| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU Windows Trojaner (100 Euro Ukash)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.07.2012, 12:41
| #1 |
| |  GVU Windows Trojaner (100 Euro Ukash) Hey, ich habe mir gerade wie auch immer diesen Virus eingefangen, der einen dazu auffordert 100 € Ukash an den "Staat" zu zahlen. Aktuell führe ich einen Scan mit Malwarebytes Anti Malware aus. Ist nach dem Löschen der gefundenen Objekte alles wieder in Ordnung oder muss ich ähnlich wie beim Verschlüsselungs-Trojaner vorgehen? MfG Malte Scan: Malwarebytes Anti Malware: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.07.21.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Administrator :: MALTE1-PC [Administrator] 21.07.2012 13:27:09 mbam-log-2012-07-21 (13-27-09).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 662110 Laufzeit: 42 Minute(n), 18 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 1 C:\Users\Malte\AppData\Local\Temp\rool0_pk.exe (Spyware.Zbot.DG) -> Löschen bei Neustart. Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 6 C:\Users\Malte\AppData\Local\Temp\rool0_pk.exe (Spyware.Zbot.DG) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Malte\Downloads\arma_2_free_id622857id.exe (PUP.Adware.MediaGet) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Malte\Downloads\No23Player.exe (Malware.Packer.as) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Malte\Downloads\SoftonicDownloader_fuer_powermenu.exe (PUP.ToolbarDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. D:\mac\NLi3.P.v3.0.0.11\NetLimiter.3.Pro.v3.0.0.11\MPT\netlimiter.pro.MPT-patch.exe (PUP.Hacktool.Patcher) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter OTL logfile created on: 21.07.2012 14:56:12 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Administrator\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 5,93 Gb Available Physical Memory | 74,31% Memory free 15,95 Gb Paging File | 13,49 Gb Available in Paging File | 84,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 73,43 Gb Total Space | 15,05 Gb Free Space | 20,49% Space Free | Partition Type: NTFS Drive D: | 415,00 Gb Total Space | 109,75 Gb Free Space | 26,45% Space Free | Partition Type: NTFS Drive E: | 283,64 Gb Total Space | 114,00 Gb Free Space | 40,19% Space Free | Partition Type: NTFS Computer Name: MALTE1-PC | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Administrator\Downloads\OTL(1).exe (OldTimer Tools) PRC - C:\Users\Administrator\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) PRC - D:\lolplayer\vmware-authd.exe (VMware, Inc.) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - D:\xampp\apache\bin\httpd.exe (Apache Software Foundation) PRC - D:\xampp\mysql\bin\mysqld.exe () PRC - C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation) PRC - D:\MFC\bratimer.exe () PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe (msi) PRC - C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe () PRC - C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\LOLReplay\LOLUtils.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8036b60a803443f3c61c48b4959f722d\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d89ee849317b4d93ea78842dd78f79c0\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (nlsvc) -- C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software) SRV:64bit: - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe () SRV:64bit: - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) SRV:64bit: - (BTHSSecurityMgr) Intel(R) Centrino(R) Wireless Bluetooth(R) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (bwmservice) -- C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe () SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (HiPatchService) -- D:\Smite\HiPatchService.exe (Hi-Rez Studios) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) SRV - (VMAuthdService) -- D:\lolplayer\vmware-authd.exe (VMware, Inc.) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (Apache2.2) -- D:\xampp\apache\bin\httpd.exe (Apache Software Foundation) SRV - (mysql) -- D:\xampp\mysql\bin\mysqld.exe () SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.) SRV - (FileZilla Server) -- D:\xampp\FileZillaFTP\FileZillaServer.exe (FileZilla Project) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (watchmi) -- C:\Program Files (x86)\watchmi\TvdService.exe () SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) SRV - (BRA_Scheduler) -- D:\MFC\bratimer.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Micro Star SCM) -- C:\Program Files (x86)\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer USA Ltd) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation) DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.) DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.) DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.) DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.) DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (Power Software Ltd) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.) DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (NETwNs64) ___ Intel(R) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (AMPPALP) Intel(R) Centrino(R) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AMPPAL) Intel(R) Centrino(R) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (NLNdisPT) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software) DRV:64bit: - (NLNdisMP) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software) DRV:64bit: - (nltdi) -- C:\Program Files\NetLimiter 3\nltdi.sys (Locktime Software) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys () DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO) DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (spfdrv) -- C:\Windows\SysNative\drivers\spfdrv.sys (SoftPerfect Research) DRV:64bit: - (copperhd) -- C:\Windows\SysNative\drivers\copperhd.sys (Razer (Asia-Pacific) Pte Ltd) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF IE - HKCU\..\SearchScopes,DefaultScope = {DD334F60-0E50-47BD-A0F2-C14032340056} IE - HKCU\..\SearchScopes\{DD334F60-0E50-47BD-A0F2-C14032340056}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2012.01.14 16:12:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2012.01.14 16:12:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2012.01.14 16:12:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 22:13:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.29 07:03:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.07.21 13:11:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions [2012.04.25 07:04:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.01.26 22:48:00 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\mozilla firefox\extensions\quickstores@quickstores.de [2012.07.18 22:13:21 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.04.25 07:04:41 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.04.25 07:04:41 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.04.25 07:04:41 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.04.25 07:04:41 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.04.25 07:04:41 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.04.25 07:04:41 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - No CLSID value found. O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found. O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Cinema ProII AP] C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe (Micro-Star Int'l Co., Ltd.) O4 - HKLM..\Run: [Cinema ProII Controler] C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe (msi) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd) O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd) O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {B94C2238-346E-4C5E-9B36-8CC627F35574} Reg Error: Key error. (VMware Remote Console Plug-in 2.5.0.00000) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B54B1121-A89D-4EB0-82EE-04DD861E9F51}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C33D06A3-0973-4B56-AD50-8308F8AB0DCC}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4F27DDE-10CE-46C4-8FF9-0024FE0B754B}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.21 14:07:07 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Skype [2012.07.21 13:25:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes [2012.07.21 13:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.21 13:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.21 13:25:27 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.21 13:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.21 13:12:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Macromedia [2012.07.21 13:12:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Adobe [2012.07.21 13:11:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Mozilla [2012.07.21 13:11:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Mozilla [2012.07.21 13:11:30 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Razer [2012.07.19 19:33:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.07.19 19:19:59 | 001,918,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpipreset [2012.07.18 19:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2012.07.15 11:12:15 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\LOLReplay [2012.07.12 00:32:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.07.12 00:32:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.07.12 00:32:12 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.07.12 00:32:12 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.07.12 00:32:11 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.07.12 00:32:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.07.12 00:32:11 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.07.12 00:32:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.07.12 00:32:10 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.07.12 00:32:10 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.07.12 00:32:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.07.12 00:32:10 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.07.12 00:32:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.07.11 21:53:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.07.11 21:53:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.07.11 21:48:23 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.07.11 21:44:20 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.07.11 21:44:20 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.07.11 13:34:58 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2012.07.08 19:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 3 [2012.07.08 19:23:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime [2012.07.08 18:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios [2012.07.08 18:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios [2012.07.04 20:20:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.07.04 20:20:29 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.07.04 20:20:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2012.07.04 20:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012.07.04 17:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2012.07.04 17:36:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012.07.03 19:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit [2012.07.03 19:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs [2012.07.02 19:58:26 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftsrch.dll [2012.07.02 19:58:26 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftsrch.dll [2012.07.02 19:58:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx041e.dll [2012.07.02 19:58:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx041e.dll [2012.07.02 19:58:26 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftlx0411.dll [2012.07.02 19:58:26 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftlx0411.dll [2012.07.02 19:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage [2012.07.02 19:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tera Term Pro [2012.06.29 19:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSebJ [2012.06.29 19:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSebJ [2012.06.29 17:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack [2012.06.29 17:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinHTTrack [2012.06.29 17:13:03 | 000,000,000 | ---D | C] -- C:\No23Recorder [2012.06.28 20:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWFPlayer [2012.06.28 20:00:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SWFPlayer [2012.06.28 18:52:28 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.06.28 10:26:06 | 000,143,360 | ---- | C] (Razer USA Ltd) -- C:\Windows\SysWow64\rztouchdll.dll [2012.06.28 08:36:06 | 000,437,248 | ---- | C] (Razer USA Ltd) -- C:\Windows\SysWow64\rzdevicedll.dll [2012.06.23 16:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyTweak [2012.06.23 16:58:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyTweak [2012.06.21 19:45:59 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.06.21 19:45:59 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.06.21 19:45:59 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.06.21 19:45:57 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.06.21 19:45:57 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.06.21 19:45:57 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.06.21 19:45:56 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.06.21 19:45:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.21 14:53:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.07.21 14:53:13 | 2129,788,927 | -HS- | M] () -- C:\hiberfil.sys [2012.07.21 14:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.07.21 14:07:05 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.07.21 13:27:15 | 004,503,728 | ---- | M] () -- C:\ProgramData\kp_0loor.pad [2012.07.21 13:25:28 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.21 13:14:14 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.21 13:14:14 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.21 13:11:30 | 001,623,170 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.21 13:11:30 | 000,700,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.21 13:11:30 | 000,655,534 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.21 13:11:30 | 000,149,788 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.21 13:11:30 | 000,122,734 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.19 19:33:27 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.07.15 11:13:45 | 000,002,030 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2012.07.15 11:13:45 | 000,001,938 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk [2012.07.12 14:12:46 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.07.12 14:12:46 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.07.12 07:23:49 | 000,335,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.08 18:36:08 | 000,000,681 | ---- | M] () -- C:\Users\Public\Desktop\Smite Closed Beta.lnk [2012.07.04 20:20:49 | 000,001,987 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2012.07.04 20:20:29 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.07.04 17:37:02 | 000,000,645 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.29 19:47:00 | 000,001,044 | ---- | M] () -- C:\Users\Administrator\Desktop\OpenSebJ.lnk [2012.06.28 10:26:06 | 000,143,360 | ---- | M] (Razer USA Ltd) -- C:\Windows\SysWow64\rztouchdll.dll [2012.06.28 08:36:06 | 000,437,248 | ---- | M] (Razer USA Ltd) -- C:\Windows\SysWow64\rzdevicedll.dll [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.21 13:25:28 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.21 03:01:58 | 004,503,728 | ---- | C] () -- C:\ProgramData\kp_0loor.pad [2012.07.18 19:36:12 | 000,001,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2012.07.08 18:36:08 | 000,000,681 | ---- | C] () -- C:\Users\Public\Desktop\Smite Closed Beta.lnk [2012.07.04 20:20:49 | 000,001,987 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2012.07.04 17:37:02 | 000,000,645 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2012.07.02 19:46:55 | 000,042,496 | ---- | C] () -- C:\Windows\ttuninst.exe [2012.06.29 19:47:00 | 000,001,044 | ---- | C] () -- C:\Users\Administrator\Desktop\OpenSebJ.lnk [2012.06.28 18:52:28 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.15 22:03:35 | 000,962,560 | ---- | C] () -- C:\Windows\tesseract.exe [2012.04.05 08:53:12 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll [2012.03.18 02:05:01 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2012.02.27 01:08:25 | 000,105,620 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2012.01.15 22:16:30 | 001,644,062 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.05.31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll [2011.05.31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll < End of report > |
|
21.07.2012, 22:16
| #2 |
| /// Helfer-Team  | GVU Windows Trojaner (100 Euro Ukash) Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code:
ATTFilter :OTL
PRC - D:\MFC\bratimer.exe ()
PRC - C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe ()
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE - HKCU\..\SearchScopes,DefaultScope = {DD334F60-0E50-47BD-A0F2-C14032340056}
IE - HKCU\..\SearchScopes\{DD334F60-0E50-47BD-A0F2-C14032340056}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
O4 - HKLM..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O16 - DPF: {B94C2238-346E-4C5E-9B36-8CC627F35574} Reg Error: Key error. (VMware Remote Console Plug-in 2.5.0.00000)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O32 - HKLM CDRom: AutoRun - 1
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2012.07.21 14:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.21 13:27:15 | 004,503,728 | ---- | M] () -- C:\ProgramData\kp_0loor.pad
[2012.07.21 03:01:58 | 004,503,728 | ---- | C] () -- C:\ProgramData\kp_0loor.pad
[2012.06.28 18:52:28 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________ |
|
21.07.2012, 22:30
| #3 |
| | GVU Windows Trojaner (100 Euro Ukash) Erstmal Vielen Dank!
__________________Hier ist die log: Code:
ATTFilter All processes killed
========== OTL ==========
Process bratimer.exe killed successfully!
Process bwmsvc.exe killed successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DD334F60-0E50-47BD-A0F2-C14032340056}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD334F60-0E50-47BD-A0F2-C14032340056}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Starting removal of ActiveX control {B94C2238-346E-4C5E-9B36-8CC627F35574}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B94C2238-346E-4C5E-9B36-8CC627F35574}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B94C2238-346E-4C5E-9B36-8CC627F35574}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{B94C2238-346E-4C5E-9B36-8CC627F35574}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B94C2238-346E-4C5E-9B36-8CC627F35574}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon\ deleted successfully.
File move failed. C:\Windows\SysNative\klogon.dll scheduled to be moved on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\Windows\SysWow64\sho53CC.tmp deleted successfully.
C:\Windows\SysWow64\sho6E4A.tmp deleted successfully.
C:\Windows\SysWow64\shoF8B0.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\ProgramData\kp_0loor.pad moved successfully.
File C:\ProgramData\kp_0loor.pad not found.
File C:\Windows\tasks\Adobe Flash Player Updater.job not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Administrator\Downloads\cmd.bat deleted successfully.
C:\Users\Administrator\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 107351390 bytes
->Temporary Internet Files folder emptied: 3329492 bytes
->FireFox cache emptied: 71569159 bytes
->Flash cache emptied: 57193 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Malte
->Temp folder emptied: 493676968 bytes
->Temporary Internet Files folder emptied: 166134225 bytes
->Java cache emptied: 22251515 bytes
->FireFox cache emptied: 239909634 bytes
->Google Chrome cache emptied: 12626830 bytes
->Flash cache emptied: 85607 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 304497152 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 1783737704 bytes
Total Files Cleaned = 3.057,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Malte
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.54.0 log created on 07212012_232611
Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\klogon.dll scheduled to be moved on reboot.
C:\Users\Administrator\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Malte\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\vmware-SYSTEM\vmauthd.log scheduled to be moved on reboot.
C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-2964.log moved successfully.
PendingFileRenameOperations files...
[2010.10.05 21:27:52 | 000,233,656 | ---- | M] (Kaspersky Lab ZAO) C:\Windows\SysNative\klogon.dll : Unable to obtain MD5
File C:\Users\Administrator\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Malte\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
[2012.07.21 23:28:23 | 000,000,000 | ---- | M] () C:\Windows\temp\vmware-SYSTEM\vmauthd.log : Unable to obtain MD5
File C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-2964.log not found!
Registry entries deleted on Reboot...
MfG Malte |
|
21.07.2012, 22:33
| #4 |
| /// Helfer-Team | GVU Windows Trojaner (100 Euro Ukash) Sehr gut!  Wie laeuft der Rechner? 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.danach: Downloade Dir bitte AdwCleaner auf deinen Desktop.
|
|
22.07.2012, 12:26
| #5 |
| | GVU Windows Trojaner (100 Euro Ukash) sooo der mbam scan sieht schon mal gut aus: Code:
ATTFilter Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.21.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Malte :: MALTE1-PC [administrator] 22.07.2012 12:39:43 mbam-log-2012-07-22 (12-39-43).txt Scan type: Full scan (C:\|D:\|E:\|Q:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 629741 Time elapsed: 36 minute(s), 1 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v1.703 - Logfile created 07/22/2012 at 13:26:05
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Malte - MALTE1-PC
# Running from : C:\Users\Malte\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Users\Malte\AppData\Local\Linkury
Folder Found : C:\Users\Malte\AppData\Local\Smartbar
Folder Found : C:\Users\Malte\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Malte\AppData\Roaming\QuickStoresToolbar
Folder Found : C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\ConduitCommon
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Program Files\Babylon
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Found : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
File Found : C:\Users\Malte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Found : C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
File Found : C:\Users\Public\Desktop\eBay.lnk
***** [Registry] *****
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Key Found : HKLM\SOFTWARE\DT Soft
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
[x64] Key Found : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
[x64] Key Found : HKLM\SOFTWARE\Tarma Installer
***** [Registre - GUID] *****
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.linkury.com/newtab.html
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
-\\ Mozilla Firefox v14.0.1 (de)
Profile name : default
File : C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\prefs.js
Found : user_pref("CT2682599..clientLogIsEnabled", false);
Found : user_pref("CT2682599..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2682599..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2682599.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2682599.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2682599.BrowserCompStateIsOpen_1000515", true);
Found : user_pref("CT2682599.CT2682599", "CT2682599");
Found : user_pref("CT2682599.CurrentServerDate", "22-7-2012");
Found : user_pref("CT2682599.DSInstall", false);
Found : user_pref("CT2682599.DialogsAlignMode", "LTR");
Found : user_pref("CT2682599.DialogsGetterLastCheckTime", "Thu Jul 19 2012 14:53:15 GMT+0200");
Found : user_pref("CT2682599.DownloadReferralCookieData", "");
Found : user_pref("CT2682599.EnableClickToSearchBox", false);
Found : user_pref("CT2682599.EnableSearchHistory", false);
Found : user_pref("CT2682599.EnableSearchSuggest", false);
Found : user_pref("CT2682599.FirstServerDate", "24-4-2012");
Found : user_pref("CT2682599.FirstTime", true);
Found : user_pref("CT2682599.FirstTimeFF3", true);
Found : user_pref("CT2682599.FixPageNotFoundErrors", false);
Found : user_pref("CT2682599.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2682599.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2682599.HPInstall", false);
Found : user_pref("CT2682599.HasUserGlobalKeys", true);
Found : user_pref("CT2682599.HomePageProtectorEnabled", false);
Found : user_pref("CT2682599.HomepageBeforeUnload", "hxxp://www.google.de/");
Found : user_pref("CT2682599.Initialize", true);
Found : user_pref("CT2682599.InitializeCommonPrefs", true);
Found : user_pref("CT2682599.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2682599.InstallationType", "Unknown");
Found : user_pref("CT2682599.InstalledDate", "Tue Apr 24 2012 11:18:12 GMT+0200");
Found : user_pref("CT2682599.IsAlertDBUpdated", true);
Found : user_pref("CT2682599.IsGrouping", false);
Found : user_pref("CT2682599.IsInitSetupIni", true);
Found : user_pref("CT2682599.IsMulticommunity", false);
Found : user_pref("CT2682599.IsOpenThankYouPage", true);
Found : user_pref("CT2682599.IsOpenUninstallPage", true);
Found : user_pref("CT2682599.IsProtectorsInit", true);
Found : user_pref("CT2682599.LanguagePackLastCheckTime", "Sat Jul 21 2012 22:59:40 GMT+0200");
Found : user_pref("CT2682599.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2682599.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2682599.LastLogin_3.12.0.8", "Wed Apr 25 2012 21:50:48 GMT+0200");
Found : user_pref("CT2682599.LastLogin_3.12.2.3", "Wed May 30 2012 15:43:18 GMT+0200");
Found : user_pref("CT2682599.LastLogin_3.13.0.6", "Sun Jul 15 2012 23:12:58 GMT+0200");
Found : user_pref("CT2682599.LastLogin_3.14.1.0", "Sun Jul 22 2012 12:07:06 GMT+0200");
Found : user_pref("CT2682599.LatestVersion", "3.13.0.6");
Found : user_pref("CT2682599.Locale", "de");
Found : user_pref("CT2682599.MCDetectTooltipHeight", "83");
Found : user_pref("CT2682599.MCDetectTooltipShow", false);
Found : user_pref("CT2682599.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2682599.MCDetectTooltipWidth", "295");
Found : user_pref("CT2682599.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2682599.OriginalFirstVersion", "3.12.0.8");
Found : user_pref("CT2682599.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2682599.SearchBackToDefaultEngine", false);
Found : user_pref("CT2682599.SearchCaption", "InnoGames Customized Web Search");
Found : user_pref("CT2682599.SearchEngineBeforeUnload", "Linkury Smartbar Search");
Found : user_pref("CT2682599.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2682599.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT268[...]
