.0547 5796        Beep - ok
20:23:19.0563 5796        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:23:19.0563 5796        BFE - ok
20:23:19.0594 5796        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:23:19.0594 5796        BITS - ok
20:23:19.0594 5796        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:23:19.0594 5796        blbdrive - ok
20:23:19.0610 5796        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:23:19.0610 5796        Bonjour Service - ok
20:23:19.0625 5796        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:23:19.0625 5796        bowser - ok
20:23:19.0625 5796        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:23:19.0625 5796        BrFiltLo - ok
20:23:19.0625 5796        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:23:19.0625 5796        BrFiltUp - ok
20:23:19.0625 5796        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:23:19.0625 5796        Browser - ok
20:23:19.0641 5796        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:23:19.0641 5796        Brserid - ok
20:23:19.0641 5796        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:23:19.0641 5796        BrSerWdm - ok
20:23:19.0641 5796        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:23:19.0641 5796        BrUsbMdm - ok
20:23:19.0657 5796        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:23:19.0657 5796        BrUsbSer - ok
20:23:19.0657 5796        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:23:19.0657 5796        BTHMODEM - ok
20:23:19.0657 5796        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:23:19.0657 5796        bthserv - ok
20:23:19.0657 5796        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:23:19.0657 5796        cdfs - ok
20:23:19.0672 5796        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:23:19.0672 5796        cdrom - ok
20:23:19.0672 5796        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:23:19.0672 5796        CertPropSvc - ok
20:23:19.0672 5796        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:23:19.0672 5796        circlass - ok
20:23:19.0688 5796        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:23:19.0688 5796        CLFS - ok
20:23:19.0703 5796        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:23:19.0703 5796        clr_optimization_v2.0.50727_32 - ok
20:23:19.0703 5796        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:23:19.0703 5796        clr_optimization_v2.0.50727_64 - ok
20:23:19.0703 5796        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:23:19.0703 5796        clr_optimization_v4.0.30319_32 - ok
20:23:19.0719 5796        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:23:19.0719 5796        clr_optimization_v4.0.30319_64 - ok
20:23:19.0719 5796        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:23:19.0719 5796        CmBatt - ok
20:23:19.0719 5796        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:23:19.0719 5796        cmdide - ok
20:23:19.0735 5796        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
20:23:19.0735 5796        CNG - ok
20:23:19.0735 5796        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:23:19.0735 5796        Compbatt - ok
20:23:19.0735 5796        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:23:19.0735 5796        CompositeBus - ok
20:23:19.0735 5796        COMSysApp - ok
20:23:19.0750 5796        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:23:19.0750 5796        crcdisk - ok
20:23:19.0750 5796        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
20:23:19.0750 5796        CryptSvc - ok
20:23:19.0766 5796        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:23:19.0766 5796        DcomLaunch - ok
20:23:19.0781 5796        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:23:19.0781 5796        defragsvc - ok
20:23:19.0781 5796        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:23:19.0781 5796        DfsC - ok
20:23:19.0797 5796        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:23:19.0797 5796        Dhcp - ok
20:23:19.0797 5796        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:23:19.0797 5796        discache - ok
20:23:19.0797 5796        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:23:19.0797 5796        Disk - ok
20:23:19.0813 5796        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:23:19.0813 5796        Dnscache - ok
20:23:19.0813 5796        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:23:19.0813 5796        dot3svc - ok
20:23:19.0828 5796        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:23:19.0828 5796        DPS - ok
20:23:19.0828 5796        DragonSvc      (75b1cdf212c3f081ad4c93597649c8e9) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
20:23:19.0828 5796        DragonSvc - ok
20:23:19.0844 5796        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:23:19.0844 5796        drmkaud - ok
20:23:19.0859 5796        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:23:19.0859 5796        DXGKrnl - ok
20:23:19.0875 5796        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:23:19.0875 5796        EapHost - ok
20:23:19.0937 5796        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:23:19.0953 5796        ebdrv - ok
20:23:19.0969 5796        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:23:19.0969 5796        EFS - ok
20:23:19.0984 5796        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:23:19.0984 5796        ehRecvr - ok
20:23:20.0000 5796        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:23:20.0000 5796        ehSched - ok
20:23:20.0015 5796        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:23:20.0015 5796        elxstor - ok
20:23:20.0015 5796        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:23:20.0015 5796        ErrDev - ok
20:23:20.0031 5796        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:23:20.0031 5796        EventSystem - ok
