| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.01.2013, 23:05
| #1 |
 |  Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus Hallo, bitte helft mir! Ich habe nach dem mein Laptop eine neue Festplatte bekommen hat, alte Sachen von einer alten FB kopiert und z.T. neue Treiber herunter laden wollen. Heute beim avira scan sind mir oben genannte Trojaner begegnet. Wenn sie verschoben oder gelöscht werden sollen, tauchen sie dennoch ständig wieder auf, das gleiche bei dem Virus, der sich angebllich in system32 befindet. Auch Malwarebytes habe ich drüberlaufen lassen, Ergebnis war ähnlich. Vor allem, aber findet es bei avira nur der Echtzeitscan, nicht der normale. Weiß nicht mehr, was ich noch tun soll, bitte helft mir! Beim Schnelltest von Malwarebytes kam folgendes log heraus: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.07.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 User :: USER-PC [Administrator] Schutz: Aktiviert 07.01.2013 22:53:30 mbam-log-2013-01-07 (22-53-30).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 204178 Laufzeit: 2 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 10 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=) Gut: (hxxp://www.google.com/) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (Hijack.SearchPage) -> Bösartig: (hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=) Gut: (hxxp://www.google.com/) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Keine Aktion durchgeführt. Infizierte Dateien: 2 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Keine Aktion durchgeführt. C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
07.01.2013, 23:06
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ |
|
07.01.2013, 23:35
| #3 |
| | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus Ich habe weiter erst einmal keine weiteren Logs, nur immer wieder die Hinweise. Bei dem services.exe virus zeigt mir avira im echtzeitscan, folgendes: W32/Patched.UC.
__________________Soll ich den laufenden Scan von Malwarebytes abbrechen? Habe ich den Code oben falsch hineingeschrieben? Edit habe Scan zu ende laufen lassen, am Ende kamen folgende Logs: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.07.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 User :: USER-PC [Administrator] Schutz: Aktiviert 07.01.2013 23:14:51 MBAM-log-2013-01-08 (00-19-54).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 345592 Laufzeit: 1 Stunde(n), 4 Minute(n), 1 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search (PUP.ProtectedSearch) -> Keine Aktion durchgeführt. Infizierte Dateien: 2 C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Keine Aktion durchgeführt. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter 2013/01/07 22:01:44 +0100 USER-PC User MESSAGE Executing scheduled update: Daily
2013/01/07 22:01:48 +0100 USER-PC User MESSAGE Starting protection
2013/01/07 22:01:48 +0100 USER-PC User MESSAGE Protection started successfully
2013/01/07 22:01:48 +0100 USER-PC User MESSAGE Starting IP protection
2013/01/07 22:01:48 +0100 USER-PC User ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/07 22:02:00 +0100 USER-PC User MESSAGE Scheduled update executed successfully: database updated from version v2012.12.14.11 to version v2013.01.07.09
2013/01/07 22:02:00 +0100 USER-PC User MESSAGE Starting database refresh
2013/01/07 22:02:02 +0100 USER-PC User MESSAGE Database refreshed successfully
2013/01/07 22:02:06 +0100 USER-PC User MESSAGE Starting database refresh
2013/01/07 22:02:09 +0100 USER-PC User MESSAGE Database refreshed successfully
2013/01/07 22:04:49 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:09:00 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:13:15 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:17:58 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:22:38 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:26:41 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:30:42 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:34:43 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:38:44 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:42:45 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:49:04 +0100 USER-PC User MESSAGE Starting protection
2013/01/07 22:49:04 +0100 USER-PC User MESSAGE Protection started successfully
2013/01/07 22:49:04 +0100 USER-PC User MESSAGE Starting IP protection
2013/01/07 22:49:04 +0100 USER-PC User ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2013/01/07 22:49:12 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 22:49:41 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:53:09 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 22:53:36 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 22:57:52 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 22:58:11 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:01:56 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:02:14 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:06:13 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:06:15 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:10:12 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:10:16 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:14:45 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:15:17 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:18:45 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:19:18 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:23:04 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:23:19 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:27:16 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:27:20 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:31:32 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:32:22 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:36:05 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:36:23 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:40:20 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:40:24 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:44:20 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:44:25 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:48:36 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:49:26 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:52:54 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:53:27 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/07 23:57:08 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/07 23:57:28 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
Code:
ATTFilter 2013/01/08 00:01:40 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/08 00:02:29 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/08 00:05:57 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/08 00:06:30 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/08 00:10:12 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/08 00:10:31 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/08 00:14:29 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/08 00:14:32 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/08 00:18:45 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/08 00:19:33 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
2013/01/08 00:23:03 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@ Rootkit.0Access QUARANTINE
2013/01/08 00:23:34 +0100 USER-PC User DETECTION C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@ Trojan.Clicker QUARANTINE
Geändert von kiranoris (08.01.2013 um 00:25 Uhr) |
|
08.01.2013, 19:33
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.01.2013, 21:23
| #5 |
| | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus Hallo danke, hier die Antwort von combofix Code:
ATTFilter ComboFix 13-01-08.01 - User 08.01.2013 21:06:48.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3957.2956 [GMT 1:00]
ausgeführt von:: c:\users\User\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Acer Bio Protection\PwdFilterV64.dll
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\@
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\L\00000004.@
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\L\201d3dde
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\L\76603ac3
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\00000004.@
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\00000008.@
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\000000cb.@
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000000.@
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000032.@
c:\windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U\80000064.@
c:\windows\IsUn0407.exe
c:\windows\wininit.ini
.
Infizierte Kopie von c:\windows\system32\services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-08 bis 2013-01-08 ))))))))))))))))))))))))))))))
.
.
2013-01-07 21:01 . 2013-01-07 21:01 -------- d-----w- c:\programdata\Malwarebytes
2013-01-07 21:01 . 2013-01-07 21:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-07 21:01 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-04 22:58 . 2013-01-04 22:58 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-01-04 22:46 . 2013-01-04 22:46 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2013-01-04 22:45 . 2013-01-04 22:45 -------- d-----w- c:\program files (x86)\Dll-Files.com Fixer
2013-01-04 21:46 . 2013-01-04 21:46 -------- d-----w- c:\program files (x86)\eSobi
2013-01-04 21:29 . 2013-01-04 21:29 -------- d-----w- c:\program files (x86)\Electronic Arts
2013-01-04 21:29 . 2013-01-04 21:29 -------- d-----w- c:\program files (x86)\EgisTec IPS
2013-01-04 21:29 . 2013-01-04 21:29 -------- d-----w- c:\program files (x86)\EgisTec Egis Software Update
2013-01-04 21:26 . 2013-01-04 21:26 -------- d-----w- c:\program files (x86)\EgisTec
2013-01-04 21:23 . 2013-01-04 21:26 -------- d-----w- c:\program files (x86)\DivX
2013-01-04 21:23 . 2013-01-04 21:23 -------- d-----w- c:\program files (x86)\Cyberlink
2013-01-04 21:23 . 2013-01-04 21:23 -------- d-----w- c:\program files (x86)\Conduit
2013-01-04 21:23 . 2013-01-04 21:23 -------- d-----w- c:\program files (x86)\BS_Player
2013-01-04 21:23 . 2013-01-04 21:23 -------- d-----w- c:\program files (x86)\Bonjour
2013-01-04 21:23 . 2013-01-04 21:23 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2013-01-04 21:20 . 2013-01-04 21:20 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-01-04 21:08 . 2013-01-04 21:08 -------- d-----w- c:\program files (x86)\Acer Inc
2013-01-04 20:47 . 2013-01-04 21:08 -------- d-----w- c:\program files (x86)\Acer GameZone
2013-01-04 20:28 . 2013-01-04 20:28 -------- d-----w- c:\programdata\McAfee Security Scan
2013-01-04 20:28 . 2013-01-04 20:28 -------- d-----w- c:\programdata\McAfee
2013-01-04 20:28 . 2013-01-04 20:28 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2013-01-04 20:26 . 2013-01-04 20:43 -------- d-----w- c:\program files (x86)\Acer Arcade Deluxe
2013-01-04 20:23 . 2013-01-04 20:24 -------- d-----w- c:\program files (x86)\Acer
2013-01-04 20:21 . 2013-01-04 20:23 -------- d-----w- c:\program files (x86)\Google
2013-01-04 20:20 . 2013-01-04 20:21 -------- d-----w- c:\program files\Paint.NET
2013-01-04 20:20 . 2013-01-04 20:20 -------- d-----w- c:\program files\iTunes
2013-01-04 20:20 . 2013-01-04 20:20 -------- d-----w- c:\program files\iPod
2013-01-04 20:20 . 2013-01-04 20:20 -------- d-----w- c:\program files\Intel
2013-01-04 20:19 . 2013-01-04 20:19 -------- d-----w- c:\program files\HP
2013-01-04 20:19 . 2013-01-04 20:19 -------- d-----w- c:\program files\Google
2013-01-04 20:19 . 2011-09-01 15:43 -------- d-----w- c:\program files\Doom Shareware for Windows 95
2013-01-04 20:19 . 2013-01-04 20:19 -------- d-----w- c:\program files\DivX
2013-01-04 20:19 . 2013-01-04 20:19 -------- d-----w- c:\program files\DIFX
2013-01-04 20:18 . 2013-01-04 20:18 -------- d-----w- c:\program files\Broadcom
2013-01-04 20:18 . 2013-01-04 20:18 -------- d-----w- c:\program files\Bonjour
2013-01-04 20:18 . 2013-01-04 20:18 -------- d-----w- c:\program files\Acer Accessory Store
2013-01-04 20:16 . 2013-01-04 20:18 -------- d-----w- c:\program files\Acer
2013-01-04 20:16 . 2010-11-02 15:51 12441960 ----a-w- c:\program files\install_icq7.exe
2013-01-04 20:16 . 2013-01-04 20:16 -------- d-----w- c:\program files\WinRAR
2013-01-04 20:15 . 2009-12-14 09:06 206072 ----a-w- c:\windows\PLFSetI.exe
2013-01-04 20:15 . 2009-09-18 01:02 741 ----a-w- c:\windows\NewDeployWinRE.cmd
2013-01-04 20:15 . 2009-12-16 17:45 632056 ----a-w- c:\windows\Image.dll
2013-01-04 20:15 . 2009-04-10 11:41 309768 ----a-w- c:\windows\GVUni.exe
2013-01-04 20:15 . 2009-09-30 11:08 1892184 ----a-w- c:\windows\d3dx9_42.dll
2013-01-04 20:15 . 2009-12-16 17:45 1664248 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE
2013-01-04 20:15 . 2013-01-04 20:15 -------- d-----w- c:\windows\dsi
2013-01-04 20:14 . 2013-01-04 20:14 -------- d-----w- c:\windows\Downloaded Installations
2013-01-04 20:14 . 2013-01-04 20:14 -------- d---a-w- c:\windows\DeployWinRE2
2013-01-04 20:14 . 2009-07-10 12:10 307568 ----a-w- c:\windows\WLXPGSS.SCR
2013-01-04 20:14 . 2009-12-14 09:05 25848 ----a-w- c:\windows\USB_VIDEO_REG.exe
2013-01-04 20:14 . 2009-11-12 09:29 9168 ----a-w- c:\windows\Suyin.reg
2013-01-04 20:14 . 2009-09-09 06:41 348680 ----a-w- c:\windows\UNINST32.EXE
2013-01-04 20:13 . 2013-01-04 20:13 -------- d-----w- c:\program files\WIDCOMM
2013-01-04 20:12 . 2013-01-04 20:12 -------- d-----w- c:\program files (x86)\fotokasten comfort
2013-01-04 20:07 . 2013-01-04 20:07 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
2013-01-04 19:54 . 2013-01-04 19:54 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2013-01-04 19:39 . 2013-01-04 20:55 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-04 19:39 . 2013-01-04 20:54 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-04 19:39 . 2013-01-04 19:39 -------- d-----w- c:\windows\SysWow64\Macromed
2013-01-04 19:39 . 2013-01-04 19:39 -------- d-----w- c:\windows\system32\Macromed
2013-01-04 19:17 . 2013-01-04 19:17 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2013-01-04 19:17 . 2013-01-04 19:17 -------- d-----w- c:\windows\PCHEALTH
2013-01-04 19:17 . 2013-01-04 19:17 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-01-04 19:17 . 2013-01-04 19:17 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2013-01-04 19:17 . 2013-01-04 19:17 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-01-04 19:14 . 2013-01-04 19:14 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-01-04 19:14 . 2013-01-04 19:14 -------- d-----w- c:\program files\Microsoft Office
2013-01-04 19:14 . 2013-01-04 19:14 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-01-04 19:13 . 2013-01-04 19:19 -------- d-----w- c:\programdata\Microsoft Help
2013-01-04 19:13 . 2013-01-04 19:13 -------- d-----r- C:\MSOCache
2013-01-04 19:12 . 2012-12-03 01:54 11264 ----a-w- c:\windows\Launcher.exe
2013-01-04 19:12 . 2013-01-04 19:12 -------- d-----w- c:\program files (x86)\Protected Search
2013-01-04 19:12 . 2013-01-04 19:12 -------- d-----w- c:\program files (x86)\Red Sky
2013-01-04 18:55 . 2013-01-04 18:55 -------- d-----w- c:\program files (x86)\mIRC
2013-01-04 18:51 . 2013-01-04 18:51 -------- d-----w- c:\programdata\UAB
2013-01-04 18:41 . 2013-01-04 18:41 -------- d-----w- c:\programdata\Driver Whiz
2013-01-04 18:40 . 2013-01-04 18:40 -------- d-----w- c:\program files (x86)\Driver Whiz
2013-01-04 18:17 . 2013-01-04 18:17 -------- d-----r- c:\program files (x86)\Skype
2013-01-04 18:17 . 2013-01-04 18:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-01-04 18:17 . 2013-01-04 18:17 -------- d-----w- c:\programdata\Skype
2013-01-04 18:15 . 2013-01-04 18:15 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-01-04 09:30 . 2013-01-04 09:31 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2013-01-04 09:27 . 2013-01-04 09:27 -------- d-----w- c:\programdata\ATI
2013-01-04 09:25 . 2013-01-04 09:25 0 ----a-w- c:\windows\ativpsrm.bin
2013-01-04 09:23 . 2009-06-18 15:38 952683 ----a-w- c:\windows\system32\VMC3KAPI.dll
2013-01-04 09:23 . 2008-12-10 18:03 123392 ----a-w- c:\windows\system32\VCryptAPI.dll
2013-01-04 09:22 . 2013-01-08 20:10 -------- d-----w- c:\program files (x86)\Acer Bio Protection