Found : user_pref("CT2682599.SearchInNewTabEnabled", true);
Found : user_pref("CT2682599.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2682599.SearchInNewTabLastCheckTime", "Sat Jul 21 2012 21:57:37 GMT+0200");
Found : user_pref("CT2682599.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2682599.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2682599.SearchProtectorEnabled", false);
Found : user_pref("CT2682599.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2682599.SendProtectorDataViaLogin", true);
Found : user_pref("CT2682599.ServiceMapLastCheckTime", "Sat Jul 21 2012 21:57:38 GMT+0200");
Found : user_pref("CT2682599.SettingsLastCheckTime", "Sun Jul 22 2012 12:07:06 GMT+0200");
Found : user_pref("CT2682599.SettingsLastUpdate", "1340789948");
Found : user_pref("CT2682599.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2682599&SearchSource=13");
Found : user_pref("CT2682599.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2682599.ThirdPartyComponentsLastCheck", "Tue Apr 24 2012 11:18:11 GMT+0200");
Found : user_pref("CT2682599.ThirdPartyComponentsLastUpdate", "1255344657");
Found : user_pref("CT2682599.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2682599.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2682599");
Found : user_pref("CT2682599.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2682599.UserID", "UN53488344374307291");
Found : user_pref("CT2682599.ValidationData_Toolbar", 2);
Found : user_pref("CT2682599.alertChannelId", "1075026");
Found : user_pref("CT2682599.approveUntrustedApps", false);
Found : user_pref("CT2682599.backendstorage.activetoolbar", "737461656D6D65");
Found : user_pref("CT2682599.backendstorage.facebook_mode", "32");
Found : user_pref("CT2682599.backendstorage.facebook_user_locale", "6465");
Found : user_pref("CT2682599.backendstorage.staemme_token_de", "62373430653565316234396531383435396433376236[...]
Found : user_pref("CT2682599.backendstorage.staemme_username_de", "62574A6864584E69");
Found : user_pref("CT2682599.backendstorage.staemme_village_de81", "3438313735");
Found : user_pref("CT2682599.backendstorage.toolbar_market", "6465");
Found : user_pref("CT2682599.backendstorage.toolbarurl", "687474703A2F2F746F6F6C6261722E696E6E6F67616D65732E[...]
Found : user_pref("CT2682599.components.1000515", false);
Found : user_pref("CT2682599.components.129258349557489521", false);
Found : user_pref("CT2682599.components.129259153115384710", false);
Found : user_pref("CT2682599.components.129318728006556308", false);
Found : user_pref("CT2682599.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2682599.globalFirstTimeInfoLastCheckTime", "Fri May 04 2012 13:21:36 GMT+0200");
Found : user_pref("CT2682599.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2682599.initDone", true);
Found : user_pref("CT2682599.isAppTrackingManagerOn", true);
Found : user_pref("CT2682599.myStuffEnabled", true);
Found : user_pref("CT2682599.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2682599.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2682599.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2682599.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2682599.navigateToUrlOnSearch", false);
Found : user_pref("CT2682599.oldAppsList", "129219291115718928,129219291115718929,111,129318728006556308,129[...]
Found : user_pref("CT2682599.revertSettingsEnabled", true);
Found : user_pref("CT2682599.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2682599.searchProtectorEnableByLogin", true);
Found : user_pref("CT2682599.testingCtid", "");
Found : user_pref("CT2682599.toolbarAppMetaDataLastCheckTime", "Sat Jul 21 2012 22:59:40 GMT+0200");
Found : user_pref("CT2682599.toolbarContextMenuLastCheckTime", "Tue Apr 24 2012 11:18:12 GMT+0200");
Found : user_pref("CT2682599.usageEnabled", false);
Found : user_pref("CT2682599.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2682599/CT2682599[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1075026/1070730/DE", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2682599", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2682599",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"e3d[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Malte\\AppData\\Roaming\\Mozilla\\F[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://cloud-search.linkury.com/results.[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2682599");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2682599");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2682599");
Found : user_pref("CommunityToolbar.globalUserId", "38ba07f8-4643-4f11-8a18-ba9df0592b6e");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue May 01 2012 12:38:3[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Apr 24 2012 11:18:21 GMT+020[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon May 07 2012 18:50:53 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "31c9e842-d47a-4f71-9f18-63c5ffaa37c7");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.de/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "Linkury Smartbar Search");
Found : user_pref("browser.search.selectedEngine", "Linkury Smartbar Search");
Found : user_pref("quickstores.toolbar.affid", "2017");
Found : user_pref("quickstores.toolbar.guid", "{F555F659-C302-A4C1-AAFD-B73DB97DABEE}");
Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\3o05b0wu.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Malte\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [18657 octets] - [22/07/2012 13:26:05]
########## EOF - C:\AdwCleaner[R1].txt - [18786 octets] ##########
Allerdings werde ich jetzt bei fast jedem Programm, welches ich öffne von der Benutzerkontensteuerung bombadiert wurde die mit dem OTL Skript ganz hoch gesetzt? |
|
22.07.2012, 18:17
| #6 | |
| /// Helfer-Team | GVU Windows Trojaner (100 Euro Ukash) Sehr gut! Zitat:
Kann man runtersetzen, sollte man aber nicht ausschalten!
danach: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html
__________________ --> GVU Windows Trojaner (100 Euro Ukash) |
|
22.07.2012, 20:36
| #7 |
| | GVU Windows Trojaner (100 Euro Ukash) so der adwcleaner: Code:
ATTFilter # AdwCleaner v1.703 - Logfile created 07/22/2012 at 20:21:07
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Malte - MALTE1-PC
# Running from : C:\Users\Malte\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\Malte\AppData\Local\Linkury
Folder Deleted : C:\Users\Malte\AppData\Local\Smartbar
Folder Deleted : C:\Users\Malte\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Malte\AppData\Roaming\QuickStoresToolbar
Folder Deleted : C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\ConduitCommon
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
File Deleted : C:\Users\Malte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Deleted : C:\Users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
***** [Registry] *****
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.BHO
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Key Deleted : HKLM\SOFTWARE\DT Soft
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
[x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
[x64] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.linkury.com/newtab.html --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com --> hxxp://www.google.com
-\\ Mozilla Firefox v14.0.1 (de)
Profile name : default
File : C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\prefs.js
C:\Users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\user.js ... Deleted !
Deleted : user_pref("CT2682599..clientLogIsEnabled", false);
Deleted : user_pref("CT2682599..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2682599..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2682599.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2682599.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2682599.BrowserCompStateIsOpen_1000515", true);
Deleted : user_pref("CT2682599.CT2682599", "CT2682599");
Deleted : user_pref("CT2682599.CurrentServerDate", "22-7-2012");
Deleted : user_pref("CT2682599.DSInstall", false);
Deleted : user_pref("CT2682599.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2682599.DialogsGetterLastCheckTime", "Sun Jul 22 2012 14:53:15 GMT+0200");
Deleted : user_pref("CT2682599.DownloadReferralCookieData", "");
Deleted : user_pref("CT2682599.EnableClickToSearchBox", false);
Deleted : user_pref("CT2682599.EnableSearchHistory", false);
Deleted : user_pref("CT2682599.EnableSearchSuggest", false);
Deleted : user_pref("CT2682599.FirstServerDate", "24-4-2012");
Deleted : user_pref("CT2682599.FirstTime", true);
Deleted : user_pref("CT2682599.FirstTimeFF3", true);
Deleted : user_pref("CT2682599.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2682599.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2682599.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2682599.HPInstall", false);
Deleted : user_pref("CT2682599.HasUserGlobalKeys", true);
Deleted : user_pref("CT2682599.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2682599.HomepageBeforeUnload", "hxxp://www.google.de/");
Deleted : user_pref("CT2682599.Initialize", true);
Deleted : user_pref("CT2682599.InitializeCommonPrefs", true);
Deleted : user_pref("CT2682599.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2682599.InstallationType", "Unknown");
Deleted : user_pref("CT2682599.InstalledDate", "Tue Apr 24 2012 11:18:12 GMT+0200");
Deleted : user_pref("CT2682599.IsAlertDBUpdated", true);
Deleted : user_pref("CT2682599.IsGrouping", false);
Deleted : user_pref("CT2682599.IsInitSetupIni", true);
Deleted : user_pref("CT2682599.IsMulticommunity", false);
Deleted : user_pref("CT2682599.IsOpenThankYouPage", true);
Deleted : user_pref("CT2682599.IsOpenUninstallPage", true);
Deleted : user_pref("CT2682599.IsProtectorsInit", true);
Deleted : user_pref("CT2682599.LanguagePackLastCheckTime", "Sat Jul 21 2012 22:59:40 GMT+0200");
Deleted : user_pref("CT2682599.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2682599.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2682599.LastLogin_3.12.0.8", "Wed Apr 25 2012 21:50:48 GMT+0200");
Deleted : user_pref("CT2682599.LastLogin_3.12.2.3", "Wed May 30 2012 15:43:18 GMT+0200");
Deleted : user_pref("CT2682599.LastLogin_3.13.0.6", "Sun Jul 15 2012 23:12:58 GMT+0200");
Deleted : user_pref("CT2682599.LastLogin_3.14.1.0", "Sun Jul 22 2012 20:07:07 GMT+0200");
Deleted : user_pref("CT2682599.LatestVersion", "3.13.0.6");
Deleted : user_pref("CT2682599.Locale", "de");
Deleted : user_pref("CT2682599.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2682599.MCDetectTooltipShow", false);
Deleted : user_pref("CT2682599.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2682599.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2682599.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2682599.OriginalFirstVersion", "3.12.0.8");
Deleted : user_pref("CT2682599.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2682599.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT2682599.SearchCaption", "InnoGames Customized Web Search");
Deleted : user_pref("CT2682599.SearchEngineBeforeUnload", "Linkury Smartbar Search");
Deleted : user_pref("CT2682599.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2682599.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT268[...]
Deleted : user_pref("CT2682599.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2682599.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2682599.SearchInNewTabLastCheckTime", "Sat Jul 21 2012 21:57:37 GMT+0200");
Deleted : user_pref("CT2682599.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2682599.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2682599.SearchProtectorEnabled", false);
Deleted : user_pref("CT2682599.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2682599.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2682599.ServiceMapLastCheckTime", "Sat Jul 21 2012 21:57:38 GMT+0200");
Deleted : user_pref("CT2682599.SettingsLastCheckTime", "Sun Jul 22 2012 20:00:55 GMT+0200");
Deleted : user_pref("CT2682599.SettingsLastUpdate", "1340789948");
Deleted : user_pref("CT2682599.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2682599&SearchSource=13");
Deleted : user_pref("CT2682599.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2682599.ThirdPartyComponentsLastCheck", "Tue Apr 24 2012 11:18:11 GMT+0200");
Deleted : user_pref("CT2682599.ThirdPartyComponentsLastUpdate", "1255344657");
Deleted : user_pref("CT2682599.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2682599.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2682599");
Deleted : user_pref("CT2682599.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2682599.UserID", "UN53488344374307291");
Deleted : user_pref("CT2682599.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2682599.alertChannelId", "1075026");
Deleted : user_pref("CT2682599.approveUntrustedApps", false);
Deleted : user_pref("CT2682599.backendstorage.activetoolbar", "737461656D6D65");
Deleted : user_pref("CT2682599.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT2682599.backendstorage.facebook_user_locale", "6465");
Deleted : user_pref("CT2682599.backendstorage.staemme_token_de", "62373430653565316234396531383435396433376236[...]
Deleted : user_pref("CT2682599.backendstorage.staemme_username_de", "62574A6864584E69");
Deleted : user_pref("CT2682599.backendstorage.staemme_village_de81", "3438313735");
Deleted : user_pref("CT2682599.backendstorage.toolbar_market", "6465");
Deleted : user_pref("CT2682599.backendstorage.toolbarurl", "687474703A2F2F746F6F6C6261722E696E6E6F67616D65732E[...]
Deleted : user_pref("CT2682599.components.1000515", false);
Deleted : user_pref("CT2682599.components.129258349557489521", false);
Deleted : user_pref("CT2682599.components.129259153115384710", false);
Deleted : user_pref("CT2682599.components.129318728006556308", false);
Deleted : user_pref("CT2682599.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2682599.globalFirstTimeInfoLastCheckTime", "Fri May 04 2012 13:21:36 GMT+0200");
Deleted : user_pref("CT2682599.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2682599.initDone", true);
Deleted : user_pref("CT2682599.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2682599.myStuffEnabled", true);
Deleted : user_pref("CT2682599.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2682599.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2682599.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2682599.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2682599.navigateToUrlOnSearch", false);
Deleted : user_pref("CT2682599.oldAppsList", "129219291115718928,129219291115718929,111,129318728006556308,129[...]
Deleted : user_pref("CT2682599.revertSettingsEnabled", true);
Deleted : user_pref("CT2682599.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2682599.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2682599.testingCtid", "");
Deleted : user_pref("CT2682599.toolbarAppMetaDataLastCheckTime", "Sat Jul 21 2012 22:59:40 GMT+0200");
Deleted : user_pref("CT2682599.toolbarContextMenuLastCheckTime", "Tue Apr 24 2012 11:18:12 GMT+0200");
Deleted : user_pref("CT2682599.usageEnabled", false);
Deleted : user_pref("CT2682599.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2682599/CT2682599[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1075026/1070730/DE", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2682599", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2682599",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"e3d[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Malte\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://cloud-search.linkury.com/results.[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2682599");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2682599");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2682599");
Deleted : user_pref("CommunityToolbar.globalUserId", "38ba07f8-4643-4f11-8a18-ba9df0592b6e");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue May 01 2012 12:38:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Apr 24 2012 11:18:21 GMT+020[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon May 07 2012 18:50:53 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "31c9e842-d47a-4f71-9f18-63c5ffaa37c7");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.de/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Linkury Smartbar Search");
Deleted : user_pref("browser.search.selectedEngine", "Linkury Smartbar Search");
Deleted : user_pref("quickstores.toolbar.affid", "2017");
Deleted : user_pref("quickstores.toolbar.guid", "{F555F659-C302-A4C1-AAFD-B73DB97DABEE}");
Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\3o05b0wu.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v [Unable to get version]
File : C:\Users\Malte\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [18752 octets] - [22/07/2012 13:26:05]
AdwCleaner[S1].txt - [18344 octets] - [22/07/2012 20:21:07]
########## EOF - C:\AdwCleaner[S1].txt - [18473 octets] ##########
Code:
ATTFilter Emsisoft Anti-Malware - Version 6.6
Letztes Update: 22.07.2012 20:56:30
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, E:\, Q:\
Archiv Scan: An
ADS Scan: An
Scan Beginn: 22.07.2012 20:56:43
C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe gefunden: Trojan.Dloader!E1
Key: hkey_classes_root\.vnc gefunden: Trace.Registry.vnc.commoncomponents!E1
Key: hkey_classes_root\vnc.connectioninfo gefunden: Trace.Registry.vnc.commoncomponents!E1
C:\Users\Malte\Downloads\Bildbearbeitung.zip -> Bildbearbeitung.exe gefunden: Backdoor.Win32.Layrui!E2
C:\Users\Malte\Downloads\ShowCDKey(1).zip -> showcdkey.exe gefunden: Application.PWCrack!E2
C:\Users\Malte\Downloads\ShowCDKey.zip -> showcdkey.exe gefunden: Application.PWCrack!E2
C:\Users\Malte\Downloads\ShowCDKey\showcdkey.exe gefunden: Trojan-Spy.Win32.Delf.gr!E1
C:\Users\Malte\AppData\Roaming\.minecraft - Kopie (2)\Minecraft Custom Nickname Loader.exe gefunden: Trojan.SuspectCRC!E2
C:\Users\Malte\AppData\Roaming\.minecraft\MCLauncher.exe gefunden: Trojan-Dropper.Win32.Mudrop!E2
C:\Users\Malte\AppData\Roaming\.minecraft\Minecraft Custom Nickname Loader.exe gefunden: Trojan.SuspectCRC!E2
C:\Program Files (x86)\RealVNC\VNC4\vncconfig.exe gefunden: Riskware.RemoteAdmin.Win32.WinVNC.AMN!E1
C:\Program Files (x86)\RealVNC\VNC4\winvnc4.exe gefunden: Riskware.RemoteAdmin.Win32.WinVNC.AMN!E1
C:\Program Files (x86)\RealVNC\VNC4\vncviewer.exe gefunden: Riskware.RemoteAdmin.Win32.WinVNC.AMN!E1
C:\Program Files (x86)\Hitfaker 0.2b\HitFaker.exe gefunden: Riskware.Hacktool.HitFaker!E2
C:\Program Files (x86)\Cheat Engine 6.1\cheatengine-i386.exe gefunden: Riskware.Win32.HackTool.CheatEngine.AB!E1
D:\bildbearbeitung autoit\bildbearbeitungsprog\Bildbearbeitung.exe gefunden: Backdoor.Win32.Layrui!E2
Gescannt 889577
Gefunden 16
Scan Ende: 22.07.2012 21:30:51
Scan Zeit: 0:34:08
Ich nehme mal an, dass damit alles in Ordnung ist. Vielen Dank für die Hilfe bei dem Virus!! Schon toll dieses Forum  MfG Malte |
|
22.07.2012, 20:44
| #8 |
| /// Helfer-Team | GVU Windows Trojaner (100 Euro Ukash) ja, da ist nichts gefaehrliches bei. Deinstalliere: Emsisoft Anti-Malware ESET Online Scanner Vorbereitung
|
|
23.07.2012, 11:44
| #9 |
| | GVU Windows Trojaner (100 Euro Ukash) Hier die log vom Online Scanner: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=1990418d03b74b4ba2843fa4c1d9a148
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-23 09:24:10
# local_time=2012-07-23 11:24:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1280 16777215 100 0 16484735 16484735 0 0
# compatibility_mode=5893 16776574 100 94 16187632 94659340 0 0
# compatibility_mode=8192 67108863 100 0 34765 34765 0 0
# scanned=431733
# found=0
# cleaned=0
# scan_time=5960
Auch hier scheint alles in Ordnung zu sein |
|
23.07.2012, 17:45
| #10 |
| /// Helfer-Team | GVU Windows Trojaner (100 Euro Ukash) Malware mit Combofix beseitigen Lade Combofix von einem der folgenden Download-Spiegel herunter: BleepingComputer.com - ForoSpyware.com und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig! Beachte die ausführliche Original-Anleitung. Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:
Vorbereitung und wichtige Hinweise
Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen! |
|
24.07.2012, 10:13
| #11 |
| | GVU Windows Trojaner (100 Euro Ukash) Combofix.txt: Code:
ATTFilter ComboFix 12-07-25.02 - Malte 24.07.2012 10:33:22.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8170.6100 [GMT 2:00]
ausgeführt von:: c:\users\Malte\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Malte\AppData\Roaming\mIRC\logs\status.log
c:\users\Public\mbam-setup-1.62.0.1300.exe
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-06-24 bis 2012-07-24 ))))))))))))))))))))))))))))))
.