20:23:20.0047 5796        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:23:20.0047 5796        exfat - ok
20:23:20.0047 5796        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:23:20.0047 5796        fastfat - ok
20:23:20.0062 5796        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:23:20.0062 5796        Fax - ok
20:23:20.0062 5796        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:23:20.0062 5796        fdc - ok
20:23:20.0078 5796        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:23:20.0078 5796        fdPHost - ok
20:23:20.0078 5796        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:23:20.0078 5796        FDResPub - ok
20:23:20.0078 5796        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:23:20.0078 5796        FileInfo - ok
20:23:20.0078 5796        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:23:20.0078 5796        Filetrace - ok
20:23:20.0078 5796        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:23:20.0078 5796        flpydisk - ok
20:23:20.0093 5796        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:23:20.0093 5796        FltMgr - ok
20:23:20.0125 5796        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:23:20.0125 5796        FontCache - ok
20:23:20.0125 5796        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:23:20.0125 5796        FontCache3.0.0.0 - ok
20:23:20.0140 5796        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:23:20.0140 5796        FsDepends - ok
20:23:20.0140 5796        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:23:20.0140 5796        Fs_Rec - ok
20:23:20.0140 5796        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:23:20.0140 5796        fvevol - ok
20:23:20.0156 5796        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:23:20.0156 5796        gagp30kx - ok
20:23:20.0156 5796        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:23:20.0156 5796        GEARAspiWDM - ok
20:23:20.0156 5796        ggflt          (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
20:23:20.0156 5796        ggflt - ok
20:23:20.0156 5796        ggsemc          (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
20:23:20.0156 5796        ggsemc - ok
20:23:20.0187 5796        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:23:20.0187 5796        gpsvc - ok
20:23:20.0187 5796        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:23:20.0187 5796        gupdate - ok
20:23:20.0187 5796        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:23:20.0187 5796        gupdatem - ok
20:23:20.0203 5796        gusvc          (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:23:20.0203 5796        gusvc - ok
20:23:20.0203 5796        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:23:20.0203 5796        hcw85cir - ok
20:23:20.0218 5796        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:23:20.0218 5796        HdAudAddService - ok
20:23:20.0218 5796        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:23:20.0218 5796        HDAudBus - ok
20:23:20.0218 5796        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:23:20.0218 5796        HidBatt - ok
20:23:20.0234 5796        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:23:20.0234 5796        HidBth - ok
20:23:20.0234 5796        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:23:20.0234 5796        HidIr - ok
20:23:20.0234 5796        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:23:20.0234 5796        hidserv - ok
20:23:20.0234 5796        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
20:23:20.0234 5796        HidUsb - ok
20:23:20.0359 5796        HiPatchService  (189b10a8c06a8e3bfa570f45ef450c13) g:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
20:23:20.0359 5796        HiPatchService - ok
20:23:20.0374 5796        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:23:20.0374 5796        hkmsvc - ok
20:23:20.0374 5796        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:23:20.0374 5796        HomeGroupListener - ok
20:23:20.0390 5796        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:23:20.0390 5796        HomeGroupProvider - ok
20:23:20.0390 5796        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:23:20.0390 5796        HpSAMD - ok
20:23:20.0405 5796        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:23:20.0421 5796        HTTP - ok
20:23:20.0421 5796        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:23:20.0421 5796        hwpolicy - ok
20:23:20.0421 5796        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:23:20.0421 5796        i8042prt - ok
20:23:20.0437 5796        iaStor          (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys
20:23:20.0437 5796        iaStor - ok
20:23:20.0437 5796        IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:23:20.0437 5796        IAStorDataMgrSvc - ok
20:23:20.0452 5796        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:23:20.0452 5796        iaStorV - ok
20:23:20.0483 5796        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:23:20.0483 5796        idsvc - ok
20:23:20.0483 5796        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:23:20.0483 5796        iirsp - ok
20:23:20.0499 5796        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:23:20.0515 5796        IKEEXT - ok
20:23:20.0577 5796        IntcAzAudAddService (c2f868881d48a568b525255f084ef063) C:\Windows\system32\drivers\RTKVHD64.sys
20:23:20.0593 5796        IntcAzAudAddService - ok
20:23:20.0624 5796        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:23:20.0624 5796        intelide - ok
20:23:20.0624 5796        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:23:20.0624 5796        intelppm - ok
20:23:20.0624 5796        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:23:20.0624 5796        IPBusEnum - ok
