| |
| |||||||
Log-Analyse und Auswertung: captcha problem bei google: Ungewöhnlicher Datenverkehr aus Ihrem ComputernetzwerkWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.10.2012, 19:00
| #1 |
| |  captcha problem bei google: Ungewöhnlicher Datenverkehr aus Ihrem Computernetzwerk hallo bin neu hier und seit gestern plagt mich diese captcha eingabe vor googlesuchen. hab auch schon andere beiträge dazu gelesen auch im forum und weiteren seiten nur weiß ich nichts damit anzufangen. teilweise liesst man es hätte etwas mit google zutun aber anderen im forum wurde wohl geholfen das problem zu unterbinden. auf jeden fall wollte ich es zumindest mal hier probieren vllt findet sich ja was. noch kurz zum schluss hab erst vor paar tagen einen reboot vorgenommen kann mir da aber keinen zusammenhang erklären zumal ich neben meinem normalen notebook auch ein subnotebook verwende auf dem die anfrage ebenso gestellt wurde. danke an euch schonmal im voraus. OTL logfile created on: 09.10.2012 19:37:36 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Philipp\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,95 Gb Total Physical Memory | 5,87 Gb Available Physical Memory | 73,88% Memory free 15,90 Gb Paging File | 13,06 Gb Available in Paging File | 82,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 681,76 Gb Total Space | 607,40 Gb Free Space | 89,09% Space Free | Partition Type: NTFS Drive D: | 16,58 Gb Total Space | 2,06 Gb Free Space | 12,41% Space Free | Partition Type: NTFS Drive G: | 931,51 Gb Total Space | 30,82 Gb Free Space | 3,31% Space Free | Partition Type: NTFS Drive H: | 458,54 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive I: | 298,09 Gb Total Space | 7,52 Gb Free Space | 2,52% Space Free | Partition Type: NTFS Computer Name: PHILIPP-HP | User Name: Philipp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.09 19:30:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2011.03.17 10:15:46 | 000,382,272 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe PRC - [2011.03.17 10:15:04 | 000,842,048 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe PRC - [2010.12.13 13:48:18 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe PRC - [2010.12.10 23:02:24 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe PRC - [2010.12.07 06:06:00 | 000,249,672 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe PRC - [2010.12.07 06:05:52 | 000,634,696 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe PRC - [2010.12.07 06:05:38 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe PRC - [2010.11.25 07:26:40 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe PRC - [2010.11.23 20:26:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.11.23 20:26:44 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.11.18 12:57:28 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe PRC - [2010.11.17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.11.09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe PRC - [2010.11.09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe PRC - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.09.13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe ========== Modules (No Company Name) ========== MOD - [2012.10.05 00:38:28 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll MOD - [2012.10.05 00:38:28 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll MOD - [2012.10.05 00:01:21 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012.10.05 00:00:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012.10.05 00:00:54 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012.10.05 00:00:44 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012.10.05 00:00:39 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.10.05 00:00:36 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012.10.05 00:00:35 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.10.05 00:00:29 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2011.01.28 01:27:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010.11.22 14:00:58 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2010.11.22 14:00:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2010.11.22 14:00:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2010.11.18 13:07:50 | 001,700,920 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\PictureMover\DE-DE\Presentation.dll MOD - [2010.11.18 12:57:42 | 012,284,984 | ---- | M] () -- C:\Users\Philipp\AppData\Roaming\PictureMover\Bin\Core.dll MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll ========== Services (SafeList) ========== SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:64bit: - [2011.05.08 17:25:40 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.10.09 01:10:45 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.09.09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service) SRV - [2011.03.28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010.12.07 06:06:00 | 000,249,672 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService) SRV - [2010.12.02 06:44:08 | 000,275,968 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV) SRV - [2010.11.24 21:26:42 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56) SRV - [2010.11.23 20:26:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.11.23 20:26:44 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.11.09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC) SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010.08.05 20:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc) SRV - [2010.07.21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.10.07 09:18:53 | 000,272,448 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.10.01 17:14:23 | 000,129,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.09.13 15:52:59 | 000,099,248 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.10.14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2011.05.08 17:58:06 | 009,259,520 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.05.08 16:50:14 | 000,301,568 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.04.21 05:53:21 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2011.04.16 02:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2011.04.16 02:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.12 08:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2010.12.10 23:03:46 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2010.12.02 06:44:08 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.11.19 20:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.11.19 20:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.10.19 21:56:44 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.10.15 10:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010.09.13 18:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4 IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKCU\..\SearchScopes\{B8966FD2-DB26-406F-AEEF-DBF200861CB2}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=41a93694-17e0-492e-8bb7-20256c0f088e&apn_sauid=2DDF511D-664F-44F7-8EC3-F57F93C58343 IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKCU\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.10.05 02:22:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.04 20:16:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.05 22:58:06 | 000,000,000 | ---D | M] [2012.10.04 21:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012.10.04 21:10:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.10.04 20:56:07 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}sourceid=chrome&ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\pdf.dll CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein\1.0_0\npwebsitelogon.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Website Logon = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein\1.0_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe File not found O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E8DCEED-B931-4D11-B358-769EF21D35D6}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.04.24 19:22:52 | 000,000,041 | R--- | M] () - H:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{964cb986-1043-11e2-a5ca-2c27d7a7f1fa}\Shell - "" = AutoRun O33 - MountPoints2\{964cb986-1043-11e2-a5ca-2c27d7a7f1fa}\Shell\AutoRun\command - "" = H:\setup.exe -- [2012.04.24 19:23:16 | 000,325,114 | R--- | M] ( ) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.09 19:30:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe [2012.10.09 19:12:35 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Philipp\Desktop\aswMBR.exe [2012.10.09 19:12:04 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Philipp\aswMBR.exe.part [2012.10.09 18:30:42 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Adobe.InDesign.CS6.v8.0.LS4.Multilanguage-PillePalle [2012.10.09 17:08:28 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Adobe.Photoshop.CS5.1.Extended.v12.1.European.Incl.Keymaker-CORE [2012.10.09 16:53:59 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Microsoft.Office.2007.Enterprise.SP1.DVD.GERMAN-BIE [2012.10.09 15:06:00 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Die.Sensationsreporterin.German.1981.AC3.DVDRiP.XViD-DAFTPUNK [2012.10.09 01:46:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.10.09 01:46:57 | 000,000,000 | -HSD | C] -- \Config.Msi [2012.10.09 01:07:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.10.09 01:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012.10.09 01:07:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012.10.09 01:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012.10.08 22:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2012.10.08 22:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.10.08 22:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012.10.08 21:15:04 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Philipp\spybotsd162.exe [2012.10.07 09:29:27 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED [2012.10.07 09:29:24 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\Telltale Games [2012.10.07 09:28:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Walking Dead [2012.10.07 09:19:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro [2012.10.07 09:18:53 | 000,272,448 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.10.07 09:18:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Pro [2012.10.07 09:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro [2012.10.07 09:13:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\The