| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: AKM Virus blockt den gesamten PCWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.07.2012, 19:53
| #16 |
 |  AKM Virus blockt den gesamten PC sorry, aber der post ist überbei  trotzdem nochmalOTL Logfile: Code:
ATTFilter OTL logfile created on: 7/3/2012 9:33:01 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445.76 Gb Total Space | 27.87 Gb Free Space | 6.25% Space Free | Partition Type: NTFS
Drive D: | 19.99 Gb Total Space | 10.15 Gb Free Space | 50.76% Space Free | Partition Type: FAT32
Drive H: | 3.76 Gb Total Space | 3.76 Gb Free Space | 99.99% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Win32 Services (SafeList) ==========
SRV - [2012/06/16 11:00:18 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 10:35:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/05/03 10:33:56 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/02/29 03:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/25 09:47:58 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/10 05:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 05:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/02/10 00:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/09 15:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/11/18 09:13:54 | 001,510,720 | ---- | M] (TuneUp Software) [Auto] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/10/29 06:54:36 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand] -- C:\Program Files\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2010/02/11 22:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/08/16 09:01:16 | 000,222,968 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/03/12 13:12:12 | 000,069,120 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2008/01/18 18:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/19 12:42:38 | 000,290,909 | ---- | M] () [Auto] -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe -- (TVECapSvc) TVEnhance Background Capture Service (TBCS)
SRV - [2007/10/19 12:42:38 | 000,114,779 | ---- | M] () [Auto] -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe -- (TVESched) TVEnhance Task Scheduler (TTS))
SRV - [2007/10/08 18:19:22 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/06/27 05:18:08 | 000,223,448 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) Intel(R)
SRV - [2007/06/27 05:17:26 | 000,272,600 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe -- (QualityManager) Intel(R)
SRV - [2007/06/27 05:17:12 | 000,446,680 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) Intel(R)
SRV - [2007/06/27 05:16:02 | 000,157,912 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) Intel(R)
SRV - [2007/06/27 05:15:28 | 000,039,640 | ---- | M] (Intel(R) Corporation) [On_Demand] -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe -- (DHTRACE) Intel(R)
SRV - [2007/06/27 05:15:14 | 000,059,096 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM) Intel(R)
SRV - [2007/06/27 05:14:46 | 000,317,656 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe -- (NMSCore) Intel(R)
SRV - [2007/06/27 05:13:56 | 000,268,504 | ---- | M] () [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) Intel(R) Viiv(TM)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/05/17 17:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2007/02/12 06:46:34 | 000,208,896 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2005/11/17 09:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\Hofer Foto Service\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2001/11/12 07:31:48 | 000,020,480 | ---- | M] (X10) [Auto] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (kbeepm)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (esgiguard)
DRV - [2012/02/10 00:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/01/17 08:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012/01/14 14:15:18 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2011/11/08 16:25:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/04/14 10:57:51 | 000,233,024 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010/07/29 21:32:44 | 001,255,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ksaud.sys -- (ksaud)
DRV - [2010/03/03 10:08:13 | 000,165,376 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/03/03 10:07:36 | 000,018,048 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/10/02 07:53:46 | 000,158,344 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV - [2009/09/04 07:48:39 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\ACEDRV08.sys -- (ACEDRV08)
DRV - [2009/05/11 04:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/07/08 06:21:11 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto] -- C:\Windows\System32\SVKP.sys -- (SVKP)
DRV - [2008/03/29 07:21:23 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008/01/08 03:17:08 | 001,302,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2007/10/29 08:48:42 | 000,005,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2007/09/21 04:38:22 | 000,554,496 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007/06/29 08:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/06/27 05:17:46 | 000,014,552 | ---- | M] () [File_System | On_Demand] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2007/06/19 05:37:58 | 000,229,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/04/10 17:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2007/02/18 15:34:50 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2007/02/08 13:44:43 | 000,083,320 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006/11/30 09:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006/11/23 13:20:06 | 000,018,432 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand] -- C:\Windows\System32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2006/11/17 04:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/07/05 08:39:29 | 000,059,256 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/06/14 10:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/11/22 09:04:42 | 008,719,104 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Administrator_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\Administrator_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Administrator_ON_C\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - File not found
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\bupi_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\bupi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKU\bupi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.telekom.at
IE - HKU\bupi_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\bupi_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\bupi_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\bupi_ON_C\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - File not found
IE - HKU\bupi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\bupi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\IUSR_NMPR_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\IUSR_NMPR_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\IUSR_NMPR_ON_C\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - File not found
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.telekom.at
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\UpdatusUser_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\UpdatusUser_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\UpdatusUser_ON_C\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} - File not found
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc;version=0.8.6f: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\bupi\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/16 11:00:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/12 09:33:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\bupi\Program Files\DNA [2011/11/20 07:23:05 | 000,000,000 | ---D | M]
[2008/07/21 06:51:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bupi\AppData\Roaming\Mozilla\Extensions
[2012/05/30 09:31:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions
[2012/05/30 09:31:23 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010/10/03 19:05:34 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009/04/28 14:19:28 | 000,000,000 | ---D | M] (myBabylon English Toolbar) -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
[2009/01/27 17:46:05 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012/03/27 09:55:29 | 000,000,933 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\11-suche.xml
[2011/02/21 12:56:59 | 000,000,873 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\conduit.xml
[2012/03/27 09:55:29 | 000,002,419 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\englische-ergebnisse.xml
[2012/05/01 10:35:45 | 000,010,534 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\gmx-suche-sterreich.xml
[2012/03/27 09:55:29 | 000,010,525 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\gmx-suche.xml
[2012/06/20 12:57:41 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-1.xml
[2010/12/18 17:51:00 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-10.xml
[2011/02/21 14:04:09 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-11.xml
[2011/04/06 07:47:07 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-12.xml
[2011/05/05 18:07:35 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-13.xml
[2011/06/26 08:40:23 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-14.xml
[2011/08/13 05:25:57 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-15.xml
[2010/01/06 16:43:53 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-2.xml
[2010/03/03 10:27:29 | 000,000,961 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-3.xml
[2010/03/31 17:32:05 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-4.xml
[2010/04/03 08:37:33 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-5.xml
[2010/09/06 17:19:30 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-6.xml
[2010/09/18 06:47:45 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-7.xml
[2010/10/28 18:27:26 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-8.xml
[2010/10/31 15:03:28 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-9.xml
[2009/10/14 13:13:26 | 000,000,944 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin.xml
[2012/03/27 09:55:29 | 000,002,457 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\lastminute.xml
[2009/05/27 11:07:31 | 000,001,632 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\live-search.xml
[2012/03/27 09:55:29 | 000,005,508 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\webde-suche.xml
[2012/03/10 14:06:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/09 15:47:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012/03/10 14:06:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) --
() (No name found) -- C:\USERS\BUPI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9AEO6D2A.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BUPI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9AEO6D2A.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2012/06/16 11:00:19 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/01/07 20:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2010/09/27 09:03:39 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2003/12/19 06:58:34 | 000,057,344 | ---- | M] (Playnet Inc.) -- C:\Program Files\mozilla firefox\plugins\NPplaynet.dll
[2012/06/11 05:13:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/06/11 05:13:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/11 05:13:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/06/11 05:13:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/11 05:13:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/06/11 05:13:12 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} - File not found
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - File not found
O3 - HKU\bupi_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\bupi_ON_C\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - File not found
O3 - HKU\IUSR_NMPR_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\IUSR_NMPR_ON_C\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - File not found
O3 - HKU\UpdatusUser_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\UpdatusUser_ON_C\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} - File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\System32\SBAVMon.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [toolbar_eula_launcher] File not found
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKLM..\Run: [TVEService] C:\Program Files\HomeCinema\TV Enhance\TVEService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\Run: [{9B338E1F-26D8-3356-2B12-4DA1683823F3}] File not found
O4 - HKU\Administrator_ON_C..\Run: [{E1C80263-F055-11DC-B0CA-806E6F6E6963}] File not found
O4 - HKU\Administrator_ON_C..\Run: [4E3E0230AEBB4E96] File not found
O4 - HKU\Administrator_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\Administrator_ON_C..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\Administrator_ON_C..\Run: [NVIDIA driver monitor] File not found
O4 - HKU\Administrator_ON_C..\Run: [OnlineFestplatte] C:\Program Files\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\Administrator_ON_C..\Run: [RGSC] File not found
O4 - HKU\Administrator_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\Administrator_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\bupi_ON_C..\Run: [{9B338E1F-26D8-3356-2B12-4DA1683823F3}] File not found
O4 - HKU\bupi_ON_C..\Run: [{E1C80263-F055-11DC-B0CA-806E6F6E6963}] C:\Users\bupi\AppData\Roaming\Microsoft\torrent.exe ()
O4 - HKU\bupi_ON_C..\Run: [4E3E0230AEBB4E96] File not found
O4 - HKU\bupi_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\bupi_ON_C..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\bupi_ON_C..\Run: [NVIDIA driver monitor] File not found
O4 - HKU\bupi_ON_C..\Run: [OnlineFestplatte] C:\Program Files\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\bupi_ON_C..\Run: [RGSC] File not found
O4 - HKU\bupi_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [{9B338E1F-26D8-3356-2B12-4DA1683823F3}] File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [{E1C80263-F055-11DC-B0CA-806E6F6E6963}] File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [4E3E0230AEBB4E96] File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [NVIDIA driver monitor] File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [OnlineFestplatte] C:\Program Files\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [RGSC] File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [{9B338E1F-26D8-3356-2B12-4DA1683823F3}] File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [{E1C80263-F055-11DC-B0CA-806E6F6E6963}] File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [4E3E0230AEBB4E96] File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\UpdatusUser_ON_C..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\UpdatusUser_ON_C..\Run: [NVIDIA driver monitor] File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [OnlineFestplatte] C:\Program Files\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\UpdatusUser_ON_C..\Run: [RGSC] File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\RunOnce: [CTAutoUpdate] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd)
O4 - HKU\Administrator_ON_C..\RunOnce: [InetReg] C:\Program Files\Creative\Produktregistrierung\German\InetReg.exe (Creative Technology Ltd)
O4 - HKU\bupi_ON_C..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11e_Plugin.exe (Adobe Systems, Inc.)
