| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: ChatZum entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.10.2012, 23:31
| #1 |
| |  ChatZum entfernen Hallo, bin aufgrund von Problemen mit Chatzum auf dieses Board gestoßen, habe schon einige Schritte gemacht, adaware wurde durchgeführt, sowie Malwarebytes und der tdss killer,nach der Ausführung von adaware war chatzum endlich weg, nichtsdestotrotz bin ich nicht sicher ob wirklich alles weg ist.. Was ist das eigentlich, also chatzum, kein Trojaner oder? gruß mjay PS: Nachdem ich alle Programme installiert hatte welche hier empfohlen werdem, habe ich das Problem das Windows ständig am laden ist also neber dem Maussymbol erscheint ständig das Ladeymbol obwohl ich garnichts mache -.- |
|
19.10.2012, 13:08
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | ChatZum entfernen Ohne die Logs von Malwarebytes und Co wird das hier nichts.
__________________ Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
19.10.2012, 14:57
| #3 |
| | ChatZum entfernenCode:
ATTFilter 00:06:41.0252 4928 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
00:06:41.0439 4928 ============================================================
00:06:41.0439 4928 Current date / time: 2012/10/19 00:06:41.0439
00:06:41.0439 4928 SystemInfo:
00:06:41.0439 4928
00:06:41.0439 4928 OS Version: 6.1.7600 ServicePack: 0.0
00:06:41.0439 4928 Product type: Workstation
00:06:41.0439 4928 ComputerName: MARIUS-PC
00:06:41.0439 4928 UserName: Marius
00:06:41.0439 4928 Windows directory: C:\Windows
00:06:41.0439 4928 System windows directory: C:\Windows
00:06:41.0439 4928 Processor architecture: Intel x86
00:06:41.0439 4928 Number of processors: 4
00:06:41.0439 4928 Page size: 0x1000
00:06:41.0439 4928 Boot type: Normal boot
00:06:41.0439 4928 ============================================================
00:06:41.0903 4928 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:06:41.0904 4928 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:06:41.0932 4928 ============================================================
00:06:41.0932 4928 \Device\Harddisk1\DR1:
00:06:41.0933 4928 MBR partitions:
00:06:41.0933 4928 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:06:41.0933 4928 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
00:06:41.0933 4928 \Device\Harddisk0\DR0:
00:06:41.0933 4928 MBR partitions:
00:06:41.0933 4928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xEE7B000
00:06:41.0933 4928 ============================================================
00:06:41.0934 4928 C: <-> \Device\Harddisk0\DR0\Partition1
00:06:41.0949 4928 D: <-> \Device\Harddisk1\DR1\Partition2
00:06:41.0949 4928 ============================================================
00:06:41.0949 4928 Initialize success
00:06:41.0949 4928 ============================================================
00:07:00.0081 5276 ============================================================
00:07:00.0081 5276 Scan started
00:07:00.0081 5276 Mode: Manual; SigCheck; TDLFS;
00:07:00.0081 5276 ============================================================
00:07:00.0708 5276 ================ Scan system memory ========================
00:07:00.0708 5276 System memory - ok
00:07:00.0708 5276 ================ Scan services =============================
00:07:00.0755 5276 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
00:07:00.0808 5276 1394ohci - ok
00:07:00.0817 5276 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
00:07:00.0833 5276 ACPI - ok
00:07:00.0840 5276 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
00:07:00.0862 5276 AcpiPmi - ok
00:07:00.0867 5276 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
00:07:00.0878 5276 AdobeARMservice - ok
00:07:00.0887 5276 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:07:00.0910 5276 AdobeFlashPlayerUpdateSvc - ok
00:07:00.0918 5276 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:07:00.0943 5276 adp94xx - ok
00:07:00.0952 5276 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:07:00.0976 5276 adpahci - ok
00:07:00.0981 5276 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:07:01.0001 5276 adpu320 - ok
00:07:01.0008 5276 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:07:01.0030 5276 AeLookupSvc - ok
00:07:01.0037 5276 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
00:07:01.0068 5276 AFD - ok
00:07:01.0073 5276 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
00:07:01.0092 5276 agp440 - ok
00:07:01.0098 5276 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
00:07:01.0116 5276 aic78xx - ok
00:07:01.0121 5276 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
00:07:01.0141 5276 ALG - ok
00:07:01.0146 5276 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
00:07:01.0161 5276 aliide - ok
00:07:01.0166 5276 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
00:07:01.0183 5276 amdagp - ok
00:07:01.0188 5276 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
00:07:01.0203 5276 amdide - ok
00:07:01.0208 5276 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:07:01.0228 5276 AmdK8 - ok
00:07:01.0232 5276 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:07:01.0253 5276 AmdPPM - ok
00:07:01.0258 5276 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:07:01.0277 5276 amdsata - ok
00:07:01.0283 5276 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:07:01.0303 5276 amdsbs - ok
00:07:01.0308 5276 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:07:01.0325 5276 amdxata - ok
00:07:01.0332 5276 [ 98A8B7D168D035FEFDEFA18F759115F6 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
00:07:01.0343 5276 AntiVirSchedulerService - ok
00:07:01.0348 5276 [ AAACAE485AE81D0A449FBC754880C791 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
00:07:01.0358 5276 AntiVirService - ok
00:07:01.0363 5276 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
00:07:01.0383 5276 AppID - ok
00:07:01.0388 5276 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:07:01.0418 5276 AppIDSvc - ok
00:07:01.0423 5276 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
00:07:01.0441 5276 Appinfo - ok
00:07:01.0448 5276 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:07:01.0458 5276 Apple Mobile Device - ok
00:07:01.0465 5276 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
00:07:01.0485 5276 AppMgmt - ok
00:07:01.0491 5276 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:07:01.0508 5276 arc - ok
00:07:01.0515 5276 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:07:01.0533 5276 arcsas - ok
00:07:01.0548 5276 [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:07:01.0570 5276 aspnet_state - ok
00:07:01.0575 5276 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:07:01.0618 5276 AsyncMac - ok
00:07:01.0623 5276 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
00:07:01.0635 5276 atapi - ok
00:07:01.0645 5276 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:07:01.0691 5276 AudioEndpointBuilder - ok
00:07:01.0702 5276 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:07:01.0732 5276 Audiosrv - ok
00:07:01.0738 5276 [ 583B68234A159BA64090F3CAE7360F03 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
00:07:01.0760 5276 avgntflt - ok
00:07:01.0766 5276 [ C499333D8915597FE415F0058EFFD7D2 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
00:07:01.0786 5276 avipbb - ok
00:07:01.0791 5276 [ 52EC5F852B42136C513B9009A3C27891 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
00:07:01.0806 5276 avkmgr - ok
00:07:01.0811 5276 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:07:01.0835 5276 AxInstSV - ok
00:07:01.0845 5276 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
00:07:01.0871 5276 b06bdrv - ok
00:07:01.0878 5276 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
00:07:01.0900 5276 b57nd60x - ok
00:07:01.0907 5276 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
00:07:01.0927 5276 BDESVC - ok
00:07:01.0932 5276 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
00:07:01.0961 5276 Beep - ok
00:07:01.0971 5276 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
00:07:02.0012 5276 BFE - ok
00:07:02.0023 5276 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
00:07:02.0070 5276 BITS - ok
00:07:02.0075 5276 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:07:02.0093 5276 blbdrive - ok
00:07:02.0101 5276 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:07:02.0116 5276 Bonjour Service - ok
00:07:02.0121 5276 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:07:02.0141 5276 bowser - ok
00:07:02.0145 5276 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:07:02.0163 5276 BrFiltLo - ok
00:07:02.0167 5276 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:07:02.0186 5276 BrFiltUp - ok
00:07:02.0191 5276 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
00:07:02.0212 5276 Browser - ok
00:07:02.0221 5276 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:07:02.0246 5276 Brserid - ok
00:07:02.0251 5276 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:07:02.0271 5276 BrSerWdm - ok
00:07:02.0276 5276 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:07:02.0293 5276 BrUsbMdm - ok
00:07:02.0297 5276 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:07:02.0315 5276 BrUsbSer - ok
00:07:02.0318 5276 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:07:02.0340 5276 BTHMODEM - ok
00:07:02.0347 5276 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
00:07:02.0381 5276 bthserv - ok
00:07:02.0386 5276 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:07:02.0417 5276 cdfs - ok
00:07:02.0423 5276 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:07:02.0445 5276 cdrom - ok
00:07:02.0450 5276 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
00:07:02.0482 5276 CertPropSvc - ok
00:07:02.0487 5276 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:07:02.0507 5276 circlass - ok
00:07:02.0515 5276 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
00:07:02.0537 5276 CLFS - ok
00:07:02.0545 5276 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:07:02.0562 5276 clr_optimization_v2.0.50727_32 - ok
00:07:02.0567 5276 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:07:02.0590 5276 clr_optimization_v4.0.30319_32 - ok
00:07:02.0593 5276 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:07:02.0611 5276 CmBatt - ok
00:07:02.0615 5276 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
00:07:02.0631 5276 cmdide - ok
00:07:02.0655 5276 [ DE5D111C449361E41DCC54CA322F786C ] cmudaxp C:\Windows\system32\drivers\cmudaxp.sys
00:07:02.0701 5276 cmudaxp ( UnsignedFile.Multi.Generic ) - warning
00:07:02.0701 5276 cmudaxp - detected UnsignedFile.Multi.Generic (1)
00:07:02.0710 5276 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
00:07:02.0743 5276 CNG - ok
00:07:02.0748 5276 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:07:02.0763 5276 Compbatt - ok