Saboteur Unofficial OST [2012.10.07 07:55:46 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.10.07 07:21:23 | 000,000,000 | ---D | C] -- C:\Users\Philipp\The.Walking.Dead.Episode.3-RELOADED [2012.10.07 03:09:54 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Person.of.Interest.S01E08.Der.Fall.Ulrich.Kohl.German.Dubbed.BDRip.XviD-ITG [2012.10.06 12:44:39 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Adele - Skyfall (Single) (2012) [2012.10.06 00:51:41 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Hobo.with.a.Shotgun.German.2011.AC3.DVDRiP.XViD-QoM [2012.10.06 00:36:41 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Dream.House.2011.BDRip.AC3.German.XviD-MB [2012.10.06 00:07:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Der.Samariter.Toedliches.Finale.2012.BDRip.AC3.German.XviD-MB [2012.10.06 00:01:40 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Flucht.in.Ketten.German.1958.AC3.DVDRiP.XviD-CENTi [2012.10.05 22:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.10.05 22:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012.10.05 22:57:58 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Google [2012.10.05 22:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.10.05 22:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012.10.05 22:57:49 | 000,763,440 | ---- | C] (Google Inc.) -- C:\Users\Philipp\ChromeSetup.exe [2012.10.05 19:48:41 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Adobe [2012.10.05 19:43:31 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.10.05 19:43:10 | 003,941,312 | ---- | C] (Piriform Ltd) -- C:\Users\Philipp\ccsetup323.exe [2012.10.05 13:49:10 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012.10.05 13:30:14 | 000,000,000 | ---D | C] -- C:\Users\Philipp\backups [2012.10.05 13:24:58 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Philipp\HiJackThis204.exe [2012.10.05 13:09:54 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Cosmopolis.2011.BDRip.AC3.German.XviD-MB [2012.10.05 12:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2012.10.05 12:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.10.05 12:52:41 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012.10.05 12:51:05 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.10.05 12:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.10.05 12:51:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012.10.05 04:53:37 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Macromedia [2012.10.05 04:53:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012.10.05 04:22:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.10.05 04:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012.10.05 04:01:07 | 000,000,000 | ---D | C] -- C:\AMD [2012.10.05 04:01:07 | 000,000,000 | ---D | C] -- \AMD [2012.10.05 03:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid [2012.10.05 03:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid [2012.10.05 03:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.10.05 03:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2012.10.05 02:21:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012.10.05 02:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2012.10.05 02:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2012.10.05 02:21:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2012.10.05 02:21:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2012.10.05 02:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2012.10.05 02:20:44 | 000,933,256 | ---- | C] (DivX, LLC) -- C:\Users\Philipp\DivXInstaller.exe [2012.10.05 01:12:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012.10.05 00:30:12 | 010,768,856 | ---- | C] (Xvid Team) -- C:\Users\Philipp\Xvid-1.3.2-20110601.exe [2012.10.05 00:29:15 | 009,889,896 | ---- | C] (CCCP Project ) -- C:\Users\Philipp\Combined-Community-Codec-Pack-2011-11-11.exe [2012.10.05 00:15:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012.10.05 00:14:58 | 000,292,184 | ---- | C] (Microsoft Corporation) -- C:\Users\Philipp\dxwebsetup.exe [2012.10.04 22:38:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012.10.04 22:38:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012.10.04 22:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics [2012.10.04 22:14:03 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\CrashDumps [2012.10.04 22:00:08 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2012.10.04 21:59:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2012.10.04 21:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.10.04 21:10:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.10.04 21:10:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.10.04 20:33:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [2012.10.04 20:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} [2012.10.04 20:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.10.04 20:21:05 | 000,129,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.10.04 20:21:05 | 000,099,248 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.10.04 20:21:05 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.10.04 20:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.10.04 20:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.10.04 20:16:58 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Mozilla [2012.10.04 20:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.10.04 20:16:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.10.04 20:16:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.10.04 20:14:44 | 017,653,976 | ---- | C] (Mozilla) -- C:\Users\Philipp\Firefox Setup 15.0.1.exe [2012.10.04 19:27:24 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\ATI [2012.10.04 19:26:12 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.10.04 19:26:12 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Searches [2012.10.04 19:26:12 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.10.04 19:26:03 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Contacts [2012.10.04 19:25:48 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\RemEngine [2012.10.04 19:16:44 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Hewlett-Packard [2012.10.04 19:16:30 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Hewlett-Packard_Company [2012.10.04 19:15:46 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\VirtualStore [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Videos [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Saved Games [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Pictures [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Music [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Links [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Favorites [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Downloads [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Desktop [2012.10.04 19:15:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Vorlagen [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Verlauf [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Temporary Internet Files [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Startmenü [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\SendTo [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Recent [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Netzwerkumgebung [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Lokale Einstellungen [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Videos [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Musik [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Eigene Dateien [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Bilder [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Druckumgebung [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Cookies [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Anwendungsdaten [2012.10.04 19:15:09 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Anwendungsdaten [2012.10.04 19:15:09 | 000,000,000 | -H-D | C] -- C:\Users\Philipp\AppData [2012.10.04 19:15:09 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Temp [2012.10.04 19:15:09 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Microsoft [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\Programme [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- \Programme [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- \Dokumente und Einstellungen [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.10.04 19:14:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.10.04 19:12:27 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.10.04 19:12:27 | 000,000,000 | -HSD | C] -- \System Volume Information [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.09 19:35:29 | 000,000,178 | ---- | M] () -- C:\Users\Philipp\defogger_reenable [2012.10.09 19:32:31 | 000,050,477 | ---- | M] () -- C:\Users\Philipp\Desktop\Defogger.exe [2012.10.09 19:30:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe [2012.10.09 19:12:35 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Philipp\Desktop\aswMBR.exe [2012.10.09 19:12:10 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Philipp\aswMBR.exe.part [2012.10.09 19:03:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.09 18:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.09 17:39:47 | 050,316,886 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part11.rar [2012.10.09 17:24:35 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part10.rar [2012.10.09 16:59:09 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.09 16:59:09 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.09 16:59:09 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.09 16:59:09 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.09 16:59:09 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.09 16:51:59 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part09.rar [2012.10.09 16:19:25 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part08.rar [2012.10.09 15:46:50 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part07.rar [2012.10.09 15:14:15 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part06.rar [2012.10.09 14:50:30 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part05.rar [2012.10.09 14:26:45 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part04.rar [2012.10.09 14:02:48 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part03.rar [2012.10.09 13:39:03 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part02.rar [2012.10.09 13:15:18 | 111,111,111 | ---- | M] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part01.rar [2012.10.09 12:51:48 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.09 12:51:48 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.09 12:44:26 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.09 12:44:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.09 12:44:07 | 2106,478,591 | -HS- | M] () -- C:\hiberfil.sys [2012.10.09 02:21:47 | 004,320,054 | ---- | M] () -- C:\Users\Philipp\Desktop\Neue Bitmap.bmp [2012.10.09 01:53:25 | 000,538,327 | ---- | M] () -- C:\Users\Philipp\adwcleaner.exe [2012.10.08 22:31:45 | 000,001,218 | ---- | M] () -- C:\Users\Philipp\Desktop\Spybot - Search & Destroy.lnk [2012.10.08 21:15:09 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\Philipp\spybotsd162.exe [2012.10.08 08:08:46 | 372,864,081 | ---- | M] () -- C:\Users\Philipp\janet_masonBB0810.mp4 [2012.10.07 09:29:05 | 000,001,532 | ---- | M] () -- C:\Users\Philipp\Desktop\The Walking Dead.lnk [2012.10.07 09:18:53 | 000,272,448 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.10.07 09:18:52 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk [2012.10.05 22:58:47 | 000,002,207 | ---- | M] () -- C:\Users\Philipp\Desktop\Google Chrome.lnk [2012.10.05 22:58:06 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.10.05 19:43:32 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.10.05 19:43:10 | 003,941,312 | ---- | M] (Piriform Ltd) -- C:\Users\Philipp\ccsetup323.exe [2012.10.05 13:24:59 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Philipp\HiJackThis204.exe [2012.10.05 12:55:35 | 000,001,997 | ---- | M] () -- C:\Users\Philipp\Desktop\JDownloader.lnk [2012.10.05 12:52:07 | 001,376,768 | ---- | M] () -- C:\Users\Philipp\7z920-x64.msi [2012.10.05 12:50:50 | 001,758,824 | ---- | M] () -- C:\Users\Philipp\winrar-x64-420d.exe [2012.10.05 03:29:37 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.10.05 02:38:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.10.05 02:20:44 | 000,933,256 | ---- | M] (DivX, LLC) -- C:\Users\Philipp\DivXInstaller.exe [2012.10.05 00:30:24 | 010,768,856 | ---- | M] (Xvid Team) -- C:\Users\Philipp\Xvid-1.3.2-20110601.exe [2012.10.05 00:29:20 | 009,889,896 | ---- | M] (CCCP Project ) -- C:\Users\Philipp\Combined-Community-Codec-Pack-2011-11-11.exe [2012.10.04 23:48:54 | 000,276,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.10.04 21:22:53 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPHILIPP-HP$.job [2012.10.04 21:08:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.10.04 21:08:55 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.10.04 20:56:23 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPhilipp.job [2012.10.04 20:33:57 | 000,002,139 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2012.10.04 20:21:41 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.10.04 20:19:46 | 102,500,872 | ---- | M] () -- C:\Users\Philipp\avira_free_antivirus_de.exe [2012.10.04 20:16:38 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.10.04 19:15:40 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat [2012.10.04 19:14:28 | 000,052,870 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.10.04 19:14:28 | 000,052,870 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.10.01 17:14:23 | 000,129,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.09.13 15:52:59 | 000,099,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.09 19:35:29 | 000,000,178 | ---- | C] () -- C:\Users\Philipp\defogger_reenable [2012.10.09 19:32:30 | 000,050,477 | ---- | C] () -- C:\Users\Philipp\Desktop\Defogger.exe [2012.10.09 17:25:23 | 050,316,886 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part11.rar [2012.10.09 16:52:47 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part10.rar [2012.10.09 16:20:12 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part09.rar [2012.10.09 15:47:37 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part08.rar [2012.10.09 15:15:02 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part07.rar [2012.10.09 14:51:17 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part06.rar [2012.10.09 14:27:33 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part05.rar [2012.10.09 14:03:47 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part04.rar [2012.10.09 13:39:50 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part03.rar [2012.10.09 13:16:05 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part02.rar [2012.10.09 12:57:38 | 111,111,111 | ---- | C] () -- C:\Users\Philipp\AdINDGNCS6-PiP.part01.rar [2012.10.09 02:20:01 | 004,320,054 | ---- | C] () -- C:\Users\Philipp\Desktop\Neue Bitmap.bmp [2012.10.09 01:53:24 | 000,538,327 | ---- | C] () -- C:\Users\Philipp\adwcleaner.exe [2012.10.08 22:31:45 | 000,001,218 | ---- | C] () -- C:\Users\Philipp\Desktop\Spybot - Search & Destroy.lnk [2012.10.08 21:45:39 | 372,864,081 | ---- | C] () -- C:\Users\Philipp\janet_masonBB0810.mp4 [2012.10.08 10:04:51 | 939,554,816 | ---- | C] () -- C:\Users\Philipp\Nachtasyl Xvid.avi [2012.10.07 10:17:23 | 1855,381,504 | ---- | C] () -- C:\Users\Philipp\Die.drei.Tage.des.Condor.1975.German.DL.BDRip.Xvid-iND.avi [2012.10.07 09:29:05 | 000,001,532 | ---- | C] () -- C:\Users\Philipp\Desktop\The Walking Dead.lnk [2012.10.07 09:18:52 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk [2012.10.07 07:12:31 | 000,005,283 | ---- | C] () -- C:\Users\Philipp\reloaded.nfo [2012.10.07 07:12:12 | 480,811,008 | ---- | C] () -- C:\Users\Philipp\rld-twdep1.iso [2012.10.07 07:11:56 | 000,004,940 | ---- | C] () -- C:\Users\Philipp\tinyiso.nfo [2012.10.07 07:11:07 | 1440,432,128 | ---- | C] () -- C:\Users\Philipp\t-twde2sfh.iso [2012.10.07 01:34:58 | 1561,972,736 | ---- | C] () -- C:\Users\Philipp\schnueffler.der.dvdrip.ac3.xvid.avi [2012.10.05 22:58:47 | 000,002,207 | ---- | C] () -- C:\Users\Philipp\Desktop\Google Chrome.lnk [2012.10.05 22:58:15 | 000,001,112 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.05 22:58:06 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.10.05 22:58:06 | 000,001,979 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.10.05 22:58:02 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.05 22:54:26 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.05 19:43:32 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.10.05 12:55:35 | 000,001,997 | ---- | C] () -- C:\Users\Philipp\Desktop\JDownloader.lnk [2012.10.05 12:55:33 | 000,001,961 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012.10.05 12:55:33 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2012.10.05 12:55:33 | 000,001,884 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012.10.05 12:52:07 | 001,376,768 | ---- | C] () -- C:\Users\Philipp\7z920-x64.msi [2012.10.05 12:50:50 | 001,758,824 | ---- | C] () -- C:\Users\Philipp\winrar-x64-420d.exe [2012.10.05 03:52:25 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll [2012.10.05 03:52:25 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012.10.05 03:52:25 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll [2012.10.05 03:52:25 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012.10.05 03:52:25 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax [2012.10.05 03:52:25 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax [2012.10.05 03:29:37 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.10.05 02:38:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.10.04 22:00:35 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2012.10.04 21:59:52 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2012.10.04 21:59:48 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2012.10.04 21:59:48 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2012.10.04 21:59:41 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2012.10.04 21:08:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.10.04 21:08:55 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.10.04 20:57:36 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPHILIPP-HP$.job [2012.10.04 20:51:57 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPhilipp.job [2012.10.04 20:33:57 | 000,002,139 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2012.10.04 20:21:41 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.10.04 20:18:44 | 102,500,872 | ---- | C] () -- C:\Users\Philipp\avira_free_antivirus_de.exe [2012.10.04 20:16:36 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.10.04 20:16:32 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.10.04 19:26:18 | 000,001,405 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.10.04 19:26:13 | 000,001,399 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.10.04 19:16:33 | 000,002,213 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk [2012.10.04 19:16:33 | 000,002,204 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk [2012.10.04 19:16:33 | 000,002,196 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk [2012.10.04 19:12:19 | 2106,478,591 | -HS- | C] () -- C:\hiberfil.sys [2012.10.04 19:12:19 | 2106,478,591 | -HS- | C] () -- \hiberfil.sys [2011.04.21 05:55:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.04.21 05:42:04 | 000,003,028 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2011.04.21 05:41:06 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.04.21 05:31:46 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.04.16 02:05:50 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.04.16 02:05:48 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.04.16 01:59:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2011.04.16 01:33:40 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2011.01.27 17:38:29 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini [2011.01.27 17:32:15 | 000,009,644 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2011.01.13 13:03:20 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009.09.07 03:57:12 | 000,383,562 | RHS- | C] () -- \bootmgr ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== ========== Purity Check ========== < End of report > |
|
10.10.2012, 08:31
| #2 |
| /// Malwareteam    | captcha problem bei google: Ungewöhnlicher Datenverkehr aus Ihrem Computernetzwerk Mein Name ist Marius und ich werde dir bei deinem Problem helfen. Eines vorneweg: Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist. Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