.
2012-07-24 08:40 . 2012-07-24 08:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-24 08:40 . 2012-07-24 08:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-24 08:40 . 2012-07-24 08:40 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-07-22 18:35 . 2012-07-22 22:04 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2012-07-22 14:43 . 2012-07-22 14:43 -------- d-----w- c:\users\Malte\AppData\Local\ArmA 2 Free
2012-07-22 10:18 . 2012-07-22 10:18 -------- d-----w- c:\users\Malte\AppData\Roaming\Malwarebytes
2012-07-21 21:26 . 2012-07-21 21:26 -------- d-----w- C:\_OTL
2012-07-21 12:07 . 2012-07-21 12:52 -------- d-----w- c:\users\Administrator\AppData\Roaming\Skype
2012-07-21 11:25 . 2012-07-21 11:25 -------- d-----w- c:\users\Administrator\AppData\Roaming\Malwarebytes
2012-07-21 11:25 . 2012-07-21 11:25 -------- d-----w- c:\programdata\Malwarebytes
2012-07-21 11:25 . 2012-07-21 11:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-21 11:25 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-21 11:12 . 2012-07-21 11:12 -------- d-----w- c:\users\Administrator\AppData\Local\Macromedia
2012-07-21 11:11 . 2012-07-21 11:11 -------- d-----w- c:\users\Administrator\AppData\Local\Mozilla
2012-07-21 11:11 . 2012-07-21 11:11 -------- d-----w- c:\users\Administrator\AppData\Local\Razer
2012-07-19 17:19 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpipreset
2012-07-19 17:15 . 2012-07-19 17:34 -------- d-----w- c:\users\Malte\AppData\Local\MediaGet2
2012-07-18 17:56 . 2012-07-18 17:56 -------- d-----w- c:\users\Malte\.thumbnails
2012-07-18 17:36 . 2012-07-18 17:36 -------- d-----w- c:\users\Malte\AppData\Local\fontconfig
2012-07-18 17:36 . 2012-07-22 12:59 -------- d-----w- c:\users\Malte\.gimp-2.8
2012-07-18 17:36 . 2012-07-18 17:36 -------- d-----w- c:\users\Malte\AppData\Local\gegl-0.2
2012-07-18 17:35 . 2012-07-18 17:36 -------- d-----w- c:\program files\GIMP 2
2012-07-11 22:34 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 19:54 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-07-11 19:53 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 19:53 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 19:53 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 19:53 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 19:53 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 19:53 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 19:48 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-11 19:48 . 2012-06-02 05:48 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-11 19:48 . 2012-06-02 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-07-11 19:48 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 19:48 . 2012-06-02 05:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-11 19:48 . 2012-06-02 04:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-07-11 19:48 . 2012-06-02 04:40 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-07-11 19:48 . 2012-06-02 04:39 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-11 19:48 . 2012-06-02 04:34 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-07-11 11:34 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-09 13:03 . 2012-07-09 13:03 -------- d-----w- c:\users\Malte\AppData\Local\Chromium
2012-07-08 17:24 . 2012-07-08 17:24 -------- d-----w- c:\users\Malte\AppData\Local\Locktime
2012-07-08 17:23 . 2012-07-08 17:28 -------- d-----w- c:\program files\NetLimiter 3
2012-07-08 17:23 . 2012-07-08 17:23 -------- d-----w- c:\programdata\Locktime
2012-07-08 16:36 . 2012-07-09 13:02 -------- d-----w- c:\programdata\Hi-Rez Studios
2012-07-04 18:20 . 2012-07-04 18:20 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-07-04 18:20 . 2012-07-04 18:21 -------- d-----w- c:\users\Malte\AppData\Roaming\DAEMON Tools Lite
2012-07-04 18:20 . 2012-07-04 18:20 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-07-04 18:18 . 2012-07-04 18:21 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-07-04 15:37 . 2012-07-04 15:37 -------- d-----w- c:\users\Malte\VirtualBox VMs
2012-07-04 15:37 . 2012-07-08 15:29 -------- d-----w- c:\users\Malte\.VirtualBox
2012-07-04 15:37 . 2012-07-04 15:37 -------- d-----w- c:\users\Malte\AppData\Roaming\NVIDIA
2012-07-04 15:37 . 2012-06-05 14:03 224088 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-07-04 15:36 . 2012-07-04 15:37 -------- dc----w- c:\windows\system32\DRVSTORE
2012-07-04 15:36 . 2012-06-05 14:03 130904 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-07-03 17:38 . 2012-07-03 17:38 -------- d-----w- c:\program files (x86)\SplitMediaLabs
2012-07-03 14:45 . 2012-07-03 14:45 -------- d-----w- c:\program files (x86)\PowerMenu_151
2012-07-02 17:58 . 2012-07-02 17:58 -------- d-----w- c:\users\Malte\AppData\Local\Help
2012-07-02 17:58 . 2009-08-04 17:56 296960 ----a-w- c:\windows\winhlp32.exe
2012-07-02 17:58 . 2009-08-04 17:55 195072 ----a-w- c:\windows\SysWow64\ftsrch.dll
2012-07-02 17:58 . 2009-08-04 17:55 195072 ----a-w- c:\windows\system32\ftsrch.dll
2012-07-02 17:58 . 2009-08-04 17:55 9216 ----a-w- c:\windows\SysWow64\ftlx0411.dll
2012-07-02 17:58 . 2009-08-04 17:55 9216 ----a-w- c:\windows\system32\ftlx0411.dll
2012-07-02 17:58 . 2009-08-04 17:55 10240 ----a-w- c:\windows\SysWow64\ftlx041e.dll
2012-07-02 17:58 . 2009-08-04 17:55 10240 ----a-w- c:\windows\system32\ftlx041e.dll
2012-07-02 17:46 . 1998-03-09 22:00 42496 ----a-w- c:\windows\ttuninst.exe
2012-07-02 16:27 . 2012-07-02 17:46 -------- d-----w- c:\program files (x86)\reconnect
2012-06-29 17:47 . 2012-06-29 17:47 -------- d-----w- c:\program files (x86)\OpenSebJ
2012-06-29 15:36 . 2012-06-29 15:36 -------- d-----w- c:\program files\WinHTTrack
2012-06-29 15:13 . 2012-06-29 15:13 -------- d-----w- C:\No23Recorder
2012-06-28 18:00 . 2012-06-28 18:01 -------- d-----w- c:\program files (x86)\SWFPlayer
2012-06-28 16:53 . 2012-06-28 16:53 -------- d-----w- c:\users\Malte\AppData\Local\Macromedia
2012-06-28 16:52 . 2012-07-12 12:12 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-28 08:26 . 2012-06-28 08:26 143360 ----a-w- c:\windows\SysWow64\rztouchdll.dll
2012-06-28 06:36 . 2012-06-28 06:36 437248 ----a-w- c:\windows\SysWow64\rzdevicedll.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 12:12 . 2011-08-10 19:09 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 22:32 . 2011-07-18 20:31 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-18 02:09 . 2012-06-18 02:09 97792 ----a-w- c:\windows\system32\drivers\rzudd.sys
2012-06-18 01:38 . 2012-06-18 01:38 165888 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
2012-06-05 14:03 . 2012-06-05 14:03 147288 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-06-02 22:19 . 2012-06-21 17:45 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 17:45 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 17:45 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 17:45 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 17:45 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 17:45 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 17:45 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 17:45 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 17:45 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-15 10:48 . 2012-05-28 07:50 8139072 ----a-w- c:\windows\system32\nvcuda.dll
2012-05-15 10:48 . 2012-05-28 07:50 5982528 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-05-15 10:48 . 2012-05-28 07:50 2881856 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-05-15 10:48 . 2012-05-28 07:50 2681664 ----a-w- c:\windows\system32\nvcuvid.dll
2012-05-15 10:48 . 2012-05-28 07:50 25743168 ----a-w- c:\windows\system32\nvoglv64.dll
2012-05-15 10:48 . 2012-05-28 07:50 2524992 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-05-15 10:48 . 2012-05-28 07:50 25248064 ----a-w- c:\windows\system32\nvcompiler.dll
2012-05-15 10:48 . 2012-05-28 07:50 2445120 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-05-15 10:48 . 2012-05-28 07:50 19607872 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-05-15 10:48 . 2012-05-28 07:50 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-05-15 10:48 . 2012-05-28 07:50 17551680 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-05-15 10:48 . 2012-05-28 07:50 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2012-05-28 07:50 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2012-05-28 07:50 14298944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:48 . 2009-01-01 07:54 2741568 ----a-w- c:\windows\system32\nvapi64.dll
2012-05-15 10:48 . 2009-01-01 07:54 2368832 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-05-15 10:48 . 2009-01-01 07:53 8105280 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-05-15 10:48 . 2009-01-01 07:53 68928 ----a-w- c:\windows\system32\OpenCL.dll
2012-05-15 10:48 . 2009-01-01 07:53 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-05-15 10:48 . 2009-01-01 07:53 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-05-15 10:48 . 2009-01-01 07:53 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-05-15 09:29 . 2011-06-13 01:01 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2011-06-13 02:01 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2011-06-13 01:02 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2011-06-13 01:01 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2011-06-13 01:00 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2011-06-13 01:01 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-04 11:06 . 2012-06-14 07:34 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-14 07:34 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-14 07:34 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-14 07:34 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-30 19:05 . 2012-05-15 18:36 63088 ----a-w- c:\windows\system32\drivers\vmx86.sys
2012-04-30 19:05 . 2012-05-15 18:35 942192 ----a-w- c:\windows\system32\vnetlib64.dll
2012-04-30 19:04 . 2012-05-15 18:35 354416 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe
2012-04-30 19:04 . 2012-05-15 18:35 433264 ----a-w- c:\windows\SysWow64\vmnat.exe
2012-04-30 19:04 . 2012-05-15 18:35 32880 ----a-w- c:\windows\system32\drivers\VMkbd.sys
2012-04-30 19:03 . 2012-05-15 18:35 30320 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2012-04-30 16:26 . 2012-04-30 16:26 252016 ----a-w- c:\windows\SysWow64\vmnc.dll
2012-04-30 15:22 . 2012-04-30 15:22 62064 ----a-w- c:\windows\system32\vmnetbridge.dll
2012-04-30 15:22 . 2012-04-30 15:22 48752 ----a-w- c:\windows\system32\vnetinst.dll
2012-04-30 15:22 . 2012-04-30 15:22 45680 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
2012-04-30 15:22 . 2012-04-30 15:22 24176 ----a-w- c:\windows\system32\drivers\vmnet.sys
2012-04-30 15:22 . 2012-04-30 15:22 20080 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
2012-04-28 03:55 . 2012-06-14 07:34 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-14 07:34 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-14 07:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-14 07:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files (x86)\ICQ7.7\ICQ.exe" [2012-01-14 127040]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"NetLimiter"="c:\program files\NetLimiter 3\NLClientApp.exe" [2012-07-08 2910208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-02-03 506712]
"MGSysCtrl"="c:\program files (x86)\System Control Manager\MGSysCtrl.exe" [2011-06-29 2482176]
"Cinema ProII AP"="c:\program files (x86)\MSI\Cinema ProII\CinemaProII.exe" [2011-01-25 200192]
"Cinema ProII Controler"="c:\program files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe" [2010-06-25 1689600]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2010-03-03 171104]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-11-15 312376]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2012-07-01 314280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\users\Malte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Gerade.au3 [2012-7-14 114]
mousometer.exe - Verknüpfung.lnk - c:\users\Malte\Downloads\mousometer.exe [2012-3-18 140288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
LOLRecorder.lnk - c:\program files (x86)\LOLReplay\LOLRecorder.exe [2012-7-14 517632]
watchmi tray.lnk - c:\windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe [2012-1-14 300416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\sbhook.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 BRA_Scheduler;Brother BRAdminPro Scheduler;d:\mfc\bratimer.exe [2010-09-15 65536]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-14 327168]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 copperhd;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2009-11-10 14336]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [2011-03-21 33416]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2010-09-23 129008]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 116336]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-04 283200]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11864]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 27736]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [2011-03-21 88200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 Apache2.2;Apache2.2;d:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-29 846448]
S2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe [2010-12-06 62464]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [2011-03-21 33416]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2011-04-13 87552]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2011-04-13 207872]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys [2012-06-18 97792]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-21 12632168]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-13 2264168]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1\x64\sbhook64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Malte\AppData\Roaming\Mozilla\Firefox\Profiles\r9iwx3n4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - (no file)
Wow6432Node-HKCU-Run-Steam - c:\program files (x86)\Steam\Steam.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ANNO 1602 Königs-Edition - c:\windows\IsUn0407.exe
AddRemove-BattlEye A2 Free - d:\arma2 free\Bohemia InteractiveBattlEye\UnInstallBE.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-24 10:55:13
ComboFix-quarantined-files.txt 2012-07-24 08:55
.
Vor Suchlauf: 10 Verzeichnis(se), 20.374.511.616 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 20.160.978.944 Bytes frei
.