00:07:02.0768 5276 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:07:02.0787 5276 CompositeBus - ok
00:07:02.0791 5276 COMSysApp - ok
00:07:02.0797 5276 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:07:02.0813 5276 crcdisk - ok
00:07:02.0821 5276 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:07:02.0843 5276 CryptSvc - ok
00:07:02.0852 5276 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
00:07:02.0881 5276 CSC - ok
00:07:02.0891 5276 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
00:07:02.0911 5276 CscService - ok
00:07:02.0922 5276 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
00:07:02.0953 5276 DcomLaunch - ok
00:07:02.0961 5276 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
00:07:02.0997 5276 defragsvc - ok
00:07:03.0003 5276 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:07:03.0022 5276 DfsC - ok
00:07:03.0030 5276 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:07:03.0061 5276 Dhcp - ok
00:07:03.0066 5276 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
00:07:03.0097 5276 discache - ok
00:07:03.0102 5276 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:07:03.0119 5276 Disk - ok
00:07:03.0126 5276 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:07:03.0148 5276 Dnscache - ok
00:07:03.0154 5276 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
00:07:03.0192 5276 dot3svc - ok
00:07:03.0198 5276 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
00:07:03.0227 5276 DPS - ok
00:07:03.0231 5276 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:07:03.0249 5276 drmkaud - ok
00:07:03.0262 5276 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:07:03.0293 5276 DXGKrnl - ok
00:07:03.0299 5276 [ CF0A6015F437161698C5B2A0A12CF052 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
00:07:03.0322 5276 e1express - ok
00:07:03.0327 5276 [ 22EF8965101685ADD128F03A2B03CE16 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
00:07:03.0348 5276 E1G60 - ok
00:07:03.0353 5276 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
00:07:03.0386 5276 EapHost - ok
00:07:03.0422 5276 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
00:07:03.0487 5276 ebdrv - ok
00:07:03.0492 5276 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
00:07:03.0511 5276 EFS - ok
00:07:03.0522 5276 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:07:03.0553 5276 ehRecvr - ok
00:07:03.0558 5276 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
00:07:03.0578 5276 ehSched - ok
00:07:03.0588 5276 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:07:03.0616 5276 elxstor - ok
00:07:03.0619 5276 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
00:07:03.0637 5276 ErrDev - ok
00:07:03.0648 5276 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
00:07:03.0686 5276 EventSystem - ok
00:07:03.0692 5276 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
00:07:03.0724 5276 exfat - ok
00:07:03.0732 5276 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:07:03.0764 5276 fastfat - ok
00:07:03.0776 5276 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
00:07:03.0796 5276 Fax - ok
00:07:03.0799 5276 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:07:03.0817 5276 fdc - ok
00:07:03.0822 5276 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
00:07:03.0852 5276 fdPHost - ok
00:07:03.0857 5276 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
00:07:03.0888 5276 FDResPub - ok
00:07:03.0893 5276 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:07:03.0911 5276 FileInfo - ok
00:07:03.0914 5276 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:07:03.0946 5276 Filetrace - ok
00:07:03.0949 5276 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:07:03.0967 5276 flpydisk - ok
00:07:03.0973 5276 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:07:03.0996 5276 FltMgr - ok
00:07:04.0009 5276 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
00:07:04.0039 5276 FontCache - ok
00:07:04.0044 5276 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:07:04.0059 5276 FontCache3.0.0.0 - ok
00:07:04.0064 5276 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:07:04.0081 5276 FsDepends - ok
00:07:04.0086 5276 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:07:04.0102 5276 Fs_Rec - ok
00:07:04.0109 5276 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:07:04.0136 5276 fvevol - ok
00:07:04.0141 5276 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:07:04.0158 5276 gagp30kx - ok
00:07:04.0163 5276 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:07:04.0176 5276 GEARAspiWDM - ok
00:07:04.0187 5276 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
00:07:04.0221 5276 gpsvc - ok
00:07:04.0227 5276 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:07:04.0237 5276 gupdate - ok
00:07:04.0242 5276 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:07:04.0252 5276 gupdatem - ok
00:07:04.0258 5276 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:07:04.0278 5276 gusvc - ok
00:07:04.0283 5276 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:07:04.0301 5276 hcw85cir - ok
00:07:04.0309 5276 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:07:04.0336 5276 HdAudAddService - ok
00:07:04.0342 5276 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:07:04.0358 5276 HDAudBus - ok
00:07:04.0362 5276 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:07:04.0379 5276 HidBatt - ok
00:07:04.0384 5276 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:07:04.0406 5276 HidBth - ok
00:07:04.0411 5276 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:07:04.0429 5276 HidIr - ok
00:07:04.0434 5276 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
00:07:04.0467 5276 hidserv - ok
00:07:04.0472 5276 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:07:04.0489 5276 HidUsb - ok
00:07:04.0494 5276 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:07:04.0528 5276 hkmsvc - ok
00:07:04.0534 5276 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:07:04.0559 5276 HomeGroupListener - ok
00:07:04.0566 5276 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:07:04.0589 5276 HomeGroupProvider - ok
00:07:04.0596 5276 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
00:07:04.0613 5276 HpSAMD - ok
00:07:04.0623 5276 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:07:04.0667 5276 HTTP - ok
00:07:04.0672 5276 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:07:04.0687 5276 hwpolicy - ok
00:07:04.0693 5276 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:07:04.0713 5276 i8042prt - ok
00:07:04.0721 5276 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:07:04.0746 5276 iaStorV - ok
00:07:04.0761 5276 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:07:04.0807 5276 idsvc - ok
00:07:04.0812 5276 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:07:04.0828 5276 iirsp - ok
00:07:04.0842 5276 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
00:07:04.0888 5276 IKEEXT - ok
00:07:04.0896 5276 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
00:07:04.0911 5276 intelide - ok
00:07:04.0916 5276 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:07:04.0929 5276 intelppm - ok
00:07:04.0934 5276 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:07:04.0969 5276 IPBusEnum - ok
00:07:04.0973 5276 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:07:05.0006 5276 IpFilterDriver - ok
00:07:05.0016 5276 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:07:05.0048 5276 iphlpsvc - ok
00:07:05.0053 5276 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:07:05.0073 5276 IPMIDRV - ok
00:07:05.0078 5276 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:07:05.0114 5276 IPNAT - ok
00:07:05.0128 5276 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:07:05.0164 5276 iPod Service - ok
00:07:05.0169 5276 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:07:05.0188 5276 IRENUM - ok
00:07:05.0193 5276 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
00:07:05.0211 5276 isapnp - ok
00:07:05.0217 5276 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:07:05.0239 5276 iScsiPrt - ok
00:07:05.0244 5276 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:07:05.0262 5276 kbdclass - ok
00:07:05.0267 5276 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:07:05.0284 5276 kbdhid - ok
00:07:05.0288 5276 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
00:07:05.0302 5276 KeyIso - ok
00:07:05.0307 5276 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:07:05.0326 5276 KSecDD - ok
00:07:05.0332 5276 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:07:05.0352 5276 KSecPkg - ok
00:07:05.0359 5276 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
00:07:05.0398 5276 KtmRm - ok
00:07:05.0404 5276 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
00:07:05.0428 5276 LanmanServer - ok
00:07:05.0433 5276 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:07:05.0469 5276 LanmanWorkstation - ok
00:07:05.0477 5276 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:07:05.0499 5276 LBTServ - ok
00:07:05.0507 5276 [ 717E6714BCA808F2A372E636AFF3D15A ] LEqdUsb C:\Windows\system32\Drivers\LEqdUsb.Sys
00:07:05.0522 5276 LEqdUsb - ok
00:07:05.0527 5276 [ 2786F7B4003ADFF88CE28BC1800B5407 ] LHidEqd C:\Windows\system32\Drivers\LHidEqd.Sys
00:07:05.0541 5276 LHidEqd - ok
00:07:05.0546 5276 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:07:05.0561 5276 LHidFilt - ok
00:07:05.0566 5276 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:07:05.0597 5276 lltdio - ok
00:07:05.0603 5276 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:07:05.0638 5276 lltdsvc - ok
00:07:05.0642 5276 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
00:07:05.0672 5276 lmhosts - ok
00:07:05.0677 5276 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:07:05.0692 5276 LMouFilt - ok
00:07:05.0701 5276 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:07:05.0718 5276 LSI_FC - ok
00:07:05.0724 5276 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:07:05.0743 5276 LSI_SAS - ok
00:07:05.0748 5276 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:07:05.0764 5276 LSI_SAS2 - ok
00:07:05.0771 5276 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:07:05.0789 5276 LSI_SCSI - ok
00:07:05.0794 5276 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
00:07:05.0827 5276 luafv - ok
00:07:05.0832 5276 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
00:07:05.0849 5276 MBAMSwissArmy - ok
00:07:05.0854 5276 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:07:05.0874 5276 Mcx2Svc - ok
00:07:05.0879 5276 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:07:05.0896 5276 megasas - ok
00:07:05.0902 5276 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:07:05.0924 5276 MegaSR - ok
00:07:05.0931 5276 Microsoft SharePoint Workspace Audit Service - ok
00:07:05.0936 5276 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
00:07:05.0968 5276 MMCSS - ok