Vista und Win7 User Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten. Schritt 1: aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Schritt 2: Scan mit TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
10.10.2012, 12:21
| #3 |
| | captcha problem bei google: Ungewöhnlicher Datenverkehr aus Ihrem Computernetzwerk hallo marius
__________________vielen dank für deine hilfe. das mit den code tags mache ich natürlich! so hier die ergebnisse beider scans: 1.aswMBR Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-10 12:56:27
-----------------------------
12:56:27.904 OS Version: Windows x64 6.1.7601 Service Pack 1
12:56:27.904 Number of processors: 8 586 0x2A07
12:56:27.904 ComputerName: PHILIPP-HP UserName: Philipp
12:56:29.636 Initialize success
12:56:34.846 AVAST engine defs: 12100900
12:56:57.050 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:56:57.051 Disk 0 Vendor: Hitachi_ JE4O Size: 715404MB BusType: 3
12:56:57.060 Disk 0 MBR read successfully
12:56:57.062 Disk 0 MBR scan
12:56:57.087 Disk 0 Windows 7 default MBR code
12:56:57.089 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
12:56:57.106 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 698119 MB offset 409600
12:56:57.138 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16982 MB offset 1430157312
12:56:57.211 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 102 MB offset 1464936448
12:56:57.248 Disk 0 scanning C:\Windows\system32\drivers
12:57:07.614 Service scanning
12:57:33.658 Modules scanning
12:57:33.664 Disk 0 trace - called modules:
12:57:34.008 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
12:57:34.011 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007f9d790]
12:57:34.015 3 CLASSPNP.SYS[fffff880013bd43f] -> nt!IofCallDriver -> [0xfffffa8007e8eb10]
12:57:34.018 5 hpdskflt.sys[fffff88001699189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007d7c050]
12:57:35.923 AVAST engine scan C:\Windows
12:57:38.357 AVAST engine scan C:\Windows\system32
13:01:03.454 AVAST engine scan C:\Windows\system32\drivers
13:01:15.389 AVAST engine scan C:\Users\Philipp
13:09:59.862 AVAST engine scan C:\ProgramData
13:10:27.238 Scan finished successfully
13:12:06.955 Disk 0 MBR has been saved successfully to "C:\Users\Philipp\Desktop\MBR.dat"
13:12:06.958 The log file has been saved successfully to "C:\Users\Philipp\Desktop\aswMBR.txt"
Code:
ATTFilter 13:13:49.0473 4340 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
13:13:49.0527 4340 ============================================================
13:13:49.0527 4340 Current date / time: 2012/10/10 13:13:49.0527
13:13:49.0527 4340 SystemInfo:
13:13:49.0527 4340
13:13:49.0527 4340 OS Version: 6.1.7601 ServicePack: 1.0
13:13:49.0527 4340 Product type: Workstation
13:13:49.0527 4340 ComputerName: PHILIPP-HP
13:13:49.0527 4340 UserName: Philipp
13:13:49.0527 4340 Windows directory: C:\Windows
13:13:49.0527 4340 System windows directory: C:\Windows
13:13:49.0527 4340 Running under WOW64
13:13:49.0527 4340 Processor architecture: Intel x64
13:13:49.0527 4340 Number of processors: 8
13:13:49.0527 4340 Page size: 0x1000
13:13:49.0527 4340 Boot type: Normal boot
13:13:49.0527 4340 ============================================================
13:13:49.0991 4340 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:13:49.0995 4340 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:13:58.0006 4340 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:13:58.0355 4340 ============================================================
13:13:58.0355 4340 \Device\Harddisk0\DR0:
13:13:58.0370 4340 MBR partitions:
13:13:58.0370 4340 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:13:58.0370 4340 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x55383800
13:13:58.0370 4340 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x553E7800, BlocksNum 0x212B000
13:13:58.0370 4340 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
13:13:58.0370 4340 \Device\Harddisk1\DR1:
13:13:58.0371 4340 MBR partitions:
13:13:58.0371 4340 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
13:13:58.0371 4340 \Device\Harddisk2\DR2:
13:13:58.0371 4340 MBR partitions:
13:13:58.0371 4340 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
13:13:58.0371 4340 ============================================================
13:13:58.0400 4340 C: <-> \Device\Harddisk0\DR0\Partition2
13:13:58.0439 4340 D: <-> \Device\Harddisk0\DR0\Partition3
13:13:58.0578 4340 G: <-> \Device\Harddisk1\DR1\Partition1
13:13:58.0660 4340 I: <-> \Device\Harddisk2\DR2\Partition1
13:13:58.0660 4340 ============================================================
13:13:58.0660 4340 Initialize success
13:13:58.0660 4340 ============================================================
13:14:13.0080 4076 ============================================================
13:14:13.0080 4076 Scan started
13:14:13.0080 4076 Mode: Manual;
13:14:13.0080 4076 ============================================================
13:14:14.0140 4076 ================ Scan system memory ========================
13:14:14.0140 4076 System memory - ok
13:14:14.0141 4076 ================ Scan services =============================
13:14:14.0311 4076 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:14:14.0313 4076 1394ohci - ok
13:14:14.0339 4076 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
13:14:14.0339 4076 Accelerometer - ok
13:14:14.0371 4076 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:14:14.0374 4076 ACPI - ok
13:14:14.0404 4076 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:14:14.0404 4076 AcpiPmi - ok
13:14:14.0524 4076 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:14:14.0528 4076 AdobeARMservice - ok
13:14:14.0638 4076 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:14:14.0645 4076 AdobeFlashPlayerUpdateSvc - ok
13:14:14.0687 4076 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:14:14.0691 4076 adp94xx - ok
13:14:14.0705 4076 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:14:14.0716 4076 adpahci - ok
13:14:14.0741 4076 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:14:14.0742 4076 adpu320 - ok
13:14:14.0768 4076 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:14:14.0769 4076 AeLookupSvc - ok
13:14:14.0833 4076 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
13:14:14.0838 4076 AESTFilters - ok
13:14:14.0878 4076 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:14:14.0882 4076 AFD - ok
13:14:14.0911 4076 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:14:14.0911 4076 agp440 - ok
13:14:14.0929 4076 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:14:14.0930 4076 ALG - ok
13:14:14.0950 4076 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:14:14.0951 4076 aliide - ok
13:14:14.0986 4076 [ 46052887A640397A834CFA61D607BFC5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:14:14.0987 4076 AMD External Events Utility - ok
13:14:15.0008 4076 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:14:15.0008 4076 amdide - ok
13:14:15.0044 4076 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:14:15.0045 4076 AmdK8 - ok
13:14:15.0208 4076 [ F419E5CC07DECDAB85E4E6ADAB1DBB49 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:14:15.0355 4076 amdkmdag - ok
13:14:15.0386 4076 [ A2F3F99349169D53E91A953A6F539635 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:14:15.0387 4076 amdkmdap - ok
13:14:15.0423 4076 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:14:15.0424 4076 AmdPPM - ok
13:14:15.0452 4076 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:14:15.0453 4076 amdsata - ok
13:14:15.0474 4076 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:14:15.0476 4076 amdsbs - ok
13:14:15.0484 4076 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:14:15.0484 4076 amdxata - ok
13:14:15.0553 4076 [ 98A8B7D168D035FEFDEFA18F759115F6 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:14:15.0558 4076 AntiVirSchedulerService - ok
13:14:15.0590 4076 [ AAACAE485AE81D0A449FBC754880C791 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:14:15.0596 4076 AntiVirService - ok
13:14:15.0624 4076 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:14:15.0624 4076 AppID - ok
13:14:15.0646 4076 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:14:15.0647 4076 AppIDSvc - ok
13:14:15.0667 4076 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:14:15.0667 4076 Appinfo - ok
13:14:15.0699 4076 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:14:15.0700 4076 arc - ok
13:14:15.0703 4076 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:14:15.0703 4076 arcsas - ok
13:14:15.0715 4076 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:14:15.0715 4076 AsyncMac - ok
13:14:15.0751 4076 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:14:15.0752 4076 atapi - ok
13:14:15.0815 4076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:14:15.0821 4076 AudioEndpointBuilder - ok
13:14:15.0829 4076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:14:15.0833 4076 AudioSrv - ok
13:14:15.0856 4076 [ 25B63A3C24A5E0223A35DE2F0D9E0FAF ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:14:15.0857 4076 avgntflt - ok
13:14:15.0889 4076 [ A83691240C1568E6A3EAA5C86D9F8AE3 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:14:15.0890 4076 avipbb - ok
13:14:15.0893 4076 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:14:15.0893 4076 avkmgr - ok
13:14:15.0934 4076 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:14:15.0935 4076 AxInstSV - ok
13:14:15.0981 4076 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:14:15.0985 4076 b06bdrv - ok
13:14:16.0033 4076 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:14:16.0035 4076 b57nd60a - ok
13:14:16.0116 4076 [ 0E7A9264576B40638A3FBC804DE1FF76 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
13:14:16.0130 4076 BCM43XX - ok
13:14:16.0155 4076 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:14:16.0156 4076 BDESVC - ok
13:14:16.0194 4076 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:14:16.0195 4076 Beep - ok
13:14:16.0234 4076 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:14:16.0240 4076 BFE - ok
13:14:16.0264 4076 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:14:16.0272 4076 BITS - ok
13:14:16.0283 4076 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:14:16.0283 4076 blbdrive - ok
13:14:16.0315 4076 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:14:16.0316 4076 bowser - ok
13:14:16.0346 4076 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:14:16.0346 4076 BrFiltLo - ok
13:14:16.0349 4076 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:14:16.0349 4076 BrFiltUp - ok