- - End Of File - - 8602DA51A4E0A0F899C61C69F012465A
Add-Remove programs.txt Code:
ATTFilter Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) MUI Allods Online 3.0.00.50 Amnesia - The Dark Descent ANNO 1602 Königs-Edition ArmA 2 Free Uninstall AutoIt v3.3.8.1 Bandisoft MPEG-1 Decoder BattlEye (A2Free) Uninstall BRAdmin Professional 3 Cheat Engine 6.1 Cinema ProII Setup Combat Arms EU Contrôle ActiveX Windows Live Mesh pour connexions à distance Control ActiveX de Windows Live Mesh para conexiones remotas Controlo ActiveX do Windows Live Mesh para Ligações Remotas Counter-Strike: Source CyberLink LabelPrint CyberLink Power2Go CyberLink PowerDVD Copy CyberLink PowerRecover CyberLink YouCam D3DX10 DAEMON Tools Lite Diablo III Diablo III Beta Dolby Advanced Audio v2 EVEREST Home Edition v2.20 Fiesta Online(EU_German) 1.04.000 Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galería fotográfica de Windows Live GamersFirst LIVE! Handball-Simulator: European Tournament 2010 Hex-Editor MX Hi-Rez Studios Authenticate and Update Service ICQ 7.7 Build #6547 Banner Remover 1.0 ICQ Sparberater ICQ7.7 Intel PROSet Wireless Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel(R) Solid-State Drive Toolbox Internet-TV für Windows Media Center Java Auto Updater Java(TM) 6 Update 31 JDownloader 0.9 Junk Mail filter update Kaspersky Internet Security 2011 KeyTweak - Keyboard Remapper (remove only) Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave LOLReplay Malwarebytes Anti-Malware Version 1.62.0.1300 Medion Home Cinema Mesh Runtime Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office 2010 Microsoft Office Klick-und-Los 2010 Microsoft Office Starter 2010 - Deutsch Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MinecraftAlpha Mozilla Firefox 14.0.1 (x86 de) Mozilla Maintenance Service Mozilla Thunderbird 14.0 (x86 de) MSVCRT MSVCRT_amd64 Naga Firmware Updater 1.13 Nexon Game Manager Notepad++ NVIDIA PhysX OpenAL OpenOffice.org 3.4 OpenSebJ Beta v0.43 Pando Media Booster Poczta uslugi Windows Live Podstawowe programy Windows Live Pokemon Online 1.0.53 PokerStars Pošta Windows Live PowerISO Raccolta foto di Windows Live Rapture3D 2.3.26 Game Razer Synapse 2.0 Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Realtek USB 2.0 Reader Driver Renesas Electronics USB 3.0 Host Controller Driver Revo Uninstaller 1.93 S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) ShiftWindow 1.02 Skype™ 5.10 Smartp1ck Smite Closed Beta SpeedFan (remove only) Spelling Dictionaries Support For Adobe Reader X Star Wars: The Old Republic StarCraft II Steam SWFPlayer 2.6.2.0 System Control Manager T4E Player TeamViewer 7 Tera Term Pro Universal Extractor 1.6.1 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Versandhelfer Vindictus EU VirtualDJ Home FREE VLC media player 2.0.0 VMware Player VMware Remote Console Plug-in VNC Free Edition 4.1.3 watchmi WinBMA Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Fotogalerie Windows Live Fotograf Galerisi Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Center Add-in for Silverlight World of Warcraft XAMPP 1.7.7 XSplit |
|
25.07.2012, 00:27
| #12 |
| /// Helfer-Team | GVU Windows Trojaner (100 Euro Ukash) TDSSKiller von Kaspersky - Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.Hier findest Du eine ausführlichere TDSSKiller Anleitung. |
|
26.07.2012, 10:41
| #13 |
| | GVU Windows Trojaner (100 Euro Ukash) TDSSKiller: Code:
ATTFilter 11:36:44.0421 7376 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
11:36:44.0731 7376 ============================================================
11:36:44.0731 7376 Current date / time: 2012/07/26 11:36:44.0731
11:36:44.0731 7376 SystemInfo:
11:36:44.0731 7376
11:36:44.0731 7376 OS Version: 6.1.7601 ServicePack: 1.0
11:36:44.0732 7376 Product type: Workstation
11:36:44.0732 7376 ComputerName: MALTE1-PC
11:36:44.0732 7376 UserName: Malte
11:36:44.0732 7376 Windows directory: C:\Windows
11:36:44.0732 7376 System windows directory: C:\Windows
11:36:44.0732 7376 Running under WOW64
11:36:44.0732 7376 Processor architecture: Intel x64
11:36:44.0732 7376 Number of processors: 8
11:36:44.0732 7376 Page size: 0x1000
11:36:44.0732 7376 Boot type: Normal boot
11:36:44.0732 7376 ============================================================
11:36:45.0207 7376 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:45.0489 7376 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:36:45.0505 7376 ============================================================
11:36:45.0505 7376 \Device\Harddisk0\DR0:
11:36:45.0506 7376 MBR partitions:
11:36:45.0506 7376 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:36:45.0506 7376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x92DC800
11:36:45.0506 7376 \Device\Harddisk1\DR1:
11:36:45.0506 7376 MBR partitions:
11:36:45.0506 7376 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x33E00000
11:36:45.0507 7376 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x33E00800, BlocksNum 0x237456F0
11:36:45.0507 7376 ============================================================
11:36:45.0508 7376 C: <-> \Device\Harddisk0\DR0\Partition1
11:36:45.0535 7376 D: <-> \Device\Harddisk1\DR1\Partition0
11:36:45.0573 7376 E: <-> \Device\Harddisk1\DR1\Partition1
11:36:45.0573 7376 ============================================================
11:36:45.0573 7376 Initialize success
11:36:45.0573 7376 ============================================================
11:36:59.0537 1564 ============================================================
11:36:59.0537 1564 Scan started
11:36:59.0537 1564 Mode: Manual;
11:36:59.0537 1564 ============================================================
11:36:59.0677 1564 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:36:59.0679 1564 1394ohci - ok
11:36:59.0692 1564 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:36:59.0695 1564 ACPI - ok
11:36:59.0699 1564 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:36:59.0700 1564 AcpiPmi - ok
11:36:59.0715 1564 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:36:59.0716 1564 AdobeARMservice - ok
11:36:59.0747 1564 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:36:59.0751 1564 AdobeFlashPlayerUpdateSvc - ok
11:36:59.0773 1564 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:36:59.0779 1564 adp94xx - ok
11:36:59.0792 1564 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:36:59.0796 1564 adpahci - ok
11:36:59.0810 1564 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:36:59.0813 1564 adpu320 - ok
11:36:59.0820 1564 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:36:59.0821 1564 AeLookupSvc - ok
11:36:59.0839 1564 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:36:59.0846 1564 AFD - ok
11:36:59.0852 1564 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:36:59.0854 1564 agp440 - ok
11:36:59.0859 1564 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:36:59.0861 1564 ALG - ok
11:36:59.0865 1564 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:36:59.0866 1564 aliide - ok
11:36:59.0869 1564 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:36:59.0871 1564 amdide - ok
11:36:59.0877 1564 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:36:59.0879 1564 AmdK8 - ok
11:36:59.0884 1564 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:36:59.0886 1564 AmdPPM - ok
11:36:59.0892 1564 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:36:59.0894 1564 amdsata - ok
11:36:59.0909 1564 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:36:59.0912 1564 amdsbs - ok
11:36:59.0916 1564 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:36:59.0916 1564 amdxata - ok
11:36:59.0930 1564 AMPPAL (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys
11:36:59.0935 1564 AMPPAL - ok
11:36:59.0943 1564 AMPPALP (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys
11:36:59.0947 1564 AMPPALP - ok
11:36:59.0992 1564 AMPPALR3 (83a0e7ba4ae616d3654e700d9c5ff9db) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:37:00.0006 1564 AMPPALR3 - ok
11:37:00.0343 1564 Apache2.2 (f41e453a90ef19217cee1675f5256ee7) D:\xampp\apache\bin\httpd.exe
11:37:00.0344 1564 Apache2.2 - ok
11:37:00.0379 1564 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:37:00.0382 1564 AppID - ok
11:37:00.0390 1564 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:37:00.0393 1564 AppIDSvc - ok
11:37:00.0402 1564 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:37:00.0405 1564 Appinfo - ok
11:37:00.0419 1564 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:37:00.0422 1564 arc - ok
11:37:00.0433 1564 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:37:00.0435 1564 arcsas - ok
11:37:00.0452 1564 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:37:00.0458 1564 aspnet_state - ok
11:37:00.0463 1564 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:37:00.0464 1564 AsyncMac - ok
11:37:00.0470 1564 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:37:00.0472 1564 atapi - ok
11:37:00.0499 1564 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:37:00.0509 1564 AudioEndpointBuilder - ok
11:37:00.0517 1564 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:37:00.0523 1564 AudioSrv - ok
11:37:00.0550 1564 AVP (b2b3fcba37671c853879df7dde8a839a) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
11:37:00.0555 1564 AVP - ok
11:37:00.0565 1564 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:37:00.0567 1564 AxInstSV - ok
11:37:00.0588 1564 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:37:00.0594 1564 b06bdrv - ok
11:37:00.0607 1564 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:37:00.0611 1564 b57nd60a - ok
11:37:00.0619 1564 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:37:00.0622 1564 BDESVC - ok
11:37:00.0625 1564 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:37:00.0626 1564 Beep - ok
11:37:00.0652 1564 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:37:00.0661 1564 BFE - ok
11:37:00.0693 1564 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
11:37:00.0705 1564 BITS - ok
11:37:00.0716 1564 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:37:00.0718 1564 blbdrive - ok
11:37:00.0754 1564 Bluetooth Device Monitor (55b0c8441de7d91a819a39d0351154a2) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:37:00.0762 1564 Bluetooth Device Monitor - ok
11:37:00.0810 1564 Bluetooth Media Service (7e262330df0c4be4ece853b59b9cbe4c) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:37:00.0822 1564 Bluetooth Media Service - ok
11:37:00.0852 1564 Bluetooth OBEX Service (8bf4b9956e13871a88a3810074e2e110) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:37:00.0859 1564 Bluetooth OBEX Service - ok
11:37:00.0890 1564 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:37:00.0892 1564 bowser - ok
11:37:00.0947 1564 BRA_Scheduler (05c9416889b03877781712ebb41cafee) D:\MFC\bratimer.exe
11:37:00.0949 1564 BRA_Scheduler - ok
11:37:00.0957 1564 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:37:00.0960 1564 BrFiltLo - ok
11:37:00.0966 1564 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:37:00.0968 1564 BrFiltUp - ok
11:37:00.0978 1564 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:37:00.0981 1564 Bridge - ok
11:37:00.0984 1564 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:37:00.0986 1564 BridgeMP - ok
11:37:00.0996 1564 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:37:00.0999 1564 Browser - ok
11:37:01.0011 1564 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:37:01.0016 1564 Brserid - ok
11:37:01.0026 1564 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:37:01.0028 1564 BrSerWdm - ok
11:37:01.0032 1564 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:37:01.0034 1564 BrUsbMdm - ok
11:37:01.0038 1564 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:37:01.0040 1564 BrUsbSer - ok
11:37:01.0045 1564 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
11:37:01.0047 1564 BthEnum - ok
11:37:01.0054 1564 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:37:01.0056 1564 BTHMODEM - ok
11:37:01.0069 1564 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:37:01.0072 1564 BthPan - ok
11:37:01.0093 1564 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
11:37:01.0101 1564 BTHPORT - ok
11:37:01.0108 1564 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:37:01.0110 1564 bthserv - ok
11:37:01.0119 1564 BTHSSecurityMgr (a5b3e8b2b78c7b3da56a0de490e6718c) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:37:01.0120 1564 BTHSSecurityMgr - ok
11:37:01.0127 1564 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
11:37:01.0130 1564 BTHUSB - ok
11:37:01.0135 1564 btmaux (270fba230e78e25726d065a924589a72) C:\Windows\system32\DRIVERS\btmaux.sys
11:37:01.0137 1564 btmaux - ok
11:37:01.0152 1564 btmhsf (40c6fec49d1cc4d112368a2bcd2bcbb7) C:\Windows\system32\DRIVERS\btmhsf.sys
11:37:01.0157 1564 btmhsf - ok
11:37:01.0192 1564 bwmservice (ea48ac703a9f412a42bfca2fc048b63c) C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe
11:37:01.0198 1564 bwmservice - ok
11:37:01.0201 1564 catchme - ok
11:37:01.0210 1564 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:37:01.0212 1564 cdfs - ok
11:37:01.0221 1564 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:37:01.0224 1564 cdrom - ok
11:37:01.0231 1564 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:37:01.0233 1564 CertPropSvc - ok
11:37:01.0240 1564 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:37:01.0242 1564 circlass - ok
11:37:01.0258 1564 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:37:01.0262 1564 CLFS - ok
11:37:01.0276 1564 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:37:01.0280 1564 clr_optimization_v2.0.50727_32 - ok
11:37:01.0288 1564 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:37:01.0291 1564 clr_optimization_v2.0.50727_64 - ok
11:37:01.0304 1564 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:37:01.0315 1564 clr_optimization_v4.0.30319_32 - ok
11:37:01.0332 1564 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:37:01.0337 1564 clr_optimization_v4.0.30319_64 - ok
11:37:01.0340 1564 clwvd - ok
11:37:01.0347 1564 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:37:01.0348 1564 CmBatt - ok
11:37:01.0353 1564 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:37:01.0354 1564 cmdide - ok
11:37:01.0373 1564 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:37:01.0379 1564 CNG - ok
11:37:01.0385 1564 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:37:01.0385 1564 Compbatt - ok
11:37:01.0390 1564 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:37:01.0392 1564 CompositeBus - ok
11:37:01.0395 1564 COMSysApp - ok
11:37:01.0400 1564 copperhd (44622785d2d2dd8b13e6dc969b6e34a4) C:\Windows\system32\drivers\copperhd.sys
11:37:01.0401 1564 copperhd - ok
11:37:01.0405 1564 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:37:01.0407 1564 crcdisk - ok
11:37:01.0418 1564 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:37:01.0421 1564 CryptSvc - ok
11:37:01.0456 1564 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:37:01.0464 1564 cvhsvc - ok
11:37:01.0486 1564 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:37:01.0494 1564 DcomLaunch - ok
11:37:01.0505 1564 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:37:01.0510 1564 defragsvc - ok
11:37:01.0524 1564 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:37:01.0526 1564 DfsC - ok
11:37:01.0537 1564 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:37:01.0542 1564 Dhcp - ok
11:37:01.0547 1564 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:37:01.0548 1564 discache - ok
11:37:01.0555 1564 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:37:01.0556 1564 Disk - ok
11:37:01.0565 1564 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:37:01.0568 1564 Dnscache - ok
11:37:01.0579 1564 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:37:01.0583 1564 dot3svc - ok
11:37:01.0593 1564 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:37:01.0596 1564 DPS - ok
11:37:01.0599 1564 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:37:01.0601 1564 drmkaud - ok
11:37:01.0616 1564 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:37:01.0618 1564 dtsoftbus01 - ok
11:37:01.0651 1564 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:37:01.0658 1564 DXGKrnl - ok
11:37:01.0663 1564 EagleX64 - ok
11:37:01.0670 1564 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:37:01.0673 1564 EapHost - ok
11:37:01.0793 1564 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:37:01.0830 1564 ebdrv - ok
11:37:01.0855 1564 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:37:01.0856 1564 EFS - ok
11:37:01.0882 1564 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:37:01.0890 1564 ehRecvr - ok
11:37:01.0894 1564 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:37:01.0896 1564 ehSched - ok
11:37:01.0921 1564 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:37:01.0926 1564 elxstor - ok
11:37:01.0929 1564 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:37:01.0931 1564 ErrDev - ok
11:37:01.0946 1564 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:37:01.0951 1564 EventSystem - ok
11:37:02.0014 1564 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:37:02.0028 1564 EvtEng - ok
11:37:02.0060 1564 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:37:02.0063 1564 exfat - ok
11:37:02.0072 1564 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:37:02.0076 1564 fastfat - ok
11:37:02.0104 1564 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:37:02.0114 1564 Fax - ok
11:37:02.0120 1564 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:37:02.0122 1564 fdc - ok
11:37:02.0127 1564 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:37:02.0129 1564 fdPHost - ok
11:37:02.0135 1564 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:37:02.0137 1564 FDResPub - ok
11:37:02.0143 1564 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:37:02.0145 1564 FileInfo - ok
11:37:02.0149 1564 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:37:02.0150 1564 Filetrace - ok
11:37:02.0251 1564 FileZilla Server (bf72c20b44b85fd030aeaa721e35d512) D:\xampp\FileZillaFTP\FileZillaServer.exe
11:37:02.0264 1564 FileZilla Server - ok
11:37:02.0270 1564 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:37:02.0272 1564 flpydisk - ok
11:37:02.0285 1564 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:37:02.0290 1564 FltMgr - ok
11:37:02.0333 1564 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:37:02.0353 1564 FontCache - ok
11:37:02.0360 1564 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:37:02.0362 1564 FontCache3.0.0.0 - ok
11:37:02.0374 1564 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:37:02.0376 1564 FsDepends - ok
11:37:02.0380 1564 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:37:02.0380 1564 Fs_Rec - ok
11:37:02.0390 1564 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:37:02.0392 1564 fvevol - ok
11:37:02.0398 1564 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:37:02.0400 1564 gagp30kx - ok
11:37:02.0425 1564 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:37:02.0434 1564 gpsvc - ok
11:37:02.0440 1564 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
11:37:02.0442 1564 hamachi - ok
11:37:02.0451 1564 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys
11:37:02.0452 1564 hcmon - ok
11:37:02.0458 1564 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:37:02.0459 1564 hcw85cir - ok
11:37:02.0473 1564 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:37:02.0477 1564 HdAudAddService - ok
11:37:02.0485 1564 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:37:02.0487 1564 HDAudBus - ok
11:37:02.0491 1564 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:37:02.0492 1564 HidBatt - ok
11:37:02.0499 1564 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:37:02.0501 1564 HidBth - ok
11:37:02.0505 1564 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:37:02.0507 1564 HidIr - ok
11:37:02.0512 1564 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:37:02.0514 1564 hidserv - ok
11:37:02.0518 1564 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:37:02.0520 1564 HidUsb - ok
11:37:02.0590 1564 HiPatchService (7388756bc5f9fe857c400e340b878af2) D:\Smite\HiPatchService.exe
11:37:02.0591 1564 HiPatchService - ok
11:37:02.0599 1564 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:37:02.0602 1564 hkmsvc - ok
11:37:02.0613 1564 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:37:02.0617 1564 HomeGroupListener - ok
11:37:02.0627 1564 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:37:02.0631 1564 HomeGroupProvider - ok
11:37:02.0638 1564 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:37:02.0640 1564 HpSAMD - ok
11:37:02.0665 1564 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:37:02.0675 1564 HTTP - ok
11:37:02.0679 1564 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:37:02.0680 1564 hwpolicy - ok
11:37:02.0687 1564 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:37:02.0689 1564 i8042prt - ok
11:37:02.0711 1564 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys
11:37:02.0716 1564 iaStor - ok
11:37:02.0725 1564 IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:37:02.0726 1564 IAStorDataMgrSvc - ok
11:37:02.0747 1564 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:37:02.0753 1564 iaStorV - ok
11:37:02.0766 1564 iBtFltCoex (fc47f5cf561bf0fd897efd1a9604dccf) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:37:02.0768 1564 iBtFltCoex - ok
11:37:02.0800 1564 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:37:02.0813 1564 idsvc - ok
11:37:03.0015 1564 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:37:03.0090 1564 igfx - ok