20:23:20.0624 5796        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:23:20.0639 5796        IpFilterDriver - ok
20:23:20.0639 5796        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:23:20.0655 5796        iphlpsvc - ok
20:23:20.0655 5796        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:23:20.0655 5796        IPMIDRV - ok
20:23:20.0655 5796        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:23:20.0655 5796        IPNAT - ok
20:23:20.0686 5796        iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
20:23:20.0686 5796        iPod Service - ok
20:23:20.0686 5796        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:23:20.0686 5796        IRENUM - ok
20:23:20.0686 5796        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:23:20.0686 5796        isapnp - ok
20:23:20.0702 5796        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:23:20.0702 5796        iScsiPrt - ok
20:23:20.0702 5796        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:23:20.0702 5796        kbdclass - ok
20:23:20.0702 5796        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:23:20.0702 5796        kbdhid - ok
20:23:20.0702 5796        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:23:20.0702 5796        KeyIso - ok
20:23:20.0717 5796        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
20:23:20.0717 5796        KSecDD - ok
20:23:20.0717 5796        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
20:23:20.0717 5796        KSecPkg - ok
20:23:20.0717 5796        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:23:20.0717 5796        ksthunk - ok
20:23:20.0733 5796        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:23:20.0733 5796        KtmRm - ok
20:23:20.0749 5796        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:23:20.0749 5796        LanmanServer - ok
20:23:20.0749 5796        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:23:20.0749 5796        LanmanWorkstation - ok
20:23:20.0749 5796        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:23:20.0764 5796        lltdio - ok
20:23:20.0764 5796        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:23:20.0764 5796        lltdsvc - ok
20:23:20.0764 5796        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:23:20.0780 5796        lmhosts - ok
20:23:20.0780 5796        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:23:20.0780 5796        LSI_FC - ok
20:23:20.0780 5796        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:23:20.0780 5796        LSI_SAS - ok
20:23:20.0795 5796        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:23:20.0795 5796        LSI_SAS2 - ok
20:23:20.0795 5796        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:23:20.0795 5796        LSI_SCSI - ok
20:23:20.0795 5796        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:23:20.0795 5796        luafv - ok
20:23:20.0795 5796        MBAMProtector  (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
20:23:20.0795 5796        MBAMProtector - ok
20:23:20.0905 5796        MBAMService    (43683e970f008c93c9429ef428147a54) f:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:23:20.0905 5796        MBAMService - ok
20:23:20.0905 5796        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:23:20.0920 5796        Mcx2Svc - ok
20:23:20.0920 5796        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:23:20.0920 5796        megasas - ok
20:23:20.0920 5796        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:23:20.0920 5796        MegaSR - ok
20:23:20.0936 5796        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:23:20.0936 5796        MMCSS - ok
20:23:20.0936 5796        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:23:20.0936 5796        Modem - ok
20:23:20.0936 5796        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:23:20.0936 5796        monitor - ok
20:23:20.0936 5796        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:23:20.0936 5796        mouclass - ok
20:23:20.0936 5796        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:23:20.0951 5796        mouhid - ok
20:23:20.0951 5796        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:23:20.0951 5796        mountmgr - ok
20:23:20.0951 5796        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:23:20.0951 5796        MozillaMaintenance - ok
20:23:20.0951 5796        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:23:20.0967 5796        mpio - ok
20:23:20.0967 5796        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:23:20.0967 5796        mpsdrv - ok
20:23:20.0983 5796        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:23:20.0983 5796        MpsSvc - ok
20:23:20.0998 5796        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:23:20.0998 5796        MRxDAV - ok
20:23:20.0998 5796        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:23:20.0998 5796        mrxsmb - ok
20:23:21.0014 5796        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:23:21.0014 5796        mrxsmb10 - ok
20:23:21.0014 5796        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:23:21.0014 5796        mrxsmb20 - ok
20:23:21.0014 5796        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:23:21.0014 5796        msahci - ok
20:23:21.0029 5796        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:23:21.0029 5796        msdsm - ok
20:23:21.0029 5796        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:23:21.0029 5796        MSDTC - ok
20:23:21.0045 5796        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:23:21.0045 5796        Msfs - ok
20:23:21.0045 5796        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:23:21.0045 5796        mshidkmdf - ok
20:23:21.0045 5796        MSICDSetup - ok
20:23:21.0045 5796        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:23:21.0045 5796        msisadrv - ok