00:07:05.0973 5276 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
00:07:06.0003 5276 Modem - ok
00:07:06.0008 5276 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:07:06.0024 5276 monitor - ok
00:07:06.0028 5276 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:07:06.0046 5276 mouclass - ok
00:07:06.0051 5276 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:07:06.0067 5276 mouhid - ok
00:07:06.0072 5276 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:07:06.0092 5276 mountmgr - ok
00:07:06.0097 5276 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:07:06.0116 5276 MozillaMaintenance - ok
00:07:06.0122 5276 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
00:07:06.0143 5276 mpio - ok
00:07:06.0148 5276 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:07:06.0178 5276 mpsdrv - ok
00:07:06.0189 5276 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
00:07:06.0234 5276 MpsSvc - ok
00:07:06.0241 5276 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:07:06.0263 5276 MRxDAV - ok
00:07:06.0269 5276 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:07:06.0289 5276 mrxsmb - ok
00:07:06.0297 5276 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:07:06.0319 5276 mrxsmb10 - ok
00:07:06.0326 5276 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:07:06.0344 5276 mrxsmb20 - ok
00:07:06.0349 5276 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
00:07:06.0366 5276 msahci - ok
00:07:06.0371 5276 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
00:07:06.0391 5276 msdsm - ok
00:07:06.0397 5276 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
00:07:06.0419 5276 MSDTC - ok
00:07:06.0428 5276 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:07:06.0457 5276 Msfs - ok
00:07:06.0462 5276 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:07:06.0491 5276 mshidkmdf - ok
00:07:06.0496 5276 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
00:07:06.0511 5276 msisadrv - ok
00:07:06.0517 5276 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:07:06.0548 5276 MSiSCSI - ok
00:07:06.0553 5276 msiserver - ok
00:07:06.0557 5276 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:07:06.0587 5276 MSKSSRV - ok
00:07:06.0591 5276 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:07:06.0621 5276 MSPCLOCK - ok
00:07:06.0624 5276 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:07:06.0654 5276 MSPQM - ok
00:07:06.0661 5276 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:07:06.0681 5276 MsRPC - ok
00:07:06.0687 5276 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:07:06.0699 5276 mssmbios - ok
00:07:06.0703 5276 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:07:06.0732 5276 MSTEE - ok
00:07:06.0738 5276 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:07:06.0756 5276 MTConfig - ok
00:07:06.0761 5276 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
00:07:06.0777 5276 Mup - ok
00:07:06.0786 5276 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
00:07:06.0817 5276 napagent - ok
00:07:06.0824 5276 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:07:06.0851 5276 NativeWifiP - ok
00:07:06.0863 5276 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:07:06.0887 5276 NDIS - ok
00:07:06.0891 5276 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:07:06.0922 5276 NdisCap - ok
00:07:06.0926 5276 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:07:06.0954 5276 NdisTapi - ok
00:07:06.0959 5276 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:07:06.0989 5276 Ndisuio - ok
00:07:06.0996 5276 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:07:07.0029 5276 NdisWan - ok
00:07:07.0033 5276 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:07:07.0064 5276 NDProxy - ok
00:07:07.0069 5276 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:07:07.0101 5276 NetBIOS - ok
00:07:07.0107 5276 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:07:07.0143 5276 NetBT - ok
00:07:07.0148 5276 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
00:07:07.0162 5276 Netlogon - ok
00:07:07.0169 5276 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
00:07:07.0199 5276 Netman - ok
00:07:07.0206 5276 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:07:07.0231 5276 NetMsmqActivator - ok
00:07:07.0234 5276 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:07:07.0251 5276 NetPipeActivator - ok
00:07:07.0258 5276 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
00:07:07.0299 5276 netprofm - ok
00:07:07.0311 5276 [ 27EE4B406E2F26F6117A9A420BD4CB65 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
00:07:07.0344 5276 netr28u - ok
00:07:07.0349 5276 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:07:07.0364 5276 NetTcpActivator - ok
00:07:07.0368 5276 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:07:07.0384 5276 NetTcpPortSharing - ok
00:07:07.0388 5276 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:07:07.0406 5276 nfrd960 - ok
00:07:07.0414 5276 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
00:07:07.0452 5276 NlaSvc - ok
00:07:07.0457 5276 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:07:07.0488 5276 Npfs - ok
00:07:07.0492 5276 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
00:07:07.0523 5276 nsi - ok
00:07:07.0527 5276 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:07:07.0557 5276 nsiproxy - ok
00:07:07.0577 5276 [ 5126C5402C730C2A953275D8497A4715 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:07:07.0626 5276 Ntfs - ok
00:07:07.0631 5276 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
00:07:07.0659 5276 Null - ok
00:07:07.0664 5276 [ A58996ACF11EB8A2CD2AAC193AADB379 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:07:07.0682 5276 nusb3hub - ok
00:07:07.0688 5276 [ 94982476285D53DB110C81277FCFEB84 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:07:07.0707 5276 nusb3xhc - ok
00:07:07.0808 5276 [ B0881DDA5A8160422561FFAB7F0008B1 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:07:07.0976 5276 nvlddmkm - ok
00:07:07.0984 5276 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:07:08.0003 5276 nvraid - ok
00:07:08.0009 5276 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:07:08.0029 5276 nvstor - ok
00:07:08.0034 5276 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
00:07:08.0054 5276 nv_agp - ok
00:07:08.0059 5276 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
00:07:08.0079 5276 ohci1394 - ok
00:07:08.0084 5276 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:07:08.0104 5276 ose - ok
00:07:08.0156 5276 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:07:08.0276 5276 osppsvc - ok
00:07:08.0284 5276 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:07:08.0301 5276 p2pimsvc - ok
00:07:08.0309 5276 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
00:07:08.0334 5276 p2psvc - ok
00:07:08.0339 5276 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:07:08.0358 5276 Parport - ok
00:07:08.0364 5276 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:07:08.0381 5276 partmgr - ok
00:07:08.0386 5276 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
00:07:08.0402 5276 Parvdm - ok
00:07:08.0408 5276 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:07:08.0433 5276 PcaSvc - ok
00:07:08.0439 5276 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
00:07:08.0462 5276 pci - ok
00:07:08.0466 5276 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
00:07:08.0482 5276 pciide - ok
00:07:08.0488 5276 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:07:08.0509 5276 pcmcia - ok
00:07:08.0514 5276 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
00:07:08.0532 5276 pcw - ok
00:07:08.0542 5276 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:07:08.0588 5276 PEAUTH - ok
00:07:08.0606 5276 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:07:08.0633 5276 PeerDistSvc - ok
00:07:08.0663 5276 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
00:07:08.0723 5276 pla - ok
00:07:08.0732 5276 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:07:08.0759 5276 PlugPlay - ok
00:07:08.0764 5276 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:07:08.0783 5276 PNRPAutoReg - ok
00:07:08.0789 5276 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:07:08.0807 5276 PNRPsvc - ok
00:07:08.0814 5276 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:07:08.0854 5276 PolicyAgent - ok
00:07:08.0862 5276 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
00:07:08.0891 5276 Power - ok
00:07:08.0896 5276 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:07:08.0928 5276 PptpMiniport - ok
00:07:08.0933 5276 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:07:08.0952 5276 Processor - ok
00:07:08.0958 5276 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
00:07:08.0983 5276 ProfSvc - ok
00:07:08.0987 5276 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:07:09.0001 5276 ProtectedStorage - ok
00:07:09.0006 5276 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:07:09.0033 5276 Psched - ok
00:07:09.0053 5276 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:07:09.0098 5276 ql2300 - ok
00:07:09.0104 5276 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:07:09.0124 5276 ql40xx - ok
00:07:09.0131 5276 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
00:07:09.0158 5276 QWAVE - ok
00:07:09.0162 5276 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:07:09.0182 5276 QWAVEdrv - ok
00:07:09.0187 5276 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:07:09.0216 5276 RasAcd - ok
00:07:09.0221 5276 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:07:09.0251 5276 RasAgileVpn - ok
00:07:09.0256 5276 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
00:07:09.0289 5276 RasAuto - ok
00:07:09.0293 5276 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:07:09.0326 5276 Rasl2tp - ok
00:07:09.0333 5276 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
00:07:09.0372 5276 RasMan - ok
00:07:09.0377 5276 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:07:09.0409 5276 RasPppoe - ok
00:07:09.0416 5276 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:07:09.0446 5276 RasSstp - ok
00:07:09.0452 5276 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:07:09.0489 5276 rdbss - ok
00:07:09.0493 5276 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:07:09.0512 5276 rdpbus - ok
00:07:09.0517 5276 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:07:09.0546 5276 RDPCDD - ok
00:07:09.0553 5276 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:07:09.0573 5276 RDPDR - ok
00:07:09.0578 5276 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:07:09.0606 5276 RDPENCDD - ok
00:07:09.0613 5276 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:07:09.0641 5276 RDPREFMP - ok
00:07:09.0647 5276 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:07:09.0668 5276 RDPWD - ok
00:07:09.0674 5276 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:07:09.0697 5276 rdyboost - ok
