| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.11.2012, 09:09
| #1 |
 |  Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" Guten Morgen, bei der ersten Google-Suche heute Früh erhielt ich Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk. Google verweigerte mir die Suche ohne vorherige Eingabe eines Captcha. Ich bin mir jedoch keiner Schuld bewusst  Es wäre toll, wenn Ihr mir einmal bei der Anlayse weiterhelfen könnt, um auszuschließen dass sich etwas an meinem System zu schaffen macht. Vielen Dank vorab! Hier die OTL.txt Code:
ATTFilter OTL logfile created on: 11.11.2012 08:47:34 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop 64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 65,13% Memory free 8,00 Gb Paging File | 6,41 Gb Available in Paging File | 80,20% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 854,37 Gb Free Space | 91,73% Space Free | Partition Type: NTFS Drive D: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: USER-PC | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\User\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Program Files (x86)\REALTEK\819xP Wireless LAN Utility\RtWlan.exe (Realtek Semiconductor Corp.) PRC - C:\Program Files (x86)\REALTEK\819xP Wireless LAN Utility\RtlService.exe (Realtek) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (RealtekPCIE) -- C:\Program Files (x86)\REALTEK\819xP Wireless LAN Utility\RtlService.exe (Realtek) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (BS_I2cIo) -- C:\Windows\SysNative\drivers\BS_I2c64.sys (BIOSTAR Group) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (rtl819xpn64) -- C:\Windows\SysNative\drivers\rtl819xp.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (rtl819xp) -- C:\Windows\SysNative\drivers\rtl819xp.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (BIOS) -- C:\Windows\SysNative\drivers\BIOS64.sys (BIOSTAR Group) DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.) DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (BIOS) -- C:\Windows\SysWOW64\drivers\BIOS64.sys (BIOSTAR Group) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 7E 9B 0C 5B 83 CC 01 [binary data] IE - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..CT3242337.browser.search.defaultthis.engineName: true FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12" FF - prefs.js..browser.search.selectedEngine: "WiseConvert 1.3 Customized Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: virtualKeyboard@kaspersky.ru:12.0.0.441 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:12.0.0.441 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:12.0.0.441 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3242337&SearchSource=2&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.26 16:39:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012.10.14 07:25:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012.10.14 07:25:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012.10.14 07:25:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012.10.14 07:25:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012.10.14 07:25:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.03 16:48:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.03 16:46:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.10.26 16:39:27 | 000,000,000 | ---D | M] [2011.10.13 06:28:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions [2011.10.13 06:28:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.11.03 11:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\7iz6im6a.default\extensions [2012.10.18 17:17:48 | 000,001,030 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\7iz6im6a.default\searchplugins\wiseconvert-13-customized-web-search.xml [2012.11.03 16:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.10.24 18:50:58 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.10.24 18:50:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.10.24 18:50:17 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2012.10.22 19:46:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [BiosNotice] C:\Program Files (x86)\BIOSTAR\BiosNotice\BiosNotice.exe () O4 - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com) O4 - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) O4 - HKU\S-1-5-21-1094074872-1752826812-3503717829-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1094074872-1752826812-3503717829-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1094074872-1752826812-3503717829-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-1094074872-1752826812-3503717829-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24C2AF85-6354-4CA3-AAFE-582A4F11A92E}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2021.08.31 14:03:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2021.08.31 13:38:42 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2021.08.31 13:38:42 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2021.08.31 13:38:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2021.08.31 13:38:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2021.08.31 13:38:42 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2021.08.31 13:38:42 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2021.08.31 13:38:42 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2021.08.31 13:38:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2021.08.31 13:38:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2021.08.31 13:36:40 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2021.08.31 13:36:40 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2021.08.31 13:36:40 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2021.08.31 13:36:40 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2021.08.31 13:36:40 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2021.08.31 13:36:40 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2021.08.31 13:36:30 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2021.08.31 13:36:30 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2021.08.31 13:36:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2021.08.31 13:35:58 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2021.08.31 13:35:58 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2021.08.31 13:35:57 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2021.08.31 13:35:57 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2021.08.31 13:35:50 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2021.08.31 13:35:28 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2021.08.31 13:35:28 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2021.08.31 13:35:28 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2021.08.31 13:35:28 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2021.08.31 13:35:28 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2021.08.31 13:35:28 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2021.08.31 13:33:46 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2021.08.31 13:33:46 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2021.08.31 13:33:46 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2021.08.31 13:33:46 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2021.08.31 13:33:46 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2021.08.31 13:33:46 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2021.08.31 13:33:46 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2021.08.31 13:33:46 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2021.08.31 13:33:46 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2021.08.31 13:33:46 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2021.08.31 13:33:46 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2021.08.31 13:33:46 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2021.08.31 13:33:46 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2021.08.31 13:33:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2021.08.31 13:33:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2021.08.31 13:33:46 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2021.08.31 13:33:46 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2021.08.31 13:33:46 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2021.08.31 13:33:46 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2021.08.31 13:33:46 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2021.08.31 13:33:46 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2021.08.31 13:33:46 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2021.08.31 13:33:46 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2021.08.31 13:33:46 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2021.08.31 13:33:46 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2021.08.31 13:33:46 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2021.08.31 13:33:46 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2021.08.31 13:33:46 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2021.08.31 13:33:46 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2021.08.31 13:33:46 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2021.08.31 13:33:46 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2021.08.31 13:33:46 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2021.08.31 13:33:46 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2021.08.31 13:33:46 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2021.08.31 13:33:46 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2021.08.31 13:33:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2021.08.31 13:33:46 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2021.08.31 13:33:46 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2021.08.31 13:33:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2021.08.31 13:33:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2021.08.31 13:33:46 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2021.08.31 13:33:46 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2021.08.31 13:33:46 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2021.08.31 13:33:46 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2021.08.31 13:33:46 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2021.08.31 13:33:46 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2021.08.31 13:33:46 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2021.08.31 13:33:46 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2021.08.31 13:33:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2021.08.31 13:33:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2021.08.31 13:33:46 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2021.08.31 13:33:46 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2021.08.31 13:33:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2021.08.31 13:33:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2021.08.31 13:33:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2021.08.31 13:33:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2021.08.31 13:33:46 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2021.08.31 13:27:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ATI [2021.08.31 13:27:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\ATI [2021.08.31 13:26:19 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Security Essentials [2021.08.31 13:25:56 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Nero Lite [2021.08.31 13:25:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Adobe [2021.08.31 13:25:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Adobe [2021.08.31 13:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2021.08.31 13:20:20 | 002,813,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll [2021.08.31 13:20:20 | 002,185,832 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll [2021.08.31 13:20:20 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll [2021.08.31 13:20:20 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2021.08.31 13:20:20 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2021.08.31 13:20:20 | 000,300,648 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys [2021.08.31 13:20:20 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll [2021.08.31 13:20:20 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll [2021.08.31 13:20:20 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll [2021.08.31 13:20:20 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll [2021.08.31 13:19:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2021.08.31 13:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2021.08.31 13:19:52 | 002,625,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2021.08.31 13:19:52 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2021.08.31 13:19:52 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2021.08.31 13:19:52 | 002,048,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2021.08.31 13:19:52 | 001,215,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2021.08.31 13:19:52 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2021.08.31 13:19:52 | 000,873,048 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll [2021.08.31 13:19:52 | 000,739,416 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll [2021.08.31 13:19:52 | 000,601,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2021.08.31 13:19:52 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2021.08.31 13:19:52 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2021.08.31 13:19:52 | 000,338,336 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2021.08.31 13:19:52 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2021.08.31 13:19:52 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2021.08.31 13:19:52 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2021.08.31 13:19:52 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2021.08.31 13:19:52 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2021.08.31 13:19:52 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2021.08.31 13:19:52 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2021.08.31 13:19:52 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2021.08.31 13:19:52 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2021.08.31 13:19:52 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2021.08.31 13:19:52 | 000,080,984 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll [2021.08.31 13:19:52 | 000,079,976 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2021.08.31 13:19:52 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2021.08.31 13:19:52 | 000,064,600 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll [2021.08.31 13:19:52 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll [2021.08.31 13:19:51 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2021.08.31 13:19:51 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2021.08.31 13:19:49 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2021.08.31 13:18:33 | 000,412,776 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2021.08.31 13:18:33 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2021.08.31 13:18:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology [2021.08.31 13:18:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3 [2021.08.31 13:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2021.08.31 13:17:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2021.08.31 13:16:07 | 000,070,200 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2021.08.31 13:16:07 | 000,028,728 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2021.08.31 13:16:06 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys [2021.08.31 13:16:01 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2021.08.31 