O4 - HKU\IUSR_NMPR_ON_C..\RunOnce: [CTAutoUpdate] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd)
O4 - HKU\IUSR_NMPR_ON_C..\RunOnce: [InetReg] C:\Program Files\Creative\Produktregistrierung\German\InetReg.exe (Creative Technology Ltd)
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [CTAutoUpdate] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd)
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [InetReg] C:\Program Files\Creative\Produktregistrierung\German\InetReg.exe (Creative Technology Ltd)
O4 - Startup: C:\Users\bupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = File not found
O4 - Startup: C:\Users\bupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\IUSR_NMPR_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Users\bupi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\bupi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (C:\Users\bupi\AppData\Local\Temp\wpbt0.dll) - C:\Users\bupi\AppData\Local\Temp\wpbt0.dll ()
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O31 - SafeBoot: AlternateShell - C:\Users\bupi\AppData\Local\Temp\wpbt0.dll
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{07656abd-6504-11e0-96e4-001d9223a406}\Shell - "" = AutoRun
O33 - MountPoints2\{07656abd-6504-11e0-96e4-001d9223a406}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{184a6769-3771-11e0-a241-001d9223a406}\Shell\AutoRun\command - "" = L:\setup.exe
O33 - MountPoints2\{eb7a6596-f2fd-11de-8a11-001d9223a406}\Shell - "" = AutoRun
O33 - MountPoints2\{eb7a6596-f2fd-11de-8a11-001d9223a406}\Shell\AutoRun\command - "" = "K:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/06/24 08:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\CRS
[2012/06/23 09:13:52 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2012/06/22 03:00:44 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/22 03:00:44 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/22 03:00:14 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/22 03:00:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/06/14 15:50:06 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/14 15:50:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/14 15:50:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/14 15:50:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2012/06/14 15:50:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/14 15:50:02 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/14 15:50:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/14 15:50:01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/13 11:36:47 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2008/07/06 16:20:42 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll
[2008/07/06 16:20:42 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2008/07/06 16:20:42 | 000,053,248 | ---- | C] ( ) -- C:\Windows\vsnpstd3.dll
[2008/07/06 16:20:42 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/03 18:09:31 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 18:09:31 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 18:09:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/03 18:09:26 | 3217,223,680 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/03 14:09:39 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/26 16:19:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/26 15:30:05 | 000,028,603 | ---- | M] () -- C:\Users\bupi\Desktop\post.jpg
[2012/06/24 23:46:09 | 000,205,075 | ---- | M] () -- C:\Users\bupi\Desktop\4586013_460s.jpg
[2012/06/23 22:44:40 | 000,297,663 | ---- | M] () -- C:\Users\bupi\Desktop\4578955_460s.jpg
[2012/06/23 11:12:57 | 000,281,152 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012/06/23 09:34:32 | 000,000,054 | ---- | M] () -- C:\Users\bupi\Desktop\OpenDocument Text (neu).odt
[2012/06/23 09:14:02 | 000,000,991 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/23 04:45:04 | 000,049,730 | ---- | M] () -- C:\Users\bupi\Desktop\4564372_460s.jpg
[2012/06/21 18:28:28 | 001,348,495 | ---- | M] () -- C:\Users\bupi\Desktop\4554500_460s.jpg
[2012/06/21 07:27:13 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2012/06/18 16:33:18 | 000,138,992 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/06/18 16:33:08 | 000,281,152 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012/06/15 09:08:51 | 000,403,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/14 15:41:59 | 000,016,180 | ---- | M] () -- C:\Users\bupi\AppData\Local\d3d9caps.dat
[2012/06/11 06:39:48 | 000,029,523 | ---- | M] () -- C:\Users\bupi\Desktop\4440614_460s.jpg
[2012/06/10 11:34:26 | 000,753,515 | ---- | M] () -- C:\Users\bupi\Desktop\4423594_460s.jpg
[2012/06/10 11:22:26 | 000,046,699 | ---- | M] () -- C:\Users\bupi\Desktop\4436006_460s.jpg
[2012/06/05 19:23:01 | 000,592,308 | ---- | M] () -- C:\Users\bupi\Desktop\4166056_460s_v1.jpg
[2012/06/05 17:21:28 | 000,557,857 | ---- | M] () -- C:\Users\bupi\Desktop\4379025_460s.jpg
[2012/06/05 17:16:47 | 000,179,231 | ---- | M] () -- C:\Users\bupi\Desktop\4381123_460s.jpg
[2012/06/05 17:11:52 | 000,038,795 | ---- | M] () -- C:\Users\bupi\Desktop\4383590_460s.jpg
[2012/06/04 08:23:04 | 000,334,354 | ---- | M] () -- C:\Users\bupi\Desktop\DSC00823.JPG
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/02 07:59:46 | 3217,223,680 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/26 15:30:04 | 000,028,603 | ---- | C] () -- C:\Users\bupi\Desktop\post.jpg
[2012/06/24 23:46:09 | 000,205,075 | ---- | C] () -- C:\Users\bupi\Desktop\4586013_460s.jpg
[2012/06/23 22:44:40 | 000,297,663 | ---- | C] () -- C:\Users\bupi\Desktop\4578955_460s.jpg
[2012/06/23 09:32:42 | 000,000,054 | ---- | C] () -- C:\Users\bupi\Desktop\OpenDocument Text (neu).odt
[2012/06/23 04:45:04 | 000,049,730 | ---- | C] () -- C:\Users\bupi\Desktop\4564372_460s.jpg
[2012/06/21 18:28:28 | 001,348,495 | ---- | C] () -- C:\Users\bupi\Desktop\4554500_460s.jpg
[2012/06/11 06:39:48 | 000,029,523 | ---- | C] () -- C:\Users\bupi\Desktop\4440614_460s.jpg
[2012/06/10 11:34:26 | 000,753,515 | ---- | C] () -- C:\Users\bupi\Desktop\4423594_460s.jpg
[2012/06/10 11:22:25 | 000,046,699 | ---- | C] () -- C:\Users\bupi\Desktop\4436006_460s.jpg
[2012/06/05 19:23:01 | 000,592,308 | ---- | C] () -- C:\Users\bupi\Desktop\4166056_460s_v1.jpg
[2012/06/05 17:21:28 | 000,557,857 | ---- | C] () -- C:\Users\bupi\Desktop\4379025_460s.jpg
[2012/06/05 17:16:47 | 000,179,231 | ---- | C] () -- C:\Users\bupi\Desktop\4381123_460s.jpg
[2012/06/05 17:11:52 | 000,038,795 | ---- | C] () -- C:\Users\bupi\Desktop\4383590_460s.jpg
[2012/06/04 08:23:29 | 000,334,354 | ---- | C] () -- C:\Users\bupi\Desktop\DSC00823.JPG
[2012/05/03 10:43:11 | 000,181,760 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012/05/03 10:43:11 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012/05/03 10:42:28 | 000,044,795 | R--- | C] () -- C:\Windows\System32\kschimp.ini
[2012/05/03 10:36:54 | 000,034,637 | ---- | C] () -- C:\Windows\System32\ksaud.ini
[2012/05/03 10:36:54 | 000,001,772 | ---- | C] () -- C:\ProgramData\cfSB1095.ini
[2012/03/10 13:31:50 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012/02/09 15:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012/01/01 17:34:07 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/11/26 14:31:31 | 000,110,592 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2011/11/16 06:28:01 | 000,150,346 | ---- | C] () -- C:\Windows\hpwins10.dat
[2011/11/16 06:27:52 | 000,010,385 | ---- | C] () -- C:\Windows\hpwscr10.dat
[2011/11/16 06:27:52 | 000,001,042 | ---- | C] () -- C:\Windows\hpwmdl10.dat
[2011/11/14 07:50:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/11/14 07:49:07 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/11/14 07:49:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/10/13 21:03:30 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/09/28 12:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/06/11 05:32:19 | 000,028,272 | ---- | C] () -- C:\Users\bupi\AppData\Roaming\OFMissionEditorConfig.xml
[2011/03/29 04:00:00 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/03/24 15:35:18 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/03/24 15:28:12 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/03/02 06:43:46 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/02/01 11:58:04 | 000,001,100 | ---- | C] () -- C:\Users\bupi\AppData\Local\d3d8caps.dat
[2010/09/02 03:33:54 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2010/09/02 03:32:52 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2010/08/27 09:43:58 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/03/03 10:08:13 | 000,165,376 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010/03/03 10:07:36 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010/02/10 23:16:10 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/09/21 06:58:42 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/09/06 10:00:56 | 000,037,632 | ---- | C] () -- C:\Windows\DPUNIN20.EXE
[2009/08/13 18:14:31 | 000,314,702 | ---- | C] () -- C:\Windows\Theatre Of War Uninstaller.exe
[2009/08/03 09:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 09:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/03/12 10:13:33 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/02/25 10:25:52 | 000,139,152 | ---- | C] () -- C:\Users\bupi\AppData\Roaming\PnkBstrK.sys
[2009/02/25 10:25:52 | 000,138,992 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/02/25 10:25:37 | 000,281,152 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009/02/25 10:25:35 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2009/02/25 10:25:35 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009/02/13 18:03:10 | 000,022,647 | ---- | C] () -- C:\Users\bupi\AppData\Roaming\UserTile.png
[2009/01/23 16:21:04 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2009/01/21 11:44:51 | 000,000,019 | ---- | C] () -- C:\Windows\KNP.INI
[2009/01/03 17:23:43 | 000,286,208 | ---- | C] () -- C:\Windows\System32\binkw32.dll
[2008/12/22 14:35:30 | 000,200,704 | ---- | C] () -- C:\Windows\System32\teulKit.dll
[2008/09/14 04:59:31 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll
[2008/09/14 04:59:31 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll
[2008/08/19 15:56:07 | 000,001,600 | ---- | C] () -- C:\Windows\eReg.dat
[2008/08/08 07:03:38 | 000,000,092 | ---- | C] () -- C:\Users\bupi\AppData\Local\fusioncache.dat
[2008/08/06 04:10:33 | 000,000,000 | ---- | C] () -- C:\Users\bupi\AppData\Roaming\Default.PLS
[2008/07/21 15:52:35 | 000,000,347 | ---- | C] () -- C:\Windows\CoDUO.INI
[2008/07/21 15:41:38 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2008/07/08 06:21:57 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2008/07/06 16:20:43 | 000,339,968 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2008/07/06 16:20:43 | 000,090,112 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2008/07/06 16:20:43 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2008/07/06 16:20:42 | 008,719,104 | ---- | C] () -- C:\Windows\System32\drivers\snpstd3.sys
[2008/07/06 16:20:42 | 000,020,480 | ---- | C] () -- C:\Windows\usnpstd3.exe
[2008/07/06 11:27:53 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2008/06/27 04:40:08 | 000,000,084 | ---- | C] () -- C:\Users\bupi\AppData\default.pls
[2008/03/20 17:20:38 | 000,399,360 | ---- | C] () -- C:\Windows\System32\Smab.dll
[2008/03/20 17:20:37 | 000,502,784 | ---- | C] () -- C:\Windows\x2.64.exe
[2008/03/20 17:20:37 | 000,240,128 | ---- | C] () -- C:\Windows\System32\x.264.exe
[2008/03/20 17:20:37 | 000,066,560 | ---- | C] () -- C:\Windows\MOTA113.exe
[2008/03/20 17:20:37 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008/03/20 17:20:36 | 000,217,073 | ---- | C] () -- C:\Windows\meta4.exe
[2008/03/20 17:19:04 | 000,151,040 | -HS- | C] () -- C:\Windows\System32\VistaUltm.dll
[2008/03/20 17:19:04 | 000,027,648 | -HS- | C] () -- C:\Windows\System32\Smab0.dll
[2008/03/19 09:05:00 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2008/03/18 02:03:39 | 000,142,848 | ---- | C] () -- C:\Users\bupi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/16 06:12:22 | 000,016,180 | ---- | C] () -- C:\Users\bupi\AppData\Local\d3d9caps.dat
[2008/03/15 13:03:28 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008/01/28 05:39:58 | 000,009,824 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2007/10/29 06:55:47 | 000,000,000 | ---- | C] () -- C:\Windows\homeDVD-Fotos.INI