2013-01-04 09:22 . 2013-01-04 09:22 469552 ----a-w- c:\windows\SysWow64\NBMatS1SDK.dll
2013-01-04 09:22 . 2013-01-04 09:22 36400 ----a-w- c:\windows\system32\drivers\FPSensor.sys
2013-01-04 09:17 . 2013-01-04 09:17 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2013-01-04 09:14 . 2012-11-19 11:10 652344 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2013-01-04 09:14 . 2012-11-19 11:10 28216 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2013-01-04 09:12 . 2013-01-04 09:17 -------- d-----w- c:\program files (x86)\Intel
2013-01-04 09:12 . 2012-11-03 01:41 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2013-01-04 09:12 . 2013-01-04 09:12 -------- d-----w- C:\Intel
2013-01-04 09:11 . 2013-01-04 09:11 -------- d-----w- c:\program files (x86)\Qualcomm Atheros WiFi Driver Installation
2013-01-04 09:11 . 2012-11-26 19:18 2811904 ----a-w- c:\windows\system32\drivers\athrx.sys
2013-01-04 09:11 . 2012-11-26 19:18 2811904 ------w- c:\windows\system32\athrx.sys
2013-01-04 09:09 . 2013-01-04 09:09 -------- d-----w- c:\programdata\Qualcomm Atheros
2013-01-04 09:03 . 2013-01-04 09:03 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-01-04 09:01 . 2013-01-04 09:01 -------- d-----w- c:\program files\Realtek
2013-01-04 09:00 . 2013-01-04 09:00 -------- d-----w- c:\program files (x86)\Nuvoton Technology Corporation
2013-01-04 09:00 . 2013-01-07 19:11 -------- d-sh--w- c:\windows\Installer
2013-01-04 08:59 . 2013-01-04 08:59 -------- d-----w- c:\program files\Synaptics
2013-01-04 08:42 . 2013-01-04 08:59 -------- d-----w- c:\programdata\DriverGenius
2013-01-04 08:41 . 2013-01-04 08:41 -------- d-----w- c:\program files (x86)\Driver-Soft
2013-01-04 08:35 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-01-04 08:35 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-01-04 08:35 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-01-04 08:35 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-01-04 08:35 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-01-04 08:35 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-01-04 08:35 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-01-03 19:02 . 2013-01-04 08:34 -------- d-----w- c:\windows\Panther
2012-12-25 04:05 . 2012-10-16 00:09 435512 ----a-w- c:\windows\system32\drivers\k57nd60a.sys
2012-12-13 16:38 . 2012-12-13 16:38 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-13 16:38 . 2012-12-13 16:38 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-13 16:38 . 2012-12-13 16:38 3151872 ----a-w- c:\windows\system32\win32k.sys
2012-12-13 16:38 . 2012-12-13 16:38 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-13 16:38 . 2012-12-13 16:38 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-13 16:36 . 2012-12-13 16:36 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 16:39 . 2012-11-24 18:29 66048 ----a-w- c:\windows\system32\WinToolkitRunOnce.exe
2012-12-13 16:37 . 2012-12-13 16:37 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-12-13 16:37 . 2012-12-13 16:37 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-12-13 16:37 . 2012-12-13 16:37 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-12-13 16:37 . 2012-12-13 16:37 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-24 18:29 . 2012-11-24 18:29 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-11-23 19:30 . 2012-11-23 19:30 190856 ----a-w- c:\windows\system32\drivers\storport.sys
2012-11-23 19:29 . 2012-11-23 19:29 442368 ----a-w- c:\windows\system32\winspool.drv
2012-11-23 19:29 . 2012-11-23 19:29 320000 ----a-w- c:\windows\SysWow64\winspool.drv
2012-11-23 19:29 . 2012-11-23 19:29 424960 ----a-w- c:\windows\system32\rastls.dll
2012-11-23 19:29 . 2012-11-23 19:29 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2012-11-23 19:29 . 2012-11-23 19:29 275456 ----a-w- c:\windows\system32\rdpdd.dll
2012-11-23 19:29 . 2012-11-23 19:29 753152 ----a-w- c:\windows\system32\drivers\http.sys
2012-11-23 19:29 . 2012-11-23 19:29 65536 ----a-w- c:\windows\system32\cryptdll.dll
2012-11-23 19:29 . 2012-11-23 19:29 58368 ----a-w- c:\windows\SysWow64\cryptdll.dll
2012-11-23 19:28 . 2012-11-23 19:28 1867776 ----a-w- c:\windows\system32\ExplorerFrame.dll
2012-11-23 19:28 . 2012-11-23 19:28 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2012-11-23 19:28 . 2012-11-23 19:28 1495040 ----a-w- c:\windows\system32\wsecedit.dll
2012-11-23 19:28 . 2012-11-23 19:28 1294336 ----a-w- c:\windows\SysWow64\wsecedit.dll
2012-11-23 19:28 . 2012-11-23 19:28 1687920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-11-23 19:27 . 2012-11-23 19:27 316416 ----a-w- c:\windows\system32\tapisrv.dll
2012-11-23 19:27 . 2012-11-23 19:27 242176 ----a-w- c:\windows\SysWow64\tapisrv.dll
2012-11-23 19:27 . 2012-11-23 19:27 570880 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-23 19:27 . 2012-11-23 19:27 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-23 19:27 . 2012-11-23 19:27 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-11-23 19:26 . 2012-11-23 19:26 3929600 ----a-w- c:\windows\system32\sppsvc.exe
2012-11-23 19:26 . 2012-11-23 19:26 1091584 ----a-w- c:\windows\system32\sppobjs.dll
2012-11-23 19:26 . 2012-11-23 19:26 346624 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2012-11-23 19:26 . 2012-11-23 19:26 310272 ----a-w- c:\windows\system32\WsmWmiPl.dll
2012-11-23 19:26 . 2012-11-23 19:26 266240 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2012-11-23 19:26 . 2012-11-23 19:26 248832 ----a-w- c:\windows\SysWow64\WSManMigrationPlugin.dll
2012-11-23 19:26 . 2012-11-23 19:26 214016 ----a-w- c:\windows\SysWow64\WsmWmiPl.dll
2012-11-23 19:26 . 2012-11-23 19:26 2023424 ----a-w- c:\windows\system32\WsmSvc.dll
2012-11-23 19:26 . 2012-11-23 19:26 198656 ----a-w- c:\windows\SysWow64\WSManHTTPConfig.exe
2012-11-23 19:26 . 2012-11-23 19:26 181760 ----a-w- c:\windows\system32\WsmAuto.dll
2012-11-23 19:26 . 2012-11-23 19:26 146432 ----a-w- c:\windows\SysWow64\WsmAuto.dll
2012-11-23 19:26 . 2012-11-23 19:26 1178112 ----a-w- c:\windows\SysWow64\WsmSvc.dll
2012-11-23 19:26 . 2012-11-23 19:26 512512 ----a-w- c:\windows\system32\rpcss.dll
2012-11-23 19:25 . 2012-11-23 19:25 8192 ----a-w- c:\windows\system32\KBDTUQ.DLL
2012-11-23 19:25 . 2012-11-23 19:25 8192 ----a-w- c:\windows\system32\KBDTUF.DLL
2012-11-23 19:25 . 2012-11-23 19:25 800256 ----a-w- c:\windows\system32\usp10.dll
2012-11-23 19:25 . 2012-11-23 19:25 7680 ----a-w- c:\windows\SysWow64\KBDTUQ.DLL
2012-11-23 19:25 . 2012-11-23 19:25 7680 ----a-w- c:\windows\SysWow64\KBDTUF.DLL
2012-11-23 19:25 . 2012-11-23 19:25 626176 ----a-w- c:\windows\SysWow64\usp10.dll
2012-11-23 19:25 . 2012-11-23 19:25 1077248 ----a-w- c:\windows\system32\Narrator.exe
2012-11-23 19:25 . 2012-11-23 19:25 114688 ----a-w- c:\windows\system32\AxInstSv.dll
2012-11-23 19:25 . 2012-11-23 19:25 428032 ----a-w- c:\windows\SysWow64\wlanmsm.dll
2012-11-23 19:25 . 2012-11-23 19:25 414208 ----a-w- c:\windows\system32\wlanmsm.dll
2012-11-23 19:24 . 2012-11-23 19:24 140656 ----a-w- c:\windows\system32\drivers\msdsm.sys
2012-11-23 19:24 . 2012-11-23 19:24 334704 ----a-w- c:\windows\system32\drivers\acpi.sys
2012-11-23 19:24 . 2012-11-23 19:24 965120 ----a-w- c:\windows\system32\localspl.dll
2012-11-23 19:23 . 2012-11-23 19:23 223744 ----a-w- c:\windows\system32\profsvc.dll
2012-11-23 19:23 . 2012-11-23 19:23 14176768 ----a-w- c:\windows\system32\shell32.dll
2012-11-23 19:23 . 2012-11-23 19:23 5561200 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-11-23 19:23 . 2012-11-23 19:23 3971976 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-11-23 19:23 . 2012-11-23 19:23 3916656 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-11-23 19:22 . 2012-11-23 19:22 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-23 19:22 . 2012-11-23 19:22 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2012-11-23 19:22 . 2012-11-23 19:22 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-23 19:22 . 2012-11-23 19:22 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-11-23 19:22 . 2012-11-23 19:22 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-23 19:22 . 2012-11-23 19:22 288648 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-11-23 19:22 . 2012-11-23 19:22 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-11-23 19:22 . 2012-11-23 19:22 1902472 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-23 19:22 . 2012-11-23 19:22 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-11-23 19:22 . 2012-11-23 19:22 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-23 19:22 . 2012-11-23 19:22 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-11-23 19:22 . 2012-11-23 19:22 669696 ----a-w- c:\windows\system32\wiaaut.dll
2012-11-23 19:22 . 2012-11-23 19:22 544256 ----a-w- c:\windows\SysWow64\wiaaut.dll
2012-11-23 19:22 . 2012-11-23 19:22 80384 ----a-w- c:\windows\system32\certprop.dll
2012-11-23 19:22 . 2012-11-23 19:22 66048 ----a-w- c:\windows\SysWow64\SCardDlg.dll
2012-11-23 19:22 . 2012-11-23 19:22 29696 ----a-w- c:\windows\system32\drivers\scfilter.sys
2012-11-23 19:22 . 2012-11-23 19:22 2560 ----a-w- c:\windows\SysWow64\drivers\de-DE\scfilter.sys.mui
2012-11-23 19:22 . 2012-11-23 19:22 195584 ----a-w- c:\windows\system32\SCardSvr.dll
2012-11-23 19:22 . 2012-11-23 19:22 680448 ----a-w- c:\windows\system32\termsrv.dll
2012-11-23 19:21 . 2012-11-23 19:21 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-11-23 19:21 . 2012-11-23 19:21 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-11-23 19:21 . 2012-11-23 19:21 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-11-23 19:21 . 2012-11-23 19:21 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-11-23 19:21 . 2012-11-23 19:21 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2012-11-23 19:21 . 2012-11-23 19:21 613376 ----a-w- c:\windows\system32\psisdecd.dll
2012-11-23 19:21 . 2012-11-23 19:21 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2012-11-23 19:21 . 2012-11-23 19:21 108032 ----a-w- c:\windows\system32\psisrndr.ax
2012-11-23 19:21 . 2012-11-23 19:21 408576 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-11-23 19:20 . 2012-11-23 19:20 855552 ----a-w- c:\windows\system32\IKEEXT.DLL
2012-11-23 19:20 . 2012-11-23 19:20 832000 ----a-w- c:\windows\system32\nshwfp.dll
2012-11-23 19:20 . 2012-11-23 19:20 706560 ----a-w- c:\windows\system32\BFE.DLL
2012-11-23 19:20 . 2012-11-23 19:20 657920 ----a-w- c:\windows\SysWow64\nshwfp.dll
2012-11-23 19:20 . 2012-11-23 19:20 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2012-11-23 19:20 . 2012-11-23 19:20 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2012-11-23 19:20 . 2012-11-23 19:20 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-11-23 19:20 . 2012-11-23 19:20 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-11-23 19:20 . 2012-11-23 19:20 2871296 ----a-w- c:\windows\explorer.exe
2012-11-23 19:20 . 2012-11-23 19:20 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2012-11-23 19:20 . 2012-11-23 19:20 99328 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-11-23 19:20 . 2012-11-23 19:20 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-11-23 19:20 . 2012-11-23 19:20 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-11-23 19:20 . 2012-11-23 19:20 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-11-23 19:20 . 2012-11-23 19:20 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-11-23 19:20 . 2012-11-23 19:20 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17888944]
"icq"="c:\users\User\AppData\Roaming\ICQM\icq.exe" [2013-01-04 26606072]
"Driver Whiz"="c:\program files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe" [2012-11-12 3527608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-09 98304]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-11-30 56128]
"VitaKeyPdtWzd"="c:\program files (x86)\Acer Bio Protection\PdtWzd.exe" [2009-11-11 3569152]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe [2012-9-5 271808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-09-05 234776]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-23 19456]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-15 40712]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-11-23 29696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-23 30208]
R3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 46592]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-11-19 652344]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-11-19 28216]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-10 202752]
S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [2013-01-04 36400]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-19 14904]
S2 IGBASVC;EgisTec Service;c:\program files (x86)\Acer Bio Protection\BASVC.exe [2009-11-11 3450368]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-04-15 2533400]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-18 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2012-10-16 435512]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 nuvotoncir;Nuvoton IR Transceiver;c:\windows\system32\DRIVERS\nuvotoncir.sys [2009-08-31 48128]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-06 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-01-04 09:56]
.
2013-01-06 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-01-04 09:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-11-19 13260944]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\p3n96zvx.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://sf-hq-forum.de/index.php|hxxp://www.gmx.net/|hxxp://w2.de.mymagictales.com/xhodon/chat.php|https://account.live.com/ResetPassword.aspx?wreply=https%3A%2F%2Flogin%2Elive%2Ecom%2Fppsecure%2Fpost%2Esrf%3Fwa%3Dwsignin1%2E0%26rpsnv%3D11%26rver%3D6%2E1%2E6206%2E0%26wp%3DMBI%26wreply%3Dhttp%3A%252F%252Fmail%2Elive%2Ecom%252Fdefault%2Easpx%26id%3D64855%26cbcxt%3Dmai%26snsc%3D1%26wa%3Dwsignin1%2E0%26rpsnv%3D11%26ct%3D1357408218%26rver%3D6%2E1%2E6206%2E0%26wp%3DMBI%26wreply%3Dhttp%3A%252F%252Fmail%2Elive%2Ecom%252Fdefault%2Easpx%26id%3D64855%26cbcxt%3Dmai%26snsc%3D1%26cred%3Dotc%26bk%3D1357470929%26vv%3D1400%26mkt%3DDE%2DDE%26lc%3D1031&id=64855&uiflavor=web&mkt=DE%2DDE&lc=1031&bk=1357470936|hxxp://play.cultures-online.de/co/bin/index.php|hxxp://fliplife.com/companies/15/projects/1821082728|hxxp://www.kinox.to/Stream/Superman-Die_Abenteuer_von_Lois-Clark.html|hxxp://www.sockshare.com/file/8B8487170FF07CAD#|hxxp://forum.starfleetonline.de/search.php?search_id=newposts|hxxp://dualingo.dyndns.org/exchange/|hxxp://www.zaubereinmaleins.de/startseite/home..../
FF - prefs.js: keyword.URL - hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
FF - ExtSQL: 2013-01-04 19:17; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-01-05 17:01; youtubeunblocker@unblocker.yt; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\p3n96zvx.default\extensions\youtubeunblocker@unblocker.yt.xpi
FF - ExtSQL: 2013-01-05 17:20; {c95a4e8e-816d-4655-8c79-d736da1adb6d}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\p3n96zvx.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Acer Bio Protection\CompPtcVUI.exe
c:\program files (x86)\Protected Search\ProtectedSearch.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-08 21:16:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-01-08 20:16
.
Vor Suchlauf: 7 Verzeichnis(se), 61.274.312.704 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 61.043.077.120 Bytes frei
.
- - End Of File - - 9F5AA55DAF675CD5DA9669ED8F9C99CE
|
|
08.01.2013, 21:28
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus |
|
08.01.2013, 22:45
| #7 |
| | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus Also das Program wollte keinen Neustart, habe dennoch noch einmal gescannt. Beim ersten Scan wurde geloggt: Code:
ATTFilter Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2013.01.08.12
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrator]
08.01.2013 22:07:45
mbar-log-2013-01-08 (22-07-45).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29967
Time elapsed: 29 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 2
C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\L (Backdoor.0Access) -> Delete on reboot.
C:\Windows\Installer\{c363b00a-0fa4-cdcd-4c94-342c7cc08ab6}\U (Backdoor.0Access) -> Delete on reboot.