13:16:01 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2021.08.31 13:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2021.08.31 13:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2021.08.31 13:13:58 | 000,015,408 | ---- | C] (BIOSTAR Group) -- C:\Windows\SysNative\drivers\BS_I2c64.sys [2021.08.31 13:13:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BIOSTAR [2021.08.31 13:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2021.08.31 13:13:43 | 000,014,136 | R--- | C] (BIOSTAR Group) -- C:\Windows\SysWow64\drivers\BIOS64.sys [2021.08.31 13:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2021.08.31 13:11:35 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2021.08.31 13:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK Wireless LAN Utility [2021.08.31 13:11:18 | 000,614,400 | R--- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysNative\Rtlihvs.dll [2021.08.31 13:11:17 | 000,380,928 | R--- | C] (Realtek) -- C:\Windows\SysNative\RtlUI2.exe [2021.08.31 13:11:17 | 000,188,416 | R--- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysNative\RTLExtUI.dll [2021.08.31 13:11:11 | 000,614,400 | ---- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysWow64\Rtlihvs.dll [2021.08.31 13:11:10 | 000,188,416 | ---- | C] (Realtek Semiconductor Corp. ) -- C:\Windows\SysWow64\RTLExtUI.dll [2021.08.31 13:11:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REALTEK [2021.08.31 13:11:07 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2021.08.31 13:08:15 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2021.08.31 13:08:15 | 000,000,000 | R--D | C] -- C:\Users\User\Searches [2021.08.31 13:08:15 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2021.08.31 13:08:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Identities [2021.08.31 13:08:08 | 000,000,000 | R--D | C] -- C:\Users\User\Contacts [2021.08.31 13:08:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\VirtualStore [2021.08.31 13:08:04 | 000,000,000 | --SD | C] -- C:\Users\User\AppData\Roaming\Microsoft [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\Videos [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\Saved Games [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\Pictures [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\Music [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\Links [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\Favorites [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\Downloads [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\Documents [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\Desktop [2021.08.31 13:08:04 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Vorlagen [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Verlauf [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Temporary Internet Files [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Startmenü [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\SendTo [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Recent [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Netzwerkumgebung [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Lokale Einstellungen [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\Eigene Videos [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\Eigene Musik [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Eigene Dateien [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\Eigene Bilder [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Druckumgebung [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Cookies [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Anwendungsdaten [2021.08.31 13:08:04 | 000,000,000 | -HSD | C] -- C:\Users\User\Anwendungsdaten [2021.08.31 13:08:04 | 000,000,000 | -H-D | C] -- C:\Users\User\AppData [2021.08.31 13:08:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Temp [2021.08.31 13:08:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Microsoft [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\Programme [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2021.08.31 13:07:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2021.08.31 13:07:58 | 000,000,000 | ---D | C] -- C:\Recovery [2021.08.31 13:07:55 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2021.08.31 13:04:27 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2021.08.31 13:04:17 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.11.11 08:14:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2012.11.03 13:22:43 | 000,000,000 | R--D | C] -- C:\Sandbox [2012.11.03 13:18:29 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.11.03 13:18:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.11.03 13:18:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.11.03 13:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com [2012.11.03 13:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie [2012.11.03 13:06:54 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie [2012.11.03 12:40:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.11.03 12:35:47 | 000,000,000 | ---D | C] -- C:\temp [2012.11.03 12:33:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2012.11.03 12:33:07 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys [2012.11.03 12:33:07 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2012.11.03 12:33:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2012.11.03 12:33:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2012.11.03 12:33:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2012.11.03 12:33:06 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2012.11.03 12:33:06 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2012.11.03 12:33:06 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2012.11.03 12:33:06 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2012.11.03 12:33:06 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2012.11.03 12:33:06 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2012.11.03 12:33:06 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2012.11.03 12:33:06 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2012.11.03 12:33:06 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2012.11.03 12:33:06 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2012.11.03 12:33:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2012.11.03 12:33:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2012.11.03 12:33:06 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2012.11.03 12:33:06 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2012.11.03 12:33:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2012.11.03 12:33:05 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2012.11.03 12:33:05 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2012.11.03 12:33:05 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2012.11.03 12:33:05 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2012.11.03 12:26:54 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.11.03 12:26:54 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.11.03 12:26:54 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.11.03 12:26:54 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.11.03 12:26:54 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.11.03 12:26:54 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.11.03 12:26:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.11.03 12:26:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.11.03 12:26:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.11.03 12:26:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.11.03 12:26:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.11.03 12:26:54 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.11.03 12:26:54 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.11.03 12:26:54 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.11.03 12:26:54 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.11.03 12:26:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.11.03 12:26:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.11.03 12:26:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.11.03 12:26:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.11.03 12:26:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.11.03 12:26:42 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.11.03 12:26:42 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.11.03 12:26:39 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012.11.03 12:26:36 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012.11.03 12:26:35 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012.11.03 12:26:05 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012.11.03 12:25:21 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012.11.03 12:25:21 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012.11.03 12:25:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012.11.03 12:05:15 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012.11.03 12:05:15 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012.11.03 12:05:15 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.11.03 12:04:56 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.11.03 12:04:56 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.11.03 12:04:56 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012.11.03 12:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.11.03 11:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.11.03 11:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012.11.03 11:50:02 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.11.03 11:50:02 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.10.31 20:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.10.31 20:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.10.24 20:03:17 | 002,213,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller.exe [2012.10.22 19:46:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012.10.22 19:34:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.10.22 19:34:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.10.22 19:34:53 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.10.22 19:34:48 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.10.22 19:34:34 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012.10.19 19:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.10.19 19:50:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2012.10.18 21:09:24 | 000,000,000 | ---D | C] -- C:\sh4ldr [2012.10.18 21:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2012.10.18 17:35:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes [2012.10.18 17:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.18 17:34:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.10.18 17:34:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.18 17:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.18 17:26:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\LavasoftStatistics [2012.10.18 17:26:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Ad-Aware Antivirus [2012.10.18 17:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012.10.18 17:20:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2012.10.14 15:27:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\vlc [2012.10.14 07:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013 [2012.10.14 07:25:50 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll [2012.10.14 07:25:08 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP [2012.10.13 14:49:52 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.10.13 14:49:51 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.10.13 14:49:51 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.10.13 14:49:50 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.10.13 14:49:37 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.10.13 14:49:37 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2021.08.31 13:33:46 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2021.08.31 13:33:46 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2021.08.31 13:33:46 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2021.08.31 13:33:46 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2021.08.31 13:33:46 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2021.08.31 13:33:46 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2021.08.31 13:33:46 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2021.08.31 13:33:46 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2021.08.31 13:33:46 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2021.08.31 13:33:46 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2021.08.31 13:33:46 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2021.08.31 13:33:46 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2021.08.31 13:33:46 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2021.08.31 13:33:46 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2021.08.31 13:33:46 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2021.08.31 13:33:46 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2021.08.31 13:33:46 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2021.08.31 13:33:46 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2021.08.31 13:33:46 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2021.08.31 13:33:46 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2021.08.31 13:33:46 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2021.08.31 13:33:46 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2021.08.31 13:33:46 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2021.08.31 13:33:46 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2021.08.31 13:33:46 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2021.08.31 13:33:46 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2021.08.31 13:33:46 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2021.08.31 13:33:46 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2021.08.31 13:33:46 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2021.08.31 13:33:46 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2021.08.31 13:33:46 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2021.08.31 13:33:46 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2021.08.31 13:33:46 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2021.08.31 13:33:46 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2021.08.31 13:33:46 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2021.08.31 13:33:46 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2021.08.31 13:33:46 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2021.08.31 13:33:46 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2021.08.31 13:33:46 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2021.08.31 13:33:46 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2021.08.31 13:33:46 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2021.08.31 13:33:46 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2021.08.31 13:33:46 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2021.08.31 13:33:46 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2021.08.31 13:33:46 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2021.08.31 13:33:46 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2021.08.31 13:33:46 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2021.08.31 13:33:46 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2021.08.31 13:33:46 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2021.08.31 13:33:46 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2021.08.31 