00:07:09.0702 5276 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
00:07:09.0733 5276 RemoteAccess - ok
00:07:09.0739 5276 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:07:09.0774 5276 RemoteRegistry - ok
00:07:09.0779 5276 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:07:09.0812 5276 RpcEptMapper - ok
00:07:09.0816 5276 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
00:07:09.0833 5276 RpcLocator - ok
00:07:09.0842 5276 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
00:07:09.0873 5276 RpcSs - ok
00:07:09.0877 5276 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:07:09.0909 5276 rspndr - ok
00:07:09.0913 5276 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
00:07:09.0929 5276 s3cap - ok
00:07:09.0934 5276 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
00:07:09.0948 5276 SamSs - ok
00:07:09.0953 5276 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
00:07:09.0972 5276 sbp2port - ok
00:07:09.0977 5276 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:07:10.0011 5276 SCardSvr - ok
00:07:10.0014 5276 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:07:10.0046 5276 scfilter - ok
00:07:10.0058 5276 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
00:07:10.0097 5276 Schedule - ok
00:07:10.0102 5276 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:07:10.0128 5276 SCPolicySvc - ok
00:07:10.0134 5276 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:07:10.0157 5276 SDRSVC - ok
00:07:10.0161 5276 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:07:10.0191 5276 secdrv - ok
00:07:10.0196 5276 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
00:07:10.0228 5276 seclogon - ok
00:07:10.0233 5276 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
00:07:10.0267 5276 SENS - ok
00:07:10.0272 5276 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:07:10.0291 5276 SensrSvc - ok
00:07:10.0294 5276 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:07:10.0312 5276 Serenum - ok
00:07:10.0317 5276 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:07:10.0337 5276 Serial - ok
00:07:10.0341 5276 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:07:10.0358 5276 sermouse - ok
00:07:10.0369 5276 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
00:07:10.0406 5276 SessionEnv - ok
00:07:10.0409 5276 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:07:10.0428 5276 sffdisk - ok
00:07:10.0432 5276 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:07:10.0451 5276 sffp_mmc - ok
00:07:10.0454 5276 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:07:10.0473 5276 sffp_sd - ok
00:07:10.0477 5276 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:07:10.0494 5276 sfloppy - ok
00:07:10.0502 5276 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:07:10.0539 5276 SharedAccess - ok
00:07:10.0547 5276 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:07:10.0576 5276 ShellHWDetection - ok
00:07:10.0581 5276 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
00:07:10.0599 5276 sisagp - ok
00:07:10.0603 5276 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:07:10.0621 5276 SiSRaid2 - ok
00:07:10.0626 5276 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:07:10.0643 5276 SiSRaid4 - ok
00:07:10.0648 5276 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:07:10.0681 5276 Smb - ok
00:07:10.0689 5276 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:07:10.0708 5276 SNMPTRAP - ok
00:07:10.0713 5276 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
00:07:10.0729 5276 spldr - ok
00:07:10.0737 5276 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\Windows\System32\spoolsv.exe
00:07:10.0763 5276 Spooler - ok
00:07:10.0802 5276 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
00:07:10.0859 5276 sppsvc - ok
00:07:10.0864 5276 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:07:10.0898 5276 sppuinotify - ok
00:07:10.0906 5276 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:07:10.0932 5276 srv - ok
00:07:10.0939 5276 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:07:10.0964 5276 srv2 - ok
00:07:10.0971 5276 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:07:10.0991 5276 srvnet - ok
00:07:10.0997 5276 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:07:11.0032 5276 SSDPSRV - ok
00:07:11.0037 5276 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
00:07:11.0051 5276 ssmdrv - ok
00:07:11.0056 5276 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:07:11.0088 5276 SstpSvc - ok
00:07:11.0092 5276 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:07:11.0109 5276 stexstor - ok
00:07:11.0113 5276 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
00:07:11.0132 5276 StillCam - ok
00:07:11.0141 5276 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
00:07:11.0174 5276 StiSvc - ok
00:07:11.0178 5276 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
00:07:11.0196 5276 storflt - ok
00:07:11.0201 5276 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
00:07:11.0217 5276 storvsc - ok
00:07:11.0221 5276 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:07:11.0237 5276 swenum - ok
00:07:11.0244 5276 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
00:07:11.0283 5276 swprv - ok
00:07:11.0301 5276 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
00:07:11.0344 5276 SysMain - ok
00:07:11.0351 5276 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:07:11.0374 5276 TabletInputService - ok
00:07:11.0381 5276 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
00:07:11.0419 5276 TapiSrv - ok
00:07:11.0424 5276 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
00:07:11.0452 5276 TBS - ok
00:07:11.0471 5276 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:07:11.0518 5276 Tcpip - ok
00:07:11.0537 5276 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:07:11.0566 5276 TCPIP6 - ok
00:07:11.0573 5276 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:07:11.0604 5276 tcpipreg - ok
00:07:11.0611 5276 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:07:11.0627 5276 TDPIPE - ok
00:07:11.0632 5276 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:07:11.0648 5276 TDTCP - ok
00:07:11.0653 5276 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:07:11.0686 5276 tdx - ok
00:07:11.0691 5276 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:07:11.0707 5276 TermDD - ok
00:07:11.0718 5276 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
00:07:11.0763 5276 TermService - ok
00:07:11.0768 5276 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
00:07:11.0791 5276 Themes - ok
00:07:11.0794 5276 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
00:07:11.0822 5276 THREADORDER - ok
00:07:11.0827 5276 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
00:07:11.0862 5276 TrkWks - ok
00:07:11.0868 5276 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:07:11.0883 5276 TrustedInstaller - ok
00:07:11.0890 5276 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:07:11.0920 5276 tssecsrv - ok
00:07:11.0925 5276 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:07:11.0958 5276 tunnel - ok
00:07:11.0962 5276 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:07:11.0981 5276 uagp35 - ok
00:07:11.0987 5276 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:07:12.0023 5276 udfs - ok
00:07:12.0033 5276 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:07:12.0055 5276 UI0Detect - ok
00:07:12.0060 5276 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
00:07:12.0077 5276 uliagpkx - ok
00:07:12.0082 5276 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:07:12.0101 5276 umbus - ok
00:07:12.0106 5276 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:07:12.0122 5276 UmPass - ok
00:07:12.0128 5276 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
00:07:12.0151 5276 UmRdpService - ok
00:07:12.0158 5276 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
00:07:12.0196 5276 upnphost - ok
00:07:12.0201 5276 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
00:07:12.0217 5276 USBAAPL - ok
00:07:12.0222 5276 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:07:12.0241 5276 usbccgp - ok
00:07:12.0246 5276 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
00:07:12.0270 5276 usbcir - ok
00:07:12.0275 5276 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:07:12.0291 5276 usbehci - ok
00:07:12.0298 5276 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:07:12.0322 5276 usbhub - ok
00:07:12.0326 5276 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:07:12.0343 5276 usbohci - ok
00:07:12.0347 5276 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:07:12.0366 5276 usbprint - ok
00:07:12.0371 5276 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
00:07:12.0390 5276 USBSTOR - ok
00:07:12.0395 5276 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
00:07:12.0411 5276 usbuhci - ok
00:07:12.0416 5276 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
00:07:12.0447 5276 UxSms - ok
00:07:12.0451 5276 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
00:07:12.0465 5276 VaultSvc - ok
00:07:12.0470 5276 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
00:07:12.0487 5276 vdrvroot - ok
00:07:12.0496 5276 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
00:07:12.0527 5276 vds - ok
00:07:12.0531 5276 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:07:12.0551 5276 vga - ok
00:07:12.0556 5276 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:07:12.0586 5276 VgaSave - ok
00:07:12.0592 5276 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
00:07:12.0615 5276 vhdmp - ok
00:07:12.0620 5276 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
00:07:12.0637 5276 viaagp - ok
00:07:12.0642 5276 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
00:07:12.0661 5276 ViaC7 - ok
00:07:12.0666 5276 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
00:07:12.0682 5276 viaide - ok
00:07:12.0688 5276 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
00:07:12.0711 5276 vmbus - ok
00:07:12.0715 5276 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
00:07:12.0731 5276 VMBusHID - ok
00:07:12.0737 5276 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
00:07:12.0755 5276 volmgr - ok
00:07:12.0762 5276 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:07:12.0788 5276 volmgrx - ok
00:07:12.0795 5276 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
00:07:12.0820 5276 volsnap - ok
00:07:12.0826 5276 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:07:12.0846 5276 vsmraid - ok
00:07:12.0862 5276 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
00:07:12.0902 5276 VSS - ok
00:07:12.0906 5276 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:07:12.0925 5276 vwifibus - ok
00:07:12.0930 5276 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:07:12.0951 5276 vwififlt - ok
00:07:12.0958 5276 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