[2007/10/29 06:53:22 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007/10/29 06:45:31 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007/10/23 11:07:03 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007/10/23 07:59:52 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2007/04/10 17:46:52 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2006/12/11 00:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 11:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 11:33:31 | 000,117,714 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 11:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 11:33:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,403,920 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,582,484 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,096,748 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/23 05:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2005/10/15 08:25:20 | 000,028,672 | ---- | C] () -- C:\Windows\System32\myodbc3i.exe
[2005/10/15 08:25:20 | 000,011,776 | ---- | C] () -- C:\Windows\System32\myodbc3m.exe
[2004/12/07 23:21:10 | 000,065,536 | ---- | C] () -- C:\Windows\System32\xfire_lsp_10650.dll
[1997/06/14 07:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
========== LOP Check ==========
[2012/03/11 20:05:54 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Pro
[2012/03/03 12:29:07 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Origin
[2012/03/03 12:37:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software
[2012/01/02 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\.minecraft
[2012/04/18 07:49:52 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Ableton
[2009/01/17 08:12:16 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Audio Record Edit Toolbox
[2008/11/06 14:57:43 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Audio Recorder for Free
[2009/05/05 11:47:48 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Babylon
[2011/06/06 09:41:33 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\BANDISOFT
[2011/04/15 21:23:23 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\BitTorrent
[2009/02/01 09:31:39 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Black Sea Studios
[2008/03/29 07:20:59 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DAEMON Tools
[2011/04/14 11:01:04 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DAEMON Tools Pro
[2011/11/20 17:25:00 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DNA
[2012/06/26 14:01:07 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Dropbox
[2010/10/18 16:46:40 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DVDVideoSoft
[2011/06/22 12:56:08 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DVDVideoSoftIEHelpers
[2008/07/30 10:42:22 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Ebner
[2010/03/27 10:04:43 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\FMZilla
[2009/06/20 14:03:43 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Gearbox Software
[2011/06/15 18:47:35 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\GetRightToGo
[2011/09/13 11:33:49 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\ICQ
[2008/03/29 07:26:10 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\ICQ Toolbar
[2011/08/16 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Kibou
[2011/05/05 17:41:06 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Leadertech
[2009/04/02 14:51:56 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\LimeWire
[2008/03/12 13:25:11 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\MAGIX
[2010/10/11 11:00:57 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\mquadr.at
[2012/06/23 11:13:17 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Mumble
[2010/02/09 08:02:19 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Mumble(PR Edition)
[2011/08/17 19:41:21 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Norib
[2011/11/16 06:03:45 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Origin
[2010/03/03 10:08:23 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\SpieleEntwicklungsKombinat
[2009/01/23 16:23:46 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Steinberg
[2011/06/14 13:58:27 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\The Creative Assembly
[2012/06/03 17:46:50 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\TS3Client
[2011/11/26 14:31:54 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\TuneUp Software
[2008/08/08 11:05:10 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Turbine
[2009/08/11 11:16:40 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Ubisoft
[2012/04/18 07:42:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Ableton
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/08/13 06:33:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2011/04/14 10:57:12 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Pro
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2011/10/29 06:51:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Desura
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2011/07/21 09:14:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\DSS
[2011/11/10 10:04:52 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core
[2012/02/29 19:00:04 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Logs
[2011/10/28 10:28:32 | 000,000,000 | ---D | M] -- C:\ProgramData\eH21712AgMgB21712
[2011/11/14 08:36:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/12/09 15:48:02 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2009/08/30 10:49:16 | 000,000,000 | ---D | M] -- C:\ProgramData\KONAMI
[2010/10/11 11:00:57 | 000,000,000 | ---D | M] -- C:\ProgramData\m2backup
[2010/10/12 10:25:40 | 000,000,000 | ---D | M] -- C:\ProgramData\m2portal
[2007/10/29 06:46:31 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2010/10/11 11:00:57 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2012/03/03 11:19:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin
[2008/06/18 11:57:14 | 000,000,000 | ---D | M] -- C:\ProgramData\PopCap Games
[2010/03/03 10:08:23 | 000,000,000 | ---D | M] -- C:\ProgramData\SpieleEntwicklungsKombinat
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2008/06/18 11:56:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Steam
[2009/01/23 16:21:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Syncrosoft
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/11/26 14:33:09 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2012/01/01 07:24:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2007/10/23 10:01:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2009/07/04 13:50:50 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2007/10/23 08:04:20 | 000,000,000 | ---D | M] -- C:\ProgramData\X10 Settings
[2010/10/11 11:00:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\{0B1855D9-8D06-4BE1-B93C-7EFA1D0C3E32}
[2007/10/23 09:37:41 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2010/10/11 10:47:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\{29558F44-C67B-4F2C-99E0-F1CE2AE1F960}
[2011/11/26 14:29:54 | 000,000,000 | -HSD | M] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010/10/11 10:47:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\{392ECEAB-FD15-485B-8C44-C2C591EDECB5}
[2010/09/09 19:00:06 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/01 12:23:50 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/10/11 11:00:22 | 000,000,000 | -H-D | M] -- C:\ProgramData\{DE1CDDDC-29FB-4BCF-94A4-B8339595BAB7}
[2012/07/03 14:11:14 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
|
03.07.2012, 20:06
| #17 |
| /// Malware-holic   | AKM Virus blockt den gesamten PC da haben wir das gute stück
__________________da haben wir das gute stück auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein: Code:
ATTFilter :OTL
O20 - HKLM Winlogon: Shell - (C:\Users\bupi\AppData\Local\Temp\wpbt0.dll) - C:\Users\bupi\AppData\Local\Temp\wpbt0.dll ()
:Files
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]
dieses speicherst du auf nem usb stick als fix.txt nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist. • Klicke nun bitte auf den Fix Button. es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick. wenn dies nicht funktioniert, bitte den fix manuell eintragen. dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen, log posten bitte.
__________________ |
|
04.07.2012, 00:17
| #18 |
| | AKM Virus blockt den gesamten PC jetzt bin ich so "halb" wieder drin
__________________der desktop ist komplett weiß, ohne icons und ich kann irgendwie nur die hälfte machen der LOG Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (C:\Users\bupi\AppData\Local\Temp\wpbt0.dll) - C:\Users\bupi\AppData\Local\Temp\wpbt0.dll () > in the current context! ========== FILES ========== ========== COMMANDS ========== [EMPTYFLASH] User: Administrator ->Temp folder emptied: 2217484 bytes ->Temporary Internet Files folder emptied: 23852697 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 104996939 bytes ->Flash cache emptied: 2104 bytes User: All Users User: bupi ->Temp folder emptied: 922733665 bytes ->Temporary Internet Files folder emptied: 6517660 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 760177346 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 20362 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: IUSR_NMPR ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 1,736.00 mb [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: All Users User: bupi ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: IUSR_NMPR ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2107334 bytes %systemroot%\System32 .tmp files removed: 19083184 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 60280904 bytes Total Files Cleaned = 78.00 mb OTLPE by OldTimer - Version 3.1.48.0 log created on 07042012_013923 Edit: PS: Sandbox, hab ich irgendwo gehört sollte sowas vorbeugen hilft das echt? Geändert von Bupi (04.07.2012 um 00:29 Uhr) |
|
04.07.2012, 16:20
| #19 |
| /// Malware-holic | AKM Virus blockt den gesamten PC du musst schon das ganze script ausführen, es beginnt ab  tl:-) mach das noch mal bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.07.2012, 21:40
| #20 |
| | AKM Virus blockt den gesamten PC SEXY! GEiL GEIL GEIL! danke danke danke! sehe alles ganz normal und desktop usw. brauch nur noch tips wie ich das in zukunft verhindern kann All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\bupi\AppData\Local\Temp\wpbt0.dll deleted successfully. File C:\Users\bupi\AppData\Local\Temp\wpbt0.dll not found. ========== FILES ========== ========== COMMANDS ========== [EMPTYFLASH] User: Administrator ->Flash cache emptied: 0 bytes User: All Users User: bupi ->Flash cache emptied: 903 bytes User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: IUSR_NMPR User: Public User: UpdatusUser ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: All Users User: bupi ->Temp folder emptied: 961 bytes ->Temporary Internet Files folder emptied: 726085 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 559102852 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: IUSR_NMPR ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 7318 bytes RecycleBin emptied: 7454989879 bytes Total Files Cleaned = 7.644,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 07042012_223504 Files\Folders moved on Reboot... Registry entries deleted on Reboot... |
|
04.07.2012, 22:32
| #21 | |
| /// Malware-holic | AKM Virus blockt den gesamten PC kommt alles noch. Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ --> AKM Virus blockt den gesamten PC |
|
04.07.2012, 23:08
| #22 |
| | AKM Virus blockt den gesamten PC Combofix Logfile: Code:
ATTFilter ComboFix 12-07-04.04 - bupi 04.07.2012 23:45:52.1.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.43.1031.18.3069.1769 [GMT 2:00]
ausgeführt von:: c:\users\bupi\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\ShoppingReport
C:\Recycle.Bin
c:\users\bupi\AppData\Roaming\Microsoft\torrent.exe
c:\users\bupi\AppData\Roaming\Norib\meuwu.exe
c:\windows\system32\tmp7CDD.tmp
c:\windows\system32\tmp7D4B.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-04 bis 2012-07-04 ))))))))))))))))))))))))))))))
.
.