13:33:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2021.08.31 13:33:46 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2021.08.31 13:33:46 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2021.08.31 13:33:46 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2021.08.31 13:33:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2021.08.31 13:33:46 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2021.08.31 13:33:46 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2021.08.31 13:33:46 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2021.08.31 13:33:46 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2021.08.31 13:11:32 | 000,002,252 | ---- | M] () -- C:\Users\Public\Desktop\REALTEK Wireless LAN Utility.lnk [2021.08.31 13:05:56 | 000,205,096 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2021.08.31 13:05:56 | 000,205,096 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2021.08.31 13:04:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.11.11 08:46:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.11 08:35:03 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.11 08:35:03 | 000,021,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.11 08:34:43 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.11.11 08:34:43 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.11.11 08:34:43 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.11.11 08:34:43 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.11.11 08:34:43 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.11.11 08:27:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.11 08:27:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2012.11.11 08:27:34 | 3220,672,512 | -HS- | M] () -- C:\hiberfil.sys [2012.11.11 08:14:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe [2012.11.11 08:13:10 | 000,050,477 | ---- | M] () -- C:\Users\User\Desktop\Defogger.exe [2012.11.10 10:03:04 | 000,002,146 | ---- | M] () -- C:\Windows\Sandboxie.ini [2012.11.09 16:23:36 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.11.09 16:23:36 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.11.03 16:48:13 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.11.03 16:46:25 | 000,002,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2012.11.03 13:18:29 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.11.03 13:06:54 | 000,000,920 | ---- | M] () -- C:\Users\User\Desktop\Sandboxed Web Browser.lnk [2012.11.03 12:39:12 | 000,286,776 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.11.03 12:04:45 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012.11.03 12:04:44 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012.11.03 12:04:44 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012.11.03 12:04:44 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.11.03 12:04:44 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.11.03 12:04:44 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.11.03 11:54:56 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2012.10.24 20:03:26 | 002,213,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller.exe [2012.10.22 19:46:21 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012.10.19 19:26:35 | 000,000,000 | ---- | M] () -- C:\Users\User\defogger_reenable [2012.10.18 17:36:19 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.14 10:04:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.10.14 07:45:54 | 000,611,160 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2012.10.14 07:45:54 | 000,029,528 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klmouflt.sys [2012.10.14 07:45:54 | 000,029,016 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klkbdflt.sys [2012.10.14 06:57:39 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2021.08.31 13:33:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2021.08.31 13:33:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2021.08.31 13:18:33 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2021.08.31 13:16:01 | 000,031,696 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2021.08.31 13:16:01 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2021.08.31 13:16:01 | 000,001,035 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat [2021.08.31 13:11:32 | 000,002,252 | ---- | C] () -- C:\Users\Public\Desktop\REALTEK Wireless LAN Utility.lnk [2021.08.31 13:11:09 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2021.08.31 13:08:16 | 000,001,449 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2021.08.31 13:08:04 | 000,001,228 | ---- | C] () -- C:\Users\User\Desktop\Windows Explorer.lnk [2021.08.31 13:04:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2021.08.31 13:04:17 | 3220,672,512 | -HS- | C] () -- C:\hiberfil.sys [2012.11.11 08:13:09 | 000,050,477 | ---- | C] () -- C:\Users\User\Desktop\Defogger.exe [2012.11.08 06:48:10 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.03 13:18:29 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.11.03 13:07:11 | 000,000,920 | ---- | C] () -- C:\Users\User\Desktop\Sandboxed Web Browser.lnk [2012.11.03 13:07:08 | 000,002,146 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012.11.03 11:54:56 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2012.11.03 11:54:56 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2012.10.22 19:34:53 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.10.22 19:34:53 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.10.22 19:34:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.10.22 19:34:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.10.22 19:34:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.10.19 19:26:35 | 000,000,000 | ---- | C] () -- C:\Users\User\defogger_reenable [2012.10.18 17:34:04 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.14 10:04:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.08.04 08:49:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.04.25 17:43:05 | 000,003,400 | ---- | C] () -- C:\Windows\SysWow64\EasyRedirect.ini [2012.04.25 17:43:05 | 000,002,008 | ---- | C] () -- C:\Windows\SysWow64\EasyRedirectOff.ini [2012.01.18 05:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 05:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 05:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2011.12.13 18:19:11 | 001,641,574 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.10.26 16:35:45 | 000,226,393 | ---- | C] () -- C:\Windows\hpoins18.dat [2011.10.26 16:35:45 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat [2011.10.13 19:47:29 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2011.10.08 09:23:54 | 000,017,408 | ---- | C] () -- C:\Users\User\AppData\Local\WebpageIcons.db ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.10.18 17:26:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ad-Aware Antivirus [2012.06.26 20:44:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Digital Red [2011.10.23 10:56:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\pdfforge [2011.10.23 10:35:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Thunderbird ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 11.11.2012 08:47:34 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Basic Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 65,13% Memory free
8,00 Gb Paging File | 6,41 Gb Available in Paging File | 80,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 854,37 Gb Free Space | 91,73% Space Free | Partition Type: NTFS
Drive D: | 4,17 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1094074872-1752826812-3503717829-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C168EF1-F61D-4E9A-8F93-50FBCD80A0C3}" = rport=445 | protocol=6 | dir=out | app=system |
"{409E3CF4-D60E-48CA-B391-6FB95D2F5902}" = rport=138 | protocol=17 | dir=out | app=system |
"{412B7588-2B2B-4F88-9A0A-9CA245BA3093}" = lport=445 | protocol=6 | dir=in | app=system |
"{56549CE5-477D-4158-B81A-506AB51FEC2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66622F83-8657-4090-AAB1-C5CD98259A03}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{6F9A2D96-6913-4C82-BB7A-C38CF8D48CC9}" = lport=137 | protocol=17 | dir=in | app=system |
"{74BB785C-56C6-4CD1-98AC-468280EFEA0A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{77FC6E8D-8AB4-4877-B7EC-FA678BBC18F0}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{7D8A989D-ABA3-47A7-B7B0-8E1F374C7EA7}" = rport=137 | protocol=17 | dir=out | app=system |
"{8655AD12-FECF-4039-A878-9E7591BD31AD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9DC160DD-F45D-46AE-BA4B-DA56ED87A4E0}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{BBF5A4BE-EB68-40AE-94B6-4E233F20F1E8}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{CB1EE738-0586-431E-83CD-68F982206074}" = lport=138 | protocol=17 | dir=in | app=system |
"{DE07C260-9E74-4586-ACA3-9B4F29CC18BC}" = lport=139 | protocol=6 | dir=in | app=system |
"{E895C978-31B3-4FDC-BD37-4CD0ADBA9B1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F9E5FC04-7FC4-4009-A809-A3DEC81F3DC5}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00EE5B81-22C6-4594-975C-78D5314CA354}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{022DB0E4-393C-44E5-ADB9-FC212F32DE56}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{0B0B3662-70DA-4A07-AAD5-63C0B9AF9E09}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{141BEB73-7897-4C2A-8BDA-FE04C19D32D9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{1E9CD262-5FC9-4431-A378-6F1A95CE955D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{1FE21E37-CB94-484D-9C2C-2B5BB5331D12}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2D270BFB-FDE5-4DFF-A259-51F0CCC5E990}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{4319E25C-D604-4CAE-88C2-614412EC865C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{4A3F6660-2624-4BA9-9496-C9E8B545B26A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{4E56E38D-78D9-4B02-9379-F1AC89454591}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{511F156A-1421-46B9-ACE7-7F728CA2067E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{5C970885-ECA6-4CE9-956F-2FE378ED3A18}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{639E2A70-4FDB-43D8-9AAB-96AE764E7379}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{68A98D7F-3032-4535-A0C5-B9E481B43D2D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6A757F2E-70A1-4D14-BB23-68AD9164CDC8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{70EC1968-CA1F-4F56-9C8F-AF5EBB23AFDB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{75BEAA8D-2246-419B-A6CD-667561531487}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{7933D668-F98C-4CD8-A22F-D23DCEA8FBA1}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7C2C72EE-C5D6-4278-A481-965A70E05DE0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{838B6106-34DE-421E-8A79-B341D01D469B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{9D203B91-B437-4D0F-9A7E-0535B0A37710}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{A241ED8B-8E27-4533-AAA0-BFDCAD17439B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{A2EC6D20-DE3A-4CC3-A715-83E45545CA11}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{A6B2A6B3-0513-4AD2-8C3C-64B6DA9B2A02}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A7E21AF7-A229-4AFC-B39B-28FD7ED51889}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C2F4FC6D-33A2-47A8-812F-3DE482E2D880}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\819xp wireless lan utility\rtwlan.exe |
"{C573EAAD-58BD-4F88-B5FC-6C26E3DDB8C3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{C6535073-E836-4031-B1A1-C6505DD58D3C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DB55B51D-ABCC-425E-9710-EF3658C465B2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{DD79D075-EB77-4BDD-BD21-B9D34280EB3D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{DE0A4133-5FC6-4BAC-ACBA-97620CBD62A3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{E41870EB-5369-48E2-A803-6B0468C2E186}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{ECC3C182-B27F-42F1-9F05-6F03F46A91A3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F02FC5AA-5694-484D-9154-06085E0149FE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{F4FEEFBA-3915-4250-B08B-CF66B433986B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FCF03334-4392-46F5-9CBB-AE256338829E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FED5A147-6FF8-479A-8A7F-254827B88A1D}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\819xp wireless lan utility\rtwlan.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64555D45-1F57-BF1D-1A5E-BFD4C8C0ADB4}" = ATI Catalyst Install Manager
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}" = WinZip 16.5
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client DE-DE Language Pack
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Sandboxie" = Sandboxie 3.74 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1E4A6F03-4D71-4496-9B2D-71C8B59F64DE}" = BiosNotice
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4FC4433D-E687-43D5-B8A8-88D40F5AD8B4}" = REALTEK Wireless LAN Driver and Utility
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A1107CD-A2EF-B18D-65E6-D8496CC99BB7}" = Catalyst Control Center InstallProxy
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Cities XL" = Cities XL
"Die Gilde Gold Update v. 2.06 " = Die Gilde Gold Update v. 2.06
"Die Gilde Gold-Edition" = Die Gilde Gold-Edition
"FileHippo.com" = FileHippo.com Update Checker
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"Mozilla Thunderbird 16.0.2 (x86 en-US)" = Mozilla Thunderbird 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.10.2012 14:03:58 | Computer Name = User-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 22.10.2012 13:28:16 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.10.2012 13:58:17 | Computer Name = User-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 22.10.2012 14:46:03 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.10.2012 14:55:13 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.10.2012 14:38:58 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.10.2012 05:01:40 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2012 15:07:32 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.10.2012 14:55:54 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.11.2012 06:37:24 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 04.10.2012 14:25:40 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 04.10.2012 14:26:50 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 04.10.2012 14:26:51 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 04.10.2012 14:26:51 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 04.10.2012 14:26:52 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 07.10.2012 13:00:56 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 07.10.2012 13:00:58 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 14.10.2012 02:22:26 | Computer Name = User-PC | Source = DCOM | ID = 10010
Description =
Error - 14.10.2012 03:39:00 | Computer Name = User-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "EasyRedirect" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 14.10.2012 05:02:42 | Computer Name = User-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR6 gefunden.
< End of report >
|
|
12.11.2012, 14:50
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Schon irgendwelche Scans mit anderen Tools gemacht? Log mit Funden da? Siehe => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ |
|
13.11.2012, 08:23
| #3 |
| | Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" Guten Morgen Cosinus und danke für die schnelle Rückmeldung.