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2013.01.08.12
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrator]
08.01.2013 22:40:29
mbar-log-2013-01-08 (22-40-29).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30003
Time elapsed: 29 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
09.01.2013, 10:37
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.01.2013, 16:22
| #9 |
| | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus hier das log von aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-09 16:19:19
-----------------------------
16:19:19.424 OS Version: Windows x64 6.1.7601 Service Pack 1
16:19:19.424 Number of processors: 4 586 0x2502
16:19:19.425 ComputerName: USER-PC UserName: User
16:19:20.086 Initialize success
16:19:27.143 AVAST engine defs: 13010900
16:19:39.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063
16:19:39.292 Disk 0 Vendor: ATA_____ AC90 Size: 476940MB BusType: 11
16:19:39.321 Disk 0 MBR read successfully
16:19:39.325 Disk 0 MBR scan
16:19:39.330 Disk 0 Windows 7 default MBR code
16:19:39.338 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:19:39.360 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 153599 MB offset 206848
16:19:39.390 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 323239 MB offset 314777600
16:19:39.425 Disk 0 scanning C:\Windows\system32\drivers
16:19:47.384 Service scanning
16:20:22.048 Modules scanning
16:20:22.057 Disk 0 trace - called modules:
16:20:22.103
16:20:22.110 Scan finished successfully
16:21:13.568 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
16:21:13.573 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"
Kaspersky kann ich nicht einfügen, weil die nachricht zu lang wäre scheint auch zu groß zum anhängen ich habe versucht die datei mit 7zip zu verzippen, aber das ging nicht, weil die möglichkeit nicht zur verfügung stand Code:
ATTFilter 16:23:56.0644 3828 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:23:56.0750 3828 ============================================================
16:23:56.0750 3828 Current date / time: 2013/01/09 16:23:56.0750
16:23:56.0751 3828 SystemInfo:
16:23:56.0751 3828
16:23:56.0751 3828 OS Version: 6.1.7601 ServicePack: 1.0
16:23:56.0751 3828 Product type: Workstation
16:23:56.0751 3828 ComputerName: USER-PC
16:23:56.0751 3828 UserName: User
16:23:56.0751 3828 Windows directory: C:\Windows
16:23:56.0751 3828 System windows directory: C:\Windows
16:23:56.0751 3828 Running under WOW64
16:23:56.0751 3828 Processor architecture: Intel x64
16:23:56.0751 3828 Number of processors: 4
16:23:56.0751 3828 Page size: 0x1000
16:23:56.0751 3828 Boot type: Normal boot
16:23:56.0751 3828 ============================================================
16:23:58.0093 3828 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:23:58.0099 3828 ============================================================
16:23:58.0099 3828 \Device\Harddisk0\DR0:
16:23:58.0099 3828 MBR partitions:
16:23:58.0099 3828 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:23:58.0099 3828 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x12BFF800
16:23:58.0099 3828 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x12C32000, BlocksNum 0x27753800
16:23:58.0099 3828 ============================================================
16:23:58.0167 3828 C: <-> \Device\Harddisk0\DR0\Partition2
16:23:58.0232 3828 D: <-> \Device\Harddisk0\DR0\Partition3
16:23:58.0232 3828 ============================================================
16:23:58.0232 3828 Initialize success
16:23:58.0232 3828 ============================================================
16:24:43.0981 2596 ============================================================
16:24:43.0981 2596 Scan started
16:24:43.0981 2596 Mode: Manual; SigCheck; TDLFS;
16:24:43.0981 2596 ============================================================
16:24:44.0531 2596 ================ Scan system memory ========================
16:24:44.0531 2596 System memory - ok
16:24:44.0531 2596 ================ Scan services =============================
16:24:44.0931 2596 [ 0B94DF0DB9DCA3EDB2B57747D5433E7F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:24:45.0019 2596 1394ohci - ok
16:24:45.0060 2596 [ 114ACFE781B214B95F53D52020466CFD ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:24:45.0090 2596 ACPI - ok
16:24:45.0096 2596 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:24:45.0135 2596 AcpiPmi - ok
16:24:45.0160 2596 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:24:45.0193 2596 adp94xx - ok
16:24:45.0221 2596 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:24:45.0247 2596 adpahci - ok
16:24:45.0280 2596 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:24:45.0301 2596 adpu320 - ok
16:24:45.0330 2596 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:24:45.0470 2596 AeLookupSvc - ok
16:24:45.0513 2596 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:24:45.0562 2596 AFD - ok
16:24:45.0591 2596 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:24:45.0609 2596 agp440 - ok
16:24:45.0660 2596 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:24:45.0688 2596 ALG - ok
16:24:45.0702 2596 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:24:45.0714 2596 aliide - ok
16:24:45.0766 2596 [ 41A0813F22D3330C0CA71CE5BBD42B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:24:45.0826 2596 AMD External Events Utility - ok
16:24:45.0858 2596 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:24:45.0875 2596 amdide - ok
16:24:45.0881 2596 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:24:45.0906 2596 AmdK8 - ok
16:24:45.0912 2596 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:24:45.0939 2596 AmdPPM - ok
16:24:45.0951 2596 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:24:45.0971 2596 amdsata - ok
16:24:45.0991 2596 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:24:46.0014 2596 amdsbs - ok
16:24:46.0020 2596 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:24:46.0036 2596 amdxata - ok
16:24:46.0067 2596 [ AB4CD625EDA2E4D3E5B84EEDAD404B1A ] AppID C:\Windows\system32\drivers\appid.sys
16:24:46.0110 2596 AppID - ok
16:24:46.0133 2596 [ 8875F1952F885275E8EB3A004890C3F9 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:24:46.0177 2596 AppIDSvc - ok
16:24:46.0196 2596 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:24:46.0268 2596 Appinfo - ok
16:24:46.0315 2596 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:24:46.0332 2596 arc - ok
16:24:46.0346 2596 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:24:46.0365 2596 arcsas - ok
16:24:46.0384 2596 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:24:46.0451 2596 AsyncMac - ok
16:24:46.0454 2596 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:24:46.0464 2596 atapi - ok
16:24:46.0566 2596 [ B28998D019340B333A106316D8B7D8DA ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:24:46.0675 2596 athr - ok
16:24:46.0855 2596 [ 37456BE85384E4CC38DC899F07F88C45 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:24:47.0032 2596 atikmdag - ok
16:24:47.0092 2596 [ A78697675C6B34E20C013C0741510627 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:24:47.0150 2596 AudioEndpointBuilder - ok
16:24:47.0192 2596 [ A78697675C6B34E20C013C0741510627 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:24:47.0219 2596 AudioSrv - ok
16:24:47.0245 2596 [ CDA9ED9AEE49BB4076B0FAF5DBE3B666 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:24:47.0274 2596 AxInstSV - ok
16:24:47.0307 2596 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:24:47.0337 2596 b06bdrv - ok
16:24:47.0349 2596 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:24:47.0377 2596 b57nd60a - ok
16:24:47.0400 2596 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:24:47.0429 2596 BDESVC - ok
16:24:47.0481 2596 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:24:47.0539 2596 Beep - ok
16:24:47.0598 2596 [ CC538A4EF546EA402A70965EE05E131E ] BFE C:\Windows\System32\bfe.dll
16:24:47.0643 2596 BFE - ok
16:24:47.0741 2596 [ DB3159AA87392A6098C4343D47C7C2D7 ] BITS C:\Windows\system32\qmgr.dll
16:24:47.0791 2596 BITS - ok
16:24:47.0806 2596 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:24:47.0836 2596 blbdrive - ok
16:24:47.0842 2596 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:24:47.0875 2596 bowser - ok
16:24:47.0896 2596 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:24:47.0924 2596 BrFiltLo - ok
16:24:47.0929 2596 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:24:47.0952 2596 BrFiltUp - ok
16:24:47.0981 2596 [ 2DAF3AA72B540FE9FEDFDCF1DECD82F1 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:24:48.0013 2596 BridgeMP - ok
16:24:48.0053 2596 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:24:48.0073 2596 Browser - ok
16:24:48.0093 2596 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:24:48.0129 2596 Brserid - ok
16:24:48.0181 2596 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:24:48.0223 2596 BrSerWdm - ok
16:24:48.0228 2596 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:24:48.0262 2596 BrUsbMdm - ok
16:24:48.0293 2596 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:24:48.0326 2596 BrUsbSer - ok
16:24:48.0373 2596 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
16:24:48.0433 2596 BthEnum - ok
16:24:48.0450 2596 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:24:48.0485 2596 BTHMODEM - ok
16:24:48.0525 2596 [ 55D70925E9B9376103AC593CDB6D0D53 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:24:48.0560 2596 BthPan - ok
16:24:48.0616 2596 [ E704C4597BBB3EB4E5D450F26B357CE2 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:24:48.0658 2596 BTHPORT - ok
16:24:48.0685 2596 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:24:48.0751 2596 bthserv - ok
16:24:48.0794 2596 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:24:48.0826 2596 BTHUSB - ok
16:24:48.0842 2596 catchme - ok
16:24:48.0861 2596 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:24:48.0928 2596 cdfs - ok
16:24:48.0947 2596 [ E5F4FD3D59B9141560D4174AAE6E66E0 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:24:48.0987 2596 cdrom - ok
16:24:49.0016 2596 [ DF5A9401E268EBB7F9A73B4D65887965 ] CertPropSvc C:\Windows\System32\certprop.dll
16:24:49.0043 2596 CertPropSvc - ok
16:24:49.0077 2596 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:24:49.0125 2596 circlass - ok
16:24:49.0151 2596 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:24:49.0181 2596 CLFS - ok
16:24:49.0290 2596 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:24:49.0307 2596 clr_optimization_v2.0.50727_32 - ok
16:24:49.0436 2596 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:24:49.0453 2596 clr_optimization_v2.0.50727_64 - ok
16:24:49.0479 2596 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:24:49.0503 2596 CmBatt - ok
16:24:49.0509 2596 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:24:49.0524 2596 cmdide - ok
16:24:49.0547 2596 [ 90A633E6B4D13BF40918E3206B0E33EC ] CNG C:\Windows\system32\Drivers\cng.sys
16:24:49.0584 2596 CNG - ok
16:24:49.0612 2596 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:24:49.0623 2596 Compbatt - ok
16:24:49.0627 2596 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:24:49.0657 2596 CompositeBus - ok
16:24:49.0661 2596 COMSysApp - ok
16:24:49.0680 2596 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:24:49.0689 2596 crcdisk - ok
16:24:49.0728 2596 [ 7E7D2DACF65D750D466F36BD3D09AE20 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:24:49.0752 2596 CryptSvc - ok
16:24:49.0783 2596 [ 83D5AD7CFDB1F9D42C3CD102B20FFA0A ] DcomLaunch C:\Windows\system32\rpcss.dll
16:24:49.0806 2596 DcomLaunch - ok
16:24:49.0833 2596 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:24:49.0883 2596 defragsvc - ok
16:24:49.0893 2596 [ 9FCDC4EEBCE39173122F9FEE53A054FC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:24:49.0938 2596 DfsC - ok
16:24:49.0969 2596 [ 3249F4E4DBF1BD24B40DFF385F2511D4 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:24:50.0022 2596 Dhcp - ok
16:24:50.0049 2596 [ 9ED290A1E8FDBCF269B26CDA541DDC84 ] discache C:\Windows\system32\drivers\discache.sys
16:24:50.0084 2596 discache - ok
16:24:50.0091 2596 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:24:50.0110 2596 Disk - ok
16:24:50.0138 2596 [ 138A622CB3A5A892441D71874E26C41C ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:24:50.0173 2596 Dnscache - ok
16:24:50.0182 2596 [ A5E97B8E11AC35F2C5DAF85FF95B1E52 ] dot3svc C:\Windows\System32\dot3svc.dll
16:24:50.0213 2596 dot3svc - ok
16:24:50.0237 2596 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:24:50.0304 2596 DPS - ok
16:24:50.0364 2596 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:24:50.0408 2596 drmkaud - ok
16:24:50.0446 2596 [ ED5DE02656654EF1270908C5456A110B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:24:50.0489 2596 DXGKrnl - ok
16:24:50.0519 2596 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:24:50.0587 2596 EapHost - ok
16:24:50.0667 2596 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:24:50.0787 2596 ebdrv - ok
16:24:50.0808 2596 [ 4319CBF7C54D53F5C592A794127A6276 ] EFS C:\Windows\System32\lsass.exe
16:24:50.0835 2596 EFS - ok
16:24:50.0926 2596 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:24:50.0974 2596 ehRecvr - ok
16:24:50.0980 2596 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:24:51.0009 2596 ehSched - ok
16:24:51.0046 2596 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:24:51.0077 2596 elxstor - ok
16:24:51.0082 2596 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:24:51.0110 2596 ErrDev - ok
16:24:51.0163 2596 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:24:51.0247 2596 EventSystem - ok
16:24:51.0265 2596 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:24:51.0310 2596 exfat - ok
16:24:51.0315 2596 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:24:51.0370 2596 fastfat - ok
16:24:51.0408 2596 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:24:51.0447 2596 Fax - ok
16:24:51.0470 2596 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:24:51.0506 2596 fdc - ok
16:24:51.0530 2596 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:24:51.0604 2596 fdPHost - ok
16:24:51.0608 2596 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:24:51.0647 2596 FDResPub - ok
16:24:51.0661 2596 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:24:51.0671 2596 FileInfo - ok
16:24:51.0675 2596 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:24:51.0737 2596 Filetrace - ok
16:24:51.0746 2596 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:24:51.0756 2596 flpydisk - ok
16:24:51.0763 2596 [ BAD52A4449DB51D70826EBDE87D84E22 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:24:51.0777 2596 FltMgr - ok
16:24:51.0826 2596 [ 5B92E2B067F64DC53698EB84966B3F0D ] FontCache C:\Windows\system32\FntCache.dll
16:24:51.0876 2596 FontCache - ok
16:24:51.0912 2596 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:24:51.0926 2596 FontCache3.0.0.0 - ok
16:24:51.0971 2596 [ 305380D5D33BFDEAAF14D73E969239FC ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys
16:24:51.0997 2596 FPSensor - ok
16:24:52.0023 2596 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:24:52.0042 2596 FsDepends - ok
16:24:52.0047 2596 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:24:52.0063 2596 Fs_Rec - ok
16:24:52.0071 2596 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:24:52.0097 2596 fvevol - ok
16:24:52.0104 2596 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:24:52.0122 2596 gagp30kx - ok
16:24:52.0190 2596 [ B205AA45B2D23EA65EB42542D571EA4E ] gpsvc C:\Windows\System32\gpsvc.dll
16:24:52.0234 2596 gpsvc - ok
16:24:52.0244 2596 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:24:52.0271 2596 hcw85cir - ok
16:24:52.0317 2596 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:24:52.0359 2596 HdAudAddService - ok
16:24:52.0403 2596 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:24:52.0432 2596 HDAudBus - ok
16:24:52.0466 2596 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:24:52.0483 2596 HECIx64 - ok
16:24:52.0503 2596 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:24:52.0537 2596 HidBatt - ok
16:24:52.0547 2596 [ FDF5EAD19FD8B2D0C50A9CCDD7836F9E ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:24:52.0574 2596 HidBth - ok
16:24:52.0608 2596 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:24:52.0630 2596 HidIr - ok
16:24:52.0675 2596 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
16:24:52.0743 2596 hidserv - ok
16:24:52.0758 2596 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:24:52.0789 2596 HidUsb - ok
16:24:52.0797 2596 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:24:52.0866 2596 hkmsvc - ok
16:24:52.0908 2596 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:24:52.0934 2596 HomeGroupListener - ok
16:24:52.0962 2596 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:24:52.0992 2596 HomeGroupProvider - ok
16:24:53.0011 2596 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:24:53.0027 2596 HpSAMD - ok
16:24:53.0044 2596 [ 30C2ABEA8C73FE17292420D6AF68822E ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:24:53.0080 2596 HTTP - ok
16:24:53.0095 2596 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:24:53.0110 2596 hwpolicy - ok