11:37:03.0123 1564 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:37:03.0124 1564 iirsp - ok
11:37:03.0155 1564 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:37:03.0168 1564 IKEEXT - ok
11:37:03.0287 1564 IntcAzAudAddService (98f4e841ea43ed5a442f0dc60cab4326) C:\Windows\system32\drivers\RTKVHD64.sys
11:37:03.0308 1564 IntcAzAudAddService - ok
11:37:03.0337 1564 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:37:03.0338 1564 intelide - ok
11:37:03.0344 1564 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
11:37:03.0345 1564 intelppm - ok
11:37:03.0353 1564 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:37:03.0356 1564 IPBusEnum - ok
11:37:03.0362 1564 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:37:03.0364 1564 IpFilterDriver - ok
11:37:03.0385 1564 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:37:03.0393 1564 iphlpsvc - ok
11:37:03.0400 1564 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:37:03.0402 1564 IPMIDRV - ok
11:37:03.0409 1564 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:37:03.0412 1564 IPNAT - ok
11:37:03.0416 1564 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:37:03.0418 1564 IRENUM - ok
11:37:03.0424 1564 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:37:03.0425 1564 isapnp - ok
11:37:03.0439 1564 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:37:03.0442 1564 iScsiPrt - ok
11:37:03.0447 1564 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:37:03.0448 1564 kbdclass - ok
11:37:03.0452 1564 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:37:03.0453 1564 kbdhid - ok
11:37:03.0459 1564 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:03.0460 1564 KeyIso - ok
11:37:03.0483 1564 KL1 (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
11:37:03.0488 1564 KL1 - ok
11:37:03.0490 1564 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
11:37:03.0491 1564 kl2 - ok
11:37:03.0514 1564 KLIF (c1786c2f8de0f62e076f7ef8dea4e87a) C:\Windows\system32\DRIVERS\klif.sys
11:37:03.0517 1564 KLIF - ok
11:37:03.0522 1564 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
11:37:03.0523 1564 KLIM6 - ok
11:37:03.0527 1564 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
11:37:03.0527 1564 klmouflt - ok
11:37:03.0537 1564 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:37:03.0539 1564 KSecDD - ok
11:37:03.0550 1564 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:37:03.0552 1564 KSecPkg - ok
11:37:03.0556 1564 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:37:03.0557 1564 ksthunk - ok
11:37:03.0569 1564 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:37:03.0574 1564 KtmRm - ok
11:37:03.0584 1564 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
11:37:03.0588 1564 LanmanServer - ok
11:37:03.0595 1564 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:37:03.0598 1564 LanmanWorkstation - ok
11:37:03.0603 1564 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:37:03.0605 1564 lltdio - ok
11:37:03.0620 1564 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:37:03.0624 1564 lltdsvc - ok
11:37:03.0627 1564 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:37:03.0629 1564 lmhosts - ok
11:37:03.0637 1564 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:37:03.0639 1564 LSI_FC - ok
11:37:03.0645 1564 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:37:03.0647 1564 LSI_SAS - ok
11:37:03.0652 1564 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:37:03.0654 1564 LSI_SAS2 - ok
11:37:03.0659 1564 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:37:03.0661 1564 LSI_SCSI - ok
11:37:03.0667 1564 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:37:03.0669 1564 luafv - ok
11:37:03.0676 1564 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:37:03.0678 1564 Mcx2Svc - ok
11:37:03.0682 1564 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:37:03.0683 1564 megasas - ok
11:37:03.0695 1564 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:37:03.0698 1564 MegaSR - ok
11:37:03.0705 1564 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
11:37:03.0705 1564 MEIx64 - ok
11:37:03.0714 1564 Micro Star SCM (71c6748ee8de938532057ef10b4b7e44) C:\Program Files (x86)\System Control Manager\MSIService.exe
11:37:03.0715 1564 Micro Star SCM - ok
11:37:03.0720 1564 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:37:03.0722 1564 MMCSS - ok
11:37:03.0727 1564 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:37:03.0728 1564 Modem - ok
11:37:03.0730 1564 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:37:03.0731 1564 monitor - ok
11:37:03.0740 1564 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:37:03.0741 1564 mouclass - ok
11:37:03.0747 1564 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:37:03.0749 1564 mouhid - ok
11:37:03.0755 1564 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:37:03.0756 1564 mountmgr - ok
11:37:03.0767 1564 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:37:03.0770 1564 MozillaMaintenance - ok
11:37:03.0777 1564 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:37:03.0780 1564 mpio - ok
11:37:03.0785 1564 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:37:03.0786 1564 mpsdrv - ok
11:37:03.0819 1564 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:37:03.0830 1564 MpsSvc - ok
11:37:03.0839 1564 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:37:03.0842 1564 MRxDAV - ok
11:37:03.0852 1564 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:37:03.0854 1564 mrxsmb - ok
11:37:03.0869 1564 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:37:03.0872 1564 mrxsmb10 - ok
11:37:03.0880 1564 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:37:03.0882 1564 mrxsmb20 - ok
11:37:03.0886 1564 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:37:03.0888 1564 msahci - ok
11:37:03.0896 1564 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:37:03.0899 1564 msdsm - ok
11:37:03.0906 1564 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:37:03.0909 1564 MSDTC - ok
11:37:03.0916 1564 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:37:03.0917 1564 Msfs - ok
11:37:03.0920 1564 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:37:03.0921 1564 mshidkmdf - ok
11:37:03.0924 1564 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:37:03.0925 1564 msisadrv - ok
11:37:03.0932 1564 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:37:03.0936 1564 MSiSCSI - ok
11:37:03.0938 1564 msiserver - ok
11:37:03.0942 1564 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:37:03.0944 1564 MSKSSRV - ok
11:37:03.0946 1564 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:37:03.0947 1564 MSPCLOCK - ok
11:37:03.0950 1564 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:37:03.0951 1564 MSPQM - ok
11:37:03.0981 1564 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:37:03.0984 1564 MsRPC - ok
11:37:03.0989 1564 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:37:03.0990 1564 mssmbios - ok
11:37:03.0992 1564 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:37:03.0993 1564 MSTEE - ok
11:37:03.0996 1564 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:37:03.0997 1564 MTConfig - ok
11:37:04.0001 1564 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:37:04.0002 1564 Mup - ok
11:37:04.0071 1564 mysql - ok
11:37:04.0096 1564 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:37:04.0104 1564 MyWiFiDHCPDNS - ok
11:37:04.0129 1564 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:37:04.0140 1564 napagent - ok
11:37:04.0157 1564 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:37:04.0161 1564 NativeWifiP - ok
11:37:04.0191 1564 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:37:04.0200 1564 NDIS - ok
11:37:04.0210 1564 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:37:04.0212 1564 NdisCap - ok
11:37:04.0214 1564 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:37:04.0215 1564 NdisTapi - ok
11:37:04.0219 1564 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:37:04.0221 1564 Ndisuio - ok
11:37:04.0228 1564 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:37:04.0230 1564 NdisWan - ok
11:37:04.0235 1564 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:37:04.0236 1564 NDProxy - ok
11:37:04.0240 1564 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:37:04.0241 1564 NetBIOS - ok
11:37:04.0252 1564 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:37:04.0255 1564 NetBT - ok
11:37:04.0261 1564 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:04.0262 1564 Netlogon - ok
11:37:04.0276 1564 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:37:04.0282 1564 Netman - ok
11:37:04.0299 1564 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:04.0305 1564 NetMsmqActivator - ok
11:37:04.0308 1564 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:04.0309 1564 NetPipeActivator - ok
11:37:04.0327 1564 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:37:04.0335 1564 netprofm - ok
11:37:04.0338 1564 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:04.0340 1564 NetTcpActivator - ok
11:37:04.0343 1564 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:37:04.0345 1564 NetTcpPortSharing - ok
11:37:04.0624 1564 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
11:37:04.0728 1564 NETwNs64 - ok
11:37:04.0759 1564 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:37:04.0761 1564 nfrd960 - ok
11:37:04.0772 1564 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:37:04.0776 1564 NlaSvc - ok
11:37:04.0783 1564 NLNdisMP (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
11:37:04.0784 1564 NLNdisMP - ok
11:37:04.0787 1564 NLNdisPT (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
11:37:04.0788 1564 NLNdisPT - ok
11:37:04.0862 1564 nlsvc (6988373e38223438b09f0c27d7e67393) C:\Program Files\NetLimiter 3\nlsvc.exe
11:37:04.0877 1564 nlsvc - ok
11:37:04.0889 1564 nltdi (75e6581de9a0b155edab6807e668be06) C:\Program Files\NetLimiter 3\nltdi.sys
11:37:04.0890 1564 nltdi - ok
11:37:04.0920 1564 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:37:04.0921 1564 Npfs - ok
11:37:04.0926 1564 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:37:04.0928 1564 nsi - ok
11:37:04.0932 1564 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:37:04.0933 1564 nsiproxy - ok
11:37:04.0997 1564 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:37:05.0017 1564 Ntfs - ok
11:37:05.0046 1564 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:37:05.0047 1564 Null - ok
11:37:05.0053 1564 nusb3hub (01266516e6e88d183a2b58722eeb4443) C:\Windows\system32\drivers\nusb3hub.sys
11:37:05.0055 1564 nusb3hub - ok
11:37:05.0071 1564 nusb3xhc (5ec04f55cc5f165f21752712437df638) C:\Windows\system32\drivers\nusb3xhc.sys
11:37:05.0076 1564 nusb3xhc - ok
11:37:05.0098 1564 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
11:37:05.0100 1564 NVHDA - ok
11:37:05.0552 1564 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:37:05.0611 1564 nvlddmkm - ok
11:37:05.0644 1564 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:37:05.0646 1564 nvraid - ok
11:37:05.0653 1564 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:37:05.0656 1564 nvstor - ok
11:37:05.0692 1564 NVSvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
11:37:05.0697 1564 NVSvc - ok
11:37:05.0741 1564 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:37:05.0753 1564 nvUpdatusService - ok
11:37:05.0787 1564 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:37:05.0789 1564 nv_agp - ok
11:37:05.0794 1564 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:37:05.0795 1564 ohci1394 - ok
11:37:05.0804 1564 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:37:05.0806 1564 ose - ok
11:37:05.0988 1564 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:37:06.0029 1564 osppsvc - ok
11:37:06.0060 1564 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:37:06.0064 1564 p2pimsvc - ok
11:37:06.0080 1564 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:37:06.0087 1564 p2psvc - ok
11:37:06.0108 1564 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:37:06.0111 1564 Parport - ok
11:37:06.0124 1564 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:37:06.0125 1564 partmgr - ok
11:37:06.0134 1564 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:37:06.0138 1564 PcaSvc - ok
11:37:06.0148 1564 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:37:06.0151 1564 pci - ok
11:37:06.0155 1564 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:37:06.0156 1564 pciide - ok
11:37:06.0166 1564 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:37:06.0170 1564 pcmcia - ok
11:37:06.0176 1564 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:37:06.0177 1564 pcw - ok
11:37:06.0199 1564 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:37:06.0207 1564 PEAUTH - ok
11:37:06.0227 1564 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:37:06.0228 1564 PerfHost - ok
11:37:06.0278 1564 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:37:06.0296 1564 pla - ok
11:37:06.0314 1564 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:37:06.0321 1564 PlugPlay - ok
11:37:06.0327 1564 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:37:06.0329 1564 PNRPAutoReg - ok
11:37:06.0343 1564 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:37:06.0347 1564 PNRPsvc - ok
11:37:06.0362 1564 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
11:37:06.0364 1564 Point64 - ok
11:37:06.0383 1564 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:37:06.0390 1564 PolicyAgent - ok
11:37:06.0402 1564 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:37:06.0407 1564 Power - ok
11:37:06.0415 1564 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:37:06.0417 1564 PptpMiniport - ok
11:37:06.0424 1564 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:37:06.0426 1564 Processor - ok
11:37:06.0440 1564 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:37:06.0444 1564 ProfSvc - ok
11:37:06.0451 1564 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:06.0453 1564 ProtectedStorage - ok
11:37:06.0462 1564 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:37:06.0464 1564 Psched - ok
11:37:06.0519 1564 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:37:06.0537 1564 ql2300 - ok
11:37:06.0571 1564 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:37:06.0574 1564 ql40xx - ok
11:37:06.0585 1564 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:37:06.0590 1564 QWAVE - ok
11:37:06.0596 1564 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:37:06.0598 1564 QWAVEdrv - ok
11:37:06.0602 1564 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:37:06.0603 1564 RasAcd - ok
11:37:06.0610 1564 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:37:06.0612 1564 RasAgileVpn - ok
11:37:06.0619 1564 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:37:06.0623 1564 RasAuto - ok
11:37:06.0631 1564 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:37:06.0633 1564 Rasl2tp - ok
11:37:06.0648 1564 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:37:06.0654 1564 RasMan - ok
11:37:06.0662 1564 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:37:06.0664 1564 RasPppoe - ok
11:37:06.0670 1564 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:37:06.0672 1564 RasSstp - ok
11:37:06.0686 1564 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:37:06.0691 1564 rdbss - ok
11:37:06.0696 1564 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:37:06.0698 1564 rdpbus - ok
11:37:06.0702 1564 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:37:06.0703 1564 RDPCDD - ok
11:37:06.0709 1564 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:37:06.0710 1564 RDPENCDD - ok
11:37:06.0715 1564 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:37:06.0716 1564 RDPREFMP - ok
11:37:06.0729 1564 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:37:06.0733 1564 RDPWD - ok
11:37:06.0744 1564 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:37:06.0747 1564 rdyboost - ok
11:37:06.0779 1564 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:37:06.0785 1564 RegSrvc - ok
11:37:06.0794 1564 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:37:06.0796 1564 RemoteAccess - ok
11:37:06.0803 1564 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:37:06.0806 1564 RemoteRegistry - ok
11:37:06.0824 1564 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:37:06.0826 1564 RFCOMM - ok
11:37:06.0832 1564 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:37:06.0835 1564 RpcEptMapper - ok
11:37:06.0837 1564 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:37:06.0839 1564 RpcLocator - ok
11:37:06.0854 1564 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:37:06.0857 1564 RpcSs - ok
11:37:06.0863 1564 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:37:06.0864 1564 rspndr - ok
11:37:06.0878 1564 RSUSBVSTOR (e54a5586a28d0630a79a68bbab84bfcf) C:\Windows\System32\Drivers\RtsUVStor.sys
11:37:06.0880 1564 RSUSBVSTOR - ok
11:37:06.0894 1564 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:37:06.0896 1564 RTL8167 - ok
11:37:06.0922 1564 RTL8192su (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:37:06.0931 1564 RTL8192su - ok
11:37:06.0939 1564 rzudd (a237566b5a53d17d8348334853f11b38) C:\Windows\system32\DRIVERS\rzudd.sys
11:37:06.0942 1564 rzudd - ok
11:37:06.0948 1564 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:06.0949 1564 SamSs - ok
11:37:06.0955 1564 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:37:06.0958 1564 sbp2port - ok
11:37:06.0967 1564 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:37:06.0971 1564 SCardSvr - ok
11:37:06.0989 1564 SCDEmu (3ac948640421e3891a49aa83c6b77b7a) C:\Windows\system32\drivers\SCDEmu.sys
11:37:06.0990 1564 SCDEmu - ok
11:37:06.0995 1564 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:37:06.0996 1564 scfilter - ok
11:37:07.0031 1564 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:37:07.0043 1564 Schedule - ok
11:37:07.0051 1564 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:37:07.0052 1564 SCPolicySvc - ok
11:37:07.0061 1564 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:37:07.0064 1564 SDRSVC - ok
11:37:07.0076 1564 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:37:07.0077 1564 secdrv - ok
11:37:07.0082 1564 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:37:07.0084 1564 seclogon - ok
11:37:07.0090 1564 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:37:07.0093 1564 SENS - ok
11:37:07.0097 1564 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:37:07.0100 1564 SensrSvc - ok
11:37:07.0105 1564 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:37:07.0107 1564 Serenum - ok
11:37:07.0116 1564 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:37:07.0118 1564 Serial - ok
11:37:07.0122 1564 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:37:07.0124 1564 sermouse - ok
11:37:07.0134 1564 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:37:07.0138 1564 SessionEnv - ok
11:37:07.0141 1564 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:37:07.0143 1564 sffdisk - ok
11:37:07.0146 1564 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:37:07.0147 1564 sffp_mmc - ok
11:37:07.0151 1564 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:37:07.0152 1564 sffp_sd - ok
11:37:07.0156 1564 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:37:07.0157 1564 sfloppy - ok
11:37:07.0189 1564 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:37:07.0193 1564 Sftfs - ok
11:37:07.0218 1564 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:37:07.0220 1564 sftlist - ok
11:37:07.0237 1564 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:37:07.0238 1564 Sftplay - ok
11:37:07.0245 1564 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:37:07.0246 1564 Sftredir - ok
11:37:07.0249 1564 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:37:07.0249 1564 Sftvol - ok
11:37:07.0261 1564 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:37:07.0262 1564 sftvsa - ok
11:37:07.0278 1564 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:37:07.0282 1564 SharedAccess - ok
11:37:07.0299 1564 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:37:07.0303 1564 ShellHWDetection - ok
11:37:07.0308 1564 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:37:07.0310 1564 SiSRaid2 - ok
11:37:07.0316 1564 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:37:07.0317 1564 SiSRaid4 - ok
11:37:07.0332 1564 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:37:07.0333 1564 SkypeUpdate - ok
11:37:07.0340 1564 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:37:07.0342 1564 Smb - ok
11:37:07.0347 1564 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:37:07.0349 1564 SNMPTRAP - ok
11:37:07.0370 1564 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
11:37:07.0371 1564 speedfan - ok
11:37:07.0380 1564 spfdrv (6fdc40a0fb834de6b03e596b3734e25a) C:\Windows\system32\DRIVERS\spfdrv.sys
11:37:07.0380 1564 spfdrv - ok
11:37:07.0384 1564 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:37:07.0384 1564 spldr - ok
11:37:07.0403 1564 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:37:07.0407 1564 Spooler - ok
11:37:07.0531 1564 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:37:07.0563 1564 sppsvc - ok
11:37:07.0589 1564 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:37:07.0591 1564 sppuinotify - ok
11:37:07.0615 1564 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:37:07.0619 1564 srv - ok
11:37:07.0642 1564 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:37:07.0647 1564 srv2 - ok
11:37:07.0656 1564 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:37:07.0659 1564 srvnet - ok