20:23:21.0045 5796        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:23:21.0045 5796        MSiSCSI - ok
20:23:21.0061 5796        msiserver - ok
20:23:21.0061 5796        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:23:21.0061 5796        MSKSSRV - ok
20:23:21.0061 5796        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:23:21.0061 5796        MSPCLOCK - ok
20:23:21.0061 5796        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:23:21.0061 5796        MSPQM - ok
20:23:21.0076 5796        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:23:21.0076 5796        MsRPC - ok
20:23:21.0076 5796        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:23:21.0076 5796        mssmbios - ok
20:23:21.0076 5796        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:23:21.0076 5796        MSTEE - ok
20:23:21.0076 5796        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:23:21.0076 5796        MTConfig - ok
20:23:21.0092 5796        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:23:21.0092 5796        Mup - ok
20:23:21.0092 5796        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:23:21.0107 5796        napagent - ok
20:23:21.0107 5796        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:23:21.0107 5796        NativeWifiP - ok
20:23:21.0139 5796        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:23:21.0139 5796        NDIS - ok
20:23:21.0139 5796        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:23:21.0139 5796        NdisCap - ok
20:23:21.0139 5796        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:23:21.0154 5796        NdisTapi - ok
20:23:21.0154 5796        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:23:21.0154 5796        Ndisuio - ok
20:23:21.0154 5796        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:23:21.0154 5796        NdisWan - ok
20:23:21.0154 5796        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:23:21.0170 5796        NDProxy - ok
20:23:21.0170 5796        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:23:21.0170 5796        NetBIOS - ok
20:23:21.0170 5796        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:23:21.0170 5796        NetBT - ok
20:23:21.0170 5796        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:23:21.0185 5796        Netlogon - ok
20:23:21.0185 5796        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:23:21.0185 5796        Netman - ok
20:23:21.0201 5796        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:23:21.0217 5796        netprofm - ok
20:23:21.0248 5796        netr28ux        (8ea8424621a537a57da63473b5d4cee2) C:\Windows\system32\DRIVERS\netr28ux.sys
20:23:21.0248 5796        netr28ux - ok
20:23:21.0263 5796        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:23:21.0263 5796        NetTcpPortSharing - ok
20:23:21.0279 5796        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:23:21.0279 5796        nfrd960 - ok
20:23:21.0295 5796        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:23:21.0295 5796        NlaSvc - ok
20:23:21.0295 5796        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:23:21.0295 5796        Npfs - ok
20:23:21.0295 5796        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:23:21.0295 5796        nsi - ok
20:23:21.0310 5796        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:23:21.0310 5796        nsiproxy - ok
20:23:21.0341 5796        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:23:21.0357 5796        Ntfs - ok
20:23:21.0373 5796        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:23:21.0373 5796        Null - ok
20:23:21.0388 5796        NVHDA          (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
20:23:21.0388 5796        NVHDA - ok
20:23:21.0653 5796        nvlddmkm        (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:23:21.0700 5796        nvlddmkm - ok
20:23:21.0731 5796        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:23:21.0731 5796        nvraid - ok
20:23:21.0731 5796        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:23:21.0731 5796        nvstor - ok
20:23:21.0763 5796        NVSvc          (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
20:23:21.0763 5796        NVSvc - ok
20:23:21.0778 5796        nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:23:21.0794 5796        nvUpdatusService - ok
20:23:21.0809 5796        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:23:21.0809 5796        nv_agp - ok
20:23:21.0809 5796        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:23:21.0825 5796        ohci1394 - ok
20:23:21.0825 5796        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:23:21.0825 5796        p2pimsvc - ok
20:23:21.0841 5796        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:23:21.0841 5796        p2psvc - ok
20:23:21.0856 5796        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:23:21.0856 5796        Parport - ok
20:23:21.0856 5796        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:23:21.0856 5796        partmgr - ok
20:23:21.0856 5796        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:23:21.0856 5796        PcaSvc - ok
20:23:21.0872 5796        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:23:21.0872 5796        pci - ok
20:23:21.0872 5796        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:23:21.0872 5796        pciide - ok
20:23:21.0887 5796        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:23:21.0887 5796        pcmcia - ok
20:23:21.0887 5796        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:23:21.0887 5796        pcw - ok
20:23:21.0903 5796        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:23:21.0903 5796        PEAUTH - ok
20:23:21.0919 5796        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:23:21.0919 5796        PerfHost - ok
20:23:21.0950 5796        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:23:21.0965 5796        pla - ok