13:14:16.0368 4076 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:14:16.0369 4076 Browser - ok
13:14:16.0389 4076 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:14:16.0391 4076 Brserid - ok
13:14:16.0405 4076 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:14:16.0406 4076 BrSerWdm - ok
13:14:16.0416 4076 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:14:16.0416 4076 BrUsbMdm - ok
13:14:16.0419 4076 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:14:16.0419 4076 BrUsbSer - ok
13:14:16.0422 4076 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:14:16.0422 4076 BTHMODEM - ok
13:14:16.0455 4076 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:14:16.0456 4076 bthserv - ok
13:14:16.0497 4076 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:14:16.0498 4076 cdfs - ok
13:14:16.0552 4076 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:14:16.0552 4076 cdrom - ok
13:14:16.0585 4076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:14:16.0586 4076 CertPropSvc - ok
13:14:16.0629 4076 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:14:16.0630 4076 circlass - ok
13:14:16.0662 4076 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:14:16.0665 4076 CLFS - ok
13:14:16.0729 4076 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
13:14:16.0760 4076 CLKMSVC10_38F51D56 - ok
13:14:16.0822 4076 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:14:16.0827 4076 clr_optimization_v2.0.50727_32 - ok
13:14:16.0889 4076 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:14:16.0894 4076 clr_optimization_v2.0.50727_64 - ok
13:14:16.0974 4076 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:14:16.0975 4076 clr_optimization_v4.0.30319_32 - ok
13:14:17.0006 4076 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:14:17.0007 4076 clr_optimization_v4.0.30319_64 - ok
13:14:17.0044 4076 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
13:14:17.0045 4076 clwvd - ok
13:14:17.0071 4076 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:14:17.0071 4076 CmBatt - ok
13:14:17.0099 4076 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:14:17.0099 4076 cmdide - ok
13:14:17.0152 4076 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:14:17.0156 4076 CNG - ok
13:14:17.0268 4076 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:14:17.0268 4076 Compbatt - ok
13:14:17.0306 4076 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:14:17.0307 4076 CompositeBus - ok
13:14:17.0319 4076 COMSysApp - ok
13:14:17.0335 4076 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:14:17.0335 4076 crcdisk - ok
13:14:17.0385 4076 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:14:17.0386 4076 CryptSvc - ok
13:14:17.0428 4076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:14:17.0433 4076 DcomLaunch - ok
13:14:17.0453 4076 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:14:17.0456 4076 defragsvc - ok
13:14:17.0487 4076 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:14:17.0488 4076 DfsC - ok
13:14:17.0522 4076 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:14:17.0525 4076 Dhcp - ok
13:14:17.0548 4076 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:14:17.0549 4076 discache - ok
13:14:17.0569 4076 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:14:17.0570 4076 Disk - ok
13:14:17.0593 4076 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:14:17.0599 4076 Dnscache - ok
13:14:17.0624 4076 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:14:17.0627 4076 dot3svc - ok
13:14:17.0652 4076 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:14:17.0654 4076 DPS - ok
13:14:17.0686 4076 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:14:17.0686 4076 drmkaud - ok
13:14:17.0719 4076 [ 1CECD1252261153C7873B5D9EB259D65 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:14:17.0720 4076 dtsoftbus01 - ok
13:14:17.0760 4076 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:14:17.0764 4076 DXGKrnl - ok
13:14:17.0788 4076 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:14:17.0789 4076 EapHost - ok
13:14:17.0863 4076 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:14:17.0919 4076 ebdrv - ok
13:14:17.0951 4076 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:14:17.0952 4076 EFS - ok
13:14:18.0014 4076 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:14:18.0029 4076 ehRecvr - ok
13:14:18.0043 4076 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:14:18.0050 4076 ehSched - ok
13:14:18.0081 4076 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:14:18.0086 4076 elxstor - ok
13:14:18.0111 4076 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:14:18.0112 4076 ErrDev - ok
13:14:18.0161 4076 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:14:18.0165 4076 EventSystem - ok
13:14:18.0174 4076 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:14:18.0176 4076 exfat - ok
13:14:18.0197 4076 ezSharedSvc - ok
13:14:18.0215 4076 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:14:18.0217 4076 fastfat - ok
13:14:18.0258 4076 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:14:18.0264 4076 Fax - ok
13:14:18.0289 4076 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:14:18.0290 4076 fdc - ok
13:14:18.0305 4076 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:14:18.0305 4076 fdPHost - ok
13:14:18.0318 4076 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:14:18.0319 4076 FDResPub - ok
13:14:18.0342 4076 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:14:18.0343 4076 FileInfo - ok
13:14:18.0371 4076 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:14:18.0372 4076 Filetrace - ok
13:14:18.0391 4076 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:14:18.0392 4076 flpydisk - ok
13:14:18.0421 4076 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:14:18.0423 4076 FltMgr - ok
13:14:18.0462 4076 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:14:18.0472 4076 FontCache - ok
13:14:18.0522 4076 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:14:18.0523 4076 FontCache3.0.0.0 - ok
13:14:18.0566 4076 [ CDC54DB949D1E2BBF86B0C7AB86B912E ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
13:14:18.0573 4076 FPLService - ok
13:14:18.0599 4076 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:14:18.0599 4076 FsDepends - ok
13:14:18.0640 4076 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:14:18.0640 4076 Fs_Rec - ok
13:14:18.0690 4076 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:14:18.0692 4076 fvevol - ok
13:14:18.0722 4076 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:14:18.0723 4076 gagp30kx - ok
13:14:18.0762 4076 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:14:18.0768 4076 gpsvc - ok
13:14:18.0818 4076 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:14:18.0819 4076 gupdate - ok
13:14:18.0852 4076 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:14:18.0852 4076 gupdatem - ok
13:14:18.0874 4076 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:14:18.0874 4076 hcw85cir - ok
13:14:18.0934 4076 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:14:18.0937 4076 HdAudAddService - ok
13:14:18.0971 4076 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:14:18.0972 4076 HDAudBus - ok
13:14:18.0994 4076 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:14:18.0995 4076 HidBatt - ok
13:14:18.0998 4076 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:14:18.0999 4076 HidBth - ok
13:14:19.0023 4076 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:14:19.0023 4076 HidIr - ok
13:14:19.0051 4076 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:14:19.0052 4076 hidserv - ok
13:14:19.0097 4076 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:14:19.0098 4076 HidUsb - ok
13:14:19.0127 4076 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:14:19.0129 4076 hkmsvc - ok
13:14:19.0191 4076 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:14:19.0193 4076 HomeGroupListener - ok
13:14:19.0218 4076 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:14:19.0220 4076 HomeGroupProvider - ok
13:14:19.0293 4076 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
13:14:19.0293 4076 HP Support Assistant Service - ok
13:14:19.0368 4076 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
13:14:19.0369 4076 HP Wireless Assistant Service - ok
13:14:19.0382 4076 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
13:14:19.0387 4076 HPClientSvc - ok
13:14:19.0428 4076 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:14:19.0433 4076 HPDrvMntSvc.exe - ok
13:14:19.0454 4076 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
13:14:19.0454 4076 hpdskflt - ok
13:14:19.0488 4076 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
13:14:19.0492 4076 hpqwmiex - ok
13:14:19.0523 4076 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:14:19.0523 4076 HpSAMD - ok
13:14:19.0550 4076 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
13:14:19.0550 4076 hpsrv - ok
13:14:19.0595 4076 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
13:14:19.0598 4076 HPWMISVC - ok
13:14:19.0640 4076 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:14:19.0646 4076 HTTP - ok
13:14:19.0679 4076 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:14:19.0679 4076 hwpolicy - ok
13:14:19.0711 4076 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:14:19.0712 4076 i8042prt - ok
13:14:19.0745 4076 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:14:19.0747 4076 iaStor - ok
13:14:19.0816 4076 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:14:19.0817 4076 IAStorDataMgrSvc - ok
13:14:19.0849 4076 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:14:19.0852 4076 iaStorV - ok
13:14:19.0906 4076 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:14:19.0931 4076 idsvc - ok
13:14:20.0126 4076 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:14:20.0305 4076 igfx - ok
13:14:20.0337 4076 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:14:20.0337 4076 iirsp - ok
13:14:20.0366 4076 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:14:20.0374 4076 IKEEXT - ok
13:14:20.0419 4076 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:14:20.0422 4076 IntcDAud - ok
13:14:20.0453 4076 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:14:20.0453 4076 intelide - ok
13:14:20.0671 4076 [ 6383899C5F964D71B0F96B81FBE59BB8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
13:14:20.0863 4076 intelkmd - ok
13:14:20.0891 4076 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:14:20.0892 4076 intelppm - ok