16:24:53.0133 2596 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:24:53.0162 2596 i8042prt - ok
16:24:53.0201 2596 [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
16:24:53.0231 2596 iaStorA - ok
16:24:53.0424 2596 [ 777788D9B63CCEEEF2DB353BA4EDD454 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:24:53.0439 2596 IAStorDataMgrSvc - ok
16:24:53.0452 2596 [ 711241EA1BA9DB44F34D03D2AD00ED08 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
16:24:53.0467 2596 iaStorF - ok
16:24:53.0508 2596 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:24:53.0537 2596 iaStorV - ok
16:24:53.0587 2596 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:24:53.0625 2596 idsvc - ok
16:24:53.0719 2596 [ D70B2BADBC951B2DDBFEEBBBA846BE98 ] IGBASVC C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
16:24:53.0850 2596 IGBASVC ( UnsignedFile.Multi.Generic ) - warning
16:24:53.0850 2596 IGBASVC - detected UnsignedFile.Multi.Generic (1)
16:24:53.0873 2596 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:24:53.0886 2596 iirsp - ok
16:24:53.0946 2596 [ AF66C7B1D07DC6DE415F5F32BA1F92A7 ] IKEEXT C:\Windows\System32\ikeext.dll
16:24:53.0999 2596 IKEEXT - ok
16:24:54.0047 2596 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
16:24:54.0101 2596 Impcd - ok
16:24:54.0297 2596 [ 91B61589BB2915E81D436EFE07548507 ] int15 C:\Windows\SysWOW64\drivers\int15_64.sys
16:24:54.0312 2596 int15 - ok
16:24:54.0421 2596 [ 5C0BBE779BA3D6F84EB5AE3CB8793E11 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:24:54.0577 2596 IntcAzAudAddService - ok
16:24:54.0640 2596 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:24:54.0658 2596 intelide - ok
16:24:54.0663 2596 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:24:54.0697 2596 intelppm - ok
16:24:54.0728 2596 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:24:54.0787 2596 IPBusEnum - ok
16:24:54.0833 2596 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:24:54.0902 2596 IpFilterDriver - ok
16:24:54.0947 2596 [ 8150AE980990BC43C577D5FBA0C98F1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:24:54.0990 2596 iphlpsvc - ok
16:24:55.0001 2596 [ 3CB3DBEECB9672698B5C1A6EAB2940B0 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:24:55.0030 2596 IPMIDRV - ok
16:24:55.0035 2596 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:24:55.0111 2596 IPNAT - ok
16:24:55.0124 2596 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:24:55.0203 2596 IRENUM - ok
16:24:55.0248 2596 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:24:55.0263 2596 isapnp - ok
16:24:55.0284 2596 [ D9A95CE8A8C0735D2DAD0BAFEA1E0382 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:24:55.0307 2596 iScsiPrt - ok
16:24:55.0378 2596 [ 9D946134848CC59246704DCB5FC53BB8 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:24:55.0408 2596 k57nd60a - ok
16:24:55.0427 2596 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:24:55.0445 2596 kbdclass - ok
16:24:55.0458 2596 [ 3985332405FA64D8E679A1DB24901596 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:24:55.0482 2596 kbdhid - ok
16:24:55.0497 2596 [ 4319CBF7C54D53F5C592A794127A6276 ] KeyIso C:\Windows\system32\lsass.exe
16:24:55.0515 2596 KeyIso - ok
16:24:55.0546 2596 [ B2AFE62AF2BCAE582DDD2327C57EA85E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:24:55.0566 2596 KSecDD - ok
16:24:55.0573 2596 [ 64E80C2BFFC733B9ECC6D9436D454128 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:24:55.0591 2596 KSecPkg - ok
16:24:55.0607 2596 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:24:55.0665 2596 ksthunk - ok
16:24:55.0703 2596 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:24:55.0780 2596 KtmRm - ok
16:24:55.0834 2596 [ BB1F14C43241F880D23B1A8BB0B76DD0 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:24:55.0867 2596 LanmanServer - ok
16:24:55.0908 2596 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:24:55.0979 2596 LanmanWorkstation - ok
16:24:56.0005 2596 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:24:56.0051 2596 lltdio - ok
16:24:56.0077 2596 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:24:56.0136 2596 lltdsvc - ok
16:24:56.0140 2596 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:24:56.0181 2596 lmhosts - ok
16:24:56.0260 2596 [ 73A1F958FCAC3438046DBB829DC92FE6 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:24:56.0282 2596 LMS - ok
16:24:56.0296 2596 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:24:56.0316 2596 LSI_FC - ok
16:24:56.0336 2596 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:24:56.0354 2596 LSI_SAS - ok
16:24:56.0360 2596 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:24:56.0377 2596 LSI_SAS2 - ok
16:24:56.0384 2596 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:24:56.0400 2596 LSI_SCSI - ok
16:24:56.0405 2596 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:24:56.0461 2596 luafv - ok
16:24:56.0485 2596 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:24:56.0499 2596 MBAMProtector - ok
16:24:56.0547 2596 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:24:56.0567 2596 MBAMScheduler - ok
16:24:56.0597 2596 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:24:56.0626 2596 MBAMService - ok
16:24:56.0698 2596 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
16:24:56.0721 2596 McComponentHostService - ok
16:24:56.0753 2596 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:24:56.0783 2596 Mcx2Svc - ok
16:24:56.0816 2596 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:24:56.0835 2596 megasas - ok
16:24:56.0845 2596 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:24:56.0870 2596 MegaSR - ok
16:24:57.0024 2596 Microsoft SharePoint Workspace Audit Service - ok
16:24:57.0047 2596 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:24:57.0122 2596 MMCSS - ok
16:24:57.0144 2596 [ BFFB0C93D9FB43CA42EF11C9240BFF7F ] Modem C:\Windows\system32\drivers\modem.sys
16:24:57.0171 2596 Modem - ok
16:24:57.0176 2596 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:24:57.0207 2596 monitor - ok
16:24:57.0212 2596 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:24:57.0229 2596 mouclass - ok
16:24:57.0234 2596 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:24:57.0252 2596 mouhid - ok
16:24:57.0261 2596 [ B3F55C20008956239A2190DBD7CC4C31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:24:57.0278 2596 mountmgr - ok
16:24:57.0334 2596 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:24:57.0353 2596 MozillaMaintenance - ok
16:24:57.0361 2596 [ 5F236E59025CD356972D2F004AB25BF4 ] mpio C:\Windows\system32\drivers\mpio.sys
16:24:57.0382 2596 mpio - ok
16:24:57.0409 2596 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:24:57.0426 2596 mpsdrv - ok
16:24:57.0485 2596 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:24:57.0537 2596 MpsSvc - ok
16:24:57.0555 2596 [ DD80994515CD82EE196ECCFE8AD19E41 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:24:57.0585 2596 MRxDAV - ok
16:24:57.0614 2596 [ 2D521B23095AC3A2CABEA27D5535C58C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:24:57.0654 2596 mrxsmb - ok
16:24:57.0662 2596 [ B92EC59CE0666CBAE68DCA5EC03CDE1C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:24:57.0713 2596 mrxsmb10 - ok
16:24:57.0730 2596 [ 48E3A44542A83AF769897C8836EB9A87 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:24:57.0762 2596 mrxsmb20 - ok
16:24:57.0785 2596 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:24:57.0803 2596 msahci - ok
16:24:57.0810 2596 [ 96A665A120150D1DE9D4C84AEAE01D0D ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:24:57.0829 2596 msdsm - ok
16:24:57.0844 2596 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:24:57.0871 2596 MSDTC - ok
16:24:57.0899 2596 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:24:57.0952 2596 Msfs - ok
16:24:57.0956 2596 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:24:58.0001 2596 mshidkmdf - ok
16:24:58.0006 2596 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:24:58.0016 2596 msisadrv - ok
16:24:58.0051 2596 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:24:58.0127 2596 MSiSCSI - ok
16:24:58.0133 2596 msiserver - ok
16:24:58.0171 2596 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:24:58.0238 2596 MSKSSRV - ok
16:24:58.0258 2596 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:24:58.0323 2596 MSPCLOCK - ok
16:24:58.0339 2596 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:24:58.0415 2596 MSPQM - ok
16:24:58.0436 2596 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:24:58.0452 2596 MsRPC - ok
16:24:58.0458 2596 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:24:58.0468 2596 mssmbios - ok
16:24:58.0502 2596 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:24:58.0578 2596 MSTEE - ok
16:24:58.0591 2596 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:24:58.0620 2596 MTConfig - ok
16:24:58.0636 2596 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:24:58.0653 2596 Mup - ok
16:24:58.0705 2596 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:24:58.0787 2596 napagent - ok
16:24:58.0836 2596 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:24:58.0885 2596 NativeWifiP - ok
16:24:58.0919 2596 [ 37060C2BFFFBF8235AB8021D33807AEC ] NDIS C:\Windows\system32\drivers\ndis.sys
16:24:58.0961 2596 NDIS - ok
16:24:58.0980 2596 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:24:59.0054 2596 NdisCap - ok
16:24:59.0068 2596 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:24:59.0085 2596 NdisTapi - ok
16:24:59.0099 2596 [ 4948435B96A6FA63914DA3B4090E6700 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:24:59.0126 2596 Ndisuio - ok
16:24:59.0150 2596 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:24:59.0201 2596 NdisWan - ok
16:24:59.0205 2596 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:24:59.0231 2596 NDProxy - ok
16:24:59.0251 2596 [ BB14215BBAF8EBB5E5FFAA3B6B04D177 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:24:59.0293 2596 NetBIOS - ok
16:24:59.0314 2596 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:24:59.0377 2596 NetBT - ok
16:24:59.0386 2596 [ 4319CBF7C54D53F5C592A794127A6276 ] Netlogon C:\Windows\system32\lsass.exe
16:24:59.0402 2596 Netlogon - ok
16:24:59.0429 2596 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:24:59.0497 2596 Netman - ok
16:24:59.0505 2596 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:24:59.0551 2596 netprofm - ok
16:24:59.0579 2596 [ 9C94A532F53198B59ADB2EB5033008D7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:24:59.0591 2596 NetTcpPortSharing - ok
16:24:59.0609 2596 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:24:59.0620 2596 nfrd960 - ok
16:24:59.0652 2596 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:24:59.0686 2596 NlaSvc - ok
16:24:59.0710 2596 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:24:59.0754 2596 Npfs - ok
16:24:59.0786 2596 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:24:59.0823 2596 nsi - ok
16:24:59.0829 2596 [ F7DAC05B4067C8D9DD1FF2FCF7E33291 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:24:59.0853 2596 nsiproxy - ok
16:24:59.0911 2596 [ 35987934C56F2D56EA2994D20462994B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:24:59.0960 2596 Ntfs - ok
16:24:59.0964 2596 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:25:00.0008 2596 Null - ok
16:25:00.0043 2596 [ 4F990BD111CF94891104193F8787788F ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
16:25:00.0084 2596 nuvotoncir - ok
16:25:00.0114 2596 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:25:00.0130 2596 nvraid - ok
16:25:00.0135 2596 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:25:00.0152 2596 nvstor - ok
16:25:00.0159 2596 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:25:00.0173 2596 nv_agp - ok
16:25:00.0179 2596 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:25:00.0193 2596 ohci1394 - ok
16:25:00.0247 2596 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:25:00.0259 2596 ose - ok
16:25:00.0429 2596 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:25:00.0589 2596 osppsvc - ok
16:25:00.0636 2596 [ 8830D42427D05B15B032108EBBDBD289 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:25:00.0658 2596 p2pimsvc - ok
16:25:00.0677 2596 [ 5B7BADED6943AA6F4B6C1ABA5FCCB25F ] p2psvc C:\Windows\system32\p2psvc.dll
16:25:00.0711 2596 p2psvc - ok
16:25:00.0739 2596 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:25:00.0767 2596 Parport - ok
16:25:00.0772 2596 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:25:00.0786 2596 partmgr - ok
16:25:00.0814 2596 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:25:00.0845 2596 PcaSvc - ok
16:25:00.0868 2596 [ 9CE2B541DEBE8DCA0ECD251584540703 ] pci C:\Windows\system32\drivers\pci.sys
16:25:00.0884 2596 pci - ok
16:25:00.0888 2596 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:25:00.0901 2596 pciide - ok
16:25:00.0908 2596 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:25:00.0925 2596 pcmcia - ok
16:25:00.0929 2596 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:25:00.0942 2596 pcw - ok
16:25:00.0952 2596 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:25:01.0014 2596 PEAUTH - ok
16:25:01.0045 2596 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:25:01.0073 2596 PerfHost - ok
16:25:01.0138 2596 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:25:01.0192 2596 pla - ok
16:25:01.0232 2596 [ 34B06971CA5A740B32A63646C60BA3FC ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:25:01.0272 2596 PlugPlay - ok
16:25:01.0297 2596 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:25:01.0321 2596 PNRPAutoReg - ok
16:25:01.0330 2596 [ 8830D42427D05B15B032108EBBDBD289 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:25:01.0352 2596 PNRPsvc - ok
16:25:01.0397 2596 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:25:01.0472 2596 PolicyAgent - ok
16:25:01.0484 2596 [ A6D45EB5FC8DBA8EBF3ABE2481C942B9 ] Power C:\Windows\system32\umpo.dll
16:25:01.0512 2596 Power - ok
16:25:01.0533 2596 [ D8874711B6C3DD308F84E42BA6EFF179 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:25:01.0565 2596 PptpMiniport - ok
16:25:01.0582 2596 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:25:01.0617 2596 Processor - ok
16:25:01.0648 2596 [ 390785362AC2D607A104CC562B7779CD ] ProfSvc C:\Windows\system32\profsvc.dll
16:25:01.0685 2596 ProfSvc - ok
16:25:01.0697 2596 [ 4319CBF7C54D53F5C592A794127A6276 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:25:01.0714 2596 ProtectedStorage - ok
16:25:01.0727 2596 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:25:01.0791 2596 Psched - ok
16:25:01.0845 2596 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:25:01.0905 2596 ql2300 - ok
16:25:01.0911 2596 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:25:01.0925 2596 ql40xx - ok
16:25:01.0965 2596 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:25:01.0988 2596 QWAVE - ok
16:25:02.0014 2596 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:25:02.0043 2596 QWAVEdrv - ok
16:25:02.0047 2596 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:25:02.0097 2596 RasAcd - ok
16:25:02.0122 2596 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:25:02.0167 2596 RasAgileVpn - ok
16:25:02.0198 2596 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:25:02.0256 2596 RasAuto - ok
16:25:02.0285 2596 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:25:02.0327 2596 Rasl2tp - ok
16:25:02.0348 2596 [ 8AB012D47B12630A72F56E26A1B5E63C ] RasMan C:\Windows\System32\rasmans.dll
16:25:02.0367 2596 RasMan - ok
16:25:02.0372 2596 [ 77682DE44B334E6AAFCD0ED61FB7404F ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:25:02.0389 2596 RasPppoe - ok
16:25:02.0400 2596 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:25:02.0463 2596 RasSstp - ok
16:25:02.0486 2596 [ 3FD90FB6C68BFA78A819B7A073FB5A20 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:25:02.0515 2596 rdbss - ok
16:25:02.0529 2596 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:25:02.0556 2596 rdpbus - ok
16:25:02.0560 2596 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:25:02.0618 2596 RDPCDD - ok
16:25:02.0623 2596 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:25:02.0680 2596 RDPENCDD - ok
16:25:02.0696 2596 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:25:02.0740 2596 RDPREFMP - ok
16:25:02.0746 2596 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:25:02.0765 2596 RdpVideoMiniport - ok
16:25:02.0771 2596 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:25:02.0796 2596 RDPWD - ok
16:25:02.0812 2596 [ A115F49BEA840A5F049BC6310F35F776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:25:02.0829 2596 rdyboost - ok
16:25:02.0857 2596 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:25:02.0880 2596 RemoteAccess - ok
16:25:02.0905 2596 [ 44A031C50D6E8077A034D59E094AB1E2 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:25:02.0928 2596 RemoteRegistry - ok
16:25:02.0962 2596 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:25:03.0008 2596 RFCOMM - ok
16:25:03.0034 2596 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:25:03.0097 2596 RpcEptMapper - ok
16:25:03.0121 2596 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:25:03.0156 2596 RpcLocator - ok
16:25:03.0195 2596 [ 83D5AD7CFDB1F9D42C3CD102B20FFA0A ] RpcSs C:\Windows\system32\rpcss.dll
16:25:03.0220 2596 RpcSs - ok
16:25:03.0249 2596 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:25:03.0319 2596 rspndr - ok