00:07:12.0997 5276 W32Time - ok
00:07:13.0005 5276 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:07:13.0021 5276 WacomPen - ok
00:07:13.0026 5276 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:07:13.0057 5276 WANARP - ok
00:07:13.0061 5276 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:07:13.0088 5276 Wanarpv6 - ok
00:07:13.0107 5276 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
00:07:13.0148 5276 wbengine - ok
00:07:13.0155 5276 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:07:13.0180 5276 WbioSrvc - ok
00:07:13.0187 5276 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:07:13.0211 5276 wcncsvc - ok
00:07:13.0216 5276 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:07:13.0235 5276 WcsPlugInService - ok
00:07:13.0240 5276 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:07:13.0256 5276 Wd - ok
00:07:13.0273 5276 [ D634CFE93E0CD001499D0D6D68890C9E ] WDBackup C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
00:07:13.0301 5276 WDBackup - ok
00:07:13.0305 5276 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
00:07:13.0320 5276 WDC_SAM - ok
00:07:13.0326 5276 [ 2277CD5B13B18B6DF5F80E8A84254EA7 ] WDDriveService C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
00:07:13.0338 5276 WDDriveService - ok
00:07:13.0347 5276 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:07:13.0377 5276 Wdf01000 - ok
00:07:13.0382 5276 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:07:13.0406 5276 WdiServiceHost - ok
00:07:13.0410 5276 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:07:13.0426 5276 WdiSystemHost - ok
00:07:13.0442 5276 [ A578AE45097ACAD346C86C96F1C0D5A7 ] WDRulesService C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
00:07:13.0470 5276 WDRulesService - ok
00:07:13.0476 5276 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
00:07:13.0501 5276 WebClient - ok
00:07:13.0507 5276 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:07:13.0542 5276 Wecsvc - ok
00:07:13.0547 5276 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:07:13.0578 5276 wercplsupport - ok
00:07:13.0583 5276 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
00:07:13.0617 5276 WerSvc - ok
00:07:13.0622 5276 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:07:13.0650 5276 WfpLwf - ok
00:07:13.0655 5276 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:07:13.0671 5276 WIMMount - ok
00:07:13.0682 5276 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
00:07:13.0715 5276 WinDefend - ok
00:07:13.0722 5276 WinHttpAutoProxySvc - ok
00:07:13.0732 5276 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:07:13.0767 5276 Winmgmt - ok
00:07:13.0785 5276 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
00:07:13.0840 5276 WinRM - ok
00:07:13.0858 5276 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:07:13.0896 5276 Wlansvc - ok
00:07:13.0901 5276 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:07:13.0917 5276 WmiAcpi - ok
00:07:13.0925 5276 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:07:13.0947 5276 wmiApSrv - ok
00:07:13.0963 5276 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:07:13.0990 5276 WMPNetworkSvc - ok
00:07:13.0995 5276 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:07:14.0012 5276 WPCSvc - ok
00:07:14.0017 5276 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:07:14.0038 5276 WPDBusEnum - ok
00:07:14.0043 5276 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:07:14.0072 5276 ws2ifsl - ok
00:07:14.0078 5276 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
00:07:14.0100 5276 wscsvc - ok
00:07:14.0105 5276 WSearch - ok
00:07:14.0132 5276 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
00:07:14.0178 5276 wuauserv - ok
00:07:14.0185 5276 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:07:14.0217 5276 WudfPf - ok
00:07:14.0222 5276 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:07:14.0256 5276 WUDFRd - ok
00:07:14.0261 5276 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:07:14.0295 5276 wudfsvc - ok
00:07:14.0301 5276 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
00:07:14.0327 5276 WwanSvc - ok
00:07:14.0333 5276 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
00:07:14.0343 5276 XUIF - ok
00:07:14.0348 5276 ================ Scan global ===============================
00:07:14.0352 5276 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
00:07:14.0362 5276 [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll
00:07:14.0378 5276 [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll
00:07:14.0383 5276 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
00:07:14.0395 5276 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
00:07:14.0405 5276 [Global] - ok
00:07:14.0405 5276 ================ Scan MBR ==================================
00:07:14.0873 5276 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
00:07:15.0057 5276 \Device\Harddisk1\DR1 - ok
00:07:15.0061 5276 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:07:15.0076 5276 \Device\Harddisk0\DR0 - ok
00:07:15.0076 5276 ================ Scan VBR ==================================
00:07:15.0078 5276 [ 63183813958C2256400D5BC373AE14AB ] \Device\Harddisk1\DR1\Partition1
00:07:15.0080 5276 \Device\Harddisk1\DR1\Partition1 - ok
00:07:15.0101 5276 [ F032B3F4AEDF9042BD43D8D604694A83 ] \Device\Harddisk1\DR1\Partition2
00:07:15.0103 5276 \Device\Harddisk1\DR1\Partition2 - ok
00:07:15.0106 5276 [ 873C2B86184F31D1D62DCFD67C34ADDE ] \Device\Harddisk0\DR0\Partition1
00:07:15.0107 5276 \Device\Harddisk0\DR0\Partition1 - ok
00:07:15.0108 5276 ============================================================
00:07:15.0108 5276 Scan finished
00:07:15.0108 5276 ============================================================
00:07:15.0118 1352 Detected object count: 1
00:07:15.0118 1352 Actual detected object count: 1
00:12:44.0048 1352 C:\Windows\system32\drivers\cmudaxp.sys - copied to quarantine
00:12:44.0049 1352 cmudaxp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
00:13:02.0827 1652 Deinitialize success
|
|
19.10.2012, 15:01
| #4 |
| | ChatZum entfernen OTL Logfile: Code:
ATTFilter OTL logfile created on: 19.10.2012 00:19:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 63,30% Memory free 9,25 Gb Paging File | 7,97 Gb Available in Paging File | 86,24% Paging File free Paging file location(s): c:\pagefile.sys 6144 6144 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 119,24 Gb Total Space | 90,51 Gb Free Space | 75,90% Space Free | Partition Type: NTFS Drive D: | 931,41 Gb Total Space | 916,25 Gb Free Space | 98,37% Space Free | Partition Type: NTFS Computer Name: MARIUS-PC | User Name: Marius | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.19 00:17:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe PRC - [2012.10.11 22:27:41 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2012.09.29 19:54:26 | 000,981,656 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.09.19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.08.28 00:56:34 | 027,031,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Marius\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.06.14 11:04:26 | 001,177,536 | R--- | M] (Western Digital ) -- C:\Programme\Western Digital\WD SmartWare\WDRulesEngine.exe PRC - [2012.06.14 11:04:24 | 001,151,424 | R--- | M] (Western Digital ) -- C:\Programme\Western Digital\WD SmartWare\WDBackupEngine.exe PRC - [2012.06.14 10:58:24 | 005,235,128 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Programme\Western Digital\WD Quick View\WDDMStatus.exe PRC - [2012.06.14 10:57:20 | 000,248,248 | R--- | M] (Western Digital) -- C:\Programme\Western Digital\WD Drive Manager\WDDriveService.exe PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPointP\SetPoint.exe PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Programme\Common Files\Logishrd\KHAL3\KHALMNPR.exe PRC - [2011.09.16 14:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2011.09.09 16:01:16 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe PRC - [2011.09.09 15:49:30 | 000,643,944 | ---- | M] (Hewlett-Packard Co.) -- C:\Programme\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe PRC - [2011.05.12 10:50:03 | 001,990,656 | ---- | M] (CMedia) -- C:\Programme\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2008.07.11 09:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\system\HsMgr.exe ========== Modules (No Company Name) ========== MOD - [2012.10.11 22:27:41 | 002,294,240 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Programme\Logitech\SetPointP\Macros\MacroCore.dll MOD - [2011.04.19 08:56:58 | 000,143,360 | ---- | M] () -- C:\Programme\ASUS Xonar DG Audio\Customapp\VmixP8.dll MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2008.07.11 09:04:22 | 000,200,704 | ---- | M] () -- C:\Windows\system\HsMgr.exe ========== Services (SafeList) ========== SRV - [2012.10.16 16:08:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.10.11 22:27:41 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.06.14 11:04:26 | 001,177,536 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Programme\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService) SRV - [2012.06.14 11:04:24 | 001,151,424 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Programme\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup) SRV - [2012.06.14 10:57:20 | 000,248,248 | R--- | M] (Western Digital) [Auto | Running] -- C:\Programme\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService) SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.06.12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) ========== Driver Services (SafeList) ========== DRV - [2012.10.19 00:16:29 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.09.13 10:58:24 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012.05.10 16:33:32 | 000,169,472 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2012.05.10 16:33:32 | 000,076,800 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2011.09.02 08:31:10 | 000,042,648 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb) DRV - [2011.09.02 08:31:10 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd) DRV - [2011.03.10 09:43:40 | 001,760,256 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudaxp.sys -- (cmudaxp) DRV - [2011.02.16 17:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009.07.14 00:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u) DRV - [2009.07.14 00:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) DRV - [2009.06.10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2006.11.30 15:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A CC 5F 07 37 A3 CD 01 [binary data] IE - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Search Safer" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.11 22:27:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.10.05 18:16:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012.10.05 18:25:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marius\AppData\Roaming\mozilla\Extensions [2012.10.18 23:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marius\AppData\Roaming\mozilla\Firefox\Profiles\8udo0huj.default\extensions [2012.10.05 18:29:08 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Marius\AppData\Roaming\mozilla\firefox\profiles\8udo0huj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.10.05 18:15:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.11 22:27:41 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: YouTube = C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd File not found O4 - HKLM..