20:23:21.0981 5796        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:23:21.0981 5796        PlugPlay - ok
20:23:21.0981 5796        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:23:21.0981 5796        PNRPAutoReg - ok
20:23:21.0997 5796        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:23:21.0997 5796        PNRPsvc - ok
20:23:22.0012 5796        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:23:22.0012 5796        PolicyAgent - ok
20:23:22.0012 5796        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:23:22.0028 5796        Power - ok
20:23:22.0028 5796        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:23:22.0028 5796        PptpMiniport - ok
20:23:22.0028 5796        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:23:22.0028 5796        Processor - ok
20:23:22.0043 5796        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:23:22.0043 5796        ProfSvc - ok
20:23:22.0043 5796        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:23:22.0043 5796        ProtectedStorage - ok
20:23:22.0043 5796        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:23:22.0059 5796        Psched - ok
20:23:22.0059 5796        PSI            (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
20:23:22.0059 5796        PSI - ok
20:23:22.0090 5796        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:23:22.0090 5796        ql2300 - ok
20:23:22.0121 5796        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:23:22.0121 5796        ql40xx - ok
20:23:22.0121 5796        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:23:22.0137 5796        QWAVE - ok
20:23:22.0137 5796        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:23:22.0137 5796        QWAVEdrv - ok
20:23:22.0371 5796        Radio.fx        (b40aa9be30d62b288dbf4aaa83fb2a49) E:\Tobit Radio.fx\Server\rfx-server.exe
20:23:22.0371 5796        Radio.fx - ok
20:23:22.0387 5796        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:23:22.0387 5796        RasAcd - ok
20:23:22.0387 5796        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:23:22.0387 5796        RasAgileVpn - ok
20:23:22.0387 5796        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:23:22.0387 5796        RasAuto - ok
20:23:22.0402 5796        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:23:22.0402 5796        Rasl2tp - ok
20:23:22.0402 5796        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:23:22.0418 5796        RasMan - ok
20:23:22.0418 5796        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:23:22.0418 5796        RasPppoe - ok
20:23:22.0418 5796        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:23:22.0418 5796        RasSstp - ok
20:23:22.0433 5796        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:23:22.0433 5796        rdbss - ok
20:23:22.0433 5796        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:23:22.0433 5796        rdpbus - ok
20:23:22.0433 5796        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:23:22.0433 5796        RDPCDD - ok
20:23:22.0449 5796        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:23:22.0449 5796        RDPENCDD - ok
20:23:22.0449 5796        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:23:22.0449 5796        RDPREFMP - ok
20:23:22.0449 5796        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:23:22.0449 5796        RDPWD - ok
20:23:22.0465 5796        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:23:22.0465 5796        rdyboost - ok
20:23:22.0465 5796        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:23:22.0465 5796        RemoteAccess - ok
20:23:22.0480 5796        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:23:22.0480 5796        RemoteRegistry - ok
20:23:22.0480 5796        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:23:22.0480 5796        RpcEptMapper - ok
20:23:22.0480 5796        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:23:22.0480 5796        RpcLocator - ok
20:23:22.0496 5796        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:23:22.0511 5796        RpcSs - ok
20:23:22.0511 5796        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:23:22.0511 5796        rspndr - ok
20:23:22.0527 5796        RTL8167        (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:23:22.0527 5796        RTL8167 - ok
20:23:22.0527 5796        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:23:22.0527 5796        SamSs - ok
20:23:22.0527 5796        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:23:22.0527 5796        sbp2port - ok
20:23:22.0543 5796        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:23:22.0543 5796        SCardSvr - ok
20:23:22.0543 5796        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:23:22.0543 5796        scfilter - ok
20:23:22.0574 5796        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:23:22.0574 5796        Schedule - ok
20:23:22.0574 5796        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:23:22.0589 5796        SCPolicySvc - ok
20:23:22.0589 5796        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:23:22.0589 5796        SDRSVC - ok
20:23:22.0589 5796        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:23:22.0589 5796        secdrv - ok
20:23:22.0605 5796        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:23:22.0605 5796        seclogon - ok
20:23:22.0621 5796        Secunia PSI Agent (f70a51eb03ee7046784ef62efce9528e) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
20:23:22.0636 5796        Secunia PSI Agent - ok
20:23:22.0652 5796        Secunia Update Agent (ad56ceb08eeb517332355fde9e5939c8) C:\Program Files (x86)\Secunia\PSI\sua.exe
20:23:22.0652 5796        Secunia Update Agent - ok
20:23:22.0667 5796        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:23:22.0667 5796        SENS - ok