__________________Ich habe am Sonntag zwei Scans durchgeführt. Hier die Ergebnisse: Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.11.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 User :: USER-PC [Administrator] 11.11.2012 09:12:52 mbam-log-2012-11-11 (09-12-52).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|G:\|H:\|I:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 333116 Laufzeit: 24 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Eset Online Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=eff9f87ff43f494fa471ff047df379aa
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-11-11 10:36:36
# local_time=2012-11-11 11:36:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1280 16777215 100 0 2430535 2430535 0 0
# compatibility_mode=5893 16776573 100 94 167726 104256395 0 0
# compatibility_mode=8192 67108863 100 0 3734 3734 0 0
# scanned=121538
# found=1
# cleaned=1
# scan_time=3651
C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe Win32/Toolbar.Widgi Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
Und ich habe die WLAN-Verbindung erneuert, in der Hoffnung eine "saubere" IP-Adresse zu bekommen. Soeben hat mir Emsisoft die folgende Warnung ausgespuckt: Code:
ATTFilter Emsisoft Anti-Malware - Version 7.0
IDS log
Datum PID Ursprung Vorgang Verhalten/Infektion
13.11.2012 08:12:23 3440 C:\Program Files (x86)\BIOSTAR\BiosNotice\BiosNotice.exe Von Benutzer terminiert Behavior.TrojanDownloader
|
|
13.11.2012, 13:35
| #4 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk"Zitat:
Es gibt keine "dreckigen" und "sauberen" IP-Nummern. Zudem wirst du als Privatmensch aller Wahrscheinlichkeit nach eine dynamische IP-Adresse vom Provider bekommen, d.h. du hast immer eine andere IP-Adresse beim nächsten Verbindungen mit dem Internet (der Router managed das für dich) - den dynamischen Adressen kann also kein festes Gerät und kein fester Anschluss zugeordnet werden demnach macht es auch keinen Sinn dynamische IPs direkt auf Sperrlisten zu setzen Das war jetzt aber alles über die WAN-Verbindung - WLAN ist aber LAN und nicht WAN (Internet) - LAN ist dein internes Netz und NICHT von außen zugänglich und somit ist es völlig egal welche interne Adresse dein Gerät verwendet, spielt für die Kommunikation mit dem Internet so keine Rolle Zitat:
Sonst gab es nie Funde oder doch?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.11.2012, 20:13
| #5 |
| | Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" Hallo Cosinus, ich hatte vor ein paar Wochen mal eine Meldung, bei derMarkusG mir weitergeholfen hatte. Allerdings weiß ich nicht, ob etwas vorlag oder ob es ein Fehlalarm war. http://www.trojaner-board.de/125903-...korrekt-2.html Zu keiner Zeit vorher und seitdem hatte ich irgendwelche Probleme, Alarme, o. ä. Auch keine neuen Eingabeaufforderungen seitens google. Hallo Cosinus, habe gerade noch die folgende Meldung von Emsisoft erhalten: Code:
ATTFilter Emsisoft Anti-Malware - Version 7.0
IDS log
Datum PID Ursprung Vorgang Verhalten/Infektion
13.11.2012 20:14:37 1696 C:\Program Files (x86)\Mozilla Firefox\firefox.exe Von Regel blockiert AD.YIELDMANAGER.COM
|
|
13.11.2012, 22:58
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" Das zu Firefox ist ein Fehlalarm Zitat:
__________________ --> Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" |
|
15.11.2012, 20:59
| #7 |
| | Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" Hallo Cosinus, Seit Sonntag hatte ich keine google-Meldung mehr, allerdings ist Wochentags der PC selten laenger an. |
|
27.11.2012, 10:06
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.11.2012, 22:02
| #9 |
| | Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" Hallo Cosinus, hier nun die logs: Avast: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-27 21:47:20
-----------------------------
21:47:20.945 OS Version: Windows x64 6.1.7601 Service Pack 1
21:47:20.945 Number of processors: 4 586 0x503
21:47:20.945 ComputerName: USER-PC UserName: User
21:47:22.505 Initialize success
21:49:53.862 AVAST engine defs: 12112701
21:51:02.767 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:51:02.767 Disk 0 Vendor: SAMSUNG_HD105SI 1AJ10001 Size: 953869MB BusType: 11
21:51:02.783 Disk 0 MBR read successfully
21:51:02.783 Disk 0 MBR scan
21:51:02.799 Disk 0 Windows 7 default MBR code
21:51:02.799 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:51:02.814 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953766 MB offset 206848
21:51:02.845 Disk 0 scanning C:\Windows\system32\drivers
21:51:11.425 Service scanning
21:51:30.894 Modules scanning
21:51:30.910 Disk 0 trace - called modules:
21:51:30.925 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:51:30.941 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a03790]
21:51:31.471 3 CLASSPNP.SYS[fffff8800216143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80049e5680]
21:51:33.250 AVAST engine scan C:\Windows
21:51:37.883 AVAST engine scan C:\Windows\system32
21:54:00.343 AVAST engine scan C:\Windows\system32\drivers
21:54:11.607 AVAST engine scan C:\Users\User
21:56:17.733 AVAST engine scan C:\ProgramData
21:57:06.545 Scan finished successfully
21:57:13.862 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
21:57:13.862 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"
Code:
ATTFilter 21:58:16.0730 4656 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:58:17.0010 4656 ============================================================
21:58:17.0010 4656 Current date / time: 2012/11/27 21:58:17.0010
21:58:17.0010 4656 SystemInfo:
21:58:17.0010 4656
21:58:17.0010 4656 OS Version: 6.1.7601 ServicePack: 1.0
21:58:17.0010 4656 Product type: Workstation
21:58:17.0010 4656 ComputerName: USER-PC
21:58:17.0010 4656 UserName: User
21:58:17.0010 4656 Windows directory: C:\Windows
21:58:17.0010 4656 System windows directory: C:\Windows
21:58:17.0010 4656 Running under WOW64
21:58:17.0010 4656 Processor architecture: Intel x64
21:58:17.0010 4656 Number of processors: 4
21:58:17.0010 4656 Page size: 0x1000
21:58:17.0010 4656 Boot type: Normal boot
21:58:17.0010 4656 ============================================================
21:58:17.0822 4656 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
21:58:17.0853 4656 ============================================================
21:58:17.0853 4656 \Device\Harddisk0\DR0:
21:58:17.0853 4656 MBR partitions:
21:58:17.0853 4656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:58:17.0853 4656 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
21:58:17.0853 4656 ============================================================
21:58:17.0868 4656 C: <-> \Device\Harddisk0\DR0\Partition2
21:58:17.0868 4656 ============================================================
21:58:17.0868 4656 Initialize success
21:58:17.0868 4656 ============================================================
21:58:58.0709 4564 ============================================================
21:58:58.0709 4564 Scan started
21:58:58.0709 4564 Mode: Manual; SigCheck; TDLFS;
21:58:58.0709 4564 ============================================================
21:58:59.0037 4564 ================ Scan system memory ========================
21:58:59.0037 4564 System memory - ok
21:58:59.0037 4564 ================ Scan services =============================
21:58:59.0209 4564 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:58:59.0349 4564 1394ohci - ok
21:58:59.0411 4564 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
21:58:59.0474 4564 a2acc - ok
21:58:59.0583 4564 [ E327C0DE1D7013BE360881801C0AB0FA ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
21:58:59.0645 4564 a2AntiMalware - ok
21:58:59.0692 4564 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
21:58:59.0723 4564 A2DDA - ok
21:58:59.0739 4564 [ 3D55CE53128C81E06CD6B024C3B9FAC3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
21:58:59.0755 4564 a2injectiondriver - ok
21:58:59.0770 4564 [ E41D79682A209F72F4F578CFD4A53952 ] a2util C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
21:58:59.0786 4564 a2util - ok
21:58:59.0801 4564 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:58:59.0817 4564 ACPI - ok
21:58:59.0833 4564 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:58:59.0926 4564 AcpiPmi - ok
21:58:59.0989 4564 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:59:00.0020 4564 AdobeARMservice - ok
21:59:00.0113 4564 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:59:00.0129 4564 AdobeFlashPlayerUpdateSvc - ok
21:59:00.0160 4564 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:59:00.0191 4564 adp94xx - ok
21:59:00.0269 4564 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:59:00.0316 4564 adpahci - ok
21:59:00.0347 4564 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:59:00.0363 4564 adpu320 - ok
21:59:00.0379 4564 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:59:00.0519 4564 AeLookupSvc - ok
21:59:00.0550 4564 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:59:00.0581 4564 AFD - ok
21:59:00.0613 4564 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:59:00.0628 4564 agp440 - ok
21:59:00.0644 4564 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:59:00.0722 4564 ALG - ok
21:59:00.0753 4564 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:59:00.0769 4564 aliide - ok
21:59:00.0878 4564 [ E0FD88EAD5D8B1FAE64A500D1D825C6D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:59:00.0971 4564 AMD External Events Utility - ok
21:59:00.0987 4564 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:59:01.0003 4564 amdide - ok
21:59:01.0034 4564 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:59:01.0065 4564 AmdK8 - ok
21:59:01.0205 4564 [ 9337B5FABC03CA44CD355F700DA9B25B ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
21:59:01.0315 4564 amdkmdag - ok
21:59:01.0361 4564 [ 560688A447E7A87F43774A2FF23A3E52 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:59:01.0393 4564 amdkmdap - ok
21:59:01.0408 4564 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:59:01.0439 4564 AmdPPM - ok
21:59:01.0486 4564 [ 53D8D46D51D390ABDB54ECA623165CB7 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
21:59:01.0517 4564 amdsata - ok
21:59:01.0533 4564 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:59:01.0549 4564 amdsbs - ok
21:59:01.0564 4564 [ 75C51148154E34EB3D7BB84749A758D5 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:59:01.0580 4564 amdxata - ok
21:59:01.0611 4564 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:59:01.0767 4564 AppID - ok
21:59:01.0798 4564 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:59:01.0907 4564 AppIDSvc - ok
21:59:01.0970 4564 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:59:02.0048 4564 Appinfo - ok
21:59:02.0095 4564 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:59:02.0126 4564 Apple Mobile Device - ok
21:59:02.0173 4564 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:59:02.0188 4564 arc - ok
21:59:02.0204 4564 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:59:02.0219 4564 arcsas - ok
21:59:02.0235 4564 [ E1E75921E9EB025009696D4837F531FB ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
21:59:02.0297 4564 asmthub3 - ok
21:59:02.0313 4564 [ B0CF9AB16006B61634D4F955345CA5D2 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