11:37:07.0669 1564 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:37:07.0673 1564 SSDPSRV - ok
11:37:07.0679 1564 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:37:07.0682 1564 SstpSvc - ok
11:37:07.0689 1564 Steam Client Service - ok
11:37:07.0696 1564 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:37:07.0698 1564 stexstor - ok
11:37:07.0726 1564 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:37:07.0737 1564 stisvc - ok
11:37:07.0743 1564 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:37:07.0744 1564 swenum - ok
11:37:07.0762 1564 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:37:07.0769 1564 swprv - ok
11:37:07.0818 1564 SynTP (f4db1d9e6a42d491f0f8e21854301c0b) C:\Windows\system32\drivers\SynTP.sys
11:37:07.0831 1564 SynTP - ok
11:37:07.0903 1564 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:37:07.0924 1564 SysMain - ok
11:37:07.0951 1564 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:37:07.0955 1564 TabletInputService - ok
11:37:07.0969 1564 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:37:07.0975 1564 TapiSrv - ok
11:37:07.0982 1564 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:37:07.0985 1564 TBS - ok
11:37:08.0068 1564 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:37:08.0092 1564 Tcpip - ok
11:37:08.0200 1564 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:37:08.0214 1564 TCPIP6 - ok
11:37:08.0247 1564 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:37:08.0248 1564 tcpipreg - ok
11:37:08.0251 1564 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:37:08.0252 1564 TDPIPE - ok
11:37:08.0256 1564 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:37:08.0257 1564 TDTCP - ok
11:37:08.0263 1564 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:37:08.0265 1564 tdx - ok
11:37:08.0393 1564 TeamViewer7 (74fc70ae64a7b7dabec9697ce0a1f4fa) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:37:08.0412 1564 TeamViewer7 - ok
11:37:08.0443 1564 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:37:08.0444 1564 TermDD - ok
11:37:08.0473 1564 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:37:08.0484 1564 TermService - ok
11:37:08.0489 1564 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:37:08.0492 1564 Themes - ok
11:37:08.0498 1564 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:37:08.0500 1564 THREADORDER - ok
11:37:08.0509 1564 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:37:08.0511 1564 TrkWks - ok
11:37:08.0519 1564 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:37:08.0520 1564 TrustedInstaller - ok
11:37:08.0526 1564 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:37:08.0527 1564 tssecsrv - ok
11:37:08.0530 1564 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:37:08.0532 1564 TsUsbFlt - ok
11:37:08.0536 1564 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:37:08.0537 1564 TsUsbGD - ok
11:37:08.0544 1564 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:37:08.0546 1564 tunnel - ok
11:37:08.0550 1564 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:37:08.0552 1564 uagp35 - ok
11:37:08.0564 1564 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:37:08.0567 1564 udfs - ok
11:37:08.0574 1564 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:37:08.0576 1564 UI0Detect - ok
11:37:08.0582 1564 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:37:08.0584 1564 uliagpkx - ok
11:37:08.0590 1564 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:37:08.0591 1564 umbus - ok
11:37:08.0594 1564 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:37:08.0595 1564 UmPass - ok
11:37:08.0609 1564 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:37:08.0614 1564 upnphost - ok
11:37:08.0621 1564 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:37:08.0622 1564 usbccgp - ok
11:37:08.0633 1564 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:37:08.0635 1564 usbcir - ok
11:37:08.0640 1564 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:37:08.0641 1564 usbehci - ok
11:37:08.0656 1564 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
11:37:08.0660 1564 usbhub - ok
11:37:08.0664 1564 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:37:08.0665 1564 usbohci - ok
11:37:08.0669 1564 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:37:08.0670 1564 usbprint - ok
11:37:08.0676 1564 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:37:08.0677 1564 USBSTOR - ok
11:37:08.0682 1564 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:37:08.0684 1564 usbuhci - ok
11:37:08.0693 1564 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:37:08.0696 1564 usbvideo - ok
11:37:08.0701 1564 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:37:08.0703 1564 UxSms - ok
11:37:08.0708 1564 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:37:08.0709 1564 VaultSvc - ok
11:37:08.0725 1564 VBoxDrv (ed492636ee26ec43daa4baa7ef0da7ad) C:\Windows\system32\DRIVERS\VBoxDrv.sys
11:37:08.0726 1564 VBoxDrv - ok
11:37:08.0744 1564 VBoxNetAdp (58e2365e7fd880624f648c63c5d22009) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:37:08.0745 1564 VBoxNetAdp - ok
11:37:08.0756 1564 VBoxUSBMon (99906a079a6c24d4b8b0dbed02b7869b) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
11:37:08.0757 1564 VBoxUSBMon - ok
11:37:08.0764 1564 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:37:08.0765 1564 vdrvroot - ok
11:37:08.0780 1564 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:37:08.0786 1564 vds - ok
11:37:08.0791 1564 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:37:08.0793 1564 vga - ok
11:37:08.0796 1564 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:37:08.0797 1564 VgaSave - ok
11:37:08.0812 1564 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\DRIVERS\vhdmp.sys
11:37:08.0814 1564 vhdmp - ok
11:37:08.0818 1564 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:37:08.0820 1564 viaide - ok
11:37:09.0143 1564 VMAuthdService (94cf2d157c8fd9089afa5da78aa64c65) D:\lolplayer\vmware-authd.exe
11:37:09.0145 1564 VMAuthdService - ok
11:37:09.0165 1564 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys
11:37:09.0168 1564 vmci - ok
11:37:09.0182 1564 vmkbd (0b13268268b3d2c99ba5021593d0f767) C:\Windows\system32\drivers\VMkbd.sys
11:37:09.0184 1564 vmkbd - ok
11:37:09.0193 1564 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:37:09.0194 1564 VMnetAdapter - ok
11:37:09.0205 1564 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:37:09.0207 1564 VMnetBridge - ok
11:37:09.0213 1564 VMnetDHCP - ok
11:37:09.0224 1564 VMnetuserif (518d188f04bc4c6ba0581775b9a5ea90) C:\Windows\system32\drivers\vmnetuserif.sys
11:37:09.0225 1564 VMnetuserif - ok
11:37:09.0275 1564 VMUSBArbService (18903ca7936912c337c9d28858880cf2) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:37:09.0284 1564 VMUSBArbService - ok
11:37:09.0293 1564 VMware NAT Service - ok
11:37:09.0307 1564 vmx86 (baf28a75b00b79dc92702af7acffd3e5) C:\Windows\system32\drivers\vmx86.sys
11:37:09.0308 1564 vmx86 - ok
11:37:09.0314 1564 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:37:09.0316 1564 volmgr - ok
11:37:09.0332 1564 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:37:09.0338 1564 volmgrx - ok
11:37:09.0352 1564 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:37:09.0357 1564 volsnap - ok
11:37:09.0375 1564 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:37:09.0379 1564 vsmraid - ok
11:37:09.0439 1564 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:37:09.0464 1564 VSS - ok
11:37:09.0494 1564 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:37:09.0495 1564 vwifibus - ok
11:37:09.0501 1564 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:37:09.0503 1564 vwififlt - ok
11:37:09.0509 1564 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:37:09.0511 1564 vwifimp - ok
11:37:09.0528 1564 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:37:09.0535 1564 W32Time - ok
11:37:09.0543 1564 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:37:09.0545 1564 WacomPen - ok
11:37:09.0553 1564 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:37:09.0555 1564 WANARP - ok
11:37:09.0558 1564 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:37:09.0559 1564 Wanarpv6 - ok
11:37:09.0574 1564 watchmi (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe
11:37:09.0575 1564 watchmi - ok
11:37:09.0632 1564 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:37:09.0654 1564 wbengine - ok
11:37:09.0683 1564 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:37:09.0687 1564 WbioSrvc - ok
11:37:09.0700 1564 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:37:09.0706 1564 wcncsvc - ok
11:37:09.0711 1564 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:37:09.0713 1564 WcsPlugInService - ok
11:37:09.0724 1564 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:37:09.0726 1564 Wd - ok
11:37:09.0752 1564 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:37:09.0760 1564 Wdf01000 - ok
11:37:09.0768 1564 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:37:09.0771 1564 WdiServiceHost - ok
11:37:09.0774 1564 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:37:09.0777 1564 WdiSystemHost - ok
11:37:09.0789 1564 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:37:09.0794 1564 WebClient - ok
11:37:09.0807 1564 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:37:09.0813 1564 Wecsvc - ok
11:37:09.0820 1564 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:37:09.0823 1564 wercplsupport - ok
11:37:09.0831 1564 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:37:09.0835 1564 WerSvc - ok
11:37:09.0847 1564 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:37:09.0848 1564 WfpLwf - ok
11:37:09.0853 1564 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:37:09.0855 1564 WIMMount - ok
11:37:09.0860 1564 WinDefend - ok
11:37:09.0867 1564 WinHttpAutoProxySvc - ok
11:37:09.0884 1564 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:37:09.0887 1564 Winmgmt - ok
11:37:09.0954 1564 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:37:09.0977 1564 WinRM - ok
11:37:10.0014 1564 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
11:37:10.0016 1564 WinUSB - ok
11:37:10.0042 1564 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:37:10.0051 1564 Wlansvc - ok
11:37:10.0059 1564 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:37:10.0061 1564 wlcrasvc - ok
11:37:10.0121 1564 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:37:10.0131 1564 wlidsvc - ok
11:37:10.0158 1564 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:37:10.0159 1564 WmiAcpi - ok
11:37:10.0174 1564 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:37:10.0177 1564 wmiApSrv - ok
11:37:10.0183 1564 WMPNetworkSvc - ok
11:37:10.0187 1564 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:37:10.0190 1564 WPCSvc - ok
11:37:10.0197 1564 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:37:10.0200 1564 WPDBusEnum - ok
11:37:10.0205 1564 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:37:10.0206 1564 ws2ifsl - ok
11:37:10.0213 1564 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
11:37:10.0216 1564 wscsvc - ok
11:37:10.0219 1564 WSearch - ok
11:37:10.0229 1564 wsvd (82e8f5aa03df7dbdb8a33f700d5d8cda) C:\Windows\system32\DRIVERS\wsvd.sys
11:37:10.0232 1564 wsvd - ok
11:37:10.0334 1564 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:37:10.0363 1564 wuauserv - ok
11:37:10.0400 1564 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:37:10.0403 1564 WudfPf - ok
11:37:10.0419 1564 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:37:10.0423 1564 WUDFRd - ok
11:37:10.0431 1564 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:37:10.0435 1564 wudfsvc - ok
11:37:10.0447 1564 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:37:10.0453 1564 WwanSvc - ok
11:37:10.0469 1564 MBR (0x1B8) (4f8aa8c9692c179b2e9b4211951a7a17) \Device\Harddisk0\DR0
11:37:12.0281 1564 \Device\Harddisk0\DR0 - ok
11:37:12.0568 1564 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
11:37:12.0573 1564 \Device\Harddisk1\DR1 - ok
11:37:12.0579 1564 Boot (0x1200) (e1da271c95f85fff2e544e4bf404d60b) \Device\Harddisk0\DR0\Partition0
11:37:12.0582 1564 \Device\Harddisk0\DR0\Partition0 - ok
11:37:12.0586 1564 Boot (0x1200) (98b28a0c5748267f683ccab02a22c671) \Device\Harddisk0\DR0\Partition1
11:37:12.0588 1564 \Device\Harddisk0\DR0\Partition1 - ok
11:37:12.0594 1564 Boot (0x1200) (98a273af72666909c2c295fd57b39090) \Device\Harddisk1\DR1\Partition0
11:37:12.0596 1564 \Device\Harddisk1\DR1\Partition0 - ok
11:37:12.0616 1564 Boot (0x1200) (2e7c58836535a7fd47b70a467fbff6c4) \Device\Harddisk1\DR1\Partition1
11:37:12.0619 1564 \Device\Harddisk1\DR1\Partition1 - ok
11:37:12.0619 1564 ============================================================
11:37:12.0619 1564 Scan finished
11:37:12.0620 1564 ============================================================
11:37:12.0634 1380 Detected object count: 0
11:37:12.0634 1380 Actual detected object count: 0
11:38:38.0328 3380 ============================================================
11:38:38.0328 3380 Scan started
11:38:38.0328 3380 Mode: Manual;
11:38:38.0328 3380 ============================================================
11:38:38.0438 3380 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:38:38.0439 3380 1394ohci - ok
11:38:38.0452 3380 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:38:38.0453 3380 ACPI - ok
11:38:38.0456 3380 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:38:38.0456 3380 AcpiPmi - ok
11:38:38.0471 3380 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:38:38.0472 3380 AdobeARMservice - ok
11:38:38.0522 3380 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:38:38.0526 3380 AdobeFlashPlayerUpdateSvc - ok
11:38:38.0549 3380 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
11:38:38.0552 3380 adp94xx - ok
11:38:38.0568 3380 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
11:38:38.0570 3380 adpahci - ok
11:38:38.0586 3380 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
11:38:38.0587 3380 adpu320 - ok
11:38:38.0594 3380 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:38:38.0595 3380 AeLookupSvc - ok
11:38:38.0610 3380 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:38:38.0614 3380 AFD - ok
11:38:38.0620 3380 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:38:38.0621 3380 agp440 - ok
11:38:38.0627 3380 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:38:38.0628 3380 ALG - ok
11:38:38.0630 3380 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:38:38.0631 3380 aliide - ok
11:38:38.0633 3380 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:38:38.0633 3380 amdide - ok
11:38:38.0638 3380 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
11:38:38.0638 3380 AmdK8 - ok
11:38:38.0642 3380 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
11:38:38.0643 3380 AmdPPM - ok
11:38:38.0648 3380 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:38:38.0649 3380 amdsata - ok
11:38:38.0656 3380 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
11:38:38.0657 3380 amdsbs - ok
11:38:38.0661 3380 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:38:38.0661 3380 amdxata - ok
11:38:38.0673 3380 AMPPAL (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\AMPPAL.sys
11:38:38.0674 3380 AMPPAL - ok
11:38:38.0677 3380 AMPPALP (9921e78bc29634235f4bf5809e7e8cde) C:\Windows\system32\DRIVERS\amppal.sys
11:38:38.0678 3380 AMPPALP - ok
11:38:38.0713 3380 AMPPALR3 (83a0e7ba4ae616d3654e700d9c5ff9db) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:38:38.0720 3380 AMPPALR3 - ok
11:38:38.0722 3380 Apache2.2 (f41e453a90ef19217cee1675f5256ee7) D:\xampp\apache\bin\httpd.exe
11:38:38.0723 3380 Apache2.2 - ok
11:38:38.0754 3380 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:38:38.0754 3380 AppID - ok
11:38:38.0759 3380 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:38:38.0759 3380 AppIDSvc - ok
11:38:38.0765 3380 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:38:38.0766 3380 Appinfo - ok
11:38:38.0773 3380 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
11:38:38.0774 3380 arc - ok
11:38:38.0780 3380 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
11:38:38.0781 3380 arcsas - ok
11:38:38.0796 3380 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:38:38.0797 3380 aspnet_state - ok
11:38:38.0800 3380 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:38:38.0800 3380 AsyncMac - ok
11:38:38.0804 3380 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:38:38.0804 3380 atapi - ok
11:38:38.0826 3380 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:38:38.0830 3380 AudioEndpointBuilder - ok
11:38:38.0836 3380 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:38:38.0840 3380 AudioSrv - ok
11:38:38.0867 3380 AVP (b2b3fcba37671c853879df7dde8a839a) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
11:38:38.0869 3380 AVP - ok
11:38:38.0877 3380 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:38:38.0879 3380 AxInstSV - ok
11:38:38.0899 3380 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
11:38:38.0902 3380 b06bdrv - ok
11:38:38.0914 3380 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:38:38.0916 3380 b57nd60a - ok
11:38:38.0925 3380 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:38:38.0926 3380 BDESVC - ok
11:38:38.0928 3380 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:38:38.0929 3380 Beep - ok
11:38:38.0953 3380 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:38:38.0957 3380 BFE - ok
11:38:38.0988 3380 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
11:38:38.0995 3380 BITS - ok
11:38:39.0005 3380 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
11:38:39.0006 3380 blbdrive - ok
11:38:39.0037 3380 Bluetooth Device Monitor (55b0c8441de7d91a819a39d0351154a2) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:38:39.0043 3380 Bluetooth Device Monitor - ok
11:38:39.0088 3380 Bluetooth Media Service (7e262330df0c4be4ece853b59b9cbe4c) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:38:39.0097 3380 Bluetooth Media Service - ok
11:38:39.0128 3380 Bluetooth OBEX Service (8bf4b9956e13871a88a3810074e2e110) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:38:39.0133 3380 Bluetooth OBEX Service - ok
11:38:39.0160 3380 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:38:39.0161 3380 bowser - ok
11:38:39.0163 3380 BRA_Scheduler (05c9416889b03877781712ebb41cafee) D:\MFC\bratimer.exe
11:38:39.0164 3380 BRA_Scheduler - ok
11:38:39.0167 3380 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
11:38:39.0168 3380 BrFiltLo - ok
11:38:39.0170 3380 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
11:38:39.0171 3380 BrFiltUp - ok
11:38:39.0178 3380 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:38:39.0179 3380 Bridge - ok
11:38:39.0182 3380 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:38:39.0182 3380 BridgeMP - ok
11:38:39.0190 3380 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:38:39.0191 3380 Browser - ok
11:38:39.0203 3380 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:38:39.0204 3380 Brserid - ok
11:38:39.0211 3380 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:38:39.0212 3380 BrSerWdm - ok
11:38:39.0215 3380 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:38:39.0215 3380 BrUsbMdm - ok
11:38:39.0217 3380 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:38:39.0218 3380 BrUsbSer - ok
11:38:39.0222 3380 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
11:38:39.0223 3380 BthEnum - ok
11:38:39.0230 3380 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
11:38:39.0231 3380 BTHMODEM - ok
11:38:39.0246 3380 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:38:39.0247 3380 BthPan - ok
11:38:39.0265 3380 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
11:38:39.0268 3380 BTHPORT - ok
11:38:39.0274 3380 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:38:39.0275 3380 bthserv - ok
11:38:39.0283 3380 BTHSSecurityMgr (a5b3e8b2b78c7b3da56a0de490e6718c) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:38:39.0284 3380 BTHSSecurityMgr - ok
11:38:39.0289 3380 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
11:38:39.0290 3380 BTHUSB - ok
11:38:39.0295 3380 btmaux (270fba230e78e25726d065a924589a72) C:\Windows\system32\DRIVERS\btmaux.sys
11:38:39.0295 3380 btmaux - ok
11:38:39.0307 3380 btmhsf (40c6fec49d1cc4d112368a2bcd2bcbb7) C:\Windows\system32\DRIVERS\btmhsf.sys
11:38:39.0309 3380 btmhsf - ok
11:38:39.0335 3380 bwmservice (ea48ac703a9f412a42bfca2fc048b63c) C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe
11:38:39.0338 3380 bwmservice - ok
11:38:39.0340 3380 catchme - ok
11:38:39.0347 3380 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:38:39.0347 3380 cdfs - ok
11:38:39.0355 3380 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:38:39.0356 3380 cdrom - ok
11:38:39.0361 3380 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:38:39.0362 3380 CertPropSvc - ok
11:38:39.0366 3380 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
11:38:39.0367 3380 circlass - ok
11:38:39.0380 3380 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:38:39.0382 3380 CLFS - ok
11:38:39.0398 3380 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:38:39.0399 3380 clr_optimization_v2.0.50727_32 - ok
11:38:39.0407 3380 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:38:39.0408 3380 clr_optimization_v2.0.50727_64 - ok
11:38:39.0419 3380 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:38:39.0420 3380 clr_optimization_v4.0.30319_32 - ok
11:38:39.0434 3380 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:38:39.0435 3380 clr_optimization_v4.0.30319_64 - ok
11:38:39.0437 3380 clwvd - ok