2012-07-04 22:00 . 2012-07-04 22:00 -------- d-----w- c:\users\bupi\AppData\Local\temp
2012-07-04 21:40 . 2012-07-04 21:40 -------- d-----w- c:\program files\OpenAL
2012-07-04 05:44 . 2011-07-13 02:55 2237440 ----a-r- C:\OTLPE.exe
2012-07-03 23:20 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{72A80DCC-D53B-4388-B753-EFBB7D3528BC}\mpengine.dll
2012-06-24 12:50 . 2012-06-24 12:50 -------- d-----w- c:\program files\CRS
2012-06-23 13:13 . 2012-06-23 13:13 -------- d-----w- c:\program files\Dropbox
2012-06-22 07:00 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-22 07:00 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-22 07:00 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-22 07:00 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 07:00 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-22 07:00 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-22 07:00 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 07:00 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-22 07:00 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-13 15:36 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 15:36 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys
2012-06-11 09:13 . 2012-06-11 09:13 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-11 09:13 . 2012-06-11 09:13 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 15:12 . 2009-07-21 20:43 281152 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-06-23 15:12 . 2009-02-25 14:25 281152 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-06-18 20:33 . 2009-02-25 14:25 138992 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-06-18 20:33 . 2009-02-25 14:25 281152 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-05-17 19:36 . 2009-02-25 14:25 139152 ----a-w- c:\users\bupi\AppData\Roaming\PnkBstrK.sys
2012-05-17 19:35 . 2009-02-25 14:25 794408 ----a-w- c:\windows\system32\pbsvc.exe
2012-05-03 14:36 . 2012-05-03 14:36 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2012-05-03 14:36 . 2012-05-03 14:36 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2012-06-16 15:00 . 2011-08-13 09:25 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 11:47 31232 --sh--r- c:\windows\System32\msfDX.dll
2007-12-17 13:43 27648 --sh--w- c:\windows\System32\Smab0.dll
2008-02-04 19:26 151040 --sh--w- c:\windows\System32\VistaUltm.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 09:32 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\bupi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\bupi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\bupi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"Steam"="c:\program files\Steam\steam.exe" [2011-08-02 1242448]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-15 202024]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-19 39408]
"OnlineFestplatte"="c:\program files\aon\Onlinefestplatte\OnlineFestplatte.exe" [2008-01-25 253976]
"EADM"="c:\program files\Origin\Origin.exe" [2012-06-01 3407496]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"TVEService"="c:\program files\HomeCinema\TV Enhance\TVEService.exe" [2007-10-19 155648]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-08 178712]
"NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-06-27 439512]
"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2007-06-27 215256]
"RtHDVCpl"="RtHDVCpl.exe" [2007-11-14 4706304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2005-11-04 90112]
"snpstd3"="c:\windows\vsnpstd3.exe" [2005-09-05 339968]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" [2010-02-18 241789]
"Module Loader"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
"Creative SB Monitoring Utility"="sbavmon.dll" [2010-07-29 103936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
c:\users\bupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\bupi\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKLM\~\startupfolder\C:^Users^bupi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Free Music Zilla.lnk]
path=c:\users\bupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Free Music Zilla.lnk
backup=c:\windows\pss\Free Music Zilla.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^bupi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
path=c:\users\bupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2008-03-20 16:46 217544 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 20:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-11-10 17:32 323392 ----a-w- c:\users\bupi\Program Files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2011-03-17 08:15 842048 ----a-w- c:\program files\DAEMON Tools Pro\DTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2008-03-12 17:12 220160 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-11-16 12:27 172856 ----a-w- c:\program files\ICQ6.5\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
2009-10-02 11:53 643592 ----a-w- c:\windows\System32\M-AudioTaskBarIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-10 22:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-02-29 07:55 17148552 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-10-11 10:04 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
S2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [x]
S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 17:50]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 17:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.telekom.at
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\bupi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\bupi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Translate with &Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
LSP: xfire_lsp_10650.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll
BHO-{ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll
Toolbar-{ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll
WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - c:\program files\free-downloads.net\tbfree.dll
HKCU-Run-4E3E0230AEBB4E96 - c:\recycle.bin\Recycle.Bin.exe
HKCU-Run-{9B338E1F-26D8-3356-2B12-4DA1683823F3} - c:\users\bupi\AppData\Roaming\Norib\meuwu.exe
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKCU-Run-{E1C80263-F055-11DC-B0CA-806E6F6E6963} - c:\users\bupi\AppData\Roaming\Microsoft\torrent.exe
HKLM-Run-toolbar_eula_launcher - c:\program files\GoogleEULA\EULALauncher.exe
MSConfigStartUp-Babylon Client - c:\program files\Babylon\Babylon-Pro\Babylon.exe
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
MSConfigStartUp-Desura - c:\program files\Desura\desura.exe
AddRemove-Age of Empires 2.0 - c:\program files\Microsoft Games\Age of Empires II\UNINSTAL.EXE
AddRemove-Age of Empires II: The Conquerors Expansion 1.0 - c:\program files\Microsoft Games\Age of Empires II\UNINSTALX.EXE
AddRemove-Age of Mythology 1.0 - c:\program files\Microsoft Games\Age of Mythology\UNINSTAL.EXE
AddRemove-ArmA - i:\games\ArmA\UnInstall.exe
AddRemove-ArmA 2 - i:\bohemia interactive\Bohemia Interactive\UnInstall.exe
AddRemove-ARMA 2 REINFORCEMENTS - i:\bohemia interactive\ArmA 2 REINFORCEMENTS\UnInstall_OA.exe
AddRemove-Babylon - c:\program files\Babylon\Babylon-Pro\Utils\uninstbb.exe
AddRemove-BattlEye A2 Free - i:\bohemia interactive\Bohemia InteractiveBattlEye\UnInstallBE.exe
AddRemove-BattlEye for OA - c:\program files\Bohemia Interactive\ArmAExpansion\BattlEye\UnInstallBE.exe
AddRemove-BattlEye for RFT - i:\bohemia interactive\ArmA 2 REINFORCEMENTSExpansion\BattlEye\UnInstallBE.exe
AddRemove-Brothers in Arms - Hell's Highway - c:\program files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\uninst.exe
AddRemove-BrothersInArms - c:\program files\Ubisoft\Gearbox Software\BrothersInArms\System\Setup.exe
AddRemove-Call of Duty - c:\progra~1\CALLOF~1\Uninstall\Unwise.exe
AddRemove-Desura - c:\program files\Desura\Desura_Uninstaller.exe
AddRemove-Ghost Recon Advanced Warfighter Patch_is1 - c:\program files\Ubisoft\Ghost Recon Advanced Warfighter\unins000.exe
AddRemove-GTA Rumble_is1 - c:\program files\Rockstar Games\GTA San Andreas\unins000.exe
AddRemove-Project Reality Christmas Map Pack_is1 - c:\program files\EA GAMES\Battlefield 2\unins008.exe
AddRemove-Project Reality SP Map Pack_is1 - c:\program files\EA GAMES\Battlefield 2\unins009.exe
AddRemove-Project Reality SP Mappack 1_is1 - c:\program files\EA GAMES\Battlefield 2\unins003.exe
AddRemove-Project Reality: BF2 (pr 0973mappack)_is1 - i:\lan-fuckin'-party\LAN FUCKING PARTY Vol.2\Battlefield 2\unins011.exe
AddRemove-Project Reality: BF2 (pr prbf2vb1)_is1 - i:\lan-fuckin'-party\LAN FUCKING PARTY Vol.2\Battlefield 2\unins010.exe
AddRemove-Project Reality: BF2 (pr)_is1 - i:\lan-fuckin'-party\LAN FUCKING PARTY Vol.2\Battlefield 2\unins007.exe
AddRemove-S.T.A.L.K.E.R. - Shadow of Chernobyl_is1 - i:\s.t.a.l.k.e.r. - shadow of chernobyl\unins000.exe
AddRemove-{2C2F85C4-62C3-4F59-A5E1-AB60E5F76ADF}_is1 - c:\program files\Ubisoft\Faces of War\unins000.exe
AddRemove-{6E7DD182-9FC6-4651-0095-2E666CC6AF35} - c:\program files\EA GAMES\EAUninstall.exe
AddRemove-{A594DE4B-ED0D-4168-BF52-40C9A14ECD20}_is1 - c:\program files\Ubisoft\Demo\Techland\Call of Juarez MP Demo\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-07-05 00:00
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-406249821-1696615750-2729680667-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:8c,ea,d9,54,2c,17,27,60,5c,68,63,97,11,7c,4b,e3,2c,68,53,b6,d5,88,98,
d2,12,f1,d0,67,a5,26,de,2c,a3,4c,1b,e4,e8,e6,47,81,e4,5f,7b,23,44,db,b4,e9,\
"??"=hex:9a,a0,6c,62,a0,fb,58,e5,84,42,e5,55,30,8c,5f,1d
.
[HKEY_USERS\S-1-5-21-406249821-1696615750-2729680667-1001\Software\SecuROM\License information*]
"datasecu"=hex:87,ee,82,01,9c,f7,30,09,23,26,20,93,cb,f2,85,7d,39,d5,6c,60,9f,
25,75,d0,91,9c,d6,cf,b9,e2,59,4a,57,f2,86,44,be,e8,d2,33,8e,27,d7,06,dd,87,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
Zeit der Fertigstellung: 2012-07-05 00:04:21
ComboFix-quarantined-files.txt 2012-07-04 22:04
.
Vor Suchlauf: 15 Verzeichnis(se), 49.431.494.656 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 48.244.334.592 Bytes frei
.
- - End Of File - - 3CB9C2A8507B4E5ED4000A09DC46F041
muss ich den PC jz neustarten?? |
|
05.07.2012, 17:36
| #23 |
| /// Malware-holic | AKM Virus blockt den gesamten PC hi malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.07.2012, 00:44
| #24 |
| | AKM Virus blockt den gesamten PC kann das logfile nirgends finden Klappt aber alles bis jz gut! 3 infizierte datein enntfernt stand da |
|
10.07.2012, 13:43
| #25 |
| /// Malware-holic | AKM Virus blockt den gesamten PC malwarebytes öffnen, berichte, da sind sie
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
10.07.2012, 22:44
| #26 |
| | AKM Virus blockt den gesamten PC Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.05.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 bupi :: BUPI-PC [Administrator] 05.07.2012 23:30:43 mbam-log-2012-07-05 (23-30-43).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 700761 Laufzeit: 2 Stunde(n), 30 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 9 HKCR\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SYSTEM\CurrentControlSet\Services\SVKP (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions|NoBrowserContextMenu (PUM.RightClick.Disabled) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_RU.dll (Malware.Packer.GenX) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\System32\SVKP.sys (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\ICQToolbar\toolbaru.dll (Trojan.BHO) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
11.07.2012, 22:54
| #27 |
| /// Malware-holic | AKM Virus blockt den gesamten PC download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
12.07.2012, 14:04
| #28 |