13:14:20.0911 4076 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:14:20.0912 4076 IPBusEnum - ok
13:14:20.0936 4076 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:14:20.0937 4076 IpFilterDriver - ok
13:14:21.0023 4076 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:14:21.0033 4076 iphlpsvc - ok
13:14:21.0056 4076 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:14:21.0057 4076 IPMIDRV - ok
13:14:21.0097 4076 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:14:21.0098 4076 IPNAT - ok
13:14:21.0114 4076 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:14:21.0115 4076 IRENUM - ok
13:14:21.0164 4076 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:14:21.0164 4076 isapnp - ok
13:14:21.0194 4076 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:14:21.0196 4076 iScsiPrt - ok
13:14:21.0220 4076 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:14:21.0221 4076 kbdclass - ok
13:14:21.0246 4076 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:14:21.0246 4076 kbdhid - ok
13:14:21.0263 4076 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:14:21.0265 4076 KeyIso - ok
13:14:21.0294 4076 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:14:21.0294 4076 KSecDD - ok
13:14:21.0310 4076 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:14:21.0311 4076 KSecPkg - ok
13:14:21.0336 4076 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:14:21.0336 4076 ksthunk - ok
13:14:21.0370 4076 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:14:21.0373 4076 KtmRm - ok
13:14:21.0404 4076 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:14:21.0407 4076 LanmanServer - ok
13:14:21.0425 4076 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:14:21.0427 4076 LanmanWorkstation - ok
13:14:21.0472 4076 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:14:21.0476 4076 LightScribeService - ok
13:14:21.0512 4076 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:14:21.0513 4076 lltdio - ok
13:14:21.0547 4076 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:14:21.0550 4076 lltdsvc - ok
13:14:21.0573 4076 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:14:21.0574 4076 lmhosts - ok
13:14:21.0646 4076 [ C463A25F01C6237295917417C5E9E344 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:14:21.0652 4076 LMS - ok
13:14:21.0686 4076 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:14:21.0687 4076 LSI_FC - ok
13:14:21.0690 4076 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:14:21.0691 4076 LSI_SAS - ok
13:14:21.0694 4076 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:14:21.0694 4076 LSI_SAS2 - ok
13:14:21.0697 4076 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:14:21.0698 4076 LSI_SCSI - ok
13:14:21.0717 4076 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:14:21.0718 4076 luafv - ok
13:14:21.0750 4076 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:14:21.0751 4076 Mcx2Svc - ok
13:14:21.0762 4076 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:14:21.0762 4076 megasas - ok
13:14:21.0778 4076 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:14:21.0780 4076 MegaSR - ok
13:14:21.0798 4076 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:14:21.0798 4076 MEIx64 - ok
13:14:21.0835 4076 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:14:21.0836 4076 MMCSS - ok
13:14:21.0853 4076 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:14:21.0853 4076 Modem - ok
13:14:21.0869 4076 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:14:21.0870 4076 monitor - ok
13:14:21.0897 4076 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
13:14:21.0897 4076 mouclass - ok
13:14:21.0918 4076 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:14:21.0918 4076 mouhid - ok
13:14:21.0949 4076 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:14:21.0950 4076 mountmgr - ok
13:14:21.0984 4076 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:14:21.0989 4076 MozillaMaintenance - ok
13:14:22.0016 4076 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:14:22.0017 4076 mpio - ok
13:14:22.0045 4076 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:14:22.0046 4076 mpsdrv - ok
13:14:22.0079 4076 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:14:22.0086 4076 MpsSvc - ok
13:14:22.0112 4076 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:14:22.0113 4076 MRxDAV - ok
13:14:22.0147 4076 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:14:22.0148 4076 mrxsmb - ok
13:14:22.0154 4076 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:14:22.0156 4076 mrxsmb10 - ok
13:14:22.0175 4076 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:14:22.0176 4076 mrxsmb20 - ok
13:14:22.0199 4076 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:14:22.0200 4076 msahci - ok
13:14:22.0209 4076 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:14:22.0210 4076 msdsm - ok
13:14:22.0219 4076 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:14:22.0221 4076 MSDTC - ok
13:14:22.0252 4076 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:14:22.0253 4076 Msfs - ok
13:14:22.0281 4076 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:14:22.0281 4076 mshidkmdf - ok
13:14:22.0301 4076 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:14:22.0302 4076 msisadrv - ok
13:14:22.0332 4076 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:14:22.0334 4076 MSiSCSI - ok
13:14:22.0336 4076 msiserver - ok
13:14:22.0367 4076 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:14:22.0368 4076 MSKSSRV - ok
13:14:22.0370 4076 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:14:22.0371 4076 MSPCLOCK - ok
13:14:22.0380 4076 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:14:22.0380 4076 MSPQM - ok
13:14:22.0416 4076 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:14:22.0419 4076 MsRPC - ok
13:14:22.0440 4076 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:14:22.0440 4076 mssmbios - ok
13:14:22.0476 4076 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:14:22.0476 4076 MSTEE - ok
13:14:22.0479 4076 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:14:22.0479 4076 MTConfig - ok
13:14:22.0486 4076 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:14:22.0487 4076 Mup - ok
13:14:22.0518 4076 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:14:22.0522 4076 napagent - ok
13:14:22.0569 4076 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:14:22.0571 4076 NativeWifiP - ok
13:14:22.0618 4076 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:14:22.0626 4076 NDIS - ok
13:14:22.0661 4076 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:14:22.0662 4076 NdisCap - ok
13:14:22.0681 4076 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:14:22.0681 4076 NdisTapi - ok
13:14:22.0719 4076 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:14:22.0719 4076 Ndisuio - ok
13:14:22.0747 4076 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:14:22.0748 4076 NdisWan - ok
13:14:22.0774 4076 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:14:22.0774 4076 NDProxy - ok
13:14:22.0809 4076 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:14:22.0809 4076 NetBIOS - ok
13:14:22.0822 4076 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:14:22.0824 4076 NetBT - ok
13:14:22.0841 4076 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:14:22.0842 4076 Netlogon - ok
13:14:22.0886 4076 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:14:22.0889 4076 Netman - ok
13:14:22.0897 4076 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:14:22.0900 4076 netprofm - ok
13:14:22.0932 4076 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:14:22.0939 4076 NetTcpPortSharing - ok
13:14:23.0041 4076 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
13:14:23.0120 4076 netw5v64 - ok
13:14:23.0148 4076 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:14:23.0149 4076 nfrd960 - ok
13:14:23.0221 4076 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:14:23.0224 4076 NlaSvc - ok
13:14:23.0242 4076 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:14:23.0243 4076 Npfs - ok
13:14:23.0268 4076 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:14:23.0269 4076 nsi - ok
13:14:23.0271 4076 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:14:23.0272 4076 nsiproxy - ok
13:14:23.0340 4076 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:14:23.0354 4076 Ntfs - ok
13:14:23.0413 4076 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:14:23.0414 4076 Null - ok
13:14:23.0448 4076 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
13:14:23.0449 4076 nusb3hub - ok
13:14:23.0454 4076 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:14:23.0455 4076 nusb3xhc - ok
13:14:23.0485 4076 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:14:23.0486 4076 nvraid - ok
13:14:23.0500 4076 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:14:23.0501 4076 nvstor - ok
13:14:23.0540 4076 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:14:23.0541 4076 nv_agp - ok
13:14:23.0565 4076 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:14:23.0565 4076 ohci1394 - ok
13:14:23.0600 4076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:14:23.0604 4076 p2pimsvc - ok
13:14:23.0627 4076 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:14:23.0631 4076 p2psvc - ok
13:14:23.0651 4076 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:14:23.0652 4076 Parport - ok
13:14:23.0678 4076 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:14:23.0679 4076 partmgr - ok
13:14:23.0699 4076 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:14:23.0701 4076 PcaSvc - ok
13:14:23.0719 4076 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:14:23.0721 4076 pci - ok
13:14:23.0748 4076 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:14:23.0749 4076 pciide - ok
13:14:23.0771 4076 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:14:23.0773 4076 pcmcia - ok
13:14:23.0790 4076 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:14:23.0791 4076 pcw - ok
13:14:23.0814 4076 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:14:23.0824 4076 PEAUTH - ok
13:14:23.0920 4076 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:14:23.0921 4076 PerfHost - ok
13:14:23.0962 4076 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:14:23.0975 4076 pla - ok
13:14:24.0012 4076 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:14:24.0016 4076 PlugPlay - ok
13:14:24.0029 4076 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:14:24.0030 4076 PNRPAutoReg - ok