16:25:03.0377 2596 [ C435AC77704EB16E85C9D630F4D4B4F7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
16:25:03.0399 2596 RTHDMIAzAudService - ok
16:25:03.0419 2596 [ 4319CBF7C54D53F5C592A794127A6276 ] SamSs C:\Windows\system32\lsass.exe
16:25:03.0437 2596 SamSs - ok
16:25:03.0451 2596 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:25:03.0471 2596 sbp2port - ok
16:25:03.0502 2596 [ 3998013C9FA81B3FDAC7A394DD996E10 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:25:03.0529 2596 SCardSvr - ok
16:25:03.0562 2596 [ B8565E5DBBCE2B7DFD49A7A6C03F6A90 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:25:03.0592 2596 scfilter - ok
16:25:03.0642 2596 [ CB23169AD1CEAEFF97DD76AD105B24C3 ] Schedule C:\Windows\system32\schedsvc.dll
16:25:03.0696 2596 Schedule - ok
16:25:03.0726 2596 [ DF5A9401E268EBB7F9A73B4D65887965 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:25:03.0743 2596 SCPolicySvc - ok
16:25:03.0764 2596 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:25:03.0795 2596 SDRSVC - ok
16:25:03.0823 2596 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:25:03.0881 2596 secdrv - ok
16:25:03.0908 2596 [ EA764FF72CD57F69B6E1E1A4F713708C ] seclogon C:\Windows\system32\seclogon.dll
16:25:03.0924 2596 seclogon - ok
16:25:03.0934 2596 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
16:25:03.0983 2596 SENS - ok
16:25:04.0002 2596 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:25:04.0026 2596 SensrSvc - ok
16:25:04.0034 2596 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:25:04.0045 2596 Serenum - ok
16:25:04.0059 2596 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:25:04.0081 2596 Serial - ok
16:25:04.0097 2596 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:25:04.0130 2596 sermouse - ok
16:25:04.0165 2596 [ 4D7226D0B485C8AE5BCD8E0DCC1066AB ] SessionEnv C:\Windows\system32\sessenv.dll
16:25:04.0197 2596 SessionEnv - ok
16:25:04.0225 2596 [ C3D57658C34C68DB5D8970A1CF96284E ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:25:04.0242 2596 sffdisk - ok
16:25:04.0246 2596 [ 21EACBEFFFB0FB4999D3D10245CF10A5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:25:04.0275 2596 sffp_mmc - ok
16:25:04.0280 2596 [ AF660EA3039E8FE3C2051D7224C82F34 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:25:04.0312 2596 sffp_sd - ok
16:25:04.0326 2596 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:25:04.0359 2596 sfloppy - ok
16:25:04.0438 2596 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:25:04.0513 2596 SharedAccess - ok
16:25:04.0556 2596 [ EA9092F3DB26EDC7199AB64C9EF0D2D7 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:25:04.0583 2596 ShellHWDetection - ok
16:25:04.0617 2596 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:25:04.0636 2596 SiSRaid2 - ok
16:25:04.0642 2596 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:25:04.0663 2596 SiSRaid4 - ok
16:25:04.0806 2596 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:25:04.0938 2596 Skype C2C Service - ok
16:25:04.0979 2596 [ 65F9539E506D43FCD7CB59F8FD5CCABC ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:25:04.0996 2596 SkypeUpdate - ok
16:25:05.0031 2596 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:25:05.0111 2596 Smb - ok
16:25:05.0138 2596 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:25:05.0167 2596 SNMPTRAP - ok
16:25:05.0250 2596 [ A415C67B40DFB903ACCC1D40FBEE3269 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:25:05.0337 2596 SNP2UVC - ok
16:25:05.0366 2596 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:25:05.0385 2596 spldr - ok
16:25:05.0420 2596 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:25:05.0458 2596 Spooler - ok
16:25:05.0564 2596 [ 53952A2A89985D1A3486F9FC661BA538 ] sppsvc C:\Windows\system32\sppsvc.exe
16:25:05.0720 2596 sppsvc - ok
16:25:05.0746 2596 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:25:05.0808 2596 sppuinotify - ok
16:25:05.0827 2596 [ 218F6F1BD7ED3F2167759E6A9C9DDD53 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:25:05.0876 2596 srv - ok
16:25:05.0908 2596 [ 89B174820864672CDB4D8B0EC27A11B9 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:25:05.0952 2596 srv2 - ok
16:25:05.0960 2596 [ 896BEAAF23419696E73469DC207B4D26 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:25:05.0992 2596 srvnet - ok
16:25:06.0026 2596 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:25:06.0086 2596 SSDPSRV - ok
16:25:06.0093 2596 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:25:06.0131 2596 SstpSvc - ok
16:25:06.0140 2596 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:25:06.0150 2596 stexstor - ok
16:25:06.0190 2596 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:25:06.0237 2596 stisvc - ok
16:25:06.0254 2596 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:25:06.0272 2596 swenum - ok
16:25:06.0312 2596 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:25:06.0395 2596 swprv - ok
16:25:06.0450 2596 [ 0A535B4F638D5BBCF3EE6C997BF33892 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:25:06.0480 2596 SynTP - ok
16:25:06.0552 2596 [ 7BE4CDEA6BC7832BFE3112A350D8B9EA ] SysMain C:\Windows\system32\sysmain.dll
16:25:06.0607 2596 SysMain - ok
16:25:06.0617 2596 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:25:06.0647 2596 TabletInputService - ok
16:25:06.0695 2596 [ 8B9FD32C71F29DF235A27CE9FF4F19DC ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
16:25:06.0713 2596 taphss6 - ok
16:25:06.0751 2596 [ D583628BEAD52E4E78E5A8FA338D0E02 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:25:06.0783 2596 TapiSrv - ok
16:25:06.0813 2596 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:25:06.0875 2596 TBS - ok
16:25:06.0939 2596 [ D5707FC2300AA5B04B7BFE86D40C0133 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:25:07.0025 2596 Tcpip - ok
16:25:07.0059 2596 [ D5707FC2300AA5B04B7BFE86D40C0133 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:25:07.0136 2596 TCPIP6 - ok
16:25:07.0160 2596 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:25:07.0179 2596 tcpipreg - ok
16:25:07.0186 2596 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:25:07.0202 2596 TDPIPE - ok
16:25:07.0206 2596 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:25:07.0222 2596 TDTCP - ok
16:25:07.0242 2596 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:25:07.0284 2596 tdx - ok
16:25:07.0294 2596 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:25:07.0304 2596 TermDD - ok
16:25:07.0308 2596 [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt C:\Windows\system32\drivers\terminpt.sys
16:25:07.0330 2596 terminpt - ok
16:25:07.0391 2596 [ BDE1750384AD85C10DC41D05A28ED863 ] TermService C:\Windows\System32\termsrv.dll
16:25:07.0423 2596 TermService - ok
16:25:07.0434 2596 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:25:07.0462 2596 Themes - ok
16:25:07.0481 2596 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:25:07.0538 2596 THREADORDER - ok
16:25:07.0569 2596 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:25:07.0608 2596 TrkWks - ok
16:25:07.0664 2596 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:25:07.0729 2596 TrustedInstaller - ok
16:25:07.0755 2596 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:25:07.0810 2596 tssecsrv - ok
16:25:07.0814 2596 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:25:07.0833 2596 TsUsbFlt - ok
16:25:07.0836 2596 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:25:07.0847 2596 TsUsbGD - ok
16:25:07.0870 2596 [ 5AF0E7D020F6CA55AC57CD89AE089673 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:25:07.0899 2596 tunnel - ok
16:25:07.0905 2596 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:25:07.0924 2596 uagp35 - ok
16:25:07.0946 2596 [ 7397C449E1C74AC9F41A9004BCAD6CB0 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:25:07.0980 2596 udfs - ok
16:25:08.0031 2596 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:25:08.0063 2596 UI0Detect - ok
16:25:08.0079 2596 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:25:08.0102 2596 uliagpkx - ok
16:25:08.0116 2596 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:25:08.0142 2596 umbus - ok
16:25:08.0146 2596 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:25:08.0170 2596 UmPass - ok
16:25:08.0257 2596 [ F51C224B79D338BDE125FD8035D2418B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:25:08.0345 2596 UNS - ok
16:25:08.0387 2596 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:25:08.0466 2596 upnphost - ok
16:25:08.0493 2596 [ 420DB638C062BFB1B8D4CDCD476A0782 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:25:08.0515 2596 usbccgp - ok
16:25:08.0521 2596 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:25:08.0551 2596 usbcir - ok
16:25:08.0555 2596 [ 1D6AAF87C20364DDBF74DE0EC95C72FC ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:25:08.0575 2596 usbehci - ok
16:25:08.0608 2596 [ D5DCE1430A3BAE0FACDD45CC433197AF ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:25:08.0644 2596 usbhub - ok
16:25:08.0674 2596 [ 481EAA39275E96A2C87FD1E0619A9476 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:25:08.0706 2596 usbohci - ok
16:25:08.0726 2596 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:25:08.0762 2596 usbprint - ok
16:25:08.0767 2596 [ 73B84C8CE467E81A94D4194F8009F2A0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:25:08.0785 2596 USBSTOR - ok
16:25:08.0790 2596 [ 983EEFBF4D05B2E7634ABBA92095CD16 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:25:08.0806 2596 usbuhci - ok
16:25:08.0828 2596 [ AB1D839BBB0560EBD981854B7B6769E4 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:25:08.0864 2596 usbvideo - ok
16:25:08.0889 2596 [ 81D8645AC588E7A6D9755D8FD84E6FDD ] UxSms C:\Windows\System32\uxsms.dll
16:25:08.0914 2596 UxSms - ok
16:25:08.0931 2596 [ 4319CBF7C54D53F5C592A794127A6276 ] VaultSvc C:\Windows\system32\lsass.exe
16:25:08.0947 2596 VaultSvc - ok
16:25:08.0962 2596 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:25:08.0978 2596 vdrvroot - ok
16:25:09.0008 2596 [ 44082C4A89ABDAC0C4B08AA8834270B4 ] vds C:\Windows\System32\vds.exe
16:25:09.0048 2596 vds - ok
16:25:09.0074 2596 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:25:09.0097 2596 vga - ok
16:25:09.0103 2596 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:25:09.0177 2596 VgaSave - ok
16:25:09.0184 2596 [ 2E9907E787CDAFA2AAA7F928853B7142 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:25:09.0205 2596 vhdmp - ok
16:25:09.0211 2596 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:25:09.0227 2596 viaide - ok
16:25:09.0233 2596 [ B7962BD45492837173E0EF274E691C1F ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:25:09.0251 2596 volmgr - ok
16:25:09.0270 2596 [ 0904EF550B3D3FEB326638A4BAD9937E ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:25:09.0296 2596 volmgrx - ok
16:25:09.0304 2596 [ A56F2326CE33646CDA95E7A9E7163FFA ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:25:09.0329 2596 volsnap - ok
16:25:09.0340 2596 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:25:09.0360 2596 vsmraid - ok
16:25:09.0412 2596 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:25:09.0512 2596 VSS - ok
16:25:09.0522 2596 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:25:09.0561 2596 vwifibus - ok
16:25:09.0579 2596 [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:25:09.0596 2596 vwififlt - ok
16:25:09.0632 2596 [ C7B83BD98BA3560374569C0C13EA3685 ] W32Time C:\Windows\system32\w32time.dll
16:25:09.0670 2596 W32Time - ok
16:25:09.0689 2596 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:25:09.0718 2596 WacomPen - ok
16:25:09.0724 2596 [ 226028D956C43CE4D8DDFFA89873E890 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:25:09.0740 2596 WANARP - ok
16:25:09.0745 2596 [ 226028D956C43CE4D8DDFFA89873E890 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:25:09.0761 2596 Wanarpv6 - ok
16:25:09.0813 2596 [ F91B8969183F3461BD3D3438052AEAD0 ] wbengine C:\Windows\system32\wbengine.exe
16:25:09.0877 2596 wbengine - ok
16:25:09.0886 2596 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:25:09.0928 2596 WbioSrvc - ok
16:25:09.0958 2596 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:25:10.0008 2596 wcncsvc - ok
16:25:10.0013 2596 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:25:10.0038 2596 WcsPlugInService - ok
16:25:10.0059 2596 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:25:10.0074 2596 Wd - ok
16:25:10.0092 2596 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:25:10.0133 2596 Wdf01000 - ok
16:25:10.0161 2596 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:25:10.0180 2596 WdiServiceHost - ok
16:25:10.0183 2596 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:25:10.0202 2596 WdiSystemHost - ok
16:25:10.0208 2596 [ D0AA40E108D4D404DFE9F3C4FA323432 ] WebClient C:\Windows\System32\webclnt.dll
16:25:10.0223 2596 WebClient - ok
16:25:10.0238 2596 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:25:10.0321 2596 Wecsvc - ok
16:25:10.0340 2596 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:25:10.0396 2596 wercplsupport - ok
16:25:10.0414 2596 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:25:10.0473 2596 WerSvc - ok
16:25:10.0488 2596 [ 009604986BAE004733728282BD98BB03 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:25:10.0498 2596 WfpLwf - ok
16:25:10.0502 2596 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:25:10.0512 2596 WIMMount - ok
16:25:10.0550 2596 [ 54D68B92DC59FBBA95919C804A7C3E07 ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
16:25:10.0573 2596 winbondcir - ok
16:25:10.0604 2596 WinDefend - ok
16:25:10.0609 2596 WinHttpAutoProxySvc - ok
16:25:10.0710 2596 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:25:10.0768 2596 Winmgmt - ok
16:25:10.0828 2596 [ 5A91D5A0BBACA4B2FD9171CDD5BDC71B ] WinRM C:\Windows\system32\WsmSvc.dll
16:25:10.0909 2596 WinRM - ok
16:25:10.0951 2596 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:25:11.0000 2596 Wlansvc - ok
16:25:11.0033 2596 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:25:11.0049 2596 WmiAcpi - ok
16:25:11.0077 2596 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:25:11.0105 2596 wmiApSrv - ok
16:25:11.0146 2596 WMPNetworkSvc - ok
16:25:11.0163 2596 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:25:11.0184 2596 WPCSvc - ok
16:25:11.0191 2596 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:25:11.0224 2596 WPDBusEnum - ok
16:25:11.0244 2596 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:25:11.0317 2596 ws2ifsl - ok
16:25:11.0359 2596 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
16:25:11.0399 2596 wscsvc - ok
16:25:11.0404 2596 WSearch - ok
16:25:11.0475 2596 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:25:11.0580 2596 wuauserv - ok
16:25:11.0602 2596 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:25:11.0634 2596 WudfPf - ok
16:25:11.0650 2596 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:25:11.0680 2596 WUDFRd - ok
16:25:11.0708 2596 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:25:11.0728 2596 wudfsvc - ok
16:25:11.0741 2596 [ 37612EAB55BCCBE5F7825E6A00A190CF ] WwanSvc C:\Windows\System32\wwansvc.dll
16:25:11.0777 2596 WwanSvc - ok
16:25:11.0799 2596 ================ Scan global ===============================
16:25:11.0840 2596 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:25:11.0871 2596 [ CC44EBC3E04E76AABE19EB4A16663E4A ] C:\Windows\system32\winsrv.dll
16:25:11.0882 2596 [ CC44EBC3E04E76AABE19EB4A16663E4A ] C:\Windows\system32\winsrv.dll
16:25:11.0906 2596 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:25:11.0942 2596 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:25:11.0948 2596 [Global] - ok
16:25:11.0949 2596 ================ Scan MBR ==================================
16:25:11.0961 2596 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:25:12.0297 2596 \Device\Harddisk0\DR0 - ok
16:25:12.0298 2596 ================ Scan VBR ==================================
16:25:12.0302 2596 [ 012315393678359ED9CB100DB88B66FC ] \Device\Harddisk0\DR0\Partition1
16:25:12.0303 2596 \Device\Harddisk0\DR0\Partition1 - ok
16:25:12.0329 2596 [ 6813EB3B0C705CF1560E865C55BA4E13 ] \Device\Harddisk0\DR0\Partition2
16:25:12.0331 2596 \Device\Harddisk0\DR0\Partition2 - ok
16:25:12.0348 2596 [ 85FD7C09CC8C05B03C42C0BD676B3C50 ] \Device\Harddisk0\DR0\Partition3
16:25:12.0349 2596 \Device\Harddisk0\DR0\Partition3 - ok
16:25:12.0350 2596 ============================================================
16:25:12.0350 2596 Scan finished
16:25:12.0350 2596 ============================================================
16:25:12.0362 2600 Detected object count: 1
16:25:12.0363 2600 Actual detected object count: 1
16:25:22.0002 2600 IGBASVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:25:22.0002 2600 IGBASVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:41.0388 3188 ============================================================
16:25:41.0388 3188 Scan started
16:25:41.0388 3188 Mode: Manual; SigCheck; TDLFS;
16:25:41.0388 3188 ============================================================
16:25:41.0921 3188 ================ Scan system memory ========================
16:25:41.0921 3188 System memory - ok
16:25:41.0922 3188 ================ Scan services =============================