11:38:39.0440 3380 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
11:38:39.0440 3380 CmBatt - ok
11:38:39.0443 3380 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:38:39.0444 3380 cmdide - ok
11:38:39.0464 3380 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:38:39.0466 3380 CNG - ok
11:38:39.0469 3380 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
11:38:39.0470 3380 Compbatt - ok
11:38:39.0473 3380 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:38:39.0473 3380 CompositeBus - ok
11:38:39.0475 3380 COMSysApp - ok
11:38:39.0478 3380 copperhd (44622785d2d2dd8b13e6dc969b6e34a4) C:\Windows\system32\drivers\copperhd.sys
11:38:39.0479 3380 copperhd - ok
11:38:39.0482 3380 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
11:38:39.0482 3380 crcdisk - ok
11:38:39.0491 3380 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:38:39.0492 3380 CryptSvc - ok
11:38:39.0527 3380 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:38:39.0530 3380 cvhsvc - ok
11:38:39.0548 3380 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:38:39.0551 3380 DcomLaunch - ok
11:38:39.0563 3380 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:38:39.0566 3380 defragsvc - ok
11:38:39.0578 3380 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:38:39.0579 3380 DfsC - ok
11:38:39.0590 3380 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:38:39.0592 3380 Dhcp - ok
11:38:39.0596 3380 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:38:39.0596 3380 discache - ok
11:38:39.0603 3380 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
11:38:39.0603 3380 Disk - ok
11:38:39.0612 3380 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:38:39.0613 3380 Dnscache - ok
11:38:39.0624 3380 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:38:39.0626 3380 dot3svc - ok
11:38:39.0634 3380 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:38:39.0635 3380 DPS - ok
11:38:39.0637 3380 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:38:39.0638 3380 drmkaud - ok
11:38:39.0656 3380 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:38:39.0657 3380 dtsoftbus01 - ok
11:38:39.0688 3380 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:38:39.0694 3380 DXGKrnl - ok
11:38:39.0696 3380 EagleX64 - ok
11:38:39.0704 3380 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:38:39.0706 3380 EapHost - ok
11:38:39.0824 3380 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
11:38:39.0838 3380 ebdrv - ok
11:38:39.0867 3380 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:38:39.0868 3380 EFS - ok
11:38:39.0905 3380 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:38:39.0908 3380 ehRecvr - ok
11:38:39.0914 3380 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:38:39.0915 3380 ehSched - ok
11:38:39.0944 3380 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
11:38:39.0948 3380 elxstor - ok
11:38:39.0952 3380 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:38:39.0953 3380 ErrDev - ok
11:38:39.0973 3380 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:38:39.0976 3380 EventSystem - ok
11:38:40.0028 3380 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:38:40.0036 3380 EvtEng - ok
11:38:40.0071 3380 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:38:40.0073 3380 exfat - ok
11:38:40.0083 3380 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:38:40.0085 3380 fastfat - ok
11:38:40.0109 3380 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:38:40.0114 3380 Fax - ok
11:38:40.0119 3380 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
11:38:40.0120 3380 fdc - ok
11:38:40.0123 3380 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:38:40.0124 3380 fdPHost - ok
11:38:40.0129 3380 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:38:40.0130 3380 FDResPub - ok
11:38:40.0135 3380 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:38:40.0136 3380 FileInfo - ok
11:38:40.0139 3380 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:38:40.0140 3380 Filetrace - ok
11:38:40.0146 3380 FileZilla Server (bf72c20b44b85fd030aeaa721e35d512) D:\xampp\FileZillaFTP\FileZillaServer.exe
11:38:40.0150 3380 FileZilla Server - ok
11:38:40.0154 3380 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
11:38:40.0154 3380 flpydisk - ok
11:38:40.0166 3380 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:38:40.0167 3380 FltMgr - ok
11:38:40.0207 3380 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:38:40.0212 3380 FontCache - ok
11:38:40.0219 3380 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:38:40.0220 3380 FontCache3.0.0.0 - ok
11:38:40.0231 3380 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:38:40.0232 3380 FsDepends - ok
11:38:40.0235 3380 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:38:40.0235 3380 Fs_Rec - ok
11:38:40.0245 3380 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:38:40.0247 3380 fvevol - ok
11:38:40.0253 3380 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
11:38:40.0253 3380 gagp30kx - ok
11:38:40.0281 3380 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:38:40.0287 3380 gpsvc - ok
11:38:40.0293 3380 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
11:38:40.0294 3380 hamachi - ok
11:38:40.0301 3380 hcmon (adb4348da1345877b04e22203afc8993) C:\Windows\system32\drivers\hcmon.sys
11:38:40.0302 3380 hcmon - ok
11:38:40.0310 3380 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:38:40.0310 3380 hcw85cir - ok
11:38:40.0323 3380 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:38:40.0325 3380 HdAudAddService - ok
11:38:40.0333 3380 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:38:40.0333 3380 HDAudBus - ok
11:38:40.0337 3380 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
11:38:40.0337 3380 HidBatt - ok
11:38:40.0344 3380 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
11:38:40.0344 3380 HidBth - ok
11:38:40.0349 3380 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
11:38:40.0349 3380 HidIr - ok
11:38:40.0353 3380 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:38:40.0353 3380 hidserv - ok
11:38:40.0357 3380 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:38:40.0357 3380 HidUsb - ok
11:38:40.0358 3380 HiPatchService (7388756bc5f9fe857c400e340b878af2) D:\Smite\HiPatchService.exe
11:38:40.0359 3380 HiPatchService - ok
11:38:40.0366 3380 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:38:40.0367 3380 hkmsvc - ok
11:38:40.0377 3380 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:38:40.0379 3380 HomeGroupListener - ok
11:38:40.0388 3380 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:38:40.0389 3380 HomeGroupProvider - ok
11:38:40.0395 3380 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:38:40.0396 3380 HpSAMD - ok
11:38:40.0413 3380 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:38:40.0417 3380 HTTP - ok
11:38:40.0420 3380 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:38:40.0420 3380 hwpolicy - ok
11:38:40.0426 3380 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:38:40.0427 3380 i8042prt - ok
11:38:40.0444 3380 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys
11:38:40.0447 3380 iaStor - ok
11:38:40.0454 3380 IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:38:40.0455 3380 IAStorDataMgrSvc - ok
11:38:40.0471 3380 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:38:40.0473 3380 iaStorV - ok
11:38:40.0485 3380 iBtFltCoex (fc47f5cf561bf0fd897efd1a9604dccf) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:38:40.0486 3380 iBtFltCoex - ok
11:38:40.0517 3380 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:38:40.0522 3380 idsvc - ok
11:38:40.0702 3380 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:38:40.0728 3380 igfx - ok
11:38:40.0758 3380 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
11:38:40.0759 3380 iirsp - ok
11:38:40.0793 3380 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:38:40.0800 3380 IKEEXT - ok
11:38:40.0906 3380 IntcAzAudAddService (98f4e841ea43ed5a442f0dc60cab4326) C:\Windows\system32\drivers\RTKVHD64.sys
11:38:40.0919 3380 IntcAzAudAddService - ok
11:38:40.0950 3380 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:38:40.0950 3380 intelide - ok
11:38:40.0956 3380 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
11:38:40.0957 3380 intelppm - ok
11:38:40.0961 3380 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:38:40.0962 3380 IPBusEnum - ok
11:38:40.0967 3380 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:38:40.0968 3380 IpFilterDriver - ok
11:38:40.0988 3380 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:38:40.0991 3380 iphlpsvc - ok
11:38:40.0998 3380 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:38:40.0999 3380 IPMIDRV - ok
11:38:41.0006 3380 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:38:41.0007 3380 IPNAT - ok
11:38:41.0010 3380 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:38:41.0010 3380 IRENUM - ok
11:38:41.0015 3380 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:38:41.0016 3380 isapnp - ok
11:38:41.0031 3380 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:38:41.0032 3380 iScsiPrt - ok
11:38:41.0037 3380 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:38:41.0038 3380 kbdclass - ok
11:38:41.0042 3380 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:38:41.0043 3380 kbdhid - ok
11:38:41.0048 3380 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:41.0049 3380 KeyIso - ok
11:38:41.0069 3380 KL1 (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
11:38:41.0071 3380 KL1 - ok
11:38:41.0075 3380 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
11:38:41.0075 3380 kl2 - ok
11:38:41.0100 3380 KLIF (c1786c2f8de0f62e076f7ef8dea4e87a) C:\Windows\system32\DRIVERS\klif.sys
11:38:41.0104 3380 KLIF - ok
11:38:41.0109 3380 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
11:38:41.0110 3380 KLIM6 - ok
11:38:41.0114 3380 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
11:38:41.0114 3380 klmouflt - ok
11:38:41.0125 3380 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:38:41.0126 3380 KSecDD - ok
11:38:41.0141 3380 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:38:41.0142 3380 KSecPkg - ok
11:38:41.0146 3380 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:38:41.0146 3380 ksthunk - ok
11:38:41.0161 3380 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:38:41.0164 3380 KtmRm - ok
11:38:41.0174 3380 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
11:38:41.0177 3380 LanmanServer - ok
11:38:41.0186 3380 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:38:41.0188 3380 LanmanWorkstation - ok
11:38:41.0195 3380 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:38:41.0196 3380 lltdio - ok
11:38:41.0208 3380 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:38:41.0211 3380 lltdsvc - ok
11:38:41.0214 3380 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:38:41.0215 3380 lmhosts - ok
11:38:41.0224 3380 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
11:38:41.0225 3380 LSI_FC - ok
11:38:41.0233 3380 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
11:38:41.0234 3380 LSI_SAS - ok
11:38:41.0239 3380 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
11:38:41.0240 3380 LSI_SAS2 - ok
11:38:41.0249 3380 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
11:38:41.0250 3380 LSI_SCSI - ok
11:38:41.0257 3380 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:38:41.0258 3380 luafv - ok
11:38:41.0266 3380 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:38:41.0268 3380 Mcx2Svc - ok
11:38:41.0272 3380 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
11:38:41.0273 3380 megasas - ok
11:38:41.0285 3380 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
11:38:41.0286 3380 MegaSR - ok
11:38:41.0292 3380 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
11:38:41.0293 3380 MEIx64 - ok
11:38:41.0303 3380 Micro Star SCM (71c6748ee8de938532057ef10b4b7e44) C:\Program Files (x86)\System Control Manager\MSIService.exe
11:38:41.0304 3380 Micro Star SCM - ok
11:38:41.0310 3380 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:38:41.0312 3380 MMCSS - ok
11:38:41.0316 3380 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:38:41.0317 3380 Modem - ok
11:38:41.0319 3380 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:38:41.0320 3380 monitor - ok
11:38:41.0329 3380 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:38:41.0330 3380 mouclass - ok
11:38:41.0335 3380 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:38:41.0336 3380 mouhid - ok
11:38:41.0342 3380 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:38:41.0343 3380 mountmgr - ok
11:38:41.0350 3380 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:38:41.0351 3380 MozillaMaintenance - ok
11:38:41.0359 3380 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:38:41.0360 3380 mpio - ok
11:38:41.0366 3380 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:38:41.0367 3380 mpsdrv - ok
11:38:41.0394 3380 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:38:41.0400 3380 MpsSvc - ok
11:38:41.0408 3380 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:38:41.0410 3380 MRxDAV - ok
11:38:41.0417 3380 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:38:41.0419 3380 mrxsmb - ok
11:38:41.0430 3380 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:38:41.0432 3380 mrxsmb10 - ok
11:38:41.0440 3380 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:38:41.0441 3380 mrxsmb20 - ok
11:38:41.0446 3380 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:38:41.0446 3380 msahci - ok
11:38:41.0455 3380 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:38:41.0456 3380 msdsm - ok
11:38:41.0463 3380 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:38:41.0465 3380 MSDTC - ok
11:38:41.0472 3380 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:38:41.0472 3380 Msfs - ok
11:38:41.0475 3380 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:38:41.0475 3380 mshidkmdf - ok
11:38:41.0479 3380 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:38:41.0480 3380 msisadrv - ok
11:38:41.0487 3380 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:38:41.0488 3380 MSiSCSI - ok
11:38:41.0491 3380 msiserver - ok
11:38:41.0495 3380 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:38:41.0495 3380 MSKSSRV - ok
11:38:41.0498 3380 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:38:41.0498 3380 MSPCLOCK - ok
11:38:41.0501 3380 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:38:41.0502 3380 MSPQM - ok
11:38:41.0516 3380 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:38:41.0518 3380 MsRPC - ok
11:38:41.0524 3380 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:38:41.0525 3380 mssmbios - ok
11:38:41.0527 3380 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:38:41.0528 3380 MSTEE - ok
11:38:41.0531 3380 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
11:38:41.0532 3380 MTConfig - ok
11:38:41.0537 3380 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:38:41.0538 3380 Mup - ok
11:38:41.0539 3380 mysql - ok
11:38:41.0557 3380 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:38:41.0559 3380 MyWiFiDHCPDNS - ok
11:38:41.0580 3380 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:38:41.0584 3380 napagent - ok
11:38:41.0600 3380 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:38:41.0602 3380 NativeWifiP - ok
11:38:41.0637 3380 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:38:41.0644 3380 NDIS - ok
11:38:41.0650 3380 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:38:41.0650 3380 NdisCap - ok
11:38:41.0654 3380 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:38:41.0654 3380 NdisTapi - ok
11:38:41.0657 3380 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:38:41.0658 3380 Ndisuio - ok
11:38:41.0666 3380 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:38:41.0667 3380 NdisWan - ok
11:38:41.0672 3380 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:38:41.0673 3380 NDProxy - ok
11:38:41.0676 3380 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:38:41.0676 3380 NetBIOS - ok
11:38:41.0687 3380 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:38:41.0688 3380 NetBT - ok
11:38:41.0693 3380 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:41.0694 3380 Netlogon - ok
11:38:41.0709 3380 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:38:41.0712 3380 Netman - ok
11:38:41.0728 3380 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:38:41.0729 3380 NetMsmqActivator - ok
11:38:41.0731 3380 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:38:41.0732 3380 NetPipeActivator - ok
11:38:41.0749 3380 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:38:41.0752 3380 netprofm - ok
11:38:41.0754 3380 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:38:41.0755 3380 NetTcpActivator - ok
11:38:41.0757 3380 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:38:41.0758 3380 NetTcpPortSharing - ok
11:38:42.0032 3380 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
11:38:42.0068 3380 NETwNs64 - ok
11:38:42.0101 3380 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
11:38:42.0102 3380 nfrd960 - ok
11:38:42.0114 3380 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:38:42.0117 3380 NlaSvc - ok
11:38:42.0122 3380 NLNdisMP (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
11:38:42.0123 3380 NLNdisMP - ok
11:38:42.0124 3380 NLNdisPT (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
11:38:42.0125 3380 NLNdisPT - ok
11:38:42.0195 3380 nlsvc (6988373e38223438b09f0c27d7e67393) C:\Program Files\NetLimiter 3\nlsvc.exe
11:38:42.0208 3380 nlsvc - ok
11:38:42.0224 3380 nltdi (75e6581de9a0b155edab6807e668be06) C:\Program Files\NetLimiter 3\nltdi.sys
11:38:42.0225 3380 nltdi - ok
11:38:42.0254 3380 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:38:42.0255 3380 Npfs - ok
11:38:42.0261 3380 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:38:42.0263 3380 nsi - ok
11:38:42.0267 3380 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:38:42.0268 3380 nsiproxy - ok
11:38:42.0335 3380 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:38:42.0349 3380 Ntfs - ok
11:38:42.0379 3380 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:38:42.0380 3380 Null - ok
11:38:42.0388 3380 nusb3hub (01266516e6e88d183a2b58722eeb4443) C:\Windows\system32\drivers\nusb3hub.sys
11:38:42.0389 3380 nusb3hub - ok
11:38:42.0403 3380 nusb3xhc (5ec04f55cc5f165f21752712437df638) C:\Windows\system32\drivers\nusb3xhc.sys
11:38:42.0405 3380 nusb3xhc - ok
11:38:42.0422 3380 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
11:38:42.0424 3380 NVHDA - ok
11:38:42.0863 3380 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:38:42.0923 3380 nvlddmkm - ok
11:38:42.0956 3380 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:38:42.0957 3380 nvraid - ok
11:38:42.0965 3380 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:38:42.0965 3380 nvstor - ok
11:38:43.0010 3380 NVSvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
11:38:43.0021 3380 NVSvc - ok
11:38:43.0075 3380 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:38:43.0089 3380 nvUpdatusService - ok
11:38:43.0127 3380 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:38:43.0128 3380 nv_agp - ok
11:38:43.0135 3380 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:38:43.0135 3380 ohci1394 - ok
11:38:43.0147 3380 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:38:43.0148 3380 ose - ok
11:38:43.0318 3380 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:38:43.0344 3380 osppsvc - ok
11:38:43.0374 3380 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:38:43.0377 3380 p2pimsvc - ok
11:38:43.0393 3380 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:38:43.0396 3380 p2psvc - ok
11:38:43.0414 3380 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
11:38:43.0414 3380 Parport - ok
11:38:43.0425 3380 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:38:43.0426 3380 partmgr - ok
11:38:43.0433 3380 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:38:43.0435 3380 PcaSvc - ok
11:38:43.0444 3380 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:38:43.0445 3380 pci - ok
11:38:43.0448 3380 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:38:43.0448 3380 pciide - ok
11:38:43.0457 3380 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
11:38:43.0458 3380 pcmcia - ok
11:38:43.0464 3380 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:38:43.0465 3380 pcw - ok
11:38:43.0485 3380 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:38:43.0488 3380 PEAUTH - ok
11:38:43.0508 3380 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:38:43.0509 3380 PerfHost - ok
11:38:43.0559 3380 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:38:43.0571 3380 pla - ok
11:38:43.0588 3380 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:38:43.0591 3380 PlugPlay - ok
11:38:43.0596 3380 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:38:43.0597 3380 PNRPAutoReg - ok
11:38:43.0616 3380 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:38:43.0619 3380 PNRPsvc - ok
11:38:43.0635 3380 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
11:38:43.0636 3380 Point64 - ok
11:38:43.0659 3380 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:38:43.0661 3380 PolicyAgent - ok
11:38:43.0677 3380 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:38:43.0679 3380 Power - ok
11:38:43.0685 3380 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:38:43.0686 3380 PptpMiniport - ok
11:38:43.0691 3380 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
11:38:43.0691 3380 Processor - ok
11:38:43.0703 3380 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:38:43.0705 3380 ProfSvc - ok