\Run: [Cmaudio8788GX] C:\Windows\system\HsMgr.exe () O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [WD Quick View] C:\Programme\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.) O4 - HKU\S-1-5-21-2780448807-3389389732-2429598915-1001..\Run: [HP Officejet 6700 (NET)] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Marius\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marius\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE968E3E-6CA6-48E5-83C5-B6A5814BC265}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{3122a6d7-0f15-11e2-98a5-002185755b41}\Shell - "" = AutoRun O33 - MountPoints2\{3122a6d7-0f15-11e2-98a5-002185755b41}\Shell\AutoRun\command - "" = I:\unlock.exe autoplay=true O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.19 00:12:44 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012.10.18 23:44:34 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.10.18 23:44:34 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Malwarebytes [2012.10.18 23:44:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.18 23:44:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.18 23:44:26 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.10.18 23:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.10.16 16:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.10.11 22:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.10.11 22:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.10.10 09:54:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2012.10.10 09:54:17 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2012.10.10 09:54:17 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2012.10.10 09:54:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 09:54:16 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2012.10.10 09:54:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 09:54:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 09:54:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 09:54:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 09:54:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 09:54:15 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2012.10.10 09:54:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 09:54:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 09:54:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 09:54:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2012.10.10 09:54:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 09:54:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 09:54:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2012.10.10 09:53:55 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012.10.10 09:53:55 | 003,902,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012.10.07 14:04:54 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\DVDVideoSoftIEHelpers [2012.10.07 14:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012.10.07 14:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2012.10.07 14:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2012.10.07 14:04:16 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\DVDVideoSoft [2012.10.07 13:30:44 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Western_Digital [2012.10.07 13:28:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital [2012.10.07 13:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital [2012.10.06 23:32:34 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Apple Computer [2012.10.06 15:05:50 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2012.10.06 15:05:50 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2012.10.06 15:05:48 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys [2012.10.06 15:05:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe [2012.10.06 13:29:40 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Adobe [2012.10.06 12:43:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo [2012.10.06 12:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo [2012.10.06 11:12:33 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2012.10.06 11:08:55 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2012.10.06 10:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logon Screen [2012.10.06 10:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\Logon Screen [2012.10.06 10:54:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe [2012.10.06 10:54:24 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2012.10.06 10:54:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2012.10.06 10:54:21 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.10.06 10:54:21 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.10.06 10:54:08 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll [2012.10.06 10:54:08 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2012.10.06 10:54:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2012.10.06 10:54:00 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.10.06 10:53:59 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2012.10.06 10:53:59 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012.10.06 10:53:59 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012.10.06 10:53:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.10.06 10:53:59 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.10.06 10:53:59 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012.10.06 10:53:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012.10.06 10:53:58 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.10.06 10:53:58 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012.10.06 10:53:58 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.10.06 10:53:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012.10.06 10:53:41 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2012.10.06 10:53:30 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2012.10.06 10:53:30 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2012.10.06 10:53:30 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2012.10.06 10:53:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax [2012.10.06 10:53:30 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax [2012.10.06 10:53:28 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2012.10.06 10:53:21 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2012.10.06 10:53:21 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2012.10.06 10:53:21 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2012.10.06 10:53:21 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2012.10.06 10:53:07 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012.10.06 10:52:42 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2012.10.06 10:52:42 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2012.10.06 10:52:42 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2012.10.06 10:52:18 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2012.10.06 10:52:15 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2012.10.06 10:52:15 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2012.10.06 10:52:10 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.10.06 10:52:06 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2012.10.06 10:52:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2012.10.06 10:52:02 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2012.10.06 10:52:02 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2012.10.06 10:52:01 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2012.10.06 10:52:01 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2012.10.06 10:52:01 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2012.10.06 10:52:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2012.10.06 10:51:40 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2012.10.06 10:51:36 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2012.10.06 10:51:25 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2012.10.06 10:51:19 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2012.10.06 10:51:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2012.10.06 10:51:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2012.10.06 10:51:04 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2012.10.06 10:51:02 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2012.10.06 10:51:02 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2012.10.06 10:51:02 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2012.10.06 10:50:57 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012.10.06 10:50:57 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012.10.06 10:50:51 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012.10.06 10:50:37 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2012.10.06 10:50:28 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll [2012.10.06 10:50:23 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2012.10.06 10:50:22 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll [2012.10.06 10:50:18 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll [2012.10.06 10:50:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll [2012.10.06 10:50:18 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2012.10.06 10:50:18 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll [2012.10.06 10:50:18 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll [2012.10.06 10:50:13 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2012.10.06 10:50:13 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2012.10.06 10:50:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe [2012.10.06 10:49:57 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2012.10.06 10:49:56 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2012.10.06 10:49:56 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2012.10.06 10:49:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2012.10.06 10:49:56 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2012.10.06 10:49:49 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll [2012.10.06 10:49:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll [2012.10.06 10:49:39 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2012.10.06 10:49:38 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2012.10.06 