16:25:42.0322 3188 [ 0B94DF0DB9DCA3EDB2B57747D5433E7F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:25:42.0356 3188 1394ohci - ok
16:25:42.0365 3188 [ 114ACFE781B214B95F53D52020466CFD ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:25:42.0384 3188 ACPI - ok
16:25:42.0389 3188 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:25:42.0407 3188 AcpiPmi - ok
16:25:42.0417 3188 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:25:42.0441 3188 adp94xx - ok
16:25:42.0449 3188 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:25:42.0467 3188 adpahci - ok
16:25:42.0473 3188 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:25:42.0490 3188 adpu320 - ok
16:25:42.0520 3188 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:25:42.0569 3188 AeLookupSvc - ok
16:25:42.0578 3188 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:25:42.0600 3188 AFD - ok
16:25:42.0626 3188 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:25:42.0644 3188 agp440 - ok
16:25:42.0661 3188 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:25:42.0682 3188 ALG - ok
16:25:42.0686 3188 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:25:42.0702 3188 aliide - ok
16:25:42.0734 3188 [ 41A0813F22D3330C0CA71CE5BBD42B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:25:42.0756 3188 AMD External Events Utility - ok
16:25:42.0782 3188 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:25:42.0797 3188 amdide - ok
16:25:42.0802 3188 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:25:42.0819 3188 AmdK8 - ok
16:25:42.0826 3188 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:25:42.0842 3188 AmdPPM - ok
16:25:42.0848 3188 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:25:42.0865 3188 amdsata - ok
16:25:42.0873 3188 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:25:42.0899 3188 amdsbs - ok
16:25:42.0903 3188 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:25:42.0913 3188 amdxata - ok
16:25:42.0917 3188 [ AB4CD625EDA2E4D3E5B84EEDAD404B1A ] AppID C:\Windows\system32\drivers\appid.sys
16:25:42.0928 3188 AppID - ok
16:25:42.0957 3188 [ 8875F1952F885275E8EB3A004890C3F9 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:25:42.0976 3188 AppIDSvc - ok
16:25:42.0982 3188 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:25:43.0045 3188 Appinfo - ok
16:25:43.0054 3188 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:25:43.0071 3188 arc - ok
16:25:43.0096 3188 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:25:43.0113 3188 arcsas - ok
16:25:43.0118 3188 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:25:43.0177 3188 AsyncMac - ok
16:25:43.0182 3188 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:25:43.0197 3188 atapi - ok
16:25:43.0280 3188 [ B28998D019340B333A106316D8B7D8DA ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:25:43.0334 3188 athr - ok
16:25:43.0477 3188 [ 37456BE85384E4CC38DC899F07F88C45 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:25:43.0570 3188 atikmdag - ok
16:25:43.0614 3188 [ A78697675C6B34E20C013C0741510627 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:25:43.0634 3188 AudioEndpointBuilder - ok
16:25:43.0644 3188 [ A78697675C6B34E20C013C0741510627 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:25:43.0662 3188 AudioSrv - ok
16:25:43.0679 3188 [ CDA9ED9AEE49BB4076B0FAF5DBE3B666 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:25:43.0691 3188 AxInstSV - ok
16:25:43.0717 3188 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:25:43.0732 3188 b06bdrv - ok
16:25:43.0749 3188 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:25:43.0763 3188 b57nd60a - ok
16:25:43.0790 3188 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:25:43.0801 3188 BDESVC - ok
16:25:43.0826 3188 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:25:43.0861 3188 Beep - ok
16:25:43.0885 3188 [ CC538A4EF546EA402A70965EE05E131E ] BFE C:\Windows\System32\bfe.dll
16:25:43.0902 3188 BFE - ok
16:25:43.0950 3188 [ DB3159AA87392A6098C4343D47C7C2D7 ] BITS C:\Windows\system32\qmgr.dll
16:25:43.0987 3188 BITS - ok
16:25:44.0007 3188 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:25:44.0024 3188 blbdrive - ok
16:25:44.0030 3188 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:25:44.0047 3188 bowser - ok
16:25:44.0058 3188 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:25:44.0080 3188 BrFiltLo - ok
16:25:44.0084 3188 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:25:44.0106 3188 BrFiltUp - ok
16:25:44.0112 3188 [ 2DAF3AA72B540FE9FEDFDCF1DECD82F1 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:25:44.0129 3188 BridgeMP - ok
16:25:44.0153 3188 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:25:44.0172 3188 Browser - ok
16:25:44.0194 3188 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:25:44.0215 3188 Brserid - ok
16:25:44.0236 3188 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:25:44.0257 3188 BrSerWdm - ok
16:25:44.0262 3188 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:25:44.0282 3188 BrUsbMdm - ok
16:25:44.0285 3188 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:25:44.0297 3188 BrUsbSer - ok
16:25:44.0329 3188 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
16:25:44.0340 3188 BthEnum - ok
16:25:44.0362 3188 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:25:44.0376 3188 BTHMODEM - ok
16:25:44.0392 3188 [ 55D70925E9B9376103AC593CDB6D0D53 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:25:44.0402 3188 BthPan - ok
16:25:44.0438 3188 [ E704C4597BBB3EB4E5D450F26B357CE2 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:25:44.0465 3188 BTHPORT - ok
16:25:44.0496 3188 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:25:44.0552 3188 bthserv - ok
16:25:44.0583 3188 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:25:44.0603 3188 BTHUSB - ok
16:25:44.0606 3188 catchme - ok
16:25:44.0629 3188 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:25:44.0691 3188 cdfs - ok
16:25:44.0704 3188 [ E5F4FD3D59B9141560D4174AAE6E66E0 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:25:44.0721 3188 cdrom - ok
16:25:44.0750 3188 [ DF5A9401E268EBB7F9A73B4D65887965 ] CertPropSvc C:\Windows\System32\certprop.dll
16:25:44.0766 3188 CertPropSvc - ok
16:25:44.0771 3188 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:25:44.0794 3188 circlass - ok
16:25:44.0818 3188 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:25:44.0842 3188 CLFS - ok
16:25:44.0957 3188 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:25:44.0972 3188 clr_optimization_v2.0.50727_32 - ok
16:25:45.0103 3188 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:25:45.0120 3188 clr_optimization_v2.0.50727_64 - ok
16:25:45.0146 3188 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:25:45.0162 3188 CmBatt - ok
16:25:45.0168 3188 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:25:45.0184 3188 cmdide - ok
16:25:45.0204 3188 [ 90A633E6B4D13BF40918E3206B0E33EC ] CNG C:\Windows\system32\Drivers\cng.sys
16:25:45.0238 3188 CNG - ok
16:25:45.0244 3188 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:25:45.0259 3188 Compbatt - ok
16:25:45.0264 3188 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:25:45.0280 3188 CompositeBus - ok
16:25:45.0284 3188 COMSysApp - ok
16:25:45.0289 3188 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:25:45.0300 3188 crcdisk - ok
16:25:45.0340 3188 [ 7E7D2DACF65D750D466F36BD3D09AE20 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:25:45.0362 3188 CryptSvc - ok
16:25:45.0396 3188 [ 83D5AD7CFDB1F9D42C3CD102B20FFA0A ] DcomLaunch C:\Windows\system32\rpcss.dll
16:25:45.0424 3188 DcomLaunch - ok
16:25:45.0457 3188 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:25:45.0521 3188 defragsvc - ok
16:25:45.0538 3188 [ 9FCDC4EEBCE39173122F9FEE53A054FC ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:25:45.0555 3188 DfsC - ok
16:25:45.0581 3188 [ 3249F4E4DBF1BD24B40DFF385F2511D4 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:25:45.0603 3188 Dhcp - ok
16:25:45.0638 3188 [ 9ED290A1E8FDBCF269B26CDA541DDC84 ] discache C:\Windows\system32\drivers\discache.sys
16:25:45.0654 3188 discache - ok
16:25:45.0660 3188 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:25:45.0677 3188 Disk - ok
16:25:45.0717 3188 [ 138A622CB3A5A892441D71874E26C41C ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:25:45.0737 3188 Dnscache - ok
16:25:45.0750 3188 [ A5E97B8E11AC35F2C5DAF85FF95B1E52 ] dot3svc C:\Windows\System32\dot3svc.dll
16:25:45.0771 3188 dot3svc - ok
16:25:45.0779 3188 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:25:45.0832 3188 DPS - ok
16:25:45.0854 3188 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:25:45.0869 3188 drmkaud - ok
16:25:45.0900 3188 [ ED5DE02656654EF1270908C5456A110B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:25:45.0930 3188 DXGKrnl - ok
16:25:45.0953 3188 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:25:45.0998 3188 EapHost - ok
16:25:46.0078 3188 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:25:46.0141 3188 ebdrv - ok
16:25:46.0165 3188 [ 4319CBF7C54D53F5C592A794127A6276 ] EFS C:\Windows\System32\lsass.exe
16:25:46.0178 3188 EFS - ok
16:25:46.0260 3188 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:25:46.0294 3188 ehRecvr - ok
16:25:46.0300 3188 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:25:46.0322 3188 ehSched - ok
16:25:46.0359 3188 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:25:46.0388 3188 elxstor - ok
16:25:46.0393 3188 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:25:46.0409 3188 ErrDev - ok
16:25:46.0441 3188 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:25:46.0490 3188 EventSystem - ok
16:25:46.0510 3188 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:25:46.0548 3188 exfat - ok
16:25:46.0553 3188 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:25:46.0590 3188 fastfat - ok
16:25:46.0634 3188 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:25:46.0667 3188 Fax - ok
16:25:46.0704 3188 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:25:46.0724 3188 fdc - ok
16:25:46.0753 3188 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:25:46.0809 3188 fdPHost - ok
16:25:46.0813 3188 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:25:46.0853 3188 FDResPub - ok
16:25:46.0857 3188 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:25:46.0868 3188 FileInfo - ok
16:25:46.0872 3188 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:25:46.0912 3188 Filetrace - ok
16:25:46.0917 3188 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:25:46.0928 3188 flpydisk - ok
16:25:46.0934 3188 [ BAD52A4449DB51D70826EBDE87D84E22 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:25:46.0948 3188 FltMgr - ok
16:25:46.0978 3188 [ 5B92E2B067F64DC53698EB84966B3F0D ] FontCache C:\Windows\system32\FntCache.dll
16:25:47.0001 3188 FontCache - ok
16:25:47.0035 3188 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:25:47.0049 3188 FontCache3.0.0.0 - ok
16:25:47.0071 3188 [ 305380D5D33BFDEAAF14D73E969239FC ] FPSensor C:\Windows\system32\Drivers\FPSensor.sys
16:25:47.0087 3188 FPSensor - ok
16:25:47.0112 3188 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:25:47.0130 3188 FsDepends - ok
16:25:47.0135 3188 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:25:47.0150 3188 Fs_Rec - ok
16:25:47.0157 3188 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:25:47.0183 3188 fvevol - ok
16:25:47.0188 3188 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:25:47.0205 3188 gagp30kx - ok
16:25:47.0234 3188 [ B205AA45B2D23EA65EB42542D571EA4E ] gpsvc C:\Windows\System32\gpsvc.dll
16:25:47.0264 3188 gpsvc - ok
16:25:47.0270 3188 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:25:47.0286 3188 hcw85cir - ok
16:25:47.0307 3188 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:25:47.0335 3188 HdAudAddService - ok
16:25:47.0359 3188 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:25:47.0383 3188 HDAudBus - ok
16:25:47.0411 3188 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:25:47.0424 3188 HECIx64 - ok
16:25:47.0429 3188 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:25:47.0447 3188 HidBatt - ok
16:25:47.0453 3188 [ FDF5EAD19FD8B2D0C50A9CCDD7836F9E ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:25:47.0469 3188 HidBth - ok
16:25:47.0474 3188 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:25:47.0496 3188 HidIr - ok
16:25:47.0531 3188 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
16:25:47.0588 3188 hidserv - ok
16:25:47.0610 3188 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:25:47.0622 3188 HidUsb - ok
16:25:47.0631 3188 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:25:47.0672 3188 hkmsvc - ok
16:25:47.0697 3188 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:25:47.0711 3188 HomeGroupListener - ok
16:25:47.0741 3188 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:25:47.0754 3188 HomeGroupProvider - ok
16:25:47.0767 3188 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:25:47.0778 3188 HpSAMD - ok
16:25:47.0788 3188 [ 30C2ABEA8C73FE17292420D6AF68822E ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:25:47.0806 3188 HTTP - ok
16:25:47.0825 3188 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:25:47.0834 3188 hwpolicy - ok
16:25:47.0838 3188 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:25:47.0850 3188 i8042prt - ok
16:25:47.0892 3188 [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
16:25:47.0928 3188 iaStorA - ok
16:25:48.0102 3188 [ 777788D9B63CCEEEF2DB353BA4EDD454 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:25:48.0118 3188 IAStorDataMgrSvc - ok
16:25:48.0131 3188 [ 711241EA1BA9DB44F34D03D2AD00ED08 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
16:25:48.0145 3188 iaStorF - ok
16:25:48.0187 3188 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:25:48.0212 3188 iaStorV - ok
16:25:48.0265 3188 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:25:48.0298 3188 idsvc - ok
16:25:48.0397 3188 [ D70B2BADBC951B2DDBFEEBBBA846BE98 ] IGBASVC C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
16:25:48.0453 3188 IGBASVC ( UnsignedFile.Multi.Generic ) - warning
16:25:48.0453 3188 IGBASVC - detected UnsignedFile.Multi.Generic (1)
16:25:48.0474 3188 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:25:48.0485 3188 iirsp - ok
16:25:48.0522 3188 [ AF66C7B1D07DC6DE415F5F32BA1F92A7 ] IKEEXT C:\Windows\System32\ikeext.dll
16:25:48.0543 3188 IKEEXT - ok
16:25:48.0569 3188 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
16:25:48.0580 3188 Impcd - ok
16:25:48.0775 3188 [ 91B61589BB2915E81D436EFE07548507 ] int15 C:\Windows\SysWOW64\drivers\int15_64.sys
16:25:48.0791 3188 int15 - ok
16:25:48.0901 3188 [ 5C0BBE779BA3D6F84EB5AE3CB8793E11 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:25:49.0030 3188 IntcAzAudAddService - ok
16:25:49.0052 3188 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:25:49.0062 3188 intelide - ok
16:25:49.0067 3188 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:25:49.0080 3188 intelppm - ok
16:25:49.0107 3188 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:25:49.0174 3188 IPBusEnum - ok
16:25:49.0181 3188 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:25:49.0243 3188 IpFilterDriver - ok
16:25:49.0258 3188 [ 8150AE980990BC43C577D5FBA0C98F1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:25:49.0283 3188 iphlpsvc - ok
16:25:49.0302 3188 [ 3CB3DBEECB9672698B5C1A6EAB2940B0 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:25:49.0319 3188 IPMIDRV - ok
16:25:49.0325 3188 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:25:49.0382 3188 IPNAT - ok
16:25:49.0392 3188 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:25:49.0408 3188 IRENUM - ok
16:25:49.0412 3188 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:25:49.0421 3188 isapnp - ok
16:25:49.0439 3188 [ D9A95CE8A8C0735D2DAD0BAFEA1E0382 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:25:49.0453 3188 iScsiPrt - ok
16:25:49.0477 3188 [ 9D946134848CC59246704DCB5FC53BB8 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:25:49.0492 3188 k57nd60a - ok
16:25:49.0505 3188 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:25:49.0515 3188 kbdclass - ok
16:25:49.0525 3188 [ 3985332405FA64D8E679A1DB24901596 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:25:49.0536 3188 kbdhid - ok
16:25:49.0553 3188 [ 4319CBF7C54D53F5C592A794127A6276 ] KeyIso C:\Windows\system32\lsass.exe
16:25:49.0564 3188 KeyIso - ok
16:25:49.0568 3188 [ B2AFE62AF2BCAE582DDD2327C57EA85E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:25:49.0579 3188 KSecDD - ok
16:25:49.0584 3188 [ 64E80C2BFFC733B9ECC6D9436D454128 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:25:49.0595 3188 KSecPkg - ok
16:25:49.0599 3188 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:25:49.0635 3188 ksthunk - ok
16:25:49.0659 3188 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:25:49.0700 3188 KtmRm - ok
16:25:49.0723 3188 [ BB1F14C43241F880D23B1A8BB0B76DD0 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:25:49.0736 3188 LanmanServer - ok
16:25:49.0753 3188 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:25:49.0789 3188 LanmanWorkstation - ok
16:25:49.0817 3188 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:25:49.0854 3188 lltdio - ok
16:25:49.0878 3188 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:25:49.0918 3188 lltdsvc - ok