21:59:02.0391 4564 asmtxhci - ok
21:59:02.0531 4564 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:59:02.0578 4564 aspnet_state - ok
21:59:02.0594 4564 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:59:02.0672 4564 AsyncMac - ok
21:59:02.0687 4564 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:59:02.0703 4564 atapi - ok
21:59:02.0750 4564 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
21:59:02.0765 4564 AtiPcie - ok
21:59:02.0781 4564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:59:02.0843 4564 AudioEndpointBuilder - ok
21:59:02.0843 4564 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:59:02.0875 4564 AudioSrv - ok
21:59:02.0906 4564 AVP - ok
21:59:02.0953 4564 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:59:03.0046 4564 AxInstSV - ok
21:59:03.0077 4564 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:59:03.0140 4564 b06bdrv - ok
21:59:03.0187 4564 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:59:03.0249 4564 b57nd60a - ok
21:59:03.0265 4564 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:59:03.0311 4564 BDESVC - ok
21:59:03.0343 4564 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:59:03.0389 4564 Beep - ok
21:59:03.0421 4564 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:59:03.0467 4564 BFE - ok
21:59:03.0499 4564 [ 00CADB1BC2D0030F0B2A1063618B6BD7 ] BIOS C:\Windows\system32\drivers\BIOS64.sys
21:59:03.0514 4564 BIOS - ok
21:59:03.0592 4564 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
21:59:03.0670 4564 BITS - ok
21:59:03.0686 4564 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:59:03.0717 4564 blbdrive - ok
21:59:03.0795 4564 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:59:03.0826 4564 Bonjour Service - ok
21:59:03.0857 4564 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:59:03.0904 4564 bowser - ok
21:59:03.0920 4564 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:59:03.0951 4564 BrFiltLo - ok
21:59:03.0967 4564 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:59:03.0982 4564 BrFiltUp - ok
21:59:03.0998 4564 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:59:04.0029 4564 BridgeMP - ok
21:59:04.0060 4564 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:59:04.0091 4564 Browser - ok
21:59:04.0107 4564 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:59:04.0201 4564 Brserid - ok
21:59:04.0216 4564 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:59:04.0263 4564 BrSerWdm - ok
21:59:04.0279 4564 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:59:04.0310 4564 BrUsbMdm - ok
21:59:04.0310 4564 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:59:04.0341 4564 BrUsbSer - ok
21:59:04.0403 4564 [ 83601BBE5563D92C1FDB4E960D84DC77 ] BS_I2cIo C:\Windows\system32\drivers\BS_I2c64.sys
21:59:04.0419 4564 BS_I2cIo - ok
21:59:04.0435 4564 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:59:04.0481 4564 BTHMODEM - ok
21:59:04.0528 4564 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:59:04.0575 4564 bthserv - ok
21:59:04.0591 4564 catchme - ok
21:59:04.0653 4564 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:59:04.0731 4564 cdfs - ok
21:59:04.0762 4564 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:59:04.0778 4564 cdrom - ok
21:59:04.0778 4564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:59:04.0825 4564 CertPropSvc - ok
21:59:04.0840 4564 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:59:04.0856 4564 circlass - ok
21:59:04.0887 4564 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:59:04.0903 4564 CLFS - ok
21:59:04.0949 4564 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:59:04.0996 4564 clr_optimization_v2.0.50727_32 - ok
21:59:05.0027 4564 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:59:05.0043 4564 clr_optimization_v2.0.50727_64 - ok
21:59:05.0121 4564 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:59:05.0246 4564 clr_optimization_v4.0.30319_32 - ok
21:59:05.0261 4564 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:59:05.0293 4564 clr_optimization_v4.0.30319_64 - ok
21:59:05.0308 4564 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:59:05.0339 4564 CmBatt - ok
21:59:05.0371 4564 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:59:05.0386 4564 cmdide - ok
21:59:05.0417 4564 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
21:59:05.0449 4564 CNG - ok
21:59:05.0449 4564 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:59:05.0464 4564 Compbatt - ok
21:59:05.0511 4564 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:59:05.0573 4564 CompositeBus - ok
21:59:05.0573 4564 COMSysApp - ok
21:59:05.0589 4564 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:59:05.0605 4564 crcdisk - ok
21:59:05.0636 4564 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:59:05.0667 4564 CryptSvc - ok
21:59:05.0698 4564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:59:05.0761 4564 DcomLaunch - ok
21:59:05.0792 4564 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:59:05.0823 4564 defragsvc - ok
21:59:05.0839 4564 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:59:05.0870 4564 DfsC - ok
21:59:05.0885 4564 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:59:05.0932 4564 Dhcp - ok
21:59:05.0979 4564 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:59:06.0088 4564 discache - ok
21:59:06.0119 4564 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:59:06.0119 4564 Disk - ok
21:59:06.0151 4564 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:59:06.0182 4564 Dnscache - ok
21:59:06.0244 4564 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:59:06.0307 4564 dot3svc - ok
21:59:06.0385 4564 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:59:06.0447 4564 Dot4 - ok
21:59:06.0478 4564 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:59:06.0509 4564 Dot4Print - ok
21:59:06.0541 4564 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:59:06.0587 4564 dot4usb - ok
21:59:06.0603 4564 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:59:06.0650 4564 DPS - ok
21:59:06.0697 4564 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:59:06.0743 4564 drmkaud - ok
21:59:06.0806 4564 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:59:06.0837 4564 DXGKrnl - ok
21:59:06.0884 4564 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:59:06.0946 4564 EapHost - ok
21:59:07.0040 4564 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:59:07.0102 4564 ebdrv - ok
21:59:07.0133 4564 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:59:07.0165 4564 EFS - ok
21:59:07.0196 4564 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:59:07.0211 4564 elxstor - ok
21:59:07.0227 4564 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:59:07.0243 4564 ErrDev - ok
21:59:07.0289 4564 esgiguard - ok
21:59:07.0321 4564 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:59:07.0352 4564 EventSystem - ok
21:59:07.0367 4564 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:59:07.0445 4564 exfat - ok
21:59:07.0461 4564 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:59:07.0492 4564 fastfat - ok
21:59:07.0523 4564 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:59:07.0601 4564 Fax - ok
21:59:07.0617 4564 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:59:07.0648 4564 fdc - ok
21:59:07.0664 4564 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:59:07.0726 4564 fdPHost - ok
21:59:07.0726 4564 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:59:07.0773 4564 FDResPub - ok
21:59:07.0789 4564 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:59:07.0789 4564 FileInfo - ok
21:59:07.0804 4564 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:59:07.0835 4564 Filetrace - ok
21:59:07.0851 4564 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:59:07.0867 4564 flpydisk - ok
21:59:07.0882 4564 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:59:07.0898 4564 FltMgr - ok
21:59:07.0945 4564 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:59:08.0007 4564 FontCache - ok
21:59:08.0054 4564 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:59:08.0069 4564 FontCache3.0.0.0 - ok
21:59:08.0085 4564 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:59:08.0101 4564 FsDepends - ok
21:59:08.0132 4564 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:59:08.0132 4564 Fs_Rec - ok
21:59:08.0163 4564 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:59:08.0179 4564 fvevol - ok
21:59:08.0210 4564 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:59:08.0225 4564 gagp30kx - ok
21:59:08.0272 4564 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:59:08.0303 4564 GEARAspiWDM - ok
21:59:08.0335 4564 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:59:08.0381 4564 gpsvc - ok
21:59:08.0397 4564 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:59:08.0428 4564 hcw85cir - ok
21:59:08.0475 4564 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:59:08.0506 4564 HdAudAddService - ok
21:59:08.0553 4564 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:59:08.0600 4564 HDAudBus - ok
21:59:08.0615 4564 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:59:08.0631 4564 HidBatt - ok
21:59:08.0647 4564 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:59:08.0678 4564 HidBth - ok
21:59:08.0693 4564 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:59:08.0709 4564 HidIr - ok
21:59:08.0725 4564 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
21:59:08.0756 4564 hidserv - ok
21:59:08.0771 4564 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:59:08.0771 4564 HidUsb - ok
21:59:08.0803 4564 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:59:08.0896 4564 hkmsvc - ok
21:59:08.0912 4564 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:59:08.0943 4564 HomeGroupListener - ok
21:59:08.0974 4564 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:59:08.0990 4564 HomeGroupProvider - ok
21:59:09.0068 4564 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:59:09.0099 4564 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
21:59:09.0099 4564 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
21:59:09.0115 4564 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:59:09.0146 4564 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
21:59:09.0146 4564 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
21:59:09.0193 4564 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:59:09.0239 4564 HpSAMD - ok
21:59:09.0333 4564 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:59:09.0380 4564 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
21:59:09.0380 4564 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
21:59:09.0411 4564 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:59:09.0473 4564 HTTP - ok
21:59:09.0489 4564 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:59:09.0489 4564 hwpolicy - ok
21:59:09.0536 4564 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:59:09.0567 4564 i8042prt - ok
21:59:09.0598 4564 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:59:09.0629 4564 iaStorV - ok
21:59:09.0801 4564 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:59:09.0848 4564 idsvc - ok
21:59:09.0863 4564 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:59:09.0910 4564 iirsp - ok