20:23:22.0667 5796        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:23:22.0683 5796        SensrSvc - ok
20:23:22.0683 5796        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:23:22.0683 5796        Serenum - ok
20:23:22.0683 5796        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:23:22.0683 5796        Serial - ok
20:23:22.0683 5796        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:23:22.0683 5796        sermouse - ok
20:23:22.0699 5796        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:23:22.0699 5796        SessionEnv - ok
20:23:22.0699 5796        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:23:22.0699 5796        sffdisk - ok
20:23:22.0699 5796        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:23:22.0699 5796        sffp_mmc - ok
20:23:22.0714 5796        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:23:22.0714 5796        sffp_sd - ok
20:23:22.0714 5796        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:23:22.0714 5796        sfloppy - ok
20:23:22.0714 5796        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:23:22.0714 5796        SharedAccess - ok
20:23:22.0730 5796        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:23:22.0730 5796        ShellHWDetection - ok
20:23:22.0745 5796        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:23:22.0745 5796        SiSRaid2 - ok
20:23:22.0745 5796        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:23:22.0745 5796        SiSRaid4 - ok
20:23:22.0745 5796        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:23:22.0745 5796        Smb - ok
20:23:22.0761 5796        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:23:22.0761 5796        SNMPTRAP - ok
20:23:22.0761 5796        Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
20:23:22.0761 5796        Sony PC Companion - ok
20:23:22.0761 5796        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:23:22.0761 5796        spldr - ok
20:23:22.0777 5796        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:23:22.0792 5796        Spooler - ok
20:23:22.0870 5796        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:23:22.0886 5796        sppsvc - ok
20:23:22.0901 5796        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:23:22.0917 5796        sppuinotify - ok
20:23:22.0933 5796        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:23:22.0933 5796        srv - ok
20:23:22.0933 5796        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:23:22.0948 5796        srv2 - ok
20:23:22.0948 5796        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:23:22.0948 5796        srvnet - ok
20:23:22.0948 5796        ssadbus        (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
20:23:22.0948 5796        ssadbus - ok
20:23:22.0964 5796        ssadmdfl        (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:23:22.0964 5796        ssadmdfl - ok
20:23:22.0964 5796        ssadmdm        (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
20:23:22.0964 5796        ssadmdm - ok
20:23:22.0964 5796        ssadserd        (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
20:23:22.0964 5796        ssadserd - ok
20:23:22.0979 5796        sscdbus        (ed161b91fdf7eaa39469d72d463d5f4e) C:\Windows\system32\DRIVERS\sscdbus.sys
20:23:22.0979 5796        sscdbus - ok
20:23:22.0979 5796        sscdmdfl        (4cb09e77593dbd8d7af33b37375ca715) C:\Windows\system32\DRIVERS\sscdmdfl.sys
20:23:22.0979 5796        sscdmdfl - ok
20:23:22.0979 5796        sscdmdm        (c7b4cf53497a6e5363f3439427663882) C:\Windows\system32\DRIVERS\sscdmdm.sys
20:23:22.0979 5796        sscdmdm - ok
20:23:22.0995 5796        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:23:22.0995 5796        SSDPSRV - ok
20:23:22.0995 5796        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:23:22.0995 5796        SstpSvc - ok
20:23:23.0011 5796        Steam Client Service - ok
20:23:23.0011 5796        Stereo Service  (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:23:23.0011 5796        Stereo Service - ok
20:23:23.0026 5796        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:23:23.0026 5796        stexstor - ok
20:23:23.0042 5796        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:23:23.0042 5796        stisvc - ok
20:23:23.0042 5796        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:23:23.0042 5796        swenum - ok
20:23:23.0057 5796        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:23:23.0057 5796        swprv - ok
20:23:23.0104 5796        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:23:23.0120 5796        SysMain - ok
20:23:23.0135 5796        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:23:23.0135 5796        TabletInputService - ok
20:23:23.0151 5796        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:23:23.0151 5796        TapiSrv - ok
20:23:23.0151 5796        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:23:23.0151 5796        TBS - ok
20:23:23.0198 5796        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:23:23.0198 5796        Tcpip - ok
20:23:23.0260 5796        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:23:23.0260 5796        TCPIP6 - ok
20:23:23.0276 5796        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:23:23.0291 5796        tcpipreg - ok
20:23:23.0291 5796        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:23:23.0291 5796        TDPIPE - ok
20:23:23.0291 5796        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:23:23.0291 5796        TDTCP - ok
20:23:23.0291 5796        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:23:23.0291 5796        tdx - ok
20:23:23.0307 5796        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:23:23.0307 5796        TermDD - ok
20:23:23.0323 5796        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:23:23.0323 5796        TermService - ok