| | AKM Virus blockt den gesamten PC 15:02:44.0550 6244 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35 15:02:45.0027 6244 ============================================================ 15:02:45.0027 6244 Current date / time: 2012/07/12 15:02:45.0027 15:02:45.0028 6244 SystemInfo: 15:02:45.0028 6244 15:02:45.0028 6244 OS Version: 6.0.6002 ServicePack: 2.0 15:02:45.0028 6244 Product type: Workstation 15:02:45.0028 6244 ComputerName: BUPI-PC 15:02:45.0028 6244 UserName: bupi 15:02:45.0028 6244 Windows directory: C:\Windows 15:02:45.0028 6244 System windows directory: C:\Windows 15:02:45.0028 6244 Processor architecture: Intel x86 15:02:45.0028 6244 Number of processors: 4 15:02:45.0028 6244 Page size: 0x1000 15:02:45.0028 6244 Boot type: Normal boot 15:02:45.0028 6244 ============================================================ 15:02:45.0913 6244 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 15:02:45.0942 6244 ============================================================ 15:02:45.0943 6244 \Device\Harddisk0\DR0: 15:02:45.0950 6244 MBR partitions: 15:02:45.0951 6244 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x37B8418F 15:02:45.0968 6244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x37B8420D, BlocksNum 0x2800A34 15:02:45.0968 6244 ============================================================ 15:02:46.0018 6244 C: <-> \Device\Harddisk0\DR0\Partition0 15:02:46.0019 6244 D: <-> \Device\Harddisk0\DR0\Partition1 15:02:46.0019 6244 ============================================================ 15:02:46.0019 6244 Initialize success 15:02:46.0019 6244 ============================================================ 15:03:10.0916 1548 ============================================================ 15:03:10.0916 1548 Scan started 15:03:10.0916 1548 Mode: Manual; SigCheck; TDLFS; 15:03:10.0916 1548 ============================================================ 15:03:11.0974 1548 3xHybrid (651c54ac4ec5c5397c5aff5d575ca45b) C:\Windows\system32\DRIVERS\3xHybrid.sys 15:03:12.0212 1548 3xHybrid - ok 15:03:12.0303 1548 ACEDRV08 (da06d89cdfdd0d24de75165cf6d4270b) C:\Windows\system32\drivers\ACEDRV08.sys 15:03:12.0315 1548 ACEDRV08 - ok 15:03:12.0358 1548 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 15:03:12.0382 1548 ACPI - ok 15:03:12.0427 1548 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 15:03:12.0512 1548 adp94xx - ok 15:03:12.0562 1548 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 15:03:12.0583 1548 adpahci - ok 15:03:12.0623 1548 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 15:03:12.0636 1548 adpu160m - ok 15:03:12.0655 1548 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 15:03:12.0671 1548 adpu320 - ok 15:03:12.0711 1548 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 15:03:12.0874 1548 AeLookupSvc - ok 15:03:12.0923 1548 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 15:03:12.0971 1548 AFD - ok 15:03:12.0983 1548 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 15:03:12.0997 1548 aic78xx - ok 15:03:13.0057 1548 AlertService (cf86f64a1aea27e5fa97e697bf70346d) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe 15:03:13.0072 1548 AlertService - ok 15:03:13.0092 1548 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 15:03:13.0297 1548 ALG - ok 15:03:13.0323 1548 aliide (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys 15:03:13.0336 1548 aliide - ok 15:03:13.0348 1548 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 15:03:13.0361 1548 amdagp - ok 15:03:13.0371 1548 amdide (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys 15:03:13.0383 1548 amdide - ok 15:03:13.0401 1548 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 15:03:13.0640 1548 AmdK7 - ok 15:03:13.0657 1548 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 15:03:13.0739 1548 AmdK8 - ok 15:03:13.0784 1548 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys 15:03:13.0900 1548 AmdLLD - ok 15:03:13.0911 1548 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 15:03:13.0989 1548 Appinfo - ok 15:03:14.0046 1548 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 15:03:14.0069 1548 Apple Mobile Device - ok 15:03:14.0109 1548 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 15:03:14.0120 1548 arc - ok 15:03:14.0153 1548 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 15:03:14.0206 1548 arcsas - ok 15:03:14.0332 1548 aspnet_state (40c145f12ff461a0220303bda134f598) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 15:03:14.0350 1548 aspnet_state - ok 15:03:14.0376 1548 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 15:03:14.0453 1548 AsyncMac - ok 15:03:14.0577 1548 atapi (f3215e5525ce4ac9af6c835bae5dac3a) C:\Windows\system32\drivers\atapi.sys 15:03:14.0588 1548 atapi - ok 15:03:14.0689 1548 atksgt (5b80e84af6b02ecab72dae9afee06309) C:\Windows\system32\DRIVERS\atksgt.sys 15:03:14.0718 1548 atksgt ( UnsignedFile.Multi.Generic ) - warning 15:03:14.0718 1548 atksgt - detected UnsignedFile.Multi.Generic (1) 15:03:14.0748 1548 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 15:03:14.0861 1548 AudioEndpointBuilder - ok 15:03:14.0865 1548 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 15:03:14.0885 1548 Audiosrv - ok 15:03:15.0022 1548 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe 15:03:15.0040 1548 BBSvc - ok 15:03:15.0074 1548 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe 15:03:15.0090 1548 BBUpdate - ok 15:03:15.0104 1548 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 15:03:15.0155 1548 Beep - ok 15:03:15.0189 1548 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll 15:03:15.0227 1548 BFE - ok 15:03:15.0325 1548 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll 15:03:15.0388 1548 BITS - ok 15:03:15.0391 1548 blbdrive - ok 15:03:15.0493 1548 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 15:03:15.0523 1548 Bonjour Service - ok 15:03:15.0596 1548 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 15:03:15.0660 1548 bowser - ok 15:03:15.0672 1548 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 15:03:15.0691 1548 BrFiltLo - ok 15:03:15.0701 1548 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 15:03:15.0744 1548 BrFiltUp - ok 15:03:15.0817 1548 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 15:03:15.0893 1548 Browser - ok 15:03:15.0923 1548 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 15:03:15.0989 1548 Brserid - ok 15:03:16.0018 1548 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 15:03:16.0088 1548 BrSerWdm - ok 15:03:16.0107 1548 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 15:03:16.0168 1548 BrUsbMdm - ok 15:03:16.0187 1548 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 15:03:16.0238 1548 BrUsbSer - ok 15:03:16.0264 1548 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 15:03:16.0320 1548 BTHMODEM - ok 15:03:16.0628 1548 catchme - ok 15:03:16.0704 1548 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 15:03:16.0750 1548 cdfs - ok 15:03:16.0935 1548 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 15:03:17.0006 1548 cdrom - ok 15:03:17.0060 1548 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 15:03:17.0089 1548 CertPropSvc - ok 15:03:17.0204 1548 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 15:03:17.0272 1548 circlass - ok 15:03:17.0307 1548 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 15:03:17.0324 1548 CLFS - ok 15:03:17.0491 1548 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:03:17.0505 1548 clr_optimization_v2.0.50727_32 - ok 15:03:17.0680 1548 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:03:17.0737 1548 clr_optimization_v4.0.30319_32 - ok 15:03:17.0789 1548 cmdide (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys 15:03:17.0802 1548 cmdide - ok 15:03:17.0837 1548 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys 15:03:17.0848 1548 Compbatt - ok 15:03:17.0851 1548 COMSysApp - ok 15:03:17.0898 1548 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 15:03:17.0910 1548 crcdisk - ok 15:03:17.0982 1548 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe 15:03:18.0015 1548 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning 15:03:18.0015 1548 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1) 15:03:18.0043 1548 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 15:03:18.0080 1548 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning 15:03:18.0080 1548 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1) 15:03:18.0100 1548 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 15:03:18.0150 1548 Crusoe - ok 15:03:18.0190 1548 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll 15:03:18.0229 1548 CryptSvc - ok 15:03:18.0333 1548 CTAudSvcService (5ce3d0e1d1b3832ee052cfc442eee0fa) C:\Program Files\Creative\Shared Files\CTAudSvc.exe 15:03:18.0367 1548 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning 15:03:18.0367 1548 CTAudSvcService - detected UnsignedFile.Multi.Generic (1) 15:03:18.0432 1548 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 15:03:18.0547 1548 DcomLaunch - ok 15:03:18.0590 1548 Desura Install Service (029d0a288d3f5fe4adca2e81b63dc207) C:\Program Files\Common Files\Desura\desura_service.exe 15:03:18.0603 1548 Desura Install Service - ok 15:03:18.0671 1548 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 15:03:18.0713 1548 DfsC - ok 15:03:18.0846 1548 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 15:03:19.0010 1548 DFSR - ok 15:03:19.0089 1548 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 15:03:19.0110 1548 Dhcp - ok 15:03:19.0170 1548 DHTRACE (2c56880d37785cf2c07b0309cebb0a7d) C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe 15:03:19.0179 1548 DHTRACE - ok 15:03:19.0216 1548 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 15:03:19.0228 1548 disk - ok 15:03:19.0270 1548 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 15:03:19.0315 1548 Dnscache - ok 15:03:19.0337 1548 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 15:03:19.0359 1548 dot3svc - ok 15:03:19.0411 1548 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys 15:03:19.0477 1548 Dot4 - ok 15:03:19.0503 1548 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys 15:03:19.0551 1548 Dot4Print - ok 15:03:19.0592 1548 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys 15:03:19.0647 1548 dot4usb - ok 15:03:19.0686 1548 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 15:03:19.0742 1548 DPS - ok 15:03:19.0806 1548 DQLWinService (28b42d80ce943a98c6bcea67263cbdff) C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe 15:03:19.0863 1548 DQLWinService ( UnsignedFile.Multi.Generic ) - warning 15:03:19.0863 1548 DQLWinService - detected UnsignedFile.Multi.Generic (1) 15:03:19.0901 1548 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 15:03:19.0948 1548 drmkaud - ok 15:03:19.0987 1548 dtsoftbus01 (16c5891c6d1fa0b5d9014f85a482eb20) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 15:03:20.0008 1548 dtsoftbus01 - ok 15:03:20.0074 1548 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 15:03:20.0112 1548 DXGKrnl - ok 15:03:20.0172 1548 e1express (476d9f2f0789cde89acee2a2fb21ec5a) C:\Windows\system32\DRIVERS\e1e6032.sys 15:03:20.0201 1548 e1express - ok 15:03:20.0219 1548 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 15:03:20.0306 1548 E1G60 - ok 15:03:20.0328 1548 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 15:03:20.0372 1548 EapHost - ok 15:03:20.0423 1548 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 15:03:20.0439 1548 Ecache - ok 15:03:20.0546 1548 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe 15:03:20.0597 1548 ehRecvr - ok 15:03:20.0632 1548 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe 15:03:20.0672 1548 ehSched - ok 15:03:20.0687 1548 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll 15:03:20.0711 1548 ehstart - ok 15:03:20.0735 1548 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 15:03:20.0762 1548 elxstor - ok 15:03:20.0811 1548 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 15:03:20.0899 1548 EMDMgmt - ok 15:03:20.0946 1548 esgiguard - ok 15:03:20.0982 1548 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 15:03:21.0012 1548 EventSystem - ok 15:03:21.0060 1548 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 15:03:21.0093 1548 exfat - ok 15:03:21.0117 1548 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 15:03:21.0146 1548 fastfat - ok 15:03:21.0167 1548 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 15:03:21.0205 1548 fdc - ok 15:03:21.0211 1548 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 15:03:21.0233 1548 fdPHost - ok 15:03:21.0254 1548 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 15:03:21.0313 1548 FDResPub - ok 15:03:21.0335 1548 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys 15:03:21.0406 1548 FETNDIS - ok 15:03:21.0431 1548 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 15:03:21.0444 1548 FileInfo - ok 15:03:21.0472 1548 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 15:03:21.0518 1548 Filetrace - ok 15:03:21.0634 1548 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\Hofer Foto Service\Common\Database\bin\fbserver.exe 15:03:21.0696 1548 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning 15:03:21.0696 1548 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1) 15:03:21.0780 1548 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 15:03:21.0840 1548 flpydisk - ok 15:03:21.0868 1548 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 15:03:21.0886 1548 FltMgr - ok 15:03:21.0959 1548 FontCache (452feaab2a8dbb42ed751754cb2594f5) C:\Windows\system32\FntCache.dll 15:03:22.0086 1548 FontCache - ok 15:03:22.0163 1548 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 15:03:22.0176 1548 FontCache3.0.0.0 - ok 15:03:22.0220 1548 fssfltr (491e9d9a26a745f6ae7d570849f4bd87) C:\Windows\system32\DRIVERS\fssfltr.sys 15:03:22.0231 1548 fssfltr - ok 15:03:22.0342 1548 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 15:03:22.0398 1548 fsssvc - ok 15:03:22.0459 1548 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys 15:03:22.0483 1548 Fs_Rec - ok 15:03:22.0497 1548 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 15:03:22.0510 1548 gagp30kx - ok 15:03:22.0543 1548 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys 15:03:22.0551 1548 GEARAspiWDM - ok 15:03:22.0606 1548 GoogleDesktopManager (33efd5039ea1bfa623d8bb9fb787cb0f) C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe 15:03:22.0613 1548 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - warning 15:03:22.0613 1548 GoogleDesktopManager - detected UnsignedFile.Multi.Generic (1) 15:03:22.0661 1548 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 15:03:22.0714 1548 gpsvc - ok 15:03:22.0749 1548 gupdate1c98627da276eea (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 15:03:22.0761 1548 gupdate1c98627da276eea - ok 15:03:22.0764 1548 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe 15:03:22.0774 1548 gupdatem - ok 15:03:22.0831 1548 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 15:03:22.0845 1548 gusvc - ok 15:03:22.0897 1548 hamachi (c3a3e439bfaf7342b97b47051daf2229) C:\Windows\system32\DRIVERS\hamachi.sys 