21:59:10.0004 4564 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:59:10.0082 4564 IKEEXT - ok
21:59:10.0144 4564 [ C03463214D23B46B991F582821C8DF69 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:59:10.0207 4564 IntcAzAudAddService - ok
21:59:10.0222 4564 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:59:10.0222 4564 intelide - ok
21:59:10.0253 4564 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
21:59:10.0269 4564 intelppm - ok
21:59:10.0300 4564 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:59:10.0347 4564 IPBusEnum - ok
21:59:10.0363 4564 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:59:10.0394 4564 IpFilterDriver - ok
21:59:10.0534 4564 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:59:10.0581 4564 iphlpsvc - ok
21:59:10.0597 4564 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:59:10.0628 4564 IPMIDRV - ok
21:59:10.0643 4564 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:59:10.0690 4564 IPNAT - ok
21:59:10.0737 4564 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:59:10.0784 4564 iPod Service - ok
21:59:10.0815 4564 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:59:10.0846 4564 IRENUM - ok
21:59:10.0862 4564 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:59:10.0877 4564 isapnp - ok
21:59:10.0909 4564 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:59:10.0924 4564 iScsiPrt - ok
21:59:10.0940 4564 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:59:10.0940 4564 kbdclass - ok
21:59:10.0971 4564 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:59:11.0033 4564 kbdhid - ok
21:59:11.0049 4564 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:59:11.0065 4564 KeyIso - ok
21:59:11.0158 4564 [ 8B5219318DF5895ABD230C373F2DF18A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
21:59:11.0205 4564 KL1 - ok
21:59:11.0299 4564 [ 65F3B81FA285EAB641F5E6EF7AEB984D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
21:59:11.0345 4564 KLIF - ok
21:59:11.0377 4564 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
21:59:11.0392 4564 KLIM6 - ok
21:59:11.0439 4564 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
21:59:11.0470 4564 klkbdflt - ok
21:59:11.0486 4564 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
21:59:11.0501 4564 klmouflt - ok
21:59:11.0517 4564 [ A8081ED8D48FA611D11DB97F49A5343D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
21:59:11.0533 4564 kltdi - ok
21:59:11.0564 4564 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
21:59:11.0579 4564 kneps - ok
21:59:11.0595 4564 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:59:11.0611 4564 KSecDD - ok
21:59:11.0642 4564 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:59:11.0657 4564 KSecPkg - ok
21:59:11.0673 4564 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:59:11.0704 4564 ksthunk - ok
21:59:11.0735 4564 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:59:11.0829 4564 KtmRm - ok
21:59:11.0860 4564 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:59:11.0891 4564 LanmanServer - ok
21:59:11.0923 4564 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:59:11.0954 4564 LanmanWorkstation - ok
21:59:11.0969 4564 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:59:12.0063 4564 lltdio - ok
21:59:12.0094 4564 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:59:12.0141 4564 lltdsvc - ok
21:59:12.0172 4564 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:59:12.0203 4564 lmhosts - ok
21:59:12.0219 4564 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:59:12.0235 4564 LSI_FC - ok
21:59:12.0250 4564 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:59:12.0250 4564 LSI_SAS - ok
21:59:12.0281 4564 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:59:12.0281 4564 LSI_SAS2 - ok
21:59:12.0297 4564 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:59:12.0313 4564 LSI_SCSI - ok
21:59:12.0328 4564 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:59:12.0375 4564 luafv - ok
21:59:12.0406 4564 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:59:12.0437 4564 LVRS64 - ok
21:59:12.0547 4564 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:59:12.0625 4564 LVUVC64 - ok
21:59:12.0656 4564 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:59:12.0656 4564 megasas - ok
21:59:12.0687 4564 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:59:12.0703 4564 MegaSR - ok
21:59:12.0718 4564 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:59:12.0765 4564 MMCSS - ok
21:59:12.0781 4564 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:59:12.0812 4564 Modem - ok
21:59:12.0843 4564 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:59:12.0921 4564 monitor - ok
21:59:12.0937 4564 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:59:12.0952 4564 mouclass - ok
21:59:12.0968 4564 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:59:12.0983 4564 mouhid - ok
21:59:12.0999 4564 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:59:12.0999 4564 mountmgr - ok
21:59:13.0061 4564 [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:59:13.0093 4564 MozillaMaintenance - ok
21:59:13.0108 4564 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:59:13.0124 4564 mpio - ok
21:59:13.0155 4564 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:59:13.0186 4564 mpsdrv - ok
21:59:13.0217 4564 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:59:13.0264 4564 MpsSvc - ok
21:59:13.0264 4564 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:59:13.0280 4564 MRxDAV - ok
21:59:13.0311 4564 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:59:13.0373 4564 mrxsmb - ok
21:59:13.0389 4564 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:59:13.0405 4564 mrxsmb10 - ok
21:59:13.0436 4564 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:59:13.0451 4564 mrxsmb20 - ok
21:59:13.0451 4564 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:59:13.0467 4564 msahci - ok
21:59:13.0483 4564 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:59:13.0498 4564 msdsm - ok
21:59:13.0514 4564 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:59:13.0545 4564 MSDTC - ok
21:59:13.0545 4564 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:59:13.0576 4564 Msfs - ok
21:59:13.0592 4564 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:59:13.0639 4564 mshidkmdf - ok
21:59:13.0639 4564 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:59:13.0654 4564 msisadrv - ok
21:59:13.0685 4564 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:59:13.0717 4564 MSiSCSI - ok
21:59:13.0732 4564 msiserver - ok
21:59:13.0748 4564 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:59:13.0826 4564 MSKSSRV - ok
21:59:13.0841 4564 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:59:13.0873 4564 MSPCLOCK - ok
21:59:13.0888 4564 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:59:13.0919 4564 MSPQM - ok
21:59:13.0935 4564 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:59:13.0951 4564 MsRPC - ok
21:59:13.0966 4564 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:59:13.0966 4564 mssmbios - ok
21:59:13.0982 4564 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:59:14.0013 4564 MSTEE - ok
21:59:14.0029 4564 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:59:14.0044 4564 MTConfig - ok
21:59:14.0060 4564 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:59:14.0060 4564 Mup - ok
21:59:14.0091 4564 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:59:14.0122 4564 napagent - ok
21:59:14.0153 4564 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:59:14.0185 4564 NativeWifiP - ok
21:59:14.0216 4564 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:59:14.0278 4564 NDIS - ok
21:59:14.0294 4564 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:59:14.0341 4564 NdisCap - ok
21:59:14.0372 4564 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:59:14.0403 4564 NdisTapi - ok
21:59:14.0403 4564 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:59:14.0450 4564 Ndisuio - ok
21:59:14.0465 4564 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:59:14.0497 4564 NdisWan - ok
21:59:14.0512 4564 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:59:14.0559 4564 NDProxy - ok
21:59:14.0621 4564 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:59:14.0637 4564 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:59:14.0637 4564 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:59:14.0653 4564 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:59:14.0731 4564 NetBIOS - ok
21:59:14.0762 4564 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:59:14.0793 4564 NetBT - ok
21:59:14.0809 4564 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:59:14.0809 4564 Netlogon - ok
21:59:14.0855 4564 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:59:14.0887 4564 Netman - ok
21:59:14.0918 4564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:14.0949 4564 NetMsmqActivator - ok
21:59:14.0949 4564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:14.0965 4564 NetPipeActivator - ok
21:59:14.0965 4564 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:59:15.0027 4564 netprofm - ok
21:59:15.0043 4564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:15.0043 4564 NetTcpActivator - ok
21:59:15.0058 4564 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:15.0058 4564 NetTcpPortSharing - ok
21:59:15.0089 4564 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:59:15.0105 4564 nfrd960 - ok
21:59:15.0152 4564 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:59:15.0167 4564 NlaSvc - ok
21:59:15.0183 4564 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:59:15.0214 4564 Npfs - ok
21:59:15.0245 4564 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:59:15.0277 4564 nsi - ok
21:59:15.0292 4564 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:59:15.0323 4564 nsiproxy - ok
21:59:15.0386 4564 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:59:15.0448 4564 Ntfs - ok
21:59:15.0464 4564 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:59:15.0495 4564 Null - ok
21:59:15.0557 4564 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:59:15.0604 4564 NVHDA - ok
21:59:15.0854 4564 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:59:16.0103 4564 nvlddmkm - ok
21:59:16.0135 4564 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:59:16.0150 4564 nvraid - ok
21:59:16.0166 4564 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:59:16.0181 4564 nvstor - ok
21:59:16.0228 4564 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
21:59:16.0259 4564 nvsvc - ok
21:59:16.0337 4564 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:59:16.0384 4564 nvUpdatusService - ok
21:59:16.0415 4564 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:59:16.0431 4564 nv_agp - ok
21:59:16.0447 4564 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:59:16.0509 4564 ohci1394 - ok
21:59:16.0556 4564 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:59:16.0571 4564 ose - ok
21:59:16.0634 4564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:59:16.0681 4564 p2pimsvc - ok
21:59:16.0696 4564 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:59:16.0727 4564 p2psvc - ok
21:59:16.0759 4564 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:59:16.0774 4564 Parport - ok