20:23:23.0323 5796        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:23:23.0323 5796        Themes - ok
20:23:23.0338 5796        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:23:23.0338 5796        THREADORDER - ok
20:23:23.0385 5796        TomTomHOMEService (e9ca6ed72ea9f56bd6e98c7042092a1c) E:\Tom\TomTom HOME 2\TomTomHOMEService.exe
20:23:23.0385 5796        TomTomHOMEService - ok
20:23:23.0385 5796        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:23:23.0401 5796        TrkWks - ok
20:23:23.0401 5796        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:23:23.0401 5796        TrustedInstaller - ok
20:23:23.0401 5796        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:23:23.0401 5796        tssecsrv - ok
20:23:23.0416 5796        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:23:23.0416 5796        TsUsbFlt - ok
20:23:23.0447 5796        TuneUp.UtilitiesSvc (811a229718c85356bc81eb20f35eb7f6) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
20:23:23.0463 5796        TuneUp.UtilitiesSvc - ok
20:23:23.0463 5796        TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
20:23:23.0463 5796        TuneUpUtilitiesDrv - ok
20:23:23.0494 5796        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:23:23.0494 5796        tunnel - ok
20:23:23.0494 5796        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:23:23.0494 5796        uagp35 - ok
20:23:23.0510 5796        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:23:23.0510 5796        udfs - ok
20:23:23.0510 5796        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:23:23.0510 5796        UI0Detect - ok
20:23:23.0510 5796        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:23:23.0510 5796        uliagpkx - ok
20:23:23.0525 5796        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:23:23.0525 5796        umbus - ok
20:23:23.0525 5796        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:23:23.0525 5796        UmPass - ok
20:23:23.0541 5796        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:23:23.0541 5796        upnphost - ok
20:23:23.0541 5796        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:23:23.0541 5796        usbccgp - ok
20:23:23.0541 5796        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:23:23.0557 5796        usbcir - ok
20:23:23.0557 5796        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:23:23.0557 5796        usbehci - ok
20:23:23.0557 5796        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:23:23.0557 5796        usbhub - ok
20:23:23.0572 5796        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:23:23.0572 5796        usbohci - ok
20:23:23.0572 5796        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:23:23.0572 5796        usbprint - ok
20:23:23.0572 5796        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:23:23.0572 5796        USBSTOR - ok
20:23:23.0572 5796        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:23:23.0572 5796        usbuhci - ok
20:23:23.0588 5796        usb_rndisx      (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
20:23:23.0588 5796        usb_rndisx - ok
20:23:23.0588 5796        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:23:23.0588 5796        UxSms - ok
20:23:23.0588 5796        UxTuneUp        (5bf180f7f7c2f68ed6d5777840270bce) C:\Windows\System32\uxtuneup.dll
20:23:23.0588 5796        UxTuneUp - ok
20:23:23.0603 5796        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:23:23.0603 5796        VaultSvc - ok
20:23:23.0603 5796        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:23:23.0603 5796        vdrvroot - ok
20:23:23.0619 5796        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:23:23.0619 5796        vds - ok
20:23:23.0619 5796        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:23:23.0619 5796        vga - ok
20:23:23.0619 5796        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:23:23.0619 5796        VgaSave - ok
20:23:23.0635 5796        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:23:23.0635 5796        vhdmp - ok
20:23:23.0635 5796        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:23:23.0635 5796        viaide - ok
20:23:23.0635 5796        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:23:23.0635 5796        volmgr - ok
20:23:23.0650 5796        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:23:23.0650 5796        volmgrx - ok
20:23:23.0666 5796        volsnap        (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
20:23:23.0666 5796        volsnap - ok
20:23:23.0666 5796        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:23:23.0666 5796        vsmraid - ok
20:23:23.0713 5796        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:23:23.0713 5796        VSS - ok
20:23:23.0728 5796        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:23:23.0728 5796        vwifibus - ok
20:23:23.0744 5796        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:23:23.0744 5796        vwififlt - ok
20:23:23.0744 5796        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:23:23.0759 5796        W32Time - ok
20:23:23.0759 5796        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:23:23.0759 5796        WacomPen - ok
20:23:23.0759 5796        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:23:23.0759 5796        WANARP - ok
20:23:23.0759 5796        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:23:23.0759 5796        Wanarpv6 - ok
20:23:23.0791 5796        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:23:23.0806 5796        wbengine - ok
20:23:23.0822 5796        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:23:23.0837 5796        WbioSrvc - ok
20:23:23.0837 5796        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:23:23.0837 5796        wcncsvc - ok
20:23:23.0853 5796        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:23:23.0853 5796        WcsPlugInService - ok