16:25:49.0921 3188 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:25:49.0957 3188 lmhosts - ok
16:25:50.0016 3188 [ 73A1F958FCAC3438046DBB829DC92FE6 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:25:50.0040 3188 LMS - ok
16:25:50.0064 3188 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:25:50.0082 3188 LSI_FC - ok
16:25:50.0093 3188 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:25:50.0110 3188 LSI_SAS - ok
16:25:50.0116 3188 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:25:50.0132 3188 LSI_SAS2 - ok
16:25:50.0139 3188 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:25:50.0157 3188 LSI_SCSI - ok
16:25:50.0163 3188 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:25:50.0225 3188 luafv - ok
16:25:50.0252 3188 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:25:50.0267 3188 MBAMProtector - ok
16:25:50.0292 3188 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:25:50.0312 3188 MBAMScheduler - ok
16:25:50.0343 3188 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:25:50.0369 3188 MBAMService - ok
16:25:50.0410 3188 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe
16:25:50.0433 3188 McComponentHostService - ok
16:25:50.0464 3188 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:25:50.0484 3188 Mcx2Svc - ok
16:25:50.0517 3188 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:25:50.0536 3188 megasas - ok
16:25:50.0546 3188 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:25:50.0571 3188 MegaSR - ok
16:25:50.0702 3188 Microsoft SharePoint Workspace Audit Service - ok
16:25:50.0737 3188 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:25:50.0799 3188 MMCSS - ok
16:25:50.0823 3188 [ BFFB0C93D9FB43CA42EF11C9240BFF7F ] Modem C:\Windows\system32\drivers\modem.sys
16:25:50.0838 3188 Modem - ok
16:25:50.0844 3188 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:25:50.0865 3188 monitor - ok
16:25:50.0871 3188 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:25:50.0887 3188 mouclass - ok
16:25:50.0893 3188 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:25:50.0910 3188 mouhid - ok
16:25:50.0916 3188 [ B3F55C20008956239A2190DBD7CC4C31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:25:50.0933 3188 mountmgr - ok
16:25:50.0969 3188 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:25:50.0987 3188 MozillaMaintenance - ok
16:25:51.0009 3188 [ 5F236E59025CD356972D2F004AB25BF4 ] mpio C:\Windows\system32\drivers\mpio.sys
16:25:51.0029 3188 mpio - ok
16:25:51.0048 3188 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:25:51.0066 3188 mpsdrv - ok
16:25:51.0107 3188 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:25:51.0137 3188 MpsSvc - ok
16:25:51.0156 3188 [ DD80994515CD82EE196ECCFE8AD19E41 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:25:51.0173 3188 MRxDAV - ok
16:25:51.0194 3188 [ 2D521B23095AC3A2CABEA27D5535C58C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:25:51.0212 3188 mrxsmb - ok
16:25:51.0221 3188 [ B92EC59CE0666CBAE68DCA5EC03CDE1C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:25:51.0241 3188 mrxsmb10 - ok
16:25:51.0248 3188 [ 48E3A44542A83AF769897C8836EB9A87 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:25:51.0265 3188 mrxsmb20 - ok
16:25:51.0270 3188 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:25:51.0286 3188 msahci - ok
16:25:51.0293 3188 [ 96A665A120150D1DE9D4C84AEAE01D0D ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:25:51.0311 3188 msdsm - ok
16:25:51.0323 3188 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:25:51.0343 3188 MSDTC - ok
16:25:51.0350 3188 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:25:51.0400 3188 Msfs - ok
16:25:51.0404 3188 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:25:51.0439 3188 mshidkmdf - ok
16:25:51.0443 3188 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:25:51.0452 3188 msisadrv - ok
16:25:51.0474 3188 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:25:51.0510 3188 MSiSCSI - ok
16:25:51.0514 3188 msiserver - ok
16:25:51.0527 3188 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:25:51.0564 3188 MSKSSRV - ok
16:25:51.0581 3188 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:25:51.0617 3188 MSPCLOCK - ok
16:25:51.0620 3188 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:25:51.0656 3188 MSPQM - ok
16:25:51.0663 3188 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:25:51.0677 3188 MsRPC - ok
16:25:51.0683 3188 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:25:51.0693 3188 mssmbios - ok
16:25:51.0697 3188 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:25:51.0732 3188 MSTEE - ok
16:25:51.0735 3188 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:25:51.0745 3188 MTConfig - ok
16:25:51.0749 3188 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:25:51.0759 3188 Mup - ok
16:25:51.0794 3188 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:25:51.0833 3188 napagent - ok
16:25:51.0858 3188 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:25:51.0887 3188 NativeWifiP - ok
16:25:51.0919 3188 [ 37060C2BFFFBF8235AB8021D33807AEC ] NDIS C:\Windows\system32\drivers\ndis.sys
16:25:51.0959 3188 NDIS - ok
16:25:51.0970 3188 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:25:52.0029 3188 NdisCap - ok
16:25:52.0034 3188 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:25:52.0050 3188 NdisTapi - ok
16:25:52.0055 3188 [ 4948435B96A6FA63914DA3B4090E6700 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:25:52.0070 3188 Ndisuio - ok
16:25:52.0077 3188 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:25:52.0118 3188 NdisWan - ok
16:25:52.0122 3188 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:25:52.0133 3188 NDProxy - ok
16:25:52.0137 3188 [ BB14215BBAF8EBB5E5FFAA3B6B04D177 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:25:52.0147 3188 NetBIOS - ok
16:25:52.0153 3188 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:25:52.0190 3188 NetBT - ok
16:25:52.0209 3188 [ 4319CBF7C54D53F5C592A794127A6276 ] Netlogon C:\Windows\system32\lsass.exe
16:25:52.0219 3188 Netlogon - ok
16:25:52.0252 3188 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:25:52.0292 3188 Netman - ok
16:25:52.0300 3188 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:25:52.0340 3188 netprofm - ok
16:25:52.0368 3188 [ 9C94A532F53198B59ADB2EB5033008D7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:25:52.0380 3188 NetTcpPortSharing - ok
16:25:52.0399 3188 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:25:52.0410 3188 nfrd960 - ok
16:25:52.0442 3188 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:25:52.0468 3188 NlaSvc - ok
16:25:52.0475 3188 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:25:52.0526 3188 Npfs - ok
16:25:52.0542 3188 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:25:52.0556 3188 nsi - ok
16:25:52.0561 3188 [ F7DAC05B4067C8D9DD1FF2FCF7E33291 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:25:52.0573 3188 nsiproxy - ok
16:25:52.0636 3188 [ 35987934C56F2D56EA2994D20462994B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:25:52.0693 3188 Ntfs - ok
16:25:52.0697 3188 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:25:52.0742 3188 Null - ok
16:25:52.0755 3188 [ 4F990BD111CF94891104193F8787788F ] nuvotoncir C:\Windows\system32\DRIVERS\nuvotoncir.sys
16:25:52.0764 3188 nuvotoncir - ok
16:25:52.0781 3188 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:25:52.0792 3188 nvraid - ok
16:25:52.0797 3188 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:25:52.0809 3188 nvstor - ok
16:25:52.0813 3188 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:25:52.0825 3188 nv_agp - ok
16:25:52.0829 3188 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:25:52.0839 3188 ohci1394 - ok
16:25:52.0893 3188 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:25:52.0910 3188 ose - ok
16:25:53.0072 3188 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:25:53.0165 3188 osppsvc - ok
16:25:53.0214 3188 [ 8830D42427D05B15B032108EBBDBD289 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:25:53.0238 3188 p2pimsvc - ok
16:25:53.0256 3188 [ 5B7BADED6943AA6F4B6C1ABA5FCCB25F ] p2psvc C:\Windows\system32\p2psvc.dll
16:25:53.0282 3188 p2psvc - ok
16:25:53.0307 3188 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:25:53.0329 3188 Parport - ok
16:25:53.0336 3188 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:25:53.0354 3188 partmgr - ok
16:25:53.0381 3188 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:25:53.0412 3188 PcaSvc - ok
16:25:53.0420 3188 [ 9CE2B541DEBE8DCA0ECD251584540703 ] pci C:\Windows\system32\drivers\pci.sys
16:25:53.0439 3188 pci - ok
16:25:53.0445 3188 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:25:53.0460 3188 pciide - ok
16:25:53.0468 3188 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:25:53.0488 3188 pcmcia - ok
16:25:53.0494 3188 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:25:53.0510 3188 pcw - ok
16:25:53.0530 3188 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:25:53.0592 3188 PEAUTH - ok
16:25:53.0623 3188 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:25:53.0636 3188 PerfHost - ok
16:25:53.0689 3188 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:25:53.0715 3188 pla - ok
16:25:53.0739 3188 [ 34B06971CA5A740B32A63646C60BA3FC ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:25:53.0754 3188 PlugPlay - ok
16:25:53.0776 3188 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:25:53.0786 3188 PNRPAutoReg - ok
16:25:53.0793 3188 [ 8830D42427D05B15B032108EBBDBD289 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:25:53.0806 3188 PNRPsvc - ok
16:25:53.0841 3188 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:25:53.0880 3188 PolicyAgent - ok
16:25:53.0896 3188 [ A6D45EB5FC8DBA8EBF3ABE2481C942B9 ] Power C:\Windows\system32\umpo.dll
16:25:53.0909 3188 Power - ok
16:25:53.0933 3188 [ D8874711B6C3DD308F84E42BA6EFF179 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:25:53.0951 3188 PptpMiniport - ok
16:25:53.0961 3188 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:25:53.0982 3188 Processor - ok
16:25:54.0016 3188 [ 390785362AC2D607A104CC562B7779CD ] ProfSvc C:\Windows\system32\profsvc.dll
16:25:54.0036 3188 ProfSvc - ok
16:25:54.0053 3188 [ 4319CBF7C54D53F5C592A794127A6276 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:25:54.0070 3188 ProtectedStorage - ok
16:25:54.0083 3188 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:25:54.0136 3188 Psched - ok
16:25:54.0190 3188 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:25:54.0238 3188 ql2300 - ok
16:25:54.0243 3188 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:25:54.0257 3188 ql40xx - ok
16:25:54.0299 3188 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:25:54.0335 3188 QWAVE - ok
16:25:54.0359 3188 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:25:54.0388 3188 QWAVEdrv - ok
16:25:54.0393 3188 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:25:54.0451 3188 RasAcd - ok
16:25:54.0467 3188 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:25:54.0504 3188 RasAgileVpn - ok
16:25:54.0532 3188 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:25:54.0602 3188 RasAuto - ok
16:25:54.0630 3188 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:25:54.0675 3188 Rasl2tp - ok
16:25:54.0694 3188 [ 8AB012D47B12630A72F56E26A1B5E63C ] RasMan C:\Windows\System32\rasmans.dll
16:25:54.0711 3188 RasMan - ok
16:25:54.0718 3188 [ 77682DE44B334E6AAFCD0ED61FB7404F ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:25:54.0731 3188 RasPppoe - ok
16:25:54.0736 3188 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:25:54.0782 3188 RasSstp - ok
16:25:54.0789 3188 [ 3FD90FB6C68BFA78A819B7A073FB5A20 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:25:54.0805 3188 rdbss - ok
16:25:54.0809 3188 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:25:54.0826 3188 rdpbus - ok
16:25:54.0830 3188 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:25:54.0876 3188 RDPCDD - ok
16:25:54.0881 3188 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:25:54.0926 3188 RDPENCDD - ok
16:25:54.0932 3188 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:25:54.0976 3188 RDPREFMP - ok
16:25:54.0981 3188 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:25:54.0994 3188 RdpVideoMiniport - ok
16:25:55.0011 3188 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:25:55.0026 3188 RDPWD - ok
16:25:55.0032 3188 [ A115F49BEA840A5F049BC6310F35F776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:25:55.0047 3188 rdyboost - ok
16:25:55.0069 3188 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:25:55.0083 3188 RemoteAccess - ok
16:25:55.0117 3188 [ 44A031C50D6E8077A034D59E094AB1E2 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:25:55.0132 3188 RemoteRegistry - ok
16:25:55.0163 3188 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:25:55.0189 3188 RFCOMM - ok
16:25:55.0224 3188 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:25:55.0285 3188 RpcEptMapper - ok
16:25:55.0310 3188 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:25:55.0329 3188 RpcLocator - ok
16:25:55.0351 3188 [ 83D5AD7CFDB1F9D42C3CD102B20FFA0A ] RpcSs C:\Windows\system32\rpcss.dll
16:25:55.0376 3188 RpcSs - ok
16:25:55.0405 3188 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:25:55.0468 3188 rspndr - ok
16:25:55.0511 3188 [ C435AC77704EB16E85C9D630F4D4B4F7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
16:25:55.0533 3188 RTHDMIAzAudService - ok
16:25:55.0553 3188 [ 4319CBF7C54D53F5C592A794127A6276 ] SamSs C:\Windows\system32\lsass.exe
16:25:55.0569 3188 SamSs - ok
16:25:55.0585 3188 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:25:55.0602 3188 sbp2port - ok
16:25:55.0637 3188 [ 3998013C9FA81B3FDAC7A394DD996E10 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:25:55.0657 3188 SCardSvr - ok
16:25:55.0671 3188 [ B8565E5DBBCE2B7DFD49A7A6C03F6A90 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:25:55.0686 3188 scfilter - ok
16:25:55.0720 3188 [ CB23169AD1CEAEFF97DD76AD105B24C3 ] Schedule C:\Windows\system32\schedsvc.dll
16:25:55.0756 3188 Schedule - ok
16:25:55.0783 3188 [ DF5A9401E268EBB7F9A73B4D65887965 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:25:55.0799 3188 SCPolicySvc - ok
16:25:55.0832 3188 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:25:55.0851 3188 SDRSVC - ok
16:25:55.0868 3188 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:25:55.0924 3188 secdrv - ok
16:25:55.0942 3188 [ EA764FF72CD57F69B6E1E1A4F713708C ] seclogon C:\Windows\system32\seclogon.dll
16:25:55.0953 3188 seclogon - ok
16:25:55.0979 3188 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
16:25:56.0017 3188 SENS - ok
16:25:56.0025 3188 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:25:56.0036 3188 SensrSvc - ok
16:25:56.0046 3188 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:25:56.0058 3188 Serenum - ok
16:25:56.0071 3188 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:25:56.0083 3188 Serial - ok
16:25:56.0087 3188 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:25:56.0098 3188 sermouse - ok
16:25:56.0121 3188 [ 4D7226D0B485C8AE5BCD8E0DCC1066AB ] SessionEnv C:\Windows\system32\sessenv.dll
16:25:56.0134 3188 SessionEnv - ok
16:25:56.0148 3188 [ C3D57658C34C68DB5D8970A1CF96284E ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:25:56.0159 3188 sffdisk - ok
16:25:56.0162 3188 [ 21EACBEFFFB0FB4999D3D10245CF10A5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:25:56.0172 3188 sffp_mmc - ok
16:25:56.0182 3188 [ AF660EA3039E8FE3C2051D7224C82F34 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:25:56.0192 3188 sffp_sd - ok
16:25:56.0196 3188 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:25:56.0207 3188 sfloppy - ok
16:25:56.0238 3188 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:25:56.0278 3188 SharedAccess - ok
16:25:56.0300 3188 [ EA9092F3DB26EDC7199AB64C9EF0D2D7 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:25:56.0315 3188 ShellHWDetection - ok
16:25:56.0339 3188 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:25:56.0350 3188 SiSRaid2 - ok
16:25:56.0355 3188 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:25:56.0366 3188 SiSRaid4 - ok
16:25:56.0486 3188 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:25:56.0583 3188 Skype C2C Service - ok
16:25:56.0612 3188 [ 65F9539E506D43FCD7CB59F8FD5CCABC ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:25:56.0626 3188 SkypeUpdate - ok
16:25:56.0653 3188 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:25:56.0707 3188 Smb - ok
16:25:56.0727 3188 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:25:56.0738 3188 SNMPTRAP - ok
16:25:56.0806 3188 [ A415C67B40DFB903ACCC1D40FBEE3269 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
16:25:56.0855 3188 SNP2UVC - ok
16:25:56.0899 3188 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:25:56.0915 3188 spldr - ok
16:25:56.0965 3188 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:25:56.0993 3188 Spooler - ok
16:25:57.0075 3188 [ 53952A2A89985D1A3486F9FC661BA538 ] sppsvc C:\Windows\system32\sppsvc.exe
16:25:57.0134 3188 sppsvc - ok
16:25:57.0156 3188 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:25:57.0192 3188 sppuinotify - ok
16:25:57.0215 3188 [ 218F6F1BD7ED3F2167759E6A9C9DDD53 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:25:57.0230 3188 srv - ok