15:03:22.0907 1548 hamachi - ok 15:03:22.0930 1548 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 15:03:22.0977 1548 HdAudAddService - ok 15:03:23.0029 1548 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 15:03:23.0099 1548 HDAudBus - ok 15:03:23.0120 1548 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 15:03:23.0165 1548 HidBth - ok 15:03:23.0207 1548 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 15:03:23.0272 1548 HidIr - ok 15:03:23.0302 1548 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll 15:03:23.0351 1548 hidserv - ok 15:03:23.0407 1548 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 15:03:23.0443 1548 HidUsb - ok 15:03:23.0479 1548 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 15:03:23.0522 1548 hkmsvc - ok 15:03:23.0536 1548 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 15:03:23.0547 1548 HpCISSs - ok 15:03:23.0699 1548 hpqcxs08 (390920e11d7729a7b98799ebe20e38fb) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 15:03:23.0747 1548 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 15:03:23.0747 1548 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 15:03:23.0787 1548 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 15:03:23.0863 1548 HTTP - ok 15:03:23.0909 1548 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 15:03:23.0943 1548 i2omp - ok 15:03:24.0009 1548 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 15:03:24.0157 1548 i8042prt - ok 15:03:24.0319 1548 IAANTMON (9bcf5972c941b4b5cb60ded03cb9e300) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe 15:03:24.0399 1548 IAANTMON - ok 15:03:24.0451 1548 iaStor (28aae599496b4930b3f19026f2083bc4) C:\Windows\system32\DRIVERS\iaStor.sys 15:03:24.0462 1548 iaStor - ok 15:03:24.0487 1548 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 15:03:24.0508 1548 iaStorV - ok 15:03:24.0541 1548 ICQ Service (b613c7d844eb84bfcfc6fa36569885c7) C:\Program Files\ICQ6Toolbar\ICQ Service.exe 15:03:24.0563 1548 ICQ Service - ok 15:03:24.0659 1548 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 15:03:24.0690 1548 IDriverT ( UnsignedFile.Multi.Generic ) - warning 15:03:24.0691 1548 IDriverT - detected UnsignedFile.Multi.Generic (1) 15:03:24.0785 1548 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 15:03:24.0830 1548 idsvc - ok 15:03:24.0942 1548 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 15:03:24.0953 1548 iirsp - ok 15:03:25.0001 1548 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 15:03:25.0054 1548 IKEEXT - ok 15:03:25.0175 1548 IntcAzAudAddService (56661beae591e59067710b6cbca78184) C:\Windows\system32\drivers\RTKVHDA.sys 15:03:25.0272 1548 IntcAzAudAddService - ok 15:03:25.0350 1548 IntelDH (7f440f8ced849fcdfa85bb3521b4f048) C:\Windows\system32\Drivers\IntelDH.sys 15:03:25.0399 1548 IntelDH - ok 15:03:25.0488 1548 intelide (e5ea1c17da5065032e346591ff64f3af) C:\Windows\system32\drivers\intelide.sys 15:03:25.0502 1548 intelide - ok 15:03:25.0587 1548 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 15:03:25.0611 1548 intelppm - ok 15:03:25.0660 1548 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 15:03:25.0721 1548 IPBusEnum - ok 15:03:25.0743 1548 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:03:25.0788 1548 IpFilterDriver - ok 15:03:25.0924 1548 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll 15:03:26.0092 1548 iphlpsvc - ok 15:03:26.0095 1548 IpInIp - ok 15:03:26.0129 1548 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 15:03:26.0192 1548 IPMIDRV - ok 15:03:26.0259 1548 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 15:03:26.0304 1548 IPNAT - ok 15:03:26.0402 1548 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe 15:03:26.0631 1548 iPod Service - ok 15:03:26.0689 1548 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 15:03:26.0728 1548 IRENUM - ok 15:03:26.0751 1548 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 15:03:26.0763 1548 isapnp - ok 15:03:26.0906 1548 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 15:03:26.0947 1548 iScsiPrt - ok 15:03:26.0987 1548 ISSM (50adb2883f8874aa6632a67cd410f27f) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe 15:03:26.0997 1548 ISSM - ok 15:03:27.0015 1548 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 15:03:27.0027 1548 iteatapi - ok 15:03:27.0041 1548 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 15:03:27.0054 1548 iteraid - ok 15:03:27.0077 1548 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 15:03:27.0090 1548 kbdclass - ok 15:03:27.0121 1548 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 15:03:27.0165 1548 kbdhid - ok 15:03:27.0289 1548 kbeepm - ok 15:03:27.0307 1548 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 15:03:27.0348 1548 KeyIso - ok 15:03:27.0417 1548 ksaud (16deda89ea8f30867969ba4d692aee26) C:\Windows\system32\drivers\ksaud.sys 15:03:27.0690 1548 ksaud - ok 15:03:27.0780 1548 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 15:03:27.0812 1548 KSecDD - ok 15:03:27.0930 1548 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 15:03:28.0003 1548 KtmRm - ok 15:03:28.0048 1548 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll 15:03:28.0091 1548 LanmanServer - ok 15:03:28.0110 1548 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 15:03:28.0147 1548 LanmanWorkstation - ok 15:03:28.0172 1548 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\Windows\system32\DRIVERS\lirsgt.sys 15:03:28.0205 1548 lirsgt ( UnsignedFile.Multi.Generic ) - warning 15:03:28.0205 1548 lirsgt - detected UnsignedFile.Multi.Generic (1) 15:03:28.0235 1548 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 15:03:28.0281 1548 lltdio - ok 15:03:28.0316 1548 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 15:03:28.0345 1548 lltdsvc - ok 15:03:28.0372 1548 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 15:03:28.0410 1548 lmhosts - ok 15:03:28.0496 1548 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 15:03:28.0513 1548 LSI_FC - ok 15:03:28.0528 1548 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 15:03:28.0541 1548 LSI_SAS - ok 15:03:28.0555 1548 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 15:03:28.0568 1548 LSI_SCSI - ok 15:03:28.0612 1548 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 15:03:28.0638 1548 luafv - ok 15:03:28.0709 1548 M1 Server (9a3741d5412ab81b86992915e3ecd3e9) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe 15:03:28.0727 1548 M1 Server - ok 15:03:28.0764 1548 MAUSBFASTTRACK (a8fbeb2b9a5469ab1916194b3a898d4d) C:\Windows\system32\DRIVERS\MAudioFastTrack.sys 15:03:28.0777 1548 MAUSBFASTTRACK - ok 15:03:28.0806 1548 MCLServiceATL (6ad27b01272f966c9611a398961fcf15) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe 15:03:28.0878 1548 MCLServiceATL - ok 15:03:28.0899 1548 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll 15:03:28.0934 1548 Mcx2Svc - ok 15:03:28.0951 1548 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 15:03:28.0963 1548 megasas - ok 15:03:28.0998 1548 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 15:03:29.0023 1548 MMCSS - ok 15:03:29.0041 1548 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 15:03:29.0090 1548 Modem - ok 15:03:29.0128 1548 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 15:03:29.0175 1548 monitor - ok 15:03:29.0219 1548 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 15:03:29.0231 1548 mouclass - ok 15:03:29.0254 1548 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 15:03:29.0276 1548 mouhid - ok 15:03:29.0285 1548 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 15:03:29.0298 1548 MountMgr - ok 15:03:29.0396 1548 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 15:03:29.0426 1548 MozillaMaintenance - ok 15:03:29.0439 1548 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 15:03:29.0451 1548 mpio - ok 15:03:29.0464 1548 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 15:03:29.0484 1548 mpsdrv - ok 15:03:29.0537 1548 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll 15:03:29.0612 1548 MpsSvc - ok 15:03:29.0644 1548 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 15:03:29.0656 1548 Mraid35x - ok 15:03:29.0689 1548 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 15:03:29.0729 1548 MRxDAV - ok 15:03:29.0764 1548 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:03:29.0827 1548 mrxsmb - ok 15:03:29.0884 1548 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:03:29.0918 1548 mrxsmb10 - ok 15:03:29.0939 1548 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:03:29.0976 1548 mrxsmb20 - ok 15:03:30.0006 1548 msahci (86068b8b54a5eb092f51657f00b2222a) C:\Windows\system32\drivers\msahci.sys 15:03:30.0019 1548 msahci - ok 15:03:30.0079 1548 MSCamSvc (641199534871783dd74138fe0bcfdae7) C:\Program Files\Microsoft LifeCam\MSCamS32.exe 15:03:30.0100 1548 MSCamSvc - ok 15:03:30.0122 1548 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 15:03:30.0135 1548 msdsm - ok 15:03:30.0150 1548 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 15:03:30.0204 1548 MSDTC - ok 15:03:30.0226 1548 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 15:03:30.0262 1548 Msfs - ok 15:03:30.0284 1548 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 15:03:30.0296 1548 msisadrv - ok 15:03:30.0324 1548 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 15:03:30.0367 1548 MSiSCSI - ok 15:03:30.0371 1548 msiserver - ok 15:03:30.0387 1548 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 15:03:30.0429 1548 MSKSSRV - ok 15:03:30.0449 1548 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 15:03:30.0474 1548 MSPCLOCK - ok 15:03:30.0495 1548 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 15:03:30.0538 1548 MSPQM - ok 15:03:30.0564 1548 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 15:03:30.0581 1548 MsRPC - ok 15:03:30.0618 1548 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 15:03:30.0630 1548 mssmbios - ok 15:03:30.0640 1548 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 15:03:30.0670 1548 MSTEE - ok 15:03:30.0693 1548 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 15:03:30.0708 1548 Mup - ok 15:03:30.0766 1548 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 15:03:30.0800 1548 napagent - ok 15:03:30.0851 1548 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 15:03:30.0891 1548 NativeWifiP - ok 15:03:30.0932 1548 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 15:03:30.0962 1548 NDIS - ok 15:03:30.0991 1548 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 15:03:31.0034 1548 NdisTapi - ok 15:03:31.0056 1548 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 15:03:31.0117 1548 Ndisuio - ok 15:03:31.0136 1548 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 15:03:31.0175 1548 NdisWan - ok 15:03:31.0197 1548 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 15:03:31.0215 1548 NDProxy - ok 15:03:31.0304 1548 Nero BackItUp Scheduler 3 (6d4028d458eaaa1782099750790dc8c9) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 15:03:31.0348 1548 Nero BackItUp Scheduler 3 - ok 15:03:31.0396 1548 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll 15:03:31.0423 1548 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 15:03:31.0423 1548 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 15:03:31.0466 1548 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 15:03:31.0524 1548 NetBIOS - ok 15:03:31.0547 1548 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 15:03:31.0591 1548 netbt - ok 15:03:31.0613 1548 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 15:03:31.0626 1548 Netlogon - ok 15:03:31.0646 1548 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 15:03:31.0693 1548 Netman - ok 15:03:31.0760 1548 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 15:03:31.0773 1548 NetMsmqActivator - ok 15:03:31.0776 1548 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 15:03:31.0786 1548 NetPipeActivator - ok 15:03:31.0819 1548 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 15:03:31.0885 1548 netprofm - ok 15:03:31.0928 1548 netr28u (9ba2f93e4f01ec58e722b36639e0ce5d) C:\Windows\system32\DRIVERS\netr28u.sys 15:03:32.0009 1548 netr28u - ok 15:03:32.0012 1548 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 15:03:32.0022 1548 NetTcpActivator - ok 15:03:32.0047 1548 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 15:03:32.0057 1548 NetTcpPortSharing - ok 15:03:32.0088 1548 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 15:03:32.0100 1548 nfrd960 - ok 15:03:32.0130 1548 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 15:03:32.0183 1548 NlaSvc - ok 15:03:32.0256 1548 NMIndexingService (d36107465e716cf2335a25c54b6d11c2) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 15:03:32.0321 1548 NMIndexingService - ok 15:03:32.0445 1548 NMSCore (5384d7a64e7b6011e98d68f69dcfc980) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe 15:03:32.0461 1548 NMSCore - ok 15:03:32.0504 1548 nmsunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\nmsunidr.sys 15:03:32.0562 1548 nmsunidr - ok 15:03:32.0617 1548 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 15:03:32.0659 1548 Npfs - ok 15:03:32.0672 1548 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 15:03:32.0721 1548 nsi - ok 15:03:32.0743 1548 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 15:03:32.0776 1548 nsiproxy - ok 15:03:32.0909 1548 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 15:03:33.0010 1548 Ntfs - ok 15:03:33.0059 1548 