11:38:43.0711 3380 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:43.0712 3380 ProtectedStorage - ok
11:38:43.0720 3380 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:38:43.0721 3380 Psched - ok
11:38:43.0772 3380 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
11:38:43.0785 3380 ql2300 - ok
11:38:43.0815 3380 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
11:38:43.0816 3380 ql40xx - ok
11:38:43.0825 3380 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:38:43.0828 3380 QWAVE - ok
11:38:43.0833 3380 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:38:43.0834 3380 QWAVEdrv - ok
11:38:43.0836 3380 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:38:43.0836 3380 RasAcd - ok
11:38:43.0841 3380 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:38:43.0842 3380 RasAgileVpn - ok
11:38:43.0848 3380 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:38:43.0850 3380 RasAuto - ok
11:38:43.0858 3380 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:38:43.0858 3380 Rasl2tp - ok
11:38:43.0868 3380 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:38:43.0870 3380 RasMan - ok
11:38:43.0875 3380 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:38:43.0876 3380 RasPppoe - ok
11:38:43.0881 3380 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:38:43.0882 3380 RasSstp - ok
11:38:43.0894 3380 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:38:43.0896 3380 rdbss - ok
11:38:43.0900 3380 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
11:38:43.0901 3380 rdpbus - ok
11:38:43.0903 3380 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:38:43.0904 3380 RDPCDD - ok
11:38:43.0907 3380 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:38:43.0907 3380 RDPENCDD - ok
11:38:43.0911 3380 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:38:43.0911 3380 RDPREFMP - ok
11:38:43.0924 3380 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:38:43.0925 3380 RDPWD - ok
11:38:43.0934 3380 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:38:43.0936 3380 rdyboost - ok
11:38:43.0964 3380 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:38:43.0969 3380 RegSrvc - ok
11:38:43.0977 3380 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:38:43.0979 3380 RemoteAccess - ok
11:38:43.0988 3380 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:38:43.0991 3380 RemoteRegistry - ok
11:38:44.0009 3380 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:38:44.0010 3380 RFCOMM - ok
11:38:44.0016 3380 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:38:44.0017 3380 RpcEptMapper - ok
11:38:44.0020 3380 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:38:44.0021 3380 RpcLocator - ok
11:38:44.0038 3380 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:38:44.0041 3380 RpcSs - ok
11:38:44.0047 3380 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:38:44.0048 3380 rspndr - ok
11:38:44.0061 3380 RSUSBVSTOR (e54a5586a28d0630a79a68bbab84bfcf) C:\Windows\System32\Drivers\RtsUVStor.sys
11:38:44.0062 3380 RSUSBVSTOR - ok
11:38:44.0076 3380 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:38:44.0078 3380 RTL8167 - ok
11:38:44.0102 3380 RTL8192su (b3f36b4b3f192ea87ddc119f3a0b3e45) C:\Windows\system32\DRIVERS\RTL8192su.sys
11:38:44.0105 3380 RTL8192su - ok
11:38:44.0113 3380 rzudd (a237566b5a53d17d8348334853f11b38) C:\Windows\system32\DRIVERS\rzudd.sys
11:38:44.0113 3380 rzudd - ok
11:38:44.0118 3380 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:44.0119 3380 SamSs - ok
11:38:44.0125 3380 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:38:44.0126 3380 sbp2port - ok
11:38:44.0135 3380 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:38:44.0137 3380 SCardSvr - ok
11:38:44.0151 3380 SCDEmu (3ac948640421e3891a49aa83c6b77b7a) C:\Windows\system32\drivers\SCDEmu.sys
11:38:44.0152 3380 SCDEmu - ok
11:38:44.0156 3380 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:38:44.0156 3380 scfilter - ok
11:38:44.0185 3380 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:38:44.0191 3380 Schedule - ok
11:38:44.0198 3380 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:38:44.0199 3380 SCPolicySvc - ok
11:38:44.0213 3380 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:38:44.0215 3380 SDRSVC - ok
11:38:44.0225 3380 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:38:44.0225 3380 secdrv - ok
11:38:44.0230 3380 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:38:44.0231 3380 seclogon - ok
11:38:44.0238 3380 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:38:44.0239 3380 SENS - ok
11:38:44.0244 3380 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:38:44.0245 3380 SensrSvc - ok
11:38:44.0249 3380 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
11:38:44.0250 3380 Serenum - ok
11:38:44.0260 3380 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
11:38:44.0261 3380 Serial - ok
11:38:44.0265 3380 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
11:38:44.0265 3380 sermouse - ok
11:38:44.0275 3380 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:38:44.0277 3380 SessionEnv - ok
11:38:44.0279 3380 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:38:44.0280 3380 sffdisk - ok
11:38:44.0283 3380 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:38:44.0283 3380 sffp_mmc - ok
11:38:44.0286 3380 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:38:44.0287 3380 sffp_sd - ok
11:38:44.0290 3380 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
11:38:44.0291 3380 sfloppy - ok
11:38:44.0320 3380 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:38:44.0323 3380 Sftfs - ok
11:38:44.0347 3380 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:38:44.0349 3380 sftlist - ok
11:38:44.0365 3380 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:38:44.0366 3380 Sftplay - ok
11:38:44.0373 3380 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:38:44.0373 3380 Sftredir - ok
11:38:44.0376 3380 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:38:44.0377 3380 Sftvol - ok
11:38:44.0389 3380 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:38:44.0391 3380 sftvsa - ok
11:38:44.0405 3380 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:38:44.0407 3380 SharedAccess - ok
11:38:44.0421 3380 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:38:44.0424 3380 ShellHWDetection - ok
11:38:44.0429 3380 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
11:38:44.0430 3380 SiSRaid2 - ok
11:38:44.0436 3380 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
11:38:44.0436 3380 SiSRaid4 - ok
11:38:44.0449 3380 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:38:44.0449 3380 SkypeUpdate - ok
11:38:44.0456 3380 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:38:44.0457 3380 Smb - ok
11:38:44.0462 3380 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:38:44.0463 3380 SNMPTRAP - ok
11:38:44.0482 3380 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
11:38:44.0482 3380 speedfan - ok
11:38:44.0488 3380 spfdrv (6fdc40a0fb834de6b03e596b3734e25a) C:\Windows\system32\DRIVERS\spfdrv.sys
11:38:44.0489 3380 spfdrv - ok
11:38:44.0493 3380 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:38:44.0493 3380 spldr - ok
11:38:44.0512 3380 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:38:44.0516 3380 Spooler - ok
11:38:44.0633 3380 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:38:44.0657 3380 sppsvc - ok
11:38:44.0681 3380 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:38:44.0682 3380 sppuinotify - ok
11:38:44.0703 3380 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:38:44.0706 3380 srv - ok
11:38:44.0722 3380 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:38:44.0725 3380 srv2 - ok
11:38:44.0734 3380 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:38:44.0735 3380 srvnet - ok
11:38:44.0746 3380 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:38:44.0748 3380 SSDPSRV - ok
11:38:44.0756 3380 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:38:44.0757 3380 SstpSvc - ok
11:38:44.0763 3380 Steam Client Service - ok
11:38:44.0770 3380 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
11:38:44.0770 3380 stexstor - ok
11:38:44.0791 3380 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:38:44.0796 3380 stisvc - ok
11:38:44.0800 3380 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:38:44.0801 3380 swenum - ok
11:38:44.0819 3380 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:38:44.0823 3380 swprv - ok
11:38:44.0872 3380 SynTP (f4db1d9e6a42d491f0f8e21854301c0b) C:\Windows\system32\drivers\SynTP.sys
11:38:44.0884 3380 SynTP - ok
11:38:44.0970 3380 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:38:44.0987 3380 SysMain - ok
11:38:45.0017 3380 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:38:45.0019 3380 TabletInputService - ok
11:38:45.0033 3380 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:38:45.0037 3380 TapiSrv - ok
11:38:45.0044 3380 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:38:45.0046 3380 TBS - ok
11:38:45.0131 3380 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:38:45.0144 3380 Tcpip - ok
11:38:45.0239 3380 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:38:45.0253 3380 TCPIP6 - ok
11:38:45.0288 3380 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:38:45.0288 3380 tcpipreg - ok
11:38:45.0292 3380 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:38:45.0292 3380 TDPIPE - ok
11:38:45.0296 3380 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:38:45.0297 3380 TDTCP - ok
11:38:45.0303 3380 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:38:45.0304 3380 tdx - ok
11:38:45.0435 3380 TeamViewer7 (74fc70ae64a7b7dabec9697ce0a1f4fa) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:38:45.0450 3380 TeamViewer7 - ok
11:38:45.0483 3380 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:38:45.0484 3380 TermDD - ok
11:38:45.0518 3380 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:38:45.0522 3380 TermService - ok
11:38:45.0528 3380 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:38:45.0530 3380 Themes - ok
11:38:45.0536 3380 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:38:45.0538 3380 THREADORDER - ok
11:38:45.0545 3380 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:38:45.0547 3380 TrkWks - ok
11:38:45.0557 3380 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:38:45.0558 3380 TrustedInstaller - ok
11:38:45.0564 3380 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:38:45.0565 3380 tssecsrv - ok
11:38:45.0568 3380 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:38:45.0569 3380 TsUsbFlt - ok
11:38:45.0573 3380 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
11:38:45.0573 3380 TsUsbGD - ok
11:38:45.0581 3380 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:38:45.0581 3380 tunnel - ok
11:38:45.0587 3380 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
11:38:45.0588 3380 uagp35 - ok
11:38:45.0601 3380 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:38:45.0603 3380 udfs - ok
11:38:45.0610 3380 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:38:45.0611 3380 UI0Detect - ok
11:38:45.0617 3380 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:38:45.0618 3380 uliagpkx - ok
11:38:45.0623 3380 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
11:38:45.0624 3380 umbus - ok
11:38:45.0627 3380 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
11:38:45.0627 3380 UmPass - ok
11:38:45.0640 3380 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:38:45.0642 3380 upnphost - ok
11:38:45.0650 3380 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:38:45.0651 3380 usbccgp - ok
11:38:45.0658 3380 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:38:45.0659 3380 usbcir - ok
11:38:45.0664 3380 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:38:45.0665 3380 usbehci - ok
11:38:45.0682 3380 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
11:38:45.0684 3380 usbhub - ok
11:38:45.0688 3380 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:38:45.0689 3380 usbohci - ok
11:38:45.0693 3380 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
11:38:45.0693 3380 usbprint - ok
11:38:45.0702 3380 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:38:45.0703 3380 USBSTOR - ok
11:38:45.0707 3380 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:38:45.0708 3380 usbuhci - ok
11:38:45.0717 3380 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
11:38:45.0718 3380 usbvideo - ok
11:38:45.0722 3380 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:38:45.0724 3380 UxSms - ok
11:38:45.0729 3380 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:38:45.0730 3380 VaultSvc - ok
11:38:45.0746 3380 VBoxDrv (ed492636ee26ec43daa4baa7ef0da7ad) C:\Windows\system32\DRIVERS\VBoxDrv.sys
11:38:45.0747 3380 VBoxDrv - ok
11:38:45.0760 3380 VBoxNetAdp (58e2365e7fd880624f648c63c5d22009) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
11:38:45.0761 3380 VBoxNetAdp - ok
11:38:45.0774 3380 VBoxUSBMon (99906a079a6c24d4b8b0dbed02b7869b) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
11:38:45.0774 3380 VBoxUSBMon - ok
11:38:45.0784 3380 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:38:45.0784 3380 vdrvroot - ok
11:38:45.0803 3380 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:38:45.0807 3380 vds - ok
11:38:45.0812 3380 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:38:45.0813 3380 vga - ok
11:38:45.0816 3380 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:38:45.0816 3380 VgaSave - ok
11:38:45.0827 3380 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\DRIVERS\vhdmp.sys
11:38:45.0829 3380 vhdmp - ok
11:38:45.0832 3380 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:38:45.0833 3380 viaide - ok
11:38:45.0835 3380 VMAuthdService (94cf2d157c8fd9089afa5da78aa64c65) D:\lolplayer\vmware-authd.exe
11:38:45.0835 3380 VMAuthdService - ok
11:38:45.0852 3380 vmci (87fc1dd880e8cac4faebb84af61a87c4) C:\Windows\system32\DRIVERS\vmci.sys
11:38:45.0853 3380 vmci - ok
11:38:45.0860 3380 vmkbd (0b13268268b3d2c99ba5021593d0f767) C:\Windows\system32\drivers\VMkbd.sys
11:38:45.0860 3380 vmkbd - ok
11:38:45.0864 3380 VMnetAdapter (b259c31378bc855afd1b53f59311c251) C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:38:45.0864 3380 VMnetAdapter - ok
11:38:45.0872 3380 VMnetBridge (dec4ce720ffeda939cf1ba315cfbd993) C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:38:45.0872 3380 VMnetBridge - ok
11:38:45.0874 3380 VMnetDHCP - ok
11:38:45.0881 3380 VMnetuserif (518d188f04bc4c6ba0581775b9a5ea90) C:\Windows\system32\drivers\vmnetuserif.sys
11:38:45.0881 3380 VMnetuserif - ok
11:38:45.0919 3380 VMUSBArbService (18903ca7936912c337c9d28858880cf2) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
11:38:45.0927 3380 VMUSBArbService - ok
11:38:45.0934 3380 VMware NAT Service - ok
11:38:45.0951 3380 vmx86 (baf28a75b00b79dc92702af7acffd3e5) C:\Windows\system32\drivers\vmx86.sys
11:38:45.0952 3380 vmx86 - ok
11:38:45.0957 3380 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:38:45.0958 3380 volmgr - ok
11:38:45.0972 3380 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:38:45.0974 3380 volmgrx - ok
11:38:45.0987 3380 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:38:45.0988 3380 volsnap - ok
11:38:46.0002 3380 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
11:38:46.0003 3380 vsmraid - ok
11:38:46.0057 3380 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:38:46.0068 3380 VSS - ok
11:38:46.0098 3380 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:38:46.0099 3380 vwifibus - ok
11:38:46.0103 3380 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:38:46.0103 3380 vwififlt - ok
11:38:46.0107 3380 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:38:46.0108 3380 vwifimp - ok
11:38:46.0122 3380 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:38:46.0126 3380 W32Time - ok
11:38:46.0132 3380 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
11:38:46.0133 3380 WacomPen - ok
11:38:46.0140 3380 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:38:46.0141 3380 WANARP - ok
11:38:46.0143 3380 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:38:46.0144 3380 Wanarpv6 - ok
11:38:46.0157 3380 watchmi (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe
11:38:46.0158 3380 watchmi - ok
11:38:46.0210 3380 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:38:46.0220 3380 wbengine - ok
11:38:46.0251 3380 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:38:46.0254 3380 WbioSrvc - ok
11:38:46.0271 3380 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:38:46.0275 3380 wcncsvc - ok
11:38:46.0281 3380 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:38:46.0283 3380 WcsPlugInService - ok
11:38:46.0294 3380 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
11:38:46.0295 3380 Wd - ok
11:38:46.0321 3380 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:38:46.0325 3380 Wdf01000 - ok
11:38:46.0333 3380 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:38:46.0336 3380 WdiServiceHost - ok
11:38:46.0338 3380 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:38:46.0341 3380 WdiSystemHost - ok
11:38:46.0354 3380 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:38:46.0358 3380 WebClient - ok
11:38:46.0378 3380 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:38:46.0380 3380 Wecsvc - ok
11:38:46.0387 3380 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:38:46.0389 3380 wercplsupport - ok
11:38:46.0396 3380 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:38:46.0397 3380 WerSvc - ok
11:38:46.0405 3380 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:38:46.0406 3380 WfpLwf - ok
11:38:46.0409 3380 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:38:46.0409 3380 WIMMount - ok
11:38:46.0414 3380 WinDefend - ok
11:38:46.0419 3380 WinHttpAutoProxySvc - ok
11:38:46.0437 3380 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:38:46.0439 3380 Winmgmt - ok
11:38:46.0505 3380 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:38:46.0519 3380 WinRM - ok
11:38:46.0555 3380 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
11:38:46.0556 3380 WinUSB - ok
11:38:46.0584 3380 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:38:46.0591 3380 Wlansvc - ok
11:38:46.0598 3380 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:38:46.0599 3380 wlcrasvc - ok
11:38:46.0674 3380 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:38:46.0695 3380 wlidsvc - ok
11:38:46.0741 3380 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:38:46.0742 3380 WmiAcpi - ok
11:38:46.0763 3380 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:38:46.0766 3380 wmiApSrv - ok
11:38:46.0773 3380 WMPNetworkSvc - ok
11:38:46.0780 3380 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:38:46.0783 3380 WPCSvc - ok
11:38:46.0792 3380 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:38:46.0795 3380 WPDBusEnum - ok
11:38:46.0802 3380 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:38:46.0803 3380 ws2ifsl - ok
11:38:46.0812 3380 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
11:38:46.0815 3380 wscsvc - ok
11:38:46.0817 3380 WSearch - ok
11:38:46.0826 3380 wsvd (82e8f5aa03df7dbdb8a33f700d5d8cda) C:\Windows\system32\DRIVERS\wsvd.sys
11:38:46.0827 3380 wsvd - ok
11:38:46.0924 3380 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:38:46.0942 3380 wuauserv - ok
11:38:46.0974 3380 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:38:46.0974 3380 WudfPf - ok
11:38:46.0981 3380 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:38:46.0982 3380 WUDFRd - ok
11:38:46.0990 3380 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:38:46.0992 3380 wudfsvc - ok
11:38:47.0002 3380 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:38:47.0005 3380 WwanSvc - ok
11:38:47.0019 3380 MBR (0x1B8) (4f8aa8c9692c179b2e9b4211951a7a17) \Device\Harddisk0\DR0
11:38:48.0927 3380 \Device\Harddisk0\DR0 - ok
11:38:49.0213 3380 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
11:38:49.0217 3380 \Device\Harddisk1\DR1 - ok
11:38:49.0220 3380 Boot (0x1200) (e1da271c95f85fff2e544e4bf404d60b) \Device\Harddisk0\DR0\Partition0
11:38:49.0222 3380 \Device\Harddisk0\DR0\Partition0 - ok
11:38:49.0226 3380 Boot (0x1200) (98b28a0c5748267f683ccab02a22c671) \Device\Harddisk0\DR0\Partition1
11:38:49.0228 3380 \Device\Harddisk0\DR0\Partition1 - ok
11:38:49.0232 3380 Boot (0x1200) (98a273af72666909c2c295fd57b39090) \Device\Harddisk1\DR1\Partition0
11:38:49.0234 3380 \Device\Harddisk1\DR1\Partition0 - ok
11:38:49.0253 3380 Boot (0x1200) (2e7c58836535a7fd47b70a467fbff6c4) \Device\Harddisk1\DR1\Partition1
11:38:49.0255 3380 \Device\Harddisk1\DR1\Partition1 - ok
11:38:49.0255 3380 ============================================================
11:38:49.0255 3380 Scan finished
11:38:49.0255 3380 ============================================================
11:38:49.0263 7172 Detected object count: 0
11:38:49.0263 7172 Actual detected object count: 0
11:39:02.0715 7372 Deinitialize success
|
|
26.07.2012, 10:48
| #14 |
| /// Helfer-Team | GVU Windows Trojaner (100 Euro Ukash) Java aktualisieren Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html |
|
26.07.2012, 18:18
| #15 |
| | GVU Windows Trojaner (100 Euro Ukash) Erledigt. Ist damit alles i.O.? |
|
| Themen zu GVU Windows Trojaner (100 Euro Ukash) |
| 100 euro, 100 €, aktuell, anti, anti malware, avp.exe, ctfmon.lnk, eingefangen, euro, gefangen, gefunde, gefundene, gefundenen, gen, heuristiks/extra, heuristiks/shuriken, malware.packer.as, malwarebytes, nvidia update, objekte, ordnung, plug-in, poweriso, pup.adware.mediaget, scan, searchscopes, staat, troja, trojaner, ukash, usb 3.0, virus, virus eingefangen, vorgehen, windows, ähnlich |
Linear-Darstellung