21:59:16.0790 4564 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:59:16.0805 4564 partmgr - ok
21:59:16.0821 4564 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:59:16.0868 4564 PcaSvc - ok
21:59:16.0883 4564 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:59:16.0899 4564 pci - ok
21:59:16.0915 4564 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:59:16.0930 4564 pciide - ok
21:59:16.0930 4564 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:59:16.0946 4564 pcmcia - ok
21:59:16.0961 4564 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:59:16.0977 4564 pcw - ok
21:59:16.0993 4564 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:59:17.0039 4564 PEAUTH - ok
21:59:17.0117 4564 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:59:17.0180 4564 PerfHost - ok
21:59:17.0227 4564 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:59:17.0289 4564 pla - ok
21:59:17.0336 4564 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:59:17.0351 4564 PlugPlay - ok
21:59:17.0398 4564 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:59:17.0414 4564 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:59:17.0414 4564 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:59:17.0429 4564 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:59:17.0461 4564 PNRPAutoReg - ok
21:59:17.0476 4564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:59:17.0492 4564 PNRPsvc - ok
21:59:17.0523 4564 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:59:17.0570 4564 PolicyAgent - ok
21:59:17.0617 4564 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:59:17.0663 4564 Power - ok
21:59:17.0679 4564 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:59:17.0710 4564 PptpMiniport - ok
21:59:17.0710 4564 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:59:17.0741 4564 Processor - ok
21:59:17.0773 4564 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:59:17.0866 4564 ProfSvc - ok
21:59:17.0882 4564 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:59:17.0897 4564 ProtectedStorage - ok
21:59:17.0929 4564 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:59:18.0022 4564 Psched - ok
21:59:18.0069 4564 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:59:18.0100 4564 ql2300 - ok
21:59:18.0116 4564 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:59:18.0131 4564 ql40xx - ok
21:59:18.0163 4564 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:59:18.0178 4564 QWAVE - ok
21:59:18.0194 4564 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:59:18.0209 4564 QWAVEdrv - ok
21:59:18.0225 4564 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:59:18.0256 4564 RasAcd - ok
21:59:18.0272 4564 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:59:18.0303 4564 RasAgileVpn - ok
21:59:18.0303 4564 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:59:18.0350 4564 RasAuto - ok
21:59:18.0350 4564 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:59:18.0397 4564 Rasl2tp - ok
21:59:18.0412 4564 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:59:18.0443 4564 RasMan - ok
21:59:18.0459 4564 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:59:18.0490 4564 RasPppoe - ok
21:59:18.0521 4564 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:59:18.0537 4564 RasSstp - ok
21:59:18.0553 4564 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:59:18.0631 4564 rdbss - ok
21:59:18.0646 4564 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:59:18.0677 4564 rdpbus - ok
21:59:18.0724 4564 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:59:18.0755 4564 RDPCDD - ok
21:59:18.0755 4564 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:59:18.0802 4564 RDPENCDD - ok
21:59:18.0802 4564 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:59:18.0833 4564 RDPREFMP - ok
21:59:18.0880 4564 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:59:18.0927 4564 RdpVideoMiniport - ok
21:59:18.0958 4564 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:59:18.0989 4564 RDPWD - ok
21:59:19.0005 4564 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:59:19.0021 4564 rdyboost - ok
21:59:19.0099 4564 [ E1A6731867765FBC01B37150AEFC00F3 ] RealtekPCIE C:\Program Files (x86)\REALTEK\819xP Wireless LAN Utility\RtlService.exe
21:59:19.0130 4564 RealtekPCIE ( UnsignedFile.Multi.Generic ) - warning
21:59:19.0130 4564 RealtekPCIE - detected UnsignedFile.Multi.Generic (1)
21:59:19.0161 4564 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:59:19.0223 4564 RemoteAccess - ok
21:59:19.0239 4564 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:59:19.0301 4564 RemoteRegistry - ok
21:59:19.0317 4564 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:59:19.0348 4564 RpcEptMapper - ok
21:59:19.0348 4564 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:59:19.0379 4564 RpcLocator - ok
21:59:19.0395 4564 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:59:19.0426 4564 RpcSs - ok
21:59:19.0457 4564 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:59:19.0489 4564 rspndr - ok
21:59:19.0504 4564 [ C618475866F6A7129F64A55961C1BB8B ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
21:59:19.0520 4564 RTHDMIAzAudService - ok
21:59:19.0551 4564 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:59:19.0582 4564 RTL8167 - ok
21:59:19.0598 4564 [ 2362226743449C713E1CD3210595F9AB ] rtl819xp C:\Windows\system32\DRIVERS\rtl819xp.sys
21:59:19.0629 4564 rtl819xp - ok
21:59:19.0645 4564 [ 2362226743449C713E1CD3210595F9AB ] rtl819xpn64 C:\Windows\system32\DRIVERS\rtl819xp.sys
21:59:19.0676 4564 rtl819xpn64 - ok
21:59:19.0676 4564 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:59:19.0691 4564 SamSs - ok
21:59:19.0769 4564 [ F444EBA4C58AD1D6D1DA9850C2B5D829 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
21:59:19.0816 4564 SbieDrv - ok
21:59:19.0863 4564 [ 9E92ABAE6F6A63C4307FE7CC4AC95831 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
21:59:19.0894 4564 SbieSvc - ok
21:59:19.0910 4564 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:59:19.0925 4564 sbp2port - ok
21:59:19.0941 4564 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:59:19.0972 4564 SCardSvr - ok
21:59:19.0988 4564 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:59:20.0035 4564 scfilter - ok
21:59:20.0050 4564 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:59:20.0097 4564 Schedule - ok
21:59:20.0128 4564 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:59:20.0159 4564 SCPolicySvc - ok
21:59:20.0175 4564 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:59:20.0191 4564 SDRSVC - ok
21:59:20.0222 4564 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:59:20.0269 4564 secdrv - ok
21:59:20.0284 4564 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:59:20.0300 4564 seclogon - ok
21:59:20.0315 4564 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
21:59:20.0347 4564 SENS - ok
21:59:20.0378 4564 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:59:20.0409 4564 SensrSvc - ok
21:59:20.0456 4564 [ 2CD118925F9CDF665F7C08AECD8177EF ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
21:59:20.0518 4564 Ser2pl - ok
21:59:20.0534 4564 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:59:20.0581 4564 Serenum - ok
21:59:20.0612 4564 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:59:20.0627 4564 Serial - ok
21:59:20.0659 4564 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:59:20.0690 4564 sermouse - ok
21:59:20.0737 4564 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:59:20.0783 4564 SessionEnv - ok
21:59:20.0783 4564 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:59:20.0799 4564 sffdisk - ok
21:59:20.0815 4564 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:59:20.0830 4564 sffp_mmc - ok
21:59:20.0846 4564 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:59:20.0861 4564 sffp_sd - ok
21:59:20.0877 4564 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:59:20.0893 4564 sfloppy - ok
21:59:20.0908 4564 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:59:20.0955 4564 SharedAccess - ok
21:59:20.0971 4564 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:59:21.0002 4564 ShellHWDetection - ok
21:59:21.0049 4564 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:59:21.0080 4564 SiSRaid2 - ok
21:59:21.0095 4564 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:59:21.0111 4564 SiSRaid4 - ok
21:59:21.0142 4564 [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:59:21.0158 4564 SkypeUpdate - ok
21:59:21.0189 4564 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:59:21.0220 4564 Smb - ok
21:59:21.0251 4564 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:59:21.0314 4564 SNMPTRAP - ok
21:59:21.0314 4564 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:59:21.0329 4564 spldr - ok
21:59:21.0361 4564 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:59:21.0407 4564 Spooler - ok
21:59:21.0470 4564 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:59:21.0532 4564 sppsvc - ok
21:59:21.0548 4564 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:59:21.0579 4564 sppuinotify - ok
21:59:21.0595 4564 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:59:21.0626 4564 srv - ok
21:59:21.0657 4564 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:59:21.0673 4564 srv2 - ok
21:59:21.0719 4564 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:59:21.0719 4564 srvnet - ok
21:59:21.0751 4564 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:59:21.0782 4564 SSDPSRV - ok
21:59:21.0797 4564 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:59:21.0829 4564 SstpSvc - ok
21:59:21.0891 4564 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:59:21.0938 4564 Stereo Service - ok
21:59:21.0953 4564 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:59:21.0969 4564 stexstor - ok
21:59:22.0016 4564 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:59:22.0078 4564 stisvc - ok
21:59:22.0094 4564 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:59:22.0109 4564 swenum - ok
21:59:22.0125 4564 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:59:22.0156 4564 swprv - ok
21:59:22.0203 4564 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:59:22.0234 4564 SysMain - ok
21:59:22.0265 4564 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:59:22.0281 4564 TabletInputService - ok
21:59:22.0312 4564 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:59:22.0406 4564 TapiSrv - ok
21:59:22.0421 4564 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:59:22.0453 4564 TBS - ok
21:59:22.0499 4564 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:59:22.0546 4564 Tcpip - ok
21:59:22.0577 4564 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:59:22.0609 4564 TCPIP6 - ok
21:59:22.0609 4564 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:59:22.0624 4564 tcpipreg - ok
21:59:22.0655 4564 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:59:22.0718 4564 TDPIPE - ok
21:59:22.0749 4564 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:59:22.0780 4564 TDTCP - ok
21:59:22.0796 4564 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:59:22.0843 4564 tdx - ok
21:59:22.0858 4564 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:59:22.0874 4564 TermDD - ok
21:59:22.0889 4564 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:59:22.0936 4564 TermService - ok