13:14:24.0067 4076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:14:24.0069 4076 PNRPsvc - ok
13:14:24.0095 4076 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:14:24.0100 4076 PolicyAgent - ok
13:14:24.0122 4076 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:14:24.0125 4076 Power - ok
13:14:24.0143 4076 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:14:24.0144 4076 PptpMiniport - ok
13:14:24.0161 4076 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:14:24.0161 4076 Processor - ok
13:14:24.0196 4076 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:14:24.0199 4076 ProfSvc - ok
13:14:24.0208 4076 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:14:24.0209 4076 ProtectedStorage - ok
13:14:24.0231 4076 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:14:24.0232 4076 Psched - ok
13:14:24.0282 4076 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:14:24.0297 4076 ql2300 - ok
13:14:24.0300 4076 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:14:24.0301 4076 ql40xx - ok
13:14:24.0327 4076 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:14:24.0330 4076 QWAVE - ok
13:14:24.0346 4076 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:14:24.0347 4076 QWAVEdrv - ok
13:14:24.0359 4076 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:14:24.0359 4076 RasAcd - ok
13:14:24.0387 4076 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:14:24.0388 4076 RasAgileVpn - ok
13:14:24.0411 4076 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:14:24.0413 4076 RasAuto - ok
13:14:24.0432 4076 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:14:24.0433 4076 Rasl2tp - ok
13:14:24.0471 4076 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:14:24.0474 4076 RasMan - ok
13:14:24.0515 4076 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:14:24.0516 4076 RasPppoe - ok
13:14:24.0519 4076 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:14:24.0520 4076 RasSstp - ok
13:14:24.0545 4076 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:14:24.0547 4076 rdbss - ok
13:14:24.0560 4076 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:14:24.0561 4076 rdpbus - ok
13:14:24.0580 4076 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:14:24.0581 4076 RDPCDD - ok
13:14:24.0587 4076 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:14:24.0588 4076 RDPENCDD - ok
13:14:24.0610 4076 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:14:24.0610 4076 RDPREFMP - ok
13:14:24.0639 4076 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:14:24.0640 4076 RDPWD - ok
13:14:24.0681 4076 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:14:24.0682 4076 rdyboost - ok
13:14:24.0721 4076 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:14:24.0723 4076 RemoteAccess - ok
13:14:24.0751 4076 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:14:24.0753 4076 RemoteRegistry - ok
13:14:24.0762 4076 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:14:24.0763 4076 RpcEptMapper - ok
13:14:24.0773 4076 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:14:24.0774 4076 RpcLocator - ok
13:14:24.0807 4076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:14:24.0811 4076 RpcSs - ok
13:14:24.0853 4076 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
13:14:24.0855 4076 RSPCIESTOR - ok
13:14:24.0891 4076 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:14:24.0891 4076 rspndr - ok
13:14:24.0929 4076 [ 5D6A444BD37B52FF846387C87DCDF98A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:14:24.0931 4076 RTL8167 - ok
13:14:24.0941 4076 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:14:24.0942 4076 SamSs - ok
13:14:24.0971 4076 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:14:24.0971 4076 sbp2port - ok
13:14:25.0039 4076 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
13:14:25.0046 4076 SBSDWSCService - ok
13:14:25.0071 4076 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:14:25.0073 4076 SCardSvr - ok
13:14:25.0092 4076 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:14:25.0093 4076 scfilter - ok
13:14:25.0174 4076 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:14:25.0183 4076 Schedule - ok
13:14:25.0208 4076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:14:25.0209 4076 SCPolicySvc - ok
13:14:25.0242 4076 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
13:14:25.0243 4076 sdbus - ok
13:14:25.0268 4076 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:14:25.0271 4076 SDRSVC - ok
13:14:25.0298 4076 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:14:25.0298 4076 secdrv - ok
13:14:25.0314 4076 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:14:25.0315 4076 seclogon - ok
13:14:25.0346 4076 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:14:25.0347 4076 SENS - ok
13:14:25.0370 4076 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:14:25.0371 4076 SensrSvc - ok
13:14:25.0398 4076 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:14:25.0399 4076 Serenum - ok
13:14:25.0411 4076 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:14:25.0412 4076 Serial - ok
13:14:25.0441 4076 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:14:25.0442 4076 sermouse - ok
13:14:25.0481 4076 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:14:25.0482 4076 SessionEnv - ok
13:14:25.0512 4076 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:14:25.0512 4076 sffdisk - ok
13:14:25.0530 4076 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:14:25.0530 4076 sffp_mmc - ok
13:14:25.0543 4076 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:14:25.0543 4076 sffp_sd - ok
13:14:25.0579 4076 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:14:25.0579 4076 sfloppy - ok
13:14:25.0607 4076 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:14:25.0610 4076 SharedAccess - ok
13:14:25.0639 4076 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:14:25.0642 4076 ShellHWDetection - ok
13:14:25.0669 4076 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:14:25.0669 4076 SiSRaid2 - ok
13:14:25.0672 4076 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:14:25.0673 4076 SiSRaid4 - ok
13:14:25.0685 4076 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:14:25.0686 4076 Smb - ok
13:14:25.0734 4076 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:14:25.0736 4076 SNMPTRAP - ok
13:14:25.0750 4076 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:14:25.0750 4076 spldr - ok
13:14:25.0769 4076 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:14:25.0773 4076 Spooler - ok
13:14:25.0839 4076 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:14:25.0890 4076 sppsvc - ok
13:14:25.0913 4076 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:14:25.0915 4076 sppuinotify - ok
13:14:25.0938 4076 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:14:25.0942 4076 srv - ok
13:14:25.0957 4076 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:14:25.0959 4076 srv2 - ok
13:14:25.0993 4076 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:14:25.0995 4076 SrvHsfHDA - ok
13:14:26.0026 4076 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:14:26.0039 4076 SrvHsfV92 - ok
13:14:26.0052 4076 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:14:26.0058 4076 SrvHsfWinac - ok
13:14:26.0073 4076 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:14:26.0074 4076 srvnet - ok
13:14:26.0105 4076 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:14:26.0108 4076 SSDPSRV - ok
13:14:26.0111 4076 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:14:26.0113 4076 SstpSvc - ok
13:14:26.0177 4076 [ 7C49A5E1943AFDA4672D80726AF3BAE4 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
13:14:26.0183 4076 STacSV - ok
13:14:26.0213 4076 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:14:26.0213 4076 stexstor - ok
13:14:26.0257 4076 [ 0AAD250A31A7EE96E0945AB9E1F3BAA7 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
13:14:26.0261 4076 STHDA - ok
13:14:26.0298 4076 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:14:26.0305 4076 stisvc - ok
13:14:26.0319 4076 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:14:26.0319 4076 swenum - ok
13:14:26.0351 4076 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:14:26.0356 4076 swprv - ok
13:14:26.0378 4076 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:14:26.0380 4076 SynTP - ok
13:14:26.0425 4076 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:14:26.0440 4076 SysMain - ok
13:14:26.0460 4076 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:14:26.0462 4076 TabletInputService - ok
13:14:26.0471 4076 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:14:26.0475 4076 TapiSrv - ok
13:14:26.0501 4076 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:14:26.0503 4076 TBS - ok
13:14:26.0553 4076 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:14:26.0570 4076 Tcpip - ok
13:14:26.0620 4076 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:14:26.0629 4076 TCPIP6 - ok
13:14:26.0664 4076 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:14:26.0665 4076 tcpipreg - ok
13:14:26.0690 4076 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:14:26.0691 4076 TDPIPE - ok
13:14:26.0714 4076 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:14:26.0715 4076 TDTCP - ok
13:14:26.0747 4076 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:14:26.0748 4076 tdx - ok
13:14:26.0767 4076 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:14:26.0767 4076 TermDD - ok
13:14:26.0791 4076 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:14:26.0798 4076 TermService - ok
13:14:26.0819 4076 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:14:26.0821 4076 Themes - ok
13:14:26.0835 4076 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:14:26.0836 4076 THREADORDER - ok
13:14:26.0846 4076 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:14:26.0848 4076 TrkWks - ok
13:14:26.0897 4076 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:14:26.0898 4076 TrustedInstaller - ok
13:14:26.0920 4076 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:14:26.0921 4076 tssecsrv - ok
13:14:26.0955 4076 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:14:26.0956 4076 TsUsbFlt - ok
13:14:26.0997 4076 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:14:26.0998 4076 tunnel - ok
13:14:27.0018 4076 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:14:27.0019 4076 uagp35 - ok
13:14:27.0041 4076 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:14:27.0044 4076 udfs - ok