20:23:23.0853 5796        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:23:23.0853 5796        Wd - ok
20:23:23.0869 5796        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:23:23.0869 5796        Wdf01000 - ok
20:23:23.0884 5796        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:23:23.0884 5796        WdiServiceHost - ok
20:23:23.0884 5796        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:23:23.0884 5796        WdiSystemHost - ok
20:23:23.0900 5796        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:23:23.0900 5796        WebClient - ok
20:23:23.0900 5796        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:23:23.0915 5796        Wecsvc - ok
20:23:23.0915 5796        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:23:23.0915 5796        wercplsupport - ok
20:23:23.0915 5796        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:23:23.0915 5796        WerSvc - ok
20:23:23.0931 5796        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:23:23.0931 5796        WfpLwf - ok
20:23:23.0931 5796        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:23:23.0931 5796        WIMMount - ok
20:23:23.0931 5796        WinDefend - ok
20:23:23.0931 5796        WinHttpAutoProxySvc - ok
20:23:23.0947 5796        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:23:23.0947 5796        Winmgmt - ok
20:23:23.0993 5796        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:23:24.0009 5796        WinRM - ok
20:23:24.0025 5796        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:23:24.0025 5796        WinUsb - ok
20:23:24.0056 5796        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:23:24.0056 5796        Wlansvc - ok
20:23:24.0056 5796        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:23:24.0056 5796        WmiAcpi - ok
20:23:24.0071 5796        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:23:24.0071 5796        wmiApSrv - ok
20:23:24.0071 5796        WMPNetworkSvc - ok
20:23:24.0071 5796        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:23:24.0071 5796        WPCSvc - ok
20:23:24.0087 5796        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:23:24.0087 5796        WPDBusEnum - ok
20:23:24.0087 5796        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:23:24.0087 5796        ws2ifsl - ok
20:23:24.0087 5796        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:23:24.0103 5796        wscsvc - ok
20:23:24.0103 5796        WSearch - ok
20:23:24.0149 5796        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:23:24.0149 5796        wuauserv - ok
20:23:24.0181 5796        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:23:24.0181 5796        WudfPf - ok
20:23:24.0181 5796        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:23:24.0181 5796        WUDFRd - ok
20:23:24.0196 5796        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:23:24.0196 5796        wudfsvc - ok
20:23:24.0196 5796        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:23:24.0212 5796        WwanSvc - ok
20:23:24.0212 5796        xusb21          (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
20:23:24.0212 5796        xusb21 - ok
20:23:24.0212 5796        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:23:24.0274 5796        \Device\Harddisk0\DR0 - ok
20:23:24.0290 5796        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
20:23:24.0352 5796        \Device\Harddisk1\DR1 - ok
20:23:24.0352 5796        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
20:23:24.0399 5796        \Device\Harddisk2\DR2 - ok
20:23:24.0399 5796        Boot (0x1200)  (2cd688033a15c496dfd915757a45d467) \Device\Harddisk0\DR0\Partition0
20:23:24.0399 5796        \Device\Harddisk0\DR0\Partition0 - ok
20:23:24.0399 5796        Boot (0x1200)  (78cb68dc44c1050da8b297c63c4bd557) \Device\Harddisk0\DR0\Partition1
20:23:24.0399 5796        \Device\Harddisk0\DR0\Partition1 - ok
20:23:24.0415 5796        Boot (0x1200)  (f6586b70b897909ae7f06ee64f102f76) \Device\Harddisk1\DR1\Partition0
20:23:24.0415 5796        \Device\Harddisk1\DR1\Partition0 - ok
20:23:24.0415 5796        Boot (0x1200)  (0cdc909d008228143b0c125a28e9695e) \Device\Harddisk1\DR1\Partition1
20:23:24.0415 5796        \Device\Harddisk1\DR1\Partition1 - ok
20:23:24.0430 5796        Boot (0x1200)  (200a877fea0fd5f5f0d2db58d268fa21) \Device\Harddisk1\DR1\Partition2
20:23:24.0430 5796        \Device\Harddisk1\DR1\Partition2 - ok
20:23:24.0446 5796        Boot (0x1200)  (a54e002d8ccd9e8ab3b230f71d70d9c1) \Device\Harddisk2\DR2\Partition0
20:23:24.0446 5796        \Device\Harddisk2\DR2\Partition0 - ok
20:23:24.0446 5796        Boot (0x1200)  (7d5cbd54740dedb2a8e5b8e2e8f80484) \Device\Harddisk2\DR2\Partition1
20:23:24.0461 5796        \Device\Harddisk2\DR2\Partition1 - ok
20:23:24.0461 5796        Boot (0x1200)  (f04e10b237c61ee22fb2cf22f2f85c44) \Device\Harddisk2\DR2\Partition2
20:23:24.0477 5796        \Device\Harddisk2\DR2\Partition2 - ok
20:23:24.0477 5796        ============================================================
20:23:24.0477 5796        Scan finished
20:23:24.0477 5796        ============================================================
20:23:24.0477 5260        Detected object count: 0
20:23:24.0477 5260        Actual detected object count: 0
20:26:54.0264 6388        Deinitialize success

t'john 17.07.2012 20:01
Sehr gut! :daumenhoc

damit bist Du sauber und entlassen! :)


Deinstalliere:
Emsisoft Anti-Malware


Tool-Bereinigung mit OTL


Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.


Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html

2ndSkin 17.07.2012 20:06
Ich danke dir für die Ruhe und Geduld beim Helfen!
So bin ich dann um eine Neuinstallation herum gekommen!?

Ich hoffe, dass ich mal bei irgendwas helfen kann.
Vielen Dank.


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:32 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131