10:49:31 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2012.10.06 10:49:31 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2012.10.06 10:49:31 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2012.10.06 10:49:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2012.10.06 10:49:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2012.10.06 10:49:31 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2012.10.06 10:49:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2012.10.06 10:49:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2012.10.06 10:49:27 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2012.10.06 10:49:27 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012.10.06 10:49:27 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2012.10.06 10:49:27 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2012.10.06 10:49:27 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2012.10.06 10:49:20 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2012.10.06 10:49:20 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2012.10.06 10:49:13 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe [2012.10.06 10:49:12 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2012.10.06 10:47:14 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2012.10.06 10:47:14 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2012.10.06 10:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.10.06 10:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012.10.06 01:53:06 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\vlc [2012.10.06 01:36:36 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Thunderbird [2012.10.06 01:36:36 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Thunderbird [2012.10.06 00:01:00 | 000,544,616 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\HPDiscoPM5C12.dll [2012.10.06 00:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2012.10.06 00:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2012.10.06 00:00:16 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2012.10.05 23:59:34 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\HP [2012.10.05 22:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\2C0A [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C0A [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0C04 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0816 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0804 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0424 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\041F [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\041E [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\041D [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\041B [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0419 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0416 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0415 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0414 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0413 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0412 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0411 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0410 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\040E [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\040D [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\040C [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\040B [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\040A [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0409 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0408 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0406 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0405 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0404 [2012.10.05 22:20:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\0401 [2012.10.05 22:20:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012.10.05 22:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Renesas Electronics [2012.10.05 21:59:24 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital [2012.10.05 20:12:09 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS [2012.10.05 20:00:00 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Leadertech [2012.10.05 19:59:48 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys [2012.10.05 19:59:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd [2012.10.05 19:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012.10.05 19:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd [2012.10.05 19:59:32 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2012.10.05 19:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd [2012.10.05 19:58:04 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Logitech [2012.10.05 19:58:04 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Logishrd [2012.10.05 19:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012.10.05 19:56:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.10.05 19:53:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.10.05 19:50:13 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\ASUS [2012.10.05 19:50:08 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2012.10.05 19:50:08 | 000,102,400 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2012.10.05 19:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL [2012.10.05 19:48:44 | 000,303,104 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System32\cmasiop.dll [2012.10.05 19:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Xonar DG Audio [2012.10.05 19:48:43 | 000,217,088 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\HsSrv2.dll [2012.10.05 19:48:43 | 000,217,088 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\HsSrv.dll [2012.10.05 19:48:43 | 000,122,880 | ---- | C] (CMedia Electronics Inc.) -- C:\Windows\System32\Cm_Oal.dll [2012.10.05 19:48:42 | 008,769,536 | ---- | C] (C-Media Corporation) -- C:\Windows\System\CmiCnfgP.cpl [2012.10.05 19:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS Xonar DG Audio [2012.10.05 19:48:15 | 001,760,256 | ---- | C] (C-Media Inc) -- C:\Windows\System32\drivers\cmudaxp.sys [2012.10.05 19:48:15 | 000,315,392 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\CmiFltr.dll [2012.10.05 19:48:15 | 000,032,768 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System32\cmudaxp.dll [2012.10.05 19:48:07 | 000,319,968 | R--- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll [2012.10.05 19:40:15 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2012.10.05 19:40:15 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2012.10.05 19:40:15 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2012.10.05 19:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.10.05 19:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2012.10.05 19:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012.10.05 19:28:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.10.05 19:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012.10.05 19:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012.10.05 19:26:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2012.10.05 19:26:21 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Microsoft Help [2012.10.05 19:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012.10.05 19:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012.10.05 19:26:09 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.10.05 19:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.10.05 19:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2012.10.05 19:00:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD Magician [2012.10.05 19:00:31 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung SSD Magician [2012.10.05 18:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2012.10.05 18:35:22 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory [2012.10.05 18:35:14 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime [2012.10.05 18:34:57 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\WinRAR [2012.10.05 18:34:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2012.10.05 18:34:31 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Google [2012.10.05 18:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012.10.05 18:32:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2012.10.05 18:28:34 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Macromedia [2012.10.05 18:28:34 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Macromedia [2012.10.05 18:28:34 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Adobe [2012.10.05 18:28:24 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.10.05 18:28:24 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.10.05 18:28:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2012.10.05 18:26:49 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2012.10.05 18:25:30 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Mozilla [2012.10.05 18:25:30 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Mozilla [2012.10.05 18:23:18 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Apple Computer [2012.10.05 18:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.10.05 18:20:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012.10.05 18:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.10.05 18:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.10.05 18:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012.10.05 18:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2012.10.05 18:19:32 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012.10.05 18:19:32 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Apple [2012.10.05 18:19:31 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2012.10.05 18:19:18 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Dropbox [2012.10.05 18:18:58 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Avira [2012.10.05 18:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012.10.05 18:17:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012.10.05 18:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012.10.05 18:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.10.05 18:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.10.05 18:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012.10.05 18:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.10.05 18:15:52 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll [2012.10.05 18:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.10.05 18:13:39 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.10.05 18:13:38 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.10.05 18:13:38 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.10.05 18:13:38 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2012.10.05 18:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.10.05 18:13:37 