13:14:27.0072 4076 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:14:27.0073 4076 UI0Detect - ok
13:14:27.0111 4076 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:14:27.0112 4076 uliagpkx - ok
13:14:27.0187 4076 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:14:27.0187 4076 umbus - ok
13:14:27.0213 4076 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:14:27.0214 4076 UmPass - ok
13:14:27.0308 4076 [ 3A1ECEF8D49FC1A786A6CCD5A86A8878 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:14:27.0329 4076 UNS - ok
13:14:27.0358 4076 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:14:27.0362 4076 upnphost - ok
13:14:27.0389 4076 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:14:27.0390 4076 usbccgp - ok
13:14:27.0417 4076 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:14:27.0418 4076 usbcir - ok
13:14:27.0437 4076 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:14:27.0437 4076 usbehci - ok
13:14:27.0448 4076 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:14:27.0450 4076 usbhub - ok
13:14:27.0487 4076 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:14:27.0488 4076 usbohci - ok
13:14:27.0517 4076 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:14:27.0517 4076 usbprint - ok
13:14:27.0532 4076 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:14:27.0533 4076 USBSTOR - ok
13:14:27.0568 4076 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:14:27.0569 4076 usbuhci - ok
13:14:27.0602 4076 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:14:27.0603 4076 usbvideo - ok
13:14:27.0615 4076 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:14:27.0617 4076 UxSms - ok
13:14:27.0630 4076 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:14:27.0632 4076 VaultSvc - ok
13:14:27.0654 4076 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:14:27.0654 4076 vdrvroot - ok
13:14:27.0683 4076 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:14:27.0689 4076 vds - ok
13:14:27.0709 4076 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:14:27.0709 4076 vga - ok
13:14:27.0717 4076 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:14:27.0717 4076 VgaSave - ok
13:14:27.0733 4076 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:14:27.0734 4076 vhdmp - ok
13:14:27.0761 4076 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:14:27.0762 4076 viaide - ok
13:14:27.0780 4076 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:14:27.0780 4076 volmgr - ok
13:14:27.0804 4076 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:14:27.0807 4076 volmgrx - ok
13:14:27.0820 4076 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:14:27.0822 4076 volsnap - ok
13:14:27.0844 4076 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:14:27.0845 4076 vsmraid - ok
13:14:27.0881 4076 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:14:27.0894 4076 VSS - ok
13:14:27.0918 4076 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:14:27.0919 4076 vwifibus - ok
13:14:27.0945 4076 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:14:27.0946 4076 vwififlt - ok
13:14:27.0984 4076 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:14:27.0989 4076 W32Time - ok
13:14:28.0014 4076 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:14:28.0015 4076 WacomPen - ok
13:14:28.0051 4076 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:14:28.0052 4076 WANARP - ok
13:14:28.0055 4076 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:14:28.0055 4076 Wanarpv6 - ok
13:14:28.0099 4076 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:14:28.0114 4076 wbengine - ok
13:14:28.0130 4076 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:14:28.0132 4076 WbioSrvc - ok
13:14:28.0161 4076 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:14:28.0165 4076 wcncsvc - ok
13:14:28.0172 4076 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:14:28.0174 4076 WcsPlugInService - ok
13:14:28.0195 4076 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:14:28.0195 4076 Wd - ok
13:14:28.0220 4076 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:14:28.0226 4076 Wdf01000 - ok
13:14:28.0234 4076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:14:28.0236 4076 WdiServiceHost - ok
13:14:28.0238 4076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:14:28.0240 4076 WdiSystemHost - ok
13:14:28.0264 4076 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:14:28.0267 4076 WebClient - ok
13:14:28.0296 4076 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:14:28.0299 4076 Wecsvc - ok
13:14:28.0306 4076 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:14:28.0307 4076 wercplsupport - ok
13:14:28.0322 4076 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:14:28.0324 4076 WerSvc - ok
13:14:28.0346 4076 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:14:28.0346 4076 WfpLwf - ok
13:14:28.0352 4076 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:14:28.0353 4076 WIMMount - ok
13:14:28.0368 4076 WinDefend - ok
13:14:28.0370 4076 WinHttpAutoProxySvc - ok
13:14:28.0425 4076 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:14:28.0432 4076 Winmgmt - ok
13:14:28.0481 4076 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:14:28.0500 4076 WinRM - ok
13:14:28.0533 4076 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
13:14:28.0533 4076 WinUsb - ok
13:14:28.0563 4076 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:14:28.0571 4076 Wlansvc - ok
13:14:28.0644 4076 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:14:28.0662 4076 wlidsvc - ok
13:14:28.0690 4076 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:14:28.0691 4076 WmiAcpi - ok
13:14:28.0711 4076 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:14:28.0718 4076 wmiApSrv - ok
13:14:28.0750 4076 WMPNetworkSvc - ok
13:14:28.0771 4076 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:14:28.0772 4076 WPCSvc - ok
13:14:28.0811 4076 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:14:28.0813 4076 WPDBusEnum - ok
13:14:28.0829 4076 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:14:28.0830 4076 ws2ifsl - ok
13:14:28.0858 4076 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:14:28.0860 4076 wscsvc - ok
13:14:28.0862 4076 WSearch - ok
13:14:28.0912 4076 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:14:28.0934 4076 wuauserv - ok
13:14:28.0946 4076 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:14:28.0947 4076 WudfPf - ok
13:14:28.0969 4076 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:14:28.0971 4076 WUDFRd - ok
13:14:29.0000 4076 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:14:29.0002 4076 wudfsvc - ok
13:14:29.0026 4076 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:14:29.0029 4076 WwanSvc - ok
13:14:29.0080 4076 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
13:14:29.0081 4076 xusb21 - ok
13:14:29.0127 4076 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
13:14:29.0130 4076 yukonw7 - ok
13:14:29.0164 4076 ================ Scan global ===============================
13:14:29.0183 4076 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:14:29.0207 4076 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
13:14:29.0212 4076 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
13:14:29.0244 4076 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:14:29.0261 4076 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:14:29.0264 4076 [Global] - ok
13:14:29.0264 4076 ================ Scan MBR ==================================
13:14:29.0273 4076 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:14:29.0476 4076 \Device\Harddisk0\DR0 - ok
13:14:29.0522 4076 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
13:14:29.0527 4076 \Device\Harddisk1\DR1 - ok
13:14:29.0530 4076 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
13:14:29.0535 4076 \Device\Harddisk2\DR2 - ok
13:14:29.0535 4076 ================ Scan VBR ==================================
13:14:29.0549 4076 [ E8490233D49EB59ED796150A2309A1B6 ] \Device\Harddisk0\DR0\Partition1
13:14:29.0551 4076 \Device\Harddisk0\DR0\Partition1 - ok
13:14:29.0563 4076 [ B1FCE402811448E578546991ACD46C44 ] \Device\Harddisk0\DR0\Partition2
13:14:29.0565 4076 \Device\Harddisk0\DR0\Partition2 - ok
13:14:29.0595 4076 [ A2CF05E9E59BD68EDB3F8ABF38FF0E56 ] \Device\Harddisk0\DR0\Partition3
13:14:29.0597 4076 \Device\Harddisk0\DR0\Partition3 - ok
13:14:29.0613 4076 [ 8044D3FAFAE0FA8135FEC11B5B6FC57B ] \Device\Harddisk0\DR0\Partition4
13:14:29.0614 4076 \Device\Harddisk0\DR0\Partition4 - ok
13:14:29.0616 4076 [ AD070B07AF1E87864EDBB0635E9F85FE ] \Device\Harddisk1\DR1\Partition1
13:14:29.0619 4076 \Device\Harddisk1\DR1\Partition1 - ok
13:14:29.0621 4076 [ 2C2496704A8CF5E9F9EBA3618C893DCD ] \Device\Harddisk2\DR2\Partition1
13:14:29.0623 4076 \Device\Harddisk2\DR2\Partition1 - ok
13:14:29.0624 4076 ============================================================
13:14:29.0624 4076 Scan finished
13:14:29.0624 4076 ============================================================
13:14:29.0630 6028 Detected object count: 0
13:14:29.0630 6028 Actual detected object count: 0
13:15:17.0852 2384 Deinitialize success
|
|
10.10.2012, 12:44
| #4 | |
| /// Malwareteam | captcha problem bei google: Ungewöhnlicher Datenverkehr aus Ihrem Computernetzwerk Hast du - aber wer illegale Software runterlädt und nutzt, ist selber schuld! Zitat:
 Alleine der Besuch auf Seiten, welche diese Dateien zum Download anbieten, beinhaltet ein hohes Risiko sich zu infizieren. Wenn Du den Crack startest, startest du eine ausführbare Datei aus einer sehr dubiosen Quelle. Im Quellcode der Datei kann alles mögliche stehen. ( z.B downloaden und ausführen von Malwaredateien ) Dies ist einer der Hauptursachen für Infektionen. Ausserdem sind Cracks, Keygens, usw. illegal und das ist genauso Diebstahl wie in einem Laden. Darum haben wir uns darauf geeinigt: Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden. Deshalb beschränkt sich unsere Hilfe für dich auf eine Anleitung zur Neuinstallation und Absicherung des Systems
__________________ Kein Asylrecht für Trojaner!  Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
| Themen zu captcha problem bei google: Ungewöhnlicher Datenverkehr aus Ihrem Computernetzwerk |
| antivir, antivirus, avira, bho, browser, ccsetup, computer, error, firefox, flash player, frage, google, helper, hijack, hijackthis, home, homepage, igdpmd64.sys, launch, logfile, mozilla, plug-in, problem, realtek, registry, safer networking, scan, software, ungewöhnlicher datenverkehr, usb, usb 3.0, windows |
Linear-Darstellung