21:59:22.0952 4564 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:59:22.0967 4564 Themes - ok
21:59:23.0014 4564 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:59:23.0045 4564 THREADORDER - ok
21:59:23.0045 4564 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:59:23.0092 4564 TrkWks - ok
21:59:23.0123 4564 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:59:23.0155 4564 TrustedInstaller - ok
21:59:23.0170 4564 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:59:23.0217 4564 tssecsrv - ok
21:59:23.0248 4564 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:59:23.0264 4564 TsUsbFlt - ok
21:59:23.0295 4564 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:59:23.0311 4564 TsUsbGD - ok
21:59:23.0326 4564 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:59:23.0357 4564 tunnel - ok
21:59:23.0373 4564 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:59:23.0373 4564 uagp35 - ok
21:59:23.0404 4564 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:59:23.0498 4564 udfs - ok
21:59:23.0513 4564 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:59:23.0529 4564 UI0Detect - ok
21:59:23.0560 4564 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:59:23.0576 4564 uliagpkx - ok
21:59:23.0591 4564 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:59:23.0623 4564 umbus - ok
21:59:23.0669 4564 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:59:23.0716 4564 UmPass - ok
21:59:23.0763 4564 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
21:59:23.0810 4564 UMVPFSrv - ok
21:59:23.0841 4564 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:59:23.0903 4564 upnphost - ok
21:59:23.0919 4564 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:59:23.0935 4564 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
21:59:23.0935 4564 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
21:59:23.0981 4564 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:59:24.0044 4564 usbaudio - ok
21:59:24.0075 4564 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:59:24.0122 4564 usbccgp - ok
21:59:24.0137 4564 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:59:24.0153 4564 usbcir - ok
21:59:24.0169 4564 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:59:24.0200 4564 usbehci - ok
21:59:24.0215 4564 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:59:24.0231 4564 usbhub - ok
21:59:24.0247 4564 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:59:24.0278 4564 usbohci - ok
21:59:24.0293 4564 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:59:24.0418 4564 usbprint - ok
21:59:24.0434 4564 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:59:24.0465 4564 usbscan - ok
21:59:24.0481 4564 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:59:24.0512 4564 USBSTOR - ok
21:59:24.0527 4564 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:59:24.0559 4564 usbuhci - ok
21:59:24.0574 4564 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:59:24.0683 4564 usbvideo - ok
21:59:24.0699 4564 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:59:24.0730 4564 UxSms - ok
21:59:24.0746 4564 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:59:24.0746 4564 VaultSvc - ok
21:59:24.0761 4564 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:59:24.0777 4564 vdrvroot - ok
21:59:24.0793 4564 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:59:24.0824 4564 vds - ok
21:59:24.0839 4564 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:59:24.0855 4564 vga - ok
21:59:24.0871 4564 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:59:24.0902 4564 VgaSave - ok
21:59:24.0917 4564 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:59:24.0933 4564 vhdmp - ok
21:59:24.0949 4564 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:59:24.0964 4564 viaide - ok
21:59:24.0964 4564 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:59:24.0980 4564 volmgr - ok
21:59:24.0995 4564 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:59:25.0011 4564 volmgrx - ok
21:59:25.0027 4564 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:59:25.0042 4564 volsnap - ok
21:59:25.0073 4564 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:59:25.0089 4564 vsmraid - ok
21:59:25.0120 4564 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:59:25.0167 4564 VSS - ok
21:59:25.0167 4564 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:59:25.0198 4564 vwifibus - ok
21:59:25.0245 4564 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:59:25.0307 4564 vwififlt - ok
21:59:25.0323 4564 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:59:25.0339 4564 vwifimp - ok
21:59:25.0370 4564 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:59:25.0401 4564 W32Time - ok
21:59:25.0417 4564 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:59:25.0448 4564 WacomPen - ok
21:59:25.0463 4564 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:59:25.0510 4564 WANARP - ok
21:59:25.0510 4564 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:59:25.0541 4564 Wanarpv6 - ok
21:59:25.0588 4564 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:59:25.0635 4564 wbengine - ok
21:59:25.0651 4564 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:59:25.0666 4564 WbioSrvc - ok
21:59:25.0666 4564 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:59:25.0697 4564 wcncsvc - ok
21:59:25.0713 4564 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:59:25.0744 4564 WcsPlugInService - ok
21:59:25.0760 4564 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:59:25.0775 4564 Wd - ok
21:59:25.0807 4564 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:59:25.0838 4564 Wdf01000 - ok
21:59:25.0853 4564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:59:25.0931 4564 WdiServiceHost - ok
21:59:25.0931 4564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:59:25.0963 4564 WdiSystemHost - ok
21:59:25.0978 4564 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:59:25.0994 4564 WebClient - ok
21:59:26.0009 4564 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:59:26.0056 4564 Wecsvc - ok
21:59:26.0072 4564 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:59:26.0103 4564 wercplsupport - ok
21:59:26.0134 4564 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:59:26.0165 4564 WerSvc - ok
21:59:26.0165 4564 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:59:26.0197 4564 WfpLwf - ok
21:59:26.0212 4564 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:59:26.0228 4564 WIMMount - ok
21:59:26.0243 4564 WinDefend - ok
21:59:26.0243 4564 WinHttpAutoProxySvc - ok
21:59:26.0275 4564 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:59:26.0306 4564 Winmgmt - ok
21:59:26.0368 4564 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:59:26.0431 4564 WinRM - ok
21:59:26.0477 4564 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:59:26.0540 4564 WinUsb - ok
21:59:26.0555 4564 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:59:26.0602 4564 Wlansvc - ok
21:59:26.0633 4564 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:59:26.0665 4564 WmiAcpi - ok
21:59:26.0696 4564 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:59:26.0727 4564 wmiApSrv - ok
21:59:26.0727 4564 WMPNetworkSvc - ok
21:59:26.0727 4564 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:59:26.0758 4564 WPCSvc - ok
21:59:26.0758 4564 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:59:26.0774 4564 WPDBusEnum - ok
21:59:26.0789 4564 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:59:26.0821 4564 ws2ifsl - ok
21:59:26.0836 4564 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
21:59:26.0852 4564 wscsvc - ok
21:59:26.0867 4564 WSearch - ok
21:59:26.0914 4564 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:59:26.0945 4564 wuauserv - ok
21:59:26.0977 4564 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:59:26.0992 4564 WudfPf - ok
21:59:27.0008 4564 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:59:27.0055 4564 WUDFRd - ok
21:59:27.0070 4564 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:59:27.0117 4564 wudfsvc - ok
21:59:27.0133 4564 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:59:27.0179 4564 WwanSvc - ok
21:59:27.0195 4564 ================ Scan global ===============================
21:59:27.0211 4564 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:59:27.0242 4564 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:59:27.0257 4564 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:59:27.0289 4564 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:59:27.0320 4564 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:59:27.0335 4564 [Global] - ok
21:59:27.0335 4564 ================ Scan MBR ==================================
21:59:27.0351 4564 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:59:27.0632 4564 \Device\Harddisk0\DR0 - ok
21:59:27.0632 4564 ================ Scan VBR ==================================
21:59:27.0632 4564 [ C31567E484CC6E0373C4B6FABAF825BB ] \Device\Harddisk0\DR0\Partition1
21:59:27.0632 4564 \Device\Harddisk0\DR0\Partition1 - ok
21:59:27.0663 4564 [ 2BCC95FB3213E46C2B22E9115187B132 ] \Device\Harddisk0\DR0\Partition2
21:59:27.0663 4564 \Device\Harddisk0\DR0\Partition2 - ok
21:59:27.0663 4564 ============================================================
21:59:27.0663 4564 Scan finished
21:59:27.0663 4564 ============================================================
21:59:27.0679 5900 Detected object count: 7
21:59:27.0679 5900 Actual detected object count: 7
21:59:46.0648 5900 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:59:46.0648 5900 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:59:46.0664 5900 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:59:46.0664 5900 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:59:46.0664 5900 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
21:59:46.0664 5900 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:59:46.0664 5900 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:59:46.0664 5900 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:59:46.0664 5900 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:59:46.0664 5900 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:59:46.0664 5900 RealtekPCIE ( UnsignedFile.Multi.Generic ) - skipped by user
21:59:46.0664 5900 RealtekPCIE ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:59:46.0664 5900 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
21:59:46.0664 5900 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:59:52.0795 3192 Deinitialize success
Dankeschön! |
|
27.11.2012, 22:13
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" Auch diese Logs sind unauffällig...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Google-Meldung "Ungewöhnlicher Datenverkehr aus Ihrem Netzwerk" |
| ad-aware, autorun, avp.exe, bho, bonjour, ebanking, enigma, excel, firefox, flash player, format, installation, internet security 2013, intranet, kaspersky, kaspersky internet security 2013, netzwerk, nodrives, nvidia update, pirates, plug-in, realtek, richtlinie, rundll, security, software, svchost.exe, system, ungewöhnlicher datenverkehr, ungewöhnlicher datenverkehr aus ihrem netzwerk, usb 3.0, win32/toolbar.widgi, windows |
Linear-Darstellung