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.10.05 18:12:39 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.10.05 18:08:35 | 000,000,000 | R--D | C] -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.10.05 18:08:35 | 000,000,000 | R--D | C] -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.10.05 18:08:34 | 000,000,000 | R--D | C] -- C:\Users\Marius\Searches [2012.10.05 18:08:29 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Identities [2012.10.05 18:08:28 | 000,000,000 | R--D | C] -- C:\Users\Marius\Contacts [2012.10.05 18:08:25 | 000,000,000 | --SD | C] -- C:\Users\Marius\AppData\Roaming\Microsoft [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\Videos [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\Saved Games [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\Pictures [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\Music [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\Links [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\Favorites [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\Downloads [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\Documents [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\Desktop [2012.10.05 18:08:25 | 000,000,000 | R--D | C] -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Vorlagen [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\AppData\Local\Verlauf [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\AppData\Local\Temporary Internet Files [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Startmenü [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\SendTo [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Recent [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Netzwerkumgebung [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Lokale Einstellungen [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Documents\Eigene Videos [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Documents\Eigene Musik [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Eigene Dateien [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Documents\Eigene Bilder [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Druckumgebung [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Cookies [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\AppData\Local\Anwendungsdaten [2012.10.05 18:08:25 | 000,000,000 | -HSD | C] -- C:\Users\Marius\Anwendungsdaten [2012.10.05 18:08:25 | 000,000,000 | -H-D | C] -- C:\Users\Marius\AppData [2012.10.05 18:08:25 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\VirtualStore [2012.10.05 18:08:25 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Temp [2012.10.05 18:08:25 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Local\Microsoft [2012.10.05 18:08:25 | 000,000,000 | ---D | C] -- C:\Users\Marius\AppData\Roaming\Media Center Programs [2012.10.05 18:06:31 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012.10.05 18:06:31 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012.10.05 18:06:28 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012.10.05 18:06:28 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012.10.05 18:06:28 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012.10.05 18:06:27 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012.10.05 18:06:27 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\Programme [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2012.10.05 18:06:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.10.05 18:06:09 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.10.05 18:02:04 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.10.05 18:02:04 | 000,000,000 | ---D | C] -- C:\Windows\CSC ========== Files - Modified Within 30 Days ========== [2012.10.19 00:21:10 | 000,698,688 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.10.19 00:21:10 | 000,653,526 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.19 00:21:10 | 000,148,828 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.10.19 00:21:10 | 000,121,398 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.19 00:20:35 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.19 00:20:35 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.19 00:18:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.19 00:16:29 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.10.19 00:15:37 | 000,001,922 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk [2012.10.19 00:15:36 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.19 00:15:32 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2012.10.19 00:15:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.18 23:38:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.16 16:08:18 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.10.16 16:08:18 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.10.09 21:34:50 | 000,000,489 | ---- | M] () -- C:\Users\Marius\Desktop\Interne HDD (D) - Verknüpfung.lnk [2012.10.07 14:33:53 | 000,001,563 | ---- | M] () -- C:\Windows\uninstall_bootracer [2012.10.07 14:33:09 | 000,024,576 | -H-- | M] () -- C:\Users\Public\Documents\bootracer.his [2012.10.07 14:33:09 | 000,000,189 | -H-- | M] () -- C:\Users\Public\Documents\bootracer.ini [2012.10.06 12:55:03 | 000,001,563 | ---- | M] () -- C:\Windows\bootracer [2012.10.06 12:14:12 | 000,341,496 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.06 10:55:21 | 000,002,410 | ---- | M] () -- C:\Windows\System32\cplLogon.tsk [2012.10.06 00:00:13 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini [2012.10.05 19:59:48 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys [2012.10.05 19:50:08 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2012.10.05 19:50:08 | 000,102,400 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2012.10.05 19:48:44 | 000,042,258 | ---- | M] () -- C:\Windows\Cmicnfgp.ini.cfl [2012.10.05 19:48:39 | 000,000,138 | ---- | M] () -- C:\Windows\System\Dlap.pfx [2012.10.05 19:48:38 | 000,000,861 | ---- | M] () -- C:\Windows\Cmicnfgp.ini.imi [2012.10.05 19:48:38 | 000,000,800 | ---- | M] () -- C:\Windows\System\Cmicnfgp.ini [2012.10.05 18:19:42 | 000,001,055 | ---- | M] () -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.10.05 18:04:05 | 000,057,050 | ---- | M] () -- C:\Windows\System32\license.rtf [2012.10.05 18:02:28 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys ========== Files Created - No Company Name ========== [2012.10.16 16:08:40 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.10.16 16:08:40 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.10.09 21:34:50 | 000,000,489 | ---- | C] () -- C:\Users\Marius\Desktop\Interne HDD (D) - Verknüpfung.lnk [2012.10.08 11:44:57 | 000,001,922 | ---- | C] () -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk [2012.10.07 14:33:51 | 000,001,563 | ---- | C] () -- C:\Windows\uninstall_bootracer [2012.10.06 12:56:09 | 000,024,576 | -H-- | C] () -- C:\Users\Public\Documents\bootracer.his [2012.10.06 12:55:03 | 000,001,563 | ---- | C] () -- C:\Windows\bootracer [2012.10.06 12:55:03 | 000,000,189 | -H-- | C] () -- C:\Users\Public\Documents\bootracer.ini [2012.10.06 10:54:49 | 000,002,410 | ---- | C] () -- C:\Windows\System32\cplLogon.tsk [2012.10.06 00:00:13 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012.10.05 20:12:10 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job [2012.10.05 19:56:17 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.10.05 19:48:44 | 000,000,048 | ---- | C] () -- C:\Windows\System32\cmasiop.ini [2012.10.05 19:48:43 | 000,200,704 | ---- | C] () -- C:\Windows\System\HsMgr.exe [2012.10.05 19:48:39 | 000,143,360 | ---- | C] () -- C:\Windows\System\VmixP8.dll [2012.10.05 19:48:26 | 000,561,152 | ---- | C] () -- C:\Windows\System32\Cmeauoxy.exe [2012.10.05 19:48:26 | 000,042,258 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl [2012.10.05 19:48:26 | 000,000,138 | ---- | C] () -- C:\Windows\System\Dlap.pfx [2012.10.05 19:48:13 | 000,000,861 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi [2012.10.05 19:48:10 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll [2012.10.05 19:48:10 | 000,005,060 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg [2012.10.05 18:28:24 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.05 18:27:19 | 000,001,954 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012.10.05 18:27:19 | 000,001,898 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2012.10.05 18:27:19 | 000,001,877 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012.10.05 18:19:41 | 000,001,055 | ---- | C] () -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.10.05 18:19:31 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012.10.05 18:16:43 | 000,002,051 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012.10.05 18:15:54 | 000,001,107 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.10.05 18:08:35 | 000,001,413 | ---- | C] () -- C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.10.05 18:02:28 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.10.16 16:05:10 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\ASUS [2012.10.05 19:50:13 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\ASUS [2012.10.19 00:15:45 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Dropbox [2012.10.07 14:05:06 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\DVDVideoSoft [2012.10.07 14:04:54 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\DVDVideoSoftIEHelpers [2012.10.05 20:00:00 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Leadertech [2012.10.06 01:36:36 | 000,000,000 | ---D | M] -- C:\Users\Marius\AppData\Roaming\Thunderbird ========== Purity Check ========== < End of report > Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.19.09 Windows 7 x86 NTFS Internet Explorer 8.0.7600.16385 Marius :: MARIUS-PC [Administrator] 19.10.2012 15:59:40 mbam-log-2012-10-19 (15-59-40).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 210189 Laufzeit: 2 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
19.10.2012, 15:32
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ChatZum entfernen Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt? Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.10.2012, 16:04
| #6 |
| | ChatZum entfernen Hey, ja gestern abend.. Aber da kam genau das selbe bei raus, bzw. ich habe auch einen vollständigen Scan gemacht und da war auch nix... Ps: Ich habe wie schon oben erwähnt adaware benutzt und danach war chatzum weg, ich will eben wissen ob es 100% weg ist |
|
19.10.2012, 16:50
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | ChatZum entfernenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu ChatZum entfernen |
| adaware, alles weg, aufgrund, ausführung, board, chatzum, durchgeführt, entferne, entfernen, killer, malwarebytes, nicht sicher, probleme, problemen, schritte, tdss, troja, trojaner, wirklich |
Linear-Darstellung