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 15:03:33.0139 1548 ntrigdigi - ok 15:03:33.0152 1548 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 15:03:33.0219 1548 Null - ok 15:03:33.0275 1548 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys 15:03:33.0319 1548 NVHDA - ok 15:03:33.0823 1548 nvlddmkm (f452e6ad3eda2852f44be492e283c40f) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:03:34.0588 1548 nvlddmkm - ok 15:03:34.0678 1548 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 15:03:34.0696 1548 nvraid - ok 15:03:34.0708 1548 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 15:03:34.0720 1548 nvstor - ok 15:03:34.0768 1548 nvsvc (70145ade9efe2ce296dd5fc761b4969b) C:\Windows\system32\nvvsvc.exe 15:03:34.0823 1548 nvsvc - ok 15:03:35.0040 1548 nvUpdatusService (d3acc38a963b71bd4d2dfdc1050219b9) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 15:03:35.0122 1548 nvUpdatusService - ok 15:03:35.0209 1548 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 15:03:35.0221 1548 nv_agp - ok 15:03:35.0224 1548 NwlnkFlt - ok 15:03:35.0228 1548 NwlnkFwd - ok 15:03:35.0300 1548 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 15:03:35.0329 1548 odserv - ok 15:03:35.0352 1548 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 15:03:35.0387 1548 ohci1394 - ok 15:03:35.0427 1548 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:03:35.0440 1548 ose - ok 15:03:35.0484 1548 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 15:03:35.0606 1548 p2pimsvc - ok 15:03:35.0624 1548 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 15:03:35.0647 1548 p2psvc - ok 15:03:35.0679 1548 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys 15:03:35.0745 1548 Parport - ok 15:03:35.0773 1548 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys 15:03:35.0786 1548 partmgr - ok 15:03:35.0795 1548 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys 15:03:35.0859 1548 Parvdm - ok 15:03:35.0889 1548 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 15:03:35.0923 1548 PcaSvc - ok 15:03:35.0978 1548 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 15:03:36.0005 1548 pci - ok 15:03:36.0098 1548 pciide (304048c2565a803d091cca1ac945f593) C:\Windows\system32\drivers\pciide.sys 15:03:36.0113 1548 pciide - ok 15:03:36.0224 1548 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 15:03:36.0346 1548 pcmcia - ok 15:03:36.0594 1548 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 15:03:36.0747 1548 PEAUTH - ok 15:03:36.0928 1548 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 15:03:37.0128 1548 pla - ok 15:03:37.0285 1548 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 15:03:37.0337 1548 PlugPlay - ok 15:03:37.0378 1548 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll 15:03:37.0384 1548 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 15:03:37.0384 1548 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 15:03:37.0438 1548 PnkBstrA (205e1b699fd3f2f9b036eea2ec30c620) C:\Windows\system32\PnkBstrA.exe 15:03:37.0459 1548 PnkBstrA - ok 15:03:37.0633 1548 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 15:03:37.0755 1548 PNRPAutoReg - ok 15:03:37.0762 1548 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 15:03:37.0869 1548 PNRPsvc - ok 15:03:37.0995 1548 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 15:03:38.0206 1548 PolicyAgent - ok 15:03:38.0325 1548 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 15:03:38.0379 1548 PptpMiniport - ok 15:03:38.0524 1548 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 15:03:38.0582 1548 Processor - ok 15:03:38.0722 1548 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 15:03:38.0828 1548 ProfSvc - ok 15:03:38.0888 1548 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 15:03:38.0925 1548 ProtectedStorage - ok 15:03:38.0978 1548 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 15:03:38.0998 1548 PSched - ok 15:03:39.0059 1548 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 15:03:39.0104 1548 ql2300 - ok 15:03:39.0166 1548 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 15:03:39.0180 1548 ql40xx - ok 15:03:39.0414 1548 QualityManager (938a882b718866e24ca5f71dfc925866) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe 15:03:39.0564 1548 QualityManager - ok 15:03:39.0698 1548 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 15:03:39.0752 1548 QWAVE - ok 15:03:39.0914 1548 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 15:03:39.0927 1548 QWAVEdrv - ok 15:03:40.0032 1548 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys 15:03:40.0160 1548 R300 - ok 15:03:40.0244 1548 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 15:03:40.0288 1548 RasAcd - ok 15:03:40.0321 1548 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 15:03:40.0373 1548 RasAuto - ok 15:03:40.0407 1548 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:03:40.0481 1548 Rasl2tp - ok 15:03:40.0521 1548 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 15:03:40.0578 1548 RasMan - ok 15:03:40.0585 1548 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 15:03:40.0603 1548 RasPppoe - ok 15:03:40.0612 1548 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 15:03:40.0638 1548 RasSstp - ok 15:03:40.0676 1548 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 15:03:40.0700 1548 rdbss - ok 15:03:40.0716 1548 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:03:40.0748 1548 RDPCDD - ok 15:03:40.0784 1548 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 15:03:40.0851 1548 rdpdr - ok 15:03:40.0876 1548 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 15:03:40.0921 1548 RDPENCDD - ok 15:03:40.0960 1548 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys 15:03:41.0015 1548 RDPWD - ok 15:03:41.0082 1548 Remote UI Service (a8430231e1a06828210248c79755bf9c) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe 15:03:41.0110 1548 Remote UI Service - ok 15:03:41.0166 1548 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 15:03:41.0228 1548 RemoteAccess - ok 15:03:41.0251 1548 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 15:03:41.0274 1548 RemoteRegistry - ok 15:03:41.0312 1548 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files\Cyberlink\Shared files\RichVideo.exe 15:03:41.0332 1548 RichVideo - ok 15:03:41.0343 1548 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 15:03:41.0359 1548 RpcLocator - ok 15:03:41.0408 1548 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 15:03:41.0433 1548 RpcSs - ok 15:03:41.0490 1548 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 15:03:41.0514 1548 rspndr - ok 15:03:41.0537 1548 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 15:03:41.0548 1548 SamSs - ok 15:03:41.0644 1548 SbieDrv (1fbd21895b768cd40e83b86c18e6454f) C:\Program Files\Sandboxie\SbieDrv.sys 15:03:41.0659 1548 SbieDrv - ok 15:03:41.0724 1548 SbieSvc (d5d875d6662f30c7fbf5f6879452b12b) C:\Program Files\Sandboxie\SbieSvc.exe 15:03:41.0737 1548 SbieSvc - ok 15:03:41.0767 1548 sbp2port (37ca203f8ccf732cd272a27e55b268c4) C:\Windows\system32\DRIVERS\sbp2port.sys 15:03:41.0781 1548 sbp2port - ok 15:03:41.0812 1548 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 15:03:41.0885 1548 SCardSvr - ok 15:03:41.0936 1548 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 15:03:41.0998 1548 Schedule - ok 15:03:42.0039 1548 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 15:03:42.0058 1548 SCPolicySvc - ok 15:03:42.0083 1548 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 15:03:42.0117 1548 SDRSVC - ok 15:03:42.0125 1548 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 15:03:42.0186 1548 secdrv - ok 15:03:42.0209 1548 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 15:03:42.0250 1548 seclogon - ok 15:03:42.0282 1548 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll 15:03:42.0364 1548 SENS - ok 15:03:42.0403 1548 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys 15:03:42.0429 1548 Serenum - ok 15:03:42.0485 1548 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys 15:03:42.0516 1548 Serial - ok 15:03:42.0529 1548 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 15:03:42.0552 1548 sermouse - ok 15:03:42.0588 1548 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 15:03:42.0617 1548 SessionEnv - ok 15:03:42.0652 1548 sfdrv01 (aad95fe3e005489c7156fa111f744eaf) C:\Windows\system32\drivers\sfdrv01.sys 15:03:42.0662 1548 sfdrv01 - ok 15:03:42.0682 1548 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys 15:03:42.0749 1548 sffdisk - ok 15:03:42.0766 1548 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 15:03:42.0847 1548 sffp_mmc - ok 15:03:42.0860 1548 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys 15:03:42.0901 1548 sffp_sd - ok 15:03:42.0957 1548 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys 15:03:42.0966 1548 sfhlp02 - ok 15:03:42.0985 1548 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 15:03:43.0031 1548 sfloppy - ok 15:03:43.0065 1548 sfvfs02 (197cef62eb4bc043e1578529fa2b9a48) C:\Windows\system32\drivers\sfvfs02.sys 15:03:43.0090 1548 sfvfs02 - ok 15:03:43.0125 1548 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll 15:03:43.0183 1548 SharedAccess - ok 15:03:43.0251 1548 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 15:03:43.0289 1548 ShellHWDetection - ok 15:03:43.0316 1548 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 15:03:43.0328 1548 SiSRaid2 - ok 15:03:43.0362 1548 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 15:03:43.0375 1548 SiSRaid4 - ok 15:03:43.0483 1548 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe 15:03:43.0505 1548 SkypeUpdate - ok 15:03:43.0752 1548 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 15:03:43.0870 1548 slsvc - ok 15:03:43.0985 1548 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 15:03:44.0029 1548 SLUINotify - ok 15:03:44.0054 1548 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 15:03:44.0090 1548 Smb - ok 15:03:44.0123 1548 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 15:03:44.0141 1548 SNMPTRAP - ok 15:03:44.0584 1548 SNPSTD3 (ec7476151074831fd933f377fcf9ad7f) C:\Windows\system32\DRIVERS\snpstd3.sys 15:03:44.0908 1548 SNPSTD3 ( UnsignedFile.Multi.Generic ) - warning 15:03:44.0908 1548 SNPSTD3 - detected UnsignedFile.Multi.Generic (1) 15:03:44.0971 1548 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 15:03:44.0985 1548 spldr - ok 15:03:45.0013 1548 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 15:03:45.0082 1548 Spooler - ok 15:03:45.0154 1548 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys 15:03:45.0155 1548 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b 15:03:45.0156 1548 sptd ( LockedFile.Multi.Generic ) - warning 15:03:45.0156 1548 sptd - detected LockedFile.Multi.Generic (1) 15:03:45.0217 1548 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 15:03:45.0269 1548 srv - ok 15:03:45.0312 1548 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 15:03:45.0358 1548 srv2 - ok 15:03:45.0369 1548 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 15:03:45.0389 1548 srvnet - ok 15:03:45.0412 1548 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 15:03:45.0439 1548 SSDPSRV - ok 15:03:45.0479 1548 ssmdrv (654dfea96bc82b4acda4f37e5e4a3bbf) C:\Windows\system32\DRIVERS\ssmdrv.sys 15:03:45.0489 1548 ssmdrv - ok 15:03:45.0504 1548 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 15:03:45.0547 1548 SstpSvc - ok 15:03:45.0626 1548 StarWindServiceAE (b1691af4a072cb674d600db16dd7308e) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 15:03:45.0635 1548 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning 15:03:45.0635 1548 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1) 15:03:45.0671 1548 Steam Client Service - ok 15:03:45.0747 1548 Stereo Service (8544a200c40447e465f06e58687428bb) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 15:03:45.0797 1548 Stereo Service - ok 15:03:45.0872 1548 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 15:03:45.0904 1548 stisvc - ok 15:03:45.0936 1548 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 15:03:45.0947 1548 swenum - ok 15:03:45.0981 1548 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 15:03:46.0029 1548 swprv - ok 15:03:46.0055 1548 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 15:03:46.0066 1548 Symc8xx - ok 15:03:46.0088 1548 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 15:03:46.0100 1548 Sym_hi - ok 15:03:46.0122 1548 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 15:03:46.0133 1548 Sym_u3 - ok 15:03:46.0161 1548 SynasUSB (418bd80a7fefaa3fcbd3dcfc021cb294) C:\Windows\system32\drivers\SynasUSB.sys 15:03:46.0167 1548 SynasUSB ( UnsignedFile.Multi.Generic ) - warning 15:03:46.0167 1548 SynasUSB - detected UnsignedFile.Multi.Generic (1) 15:03:46.0217 1548 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 15:03:46.0260 1548 SysMain - ok 15:03:46.0295 1548 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 15:03:46.0335 1548 TabletInputService - ok 15:03:46.0379 1548 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 15:03:46.0408 1548 TapiSrv - ok 15:03:46.0422 1548 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 15:03:46.0448 1548 TBS - ok 15:03:46.0507 1548 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys 15:03:46.0584 1548 Tcpip - ok 15:03:46.0594 1548 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys 15:03:46.0680 1548 Tcpip6 - ok 15:03:46.0734 1548 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 15:03:46.0782 1548 tcpipreg - ok 15:03:46.0796 1548 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 15:03:46.0842 1548 TDPIPE - ok 15:03:46.0867 1548 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 15:03:46.0919 1548 TDTCP - ok 15:03:46.0946 1548 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 15:03:46.0965 1548 tdx - ok 15:03:47.0007 1548 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 15:03:47.0020 1548 TermDD - ok 15:03:47.0079 1548 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 15:03:47.0127 1548 TermService - ok 15:03:47.0174 1548 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 15:03:47.0191 1548 Themes - ok 15:03:47.0214 1548 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 15:03:47.0238 1548 THREADORDER - ok 15:03:47.0269 1548 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 15:03:47.0318 1548 TrkWks - ok 15:03:47.0356 1548 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 15:03:47.0392 1548 TrustedInstaller - ok 15:03:47.0458 1548 TSHWMDTCP (b56368b25a51cebda77e6b20764f07f2) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys 15:03:47.0469 1548 TSHWMDTCP - ok 15:03:47.0487 1548 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:03:47.0520 1548 tssecsrv - ok 15:03:47.0607 1548 TuneUp.UtilitiesSvc (8b78584eb6ad3ce210a59a9d795a87c9) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe 15:03:47.0683 1548 TuneUp.UtilitiesSvc - ok 15:03:47.0709 1548 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys 15:03:47.0721 1548 TuneUpUtilitiesDrv - ok 15:03:47.0801 1548 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 15:03:47.0839 1548 tunmp - ok 15:03:47.0864 1548 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 15:03:47.0895 1548 tunnel - ok 15:03:47.0947 1548 TVECapSvc (dec8acebd9cd1f3dd6f4f3a6308d8b94) C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe 15:03:47.0968 1548 TVECapSvc ( UnsignedFile.Multi.Generic ) - warning 15:03:47.0968 1548 TVECapSvc - detected UnsignedFile.Multi.Generic (1) 15:03:47.0987 1548 TVESched (7a5a6987397f78b1606bdb5c407d3574) C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe 15:03:48.0017 1548 TVESched ( UnsignedFile.Multi.Generic ) - warning 15:03:48.0017 1548 TVESched - detected UnsignedFile.Multi.Generic (1) 15:03:48.0042 1548 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys 15:03:48.0055 1548 uagp35 - ok 15:03:48.0102 1548 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 15:03:48.0136 1548 udfs - ok 15:03:48.0168 1548 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 15:03:48.0217 1548 UI0Detect - ok 15:03:48.0243 1548 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 15:03:48.0255 1548 uliagpkx - ok 15:03:48.0278 1548 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 15:03:48.0299 1548 uliahci - ok 15:03:48.0320 1548 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 15:03:48.0334 1548 UlSata - ok 15:03:48.0362 1548 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 15:03:48.0375 1548 ulsata2 - ok 15:03:48.0511 1548 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 15:03:48.0534 1548 umbus - ok 15:03:48.0566 1548 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 15:03:48.0605 1548 upnphost - ok 15:03:48.0648 1548 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 15:03:48.0712 1548 USBAAPL - ok 15:03:48.0747 1548 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 15:03:48.0767 1548 usbaudio - ok 15:03:48.0792 1548 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 15:03:48.0812 1548 usbccgp - ok 15:03:48.0830 1548 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 15:03:48.0873 1548 usbcir - ok 15:03:48.0940 1548 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 15:03:48.0985 1548 usbehci - ok 15:03:49.0052 1548 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 15:03:49.0105 1548 usbhub - ok 15:03:49.0127 1548 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 15:03:49.0197 1548 usbohci - ok 15:03:49.0255 1548 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 15:03:49.0312 1548 usbprint - ok 15:03:49.0379 1548 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 15:03:49.0430 1548 usbscan - ok 15:03:49.0655 1548 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:03:49.0697 1548 USBSTOR - ok 15:03:49.0764 1548 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 15:03:49.0815 1548 usbuhci - ok 15:03:49.0843 1548 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 15:03:49.0862 1548 UxSms - ok 15:03:49.0904 1548 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 15:03:50.0045 1548 vds - ok 15:03:50.0136 1548 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 15:03:50.0190 1548 vga - ok 15:03:50.0209 1548 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 15:03:50.0254 1548 VgaSave - ok 15:03:50.0329 1548 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 15:03:50.0346 1548 viaagp - ok 15:03:50.0364 1548 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 15:03:50.0428 1548 ViaC7 - ok 15:03:50.0511 1548 viaide (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys 15:03:50.0524 1548 viaide - ok 15:03:50.0547 1548 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 15:03:50.0560 1548 volmgr - ok 15:03:50.0587 1548 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 15:03:50.0611 1548 volmgrx - ok 15:03:50.0663 1548 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 15:03:50.0681 1548 volsnap - ok 15:03:50.0704 1548 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 15:03:50.0718 1548 vsmraid - ok 15:03:50.0852 1548 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 15:03:50.0936 1548 VSS - ok 15:03:51.0046 1548 VX1000 (f4fab0b9d43a65f79fc838c94006f643) C:\Windows\system32\DRIVERS\VX1000.sys 15:03:51.0137 1548 VX1000 - ok 15:03:51.0266 1548 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 15:03:51.0316 1548 W32Time - ok 15:03:51.0340 1548 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 15:03:51.0415 1548 WacomPen - ok 15:03:51.0452 1548 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 15:03:51.0507 1548 Wanarp - ok 15:03:51.0510 1548 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 15:03:51.0529 1548 Wanarpv6 - ok 15:03:51.0566 1548 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 15:03:51.0617 1548 wcncsvc - ok 15:03:51.0654 1548 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 15:03:51.0676 1548 WcsPlugInService - ok 15:03:51.0691 1548 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 15:03:51.0705 1548 Wd - ok 15:03:51.0756 1548 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 15:03:51.0787 1548 Wdf01000 - ok 15:03:51.0817 1548 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 15:03:51.0846 1548 WdiServiceHost - ok 15:03:51.0861 1548 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 15:03:51.0885 1548 WdiSystemHost - ok 15:03:51.0928 1548 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 15:03:51.0953 1548 WebClient - ok 15:03:51.0974 1548 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll 15:03:52.0001 1548 Wecsvc - ok 15:03:52.0030 1548 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 15:03:52.0051 1548 wercplsupport - ok 15:03:52.0087 1548 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 15:03:52.0136 1548 WerSvc - ok 15:03:52.0211 1548 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 15:03:52.0235 1548 WinDefend - ok 15:03:52.0265 1548 WinHttpAutoProxySvc - ok 15:03:52.0361 1548 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 15:03:52.0401 1548 Winmgmt - ok 15:03:52.0526 1548 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll 15:03:52.0576 1548 WinRM - ok 15:03:52.0665 1548 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 15:03:52.0733 1548 Wlansvc - ok 15:03:52.0913 1548 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:03:52.0989 1548 wlidsvc - ok 15:03:53.0139 1548 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys 15:03:53.0204 1548 WmiAcpi - ok 15:03:53.0240 1548 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 15:03:53.0260 1548 wmiApSrv - ok 15:03:53.0333 1548 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 15:03:53.0471 1548 WMPNetworkSvc - ok 15:03:53.0503 1548 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll 15:03:53.0549 1548 WPCSvc - ok 15:03:53.0560 1548 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll 15:03:53.0604 1548 WPDBusEnum - ok 15:03:53.0644 1548 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys 15:03:53.0663 1548 WpdUsb - ok 15:03:53.0787 1548 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 15:03:53.0822 1548 WPFFontCache_v0400 - ok 15:03:53.0848 1548 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 15:03:53.0892 1548 ws2ifsl - ok 15:03:53.0935 1548 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll 15:03:53.0979 1548 wscsvc - ok 15:03:53.0982 1548 WSearch - ok 15:03:54.0094 1548 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll 15:03:54.0184 1548 wuauserv - ok 15:03:54.0266 1548 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:03:54.0291 1548 WUDFRd - ok 15:03:54.0307 1548 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll 15:03:54.0335 1548 wudfsvc - ok 15:03:54.0361 1548 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys 15:03:54.0371 1548 X10Hid - ok 15:03:54.0414 1548 x10nets (5a0c788c5bc5f2c993cb60940adcf95e) C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe 15:03:54.0420 1548 x10nets ( UnsignedFile.Multi.Generic ) - warning 15:03:54.0420 1548 x10nets - detected UnsignedFile.Multi.Generic (1) 15:03:54.0437 1548 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys 15:03:54.0446 1548 XUIF - ok 15:03:54.0469 1548 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 15:03:54.0913 1548 \Device\Harddisk0\DR0 - ok 15:03:54.0927 1548 Boot (0x1200) (f8de6b423739bf5aa48f276007f8a363) \Device\Harddisk0\DR0\Partition0 15:03:54.0928 1548 \Device\Harddisk0\DR0\Partition0 - ok 15:03:54.0931 1548 Boot (0x1200) (acc9ab1335bfedcf4620fef0c91d66d5) \Device\Harddisk0\DR0\Partition1 15:03:54.0932 1548 \Device\Harddisk0\DR0\Partition1 - ok 15:03:54.0932 1548 ============================================================ 15:03:54.0933 1548 Scan finished 15:03:54.0933 1548 ============================================================ 15:03:54.0953 4252 Detected object count: 19 15:03:54.0954 4252 Actual detected object count: 19 15:04:18.0305 4252 atksgt ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0305 4252 atksgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0307 4252 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0307 4252 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0308 4252 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0308 4252 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0310 4252 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0310 4252 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0312 4252 DQLWinService ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0312 4252 DQLWinService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0313 4252 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0313 4252 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0315 4252 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0315 4252 GoogleDesktopManager ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0317 4252 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0317 4252 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0318 4252 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0318 4252 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0319 4252 lirsgt ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0319 4252 lirsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0321 4252 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0321 4252 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0322 4252 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0322 4252 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0323 4252 SNPSTD3 ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0323 4252 SNPSTD3 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0324 4252 sptd ( LockedFile.Multi.Generic ) - skipped by user 15:04:18.0324 4252 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 15:04:18.0325 4252 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0325 4252 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0326 4252 SynasUSB ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0326 4252 SynasUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0327 4252 TVECapSvc ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0327 4252 TVECapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0328 4252 TVESched ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0328 4252 TVESched ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:04:18.0329 4252 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user 15:04:18.0329 4252 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
13.07.2012, 20:04
| #29 |
| /// Malware-holic | AKM Virus blockt den gesamten PC lade den CCleaner standard: CCleaner Download - CCleaner 3.20.1750 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu AKM Virus blockt den gesamten PC |
| abgesicherter, anderes, anleitung, aufsetzten, block, blockt, daraus, daten, einfach, feedback, gesamte, gesamten, großes, leitung, lieber, modus, neu, neu aufsetzten, probiert, problem, schritt, sichern, starte, stehe, system, system neu, virus |
Linear-Darstellung