16:25:57.0242 3188 [ 89B174820864672CDB4D8B0EC27A11B9 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:25:57.0256 3188 srv2 - ok
16:25:57.0262 3188 [ 896BEAAF23419696E73469DC207B4D26 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:25:57.0274 3188 srvnet - ok
16:25:57.0304 3188 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:25:57.0373 3188 SSDPSRV - ok
16:25:57.0378 3188 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:25:57.0425 3188 SstpSvc - ok
16:25:57.0441 3188 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:25:57.0451 3188 stexstor - ok
16:25:57.0488 3188 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:25:57.0512 3188 stisvc - ok
16:25:57.0532 3188 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:25:57.0542 3188 swenum - ok
16:25:57.0566 3188 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:25:57.0608 3188 swprv - ok
16:25:57.0638 3188 [ 0A535B4F638D5BBCF3EE6C997BF33892 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:25:57.0654 3188 SynTP - ok
16:25:57.0692 3188 [ 7BE4CDEA6BC7832BFE3112A350D8B9EA ] SysMain C:\Windows\system32\sysmain.dll
16:25:57.0739 3188 SysMain - ok
16:25:57.0762 3188 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:25:57.0776 3188 TabletInputService - ok
16:25:57.0796 3188 [ 8B9FD32C71F29DF235A27CE9FF4F19DC ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
16:25:57.0807 3188 taphss6 - ok
16:25:57.0829 3188 [ D583628BEAD52E4E78E5A8FA338D0E02 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:25:57.0846 3188 TapiSrv - ok
16:25:57.0869 3188 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:25:57.0915 3188 TBS - ok
16:25:57.0974 3188 [ D5707FC2300AA5B04B7BFE86D40C0133 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:25:58.0035 3188 Tcpip - ok
16:25:58.0058 3188 [ D5707FC2300AA5B04B7BFE86D40C0133 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:25:58.0097 3188 TCPIP6 - ok
16:25:58.0103 3188 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:25:58.0114 3188 tcpipreg - ok
16:25:58.0119 3188 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:25:58.0129 3188 TDPIPE - ok
16:25:58.0133 3188 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:25:58.0144 3188 TDTCP - ok
16:25:58.0148 3188 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:25:58.0184 3188 tdx - ok
16:25:58.0188 3188 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:25:58.0198 3188 TermDD - ok
16:25:58.0202 3188 [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt C:\Windows\system32\drivers\terminpt.sys
16:25:58.0212 3188 terminpt - ok
16:25:58.0245 3188 [ BDE1750384AD85C10DC41D05A28ED863 ] TermService C:\Windows\System32\termsrv.dll
16:25:58.0263 3188 TermService - ok
16:25:58.0268 3188 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:25:58.0286 3188 Themes - ok
16:25:58.0304 3188 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:25:58.0341 3188 THREADORDER - ok
16:25:58.0370 3188 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:25:58.0426 3188 TrkWks - ok
16:25:58.0457 3188 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:25:58.0503 3188 TrustedInstaller - ok
16:25:58.0522 3188 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:25:58.0566 3188 tssecsrv - ok
16:25:58.0570 3188 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:25:58.0580 3188 TsUsbFlt - ok
16:25:58.0584 3188 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:25:58.0594 3188 TsUsbGD - ok
16:25:58.0598 3188 [ 5AF0E7D020F6CA55AC57CD89AE089673 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:25:58.0609 3188 tunnel - ok
16:25:58.0613 3188 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:25:58.0623 3188 uagp35 - ok
16:25:58.0629 3188 [ 7397C449E1C74AC9F41A9004BCAD6CB0 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:25:58.0642 3188 udfs - ok
16:25:58.0665 3188 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:25:58.0677 3188 UI0Detect - ok
16:25:58.0681 3188 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:25:58.0691 3188 uliagpkx - ok
16:25:58.0714 3188 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:25:58.0725 3188 umbus - ok
16:25:58.0729 3188 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:25:58.0740 3188 UmPass - ok
16:25:58.0825 3188 [ F51C224B79D338BDE125FD8035D2418B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:25:58.0894 3188 UNS - ok
16:25:58.0931 3188 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:25:58.0983 3188 upnphost - ok
16:25:59.0005 3188 [ 420DB638C062BFB1B8D4CDCD476A0782 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:25:59.0017 3188 usbccgp - ok
16:25:59.0021 3188 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:25:59.0036 3188 usbcir - ok
16:25:59.0040 3188 [ 1D6AAF87C20364DDBF74DE0EC95C72FC ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:25:59.0050 3188 usbehci - ok
16:25:59.0057 3188 [ D5DCE1430A3BAE0FACDD45CC433197AF ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:25:59.0071 3188 usbhub - ok
16:25:59.0075 3188 [ 481EAA39275E96A2C87FD1E0619A9476 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:25:59.0085 3188 usbohci - ok
|
|
09.01.2013, 20:22
| #10 |
| | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virusCode:
ATTFilter 16:25:59.0089 3188 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:25:59.0103 3188 usbprint - ok
16:25:59.0107 3188 [ 73B84C8CE467E81A94D4194F8009F2A0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:25:59.0118 3188 USBSTOR - ok
16:25:59.0122 3188 [ 983EEFBF4D05B2E7634ABBA92095CD16 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:25:59.0132 3188 usbuhci - ok
16:25:59.0150 3188 [ AB1D839BBB0560EBD981854B7B6769E4 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:25:59.0162 3188 usbvideo - ok
16:25:59.0190 3188 [ 81D8645AC588E7A6D9755D8FD84E6FDD ] UxSms C:\Windows\System32\uxsms.dll
16:25:59.0202 3188 UxSms - ok
16:25:59.0209 3188 [ 4319CBF7C54D53F5C592A794127A6276 ] VaultSvc C:\Windows\system32\lsass.exe
16:25:59.0220 3188 VaultSvc - ok
16:25:59.0230 3188 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:25:59.0239 3188 vdrvroot - ok
16:25:59.0274 3188 [ 44082C4A89ABDAC0C4B08AA8834270B4 ] vds C:\Windows\System32\vds.exe
16:25:59.0302 3188 vds - ok
16:25:59.0331 3188 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:25:59.0355 3188 vga - ok
16:25:59.0360 3188 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:25:59.0424 3188 VgaSave - ok
16:25:59.0432 3188 [ 2E9907E787CDAFA2AAA7F928853B7142 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:25:59.0454 3188 vhdmp - ok
16:25:59.0460 3188 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:25:59.0476 3188 viaide - ok
16:25:59.0483 3188 [ B7962BD45492837173E0EF274E691C1F ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:25:59.0501 3188 volmgr - ok
16:25:59.0511 3188 [ 0904EF550B3D3FEB326638A4BAD9937E ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:25:59.0537 3188 volmgrx - ok
16:25:59.0546 3188 [ A56F2326CE33646CDA95E7A9E7163FFA ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:25:59.0563 3188 volsnap - ok
16:25:59.0569 3188 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:25:59.0583 3188 vsmraid - ok
16:25:59.0632 3188 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:25:59.0692 3188 VSS - ok
16:25:59.0700 3188 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:25:59.0710 3188 vwifibus - ok
16:25:59.0714 3188 [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:25:59.0723 3188 vwififlt - ok
16:25:59.0755 3188 [ C7B83BD98BA3560374569C0C13EA3685 ] W32Time C:\Windows\system32\w32time.dll
16:25:59.0779 3188 W32Time - ok
16:25:59.0802 3188 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:25:59.0817 3188 WacomPen - ok
16:25:59.0822 3188 [ 226028D956C43CE4D8DDFFA89873E890 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:25:59.0836 3188 WANARP - ok
16:25:59.0840 3188 [ 226028D956C43CE4D8DDFFA89873E890 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:25:59.0855 3188 Wanarpv6 - ok
16:25:59.0889 3188 [ F91B8969183F3461BD3D3438052AEAD0 ] wbengine C:\Windows\system32\wbengine.exe
16:25:59.0922 3188 wbengine - ok
16:25:59.0928 3188 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:25:59.0946 3188 WbioSrvc - ok
16:25:59.0962 3188 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:25:59.0983 3188 wcncsvc - ok
16:25:59.0991 3188 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:26:00.0003 3188 WcsPlugInService - ok
16:26:00.0026 3188 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:26:00.0036 3188 Wd - ok
16:26:00.0048 3188 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:26:00.0071 3188 Wdf01000 - ok
16:26:00.0095 3188 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:26:00.0113 3188 WdiServiceHost - ok
16:26:00.0117 3188 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:26:00.0135 3188 WdiSystemHost - ok
16:26:00.0141 3188 [ D0AA40E108D4D404DFE9F3C4FA323432 ] WebClient C:\Windows\System32\webclnt.dll
16:26:00.0155 3188 WebClient - ok
16:26:00.0173 3188 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:26:00.0212 3188 Wecsvc - ok
16:26:00.0230 3188 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:26:00.0267 3188 wercplsupport - ok
16:26:00.0272 3188 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:26:00.0310 3188 WerSvc - ok
16:26:00.0333 3188 [ 009604986BAE004733728282BD98BB03 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:26:00.0342 3188 WfpLwf - ok
16:26:00.0346 3188 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:26:00.0355 3188 WIMMount - ok
16:26:00.0373 3188 [ 54D68B92DC59FBBA95919C804A7C3E07 ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys
16:26:00.0383 3188 winbondcir - ok
16:26:00.0394 3188 WinDefend - ok
16:26:00.0398 3188 WinHttpAutoProxySvc - ok
16:26:00.0500 3188 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:26:00.0559 3188 Winmgmt - ok
16:26:00.0617 3188 [ 5A91D5A0BBACA4B2FD9171CDD5BDC71B ] WinRM C:\Windows\system32\WsmSvc.dll
16:26:00.0666 3188 WinRM - ok
16:26:00.0694 3188 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:26:00.0714 3188 Wlansvc - ok
16:26:00.0722 3188 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:26:00.0733 3188 WmiAcpi - ok
16:26:00.0755 3188 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:26:00.0770 3188 wmiApSrv - ok
16:26:00.0791 3188 WMPNetworkSvc - ok
16:26:00.0808 3188 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:26:00.0829 3188 WPCSvc - ok
16:26:00.0836 3188 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:26:00.0861 3188 WPDBusEnum - ok
16:26:00.0879 3188 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:26:00.0938 3188 ws2ifsl - ok
16:26:00.0949 3188 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
16:26:00.0969 3188 wscsvc - ok
16:26:00.0974 3188 WSearch - ok
16:26:01.0043 3188 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:26:01.0103 3188 wuauserv - ok
16:26:01.0125 3188 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:26:01.0136 3188 WudfPf - ok
16:26:01.0141 3188 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:26:01.0153 3188 WUDFRd - ok
16:26:01.0187 3188 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:26:01.0199 3188 wudfsvc - ok
16:26:01.0208 3188 [ 37612EAB55BCCBE5F7825E6A00A190CF ] WwanSvc C:\Windows\System32\wwansvc.dll
16:26:01.0221 3188 WwanSvc - ok
Code:
ATTFilter 16:26:01.0229 3188 ================ Scan global ===============================
16:26:01.0252 3188 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:26:01.0272 3188 [ CC44EBC3E04E76AABE19EB4A16663E4A ] C:\Windows\system32\winsrv.dll
16:26:01.0278 3188 [ CC44EBC3E04E76AABE19EB4A16663E4A ] C:\Windows\system32\winsrv.dll
16:26:01.0296 3188 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:26:01.0320 3188 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:26:01.0325 3188 [Global] - ok
16:26:01.0326 3188 ================ Scan MBR ==================================
16:26:01.0340 3188 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:26:01.0654 3188 \Device\Harddisk0\DR0 - ok
16:26:01.0654 3188 ================ Scan VBR ==================================
16:26:01.0658 3188 [ 012315393678359ED9CB100DB88B66FC ] \Device\Harddisk0\DR0\Partition1
16:26:01.0659 3188 \Device\Harddisk0\DR0\Partition1 - ok
16:26:01.0686 3188 [ 6813EB3B0C705CF1560E865C55BA4E13 ] \Device\Harddisk0\DR0\Partition2
16:26:01.0688 3188 \Device\Harddisk0\DR0\Partition2 - ok
16:26:01.0704 3188 [ 85FD7C09CC8C05B03C42C0BD676B3C50 ] \Device\Harddisk0\DR0\Partition3
16:26:01.0706 3188 \Device\Harddisk0\DR0\Partition3 - ok
16:26:01.0707 3188 ============================================================
16:26:01.0707 3188 Scan finished
16:26:01.0707 3188 ============================================================
16:26:01.0764 4436 Detected object count: 1
16:26:01.0764 4436 Actual detected object count: 1
16:26:06.0203 4436 IGBASVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:26:06.0203 4436 IGBASVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
10.01.2013, 00:03
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.01.2013, 00:07
| #12 |
| | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virusCode:
ATTFilter # AdwCleaner v2.105 - Datei am 10/01/2013 um 00:06:33 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : User - USER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\User\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\END
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\ConduitEngine
Ordner Gefunden : C:\Program Files (x86)\Protected Search
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gefunden : HKCU\Software\ProtectedSearch
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://newtab.certified-toolbar.com/nie?si=41460&tid=3231&new=true
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231
[HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
[HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231
-\\ Mozilla Firefox v17.0.1 (de)
*************************
AdwCleaner[R1].txt - [3230 octets] - [10/01/2013 00:06:33]
########## EOF - C:\AdwCleaner[R1].txt - [3290 octets] ##########
|
|
10.01.2013, 00:32
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.01.2013, 00:42
| #14 |
| | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus nach adw cleaner Code:
ATTFilter # AdwCleaner v2.105 - Datei am 10/01/2013 um 00:37:26 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : User - USER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\User\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\END
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\ConduitEngine
Ordner Gelöscht : C:\Program Files (x86)\Protected Search
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\ProtectedSearch
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://newtab.certified-toolbar.com/nie?si=41460&tid=3231&new=true --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q= --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=3231 --> hxxp://www.google.com
-\\ Mozilla Firefox v17.0.1 (de)
*************************
AdwCleaner[R1].txt - [3355 octets] - [10/01/2013 00:06:33]
AdwCleaner[R2].txt - [3415 octets] - [10/01/2013 00:36:18]
AdwCleaner[S1].txt - [3748 octets] - [10/01/2013 00:37:26]
########## EOF - C:\AdwCleaner[S1].txt - [3808 octets] ##########
Code:
ATTFilter OTL logfile created on: 10.01.2013 00:44:11 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 51,01% Memory free 7,73 Gb Paging File | 5,49 Gb Available in Paging File | 71,10% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 150,00 Gb Total Space | 54,79 Gb Free Space | 36,53% Space Free | Partition Type: NTFS Drive D: | 315,66 Gb Total Space | 205,96 Gb Free Space | 65,25% Space Free | Partition Type: NTFS Drive E: | 761,15 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: USER-PC | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\User\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe (Adobe Systems, Inc.) PRC - C:\Users\User\AppData\Roaming\ICQM\icq.exe (ICQ) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe (Egis Technology Inc.) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () MOD - C:\Users\User\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvcInt#\cc90d2922448df5a44d86fcba5c431f3\IAStorDataMgrSvcInterfaces.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ca2a873cb11b8005d93135e86ef5bec1\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5556bb8f1dd215171e885985b07052ba\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\908a253a8f1907305d2a074a87add0a3\System.WorkflowServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\708244452fad4570fbbfbf99d213fd94\System.ServiceModel.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\316ee2f96aa8c6e9ebb1c8cd7369570d\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\5c47b39cccb1fb2e9b8994eb21d473a5\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1a0e0ec927415fa4644d68caf0b0c3d1\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\0bc1ffde6f872639ec886763d6861777\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b43cc8180cd775ba30e80bcad1158a25\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\d7abfaa021c0125c341d61577fdf6533\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ba0ba74f426c631c8cdc1050367b0b6a\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dae7b30f86c8be561b6183427d05918\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c6e476e8f84fa290a483e07e6c673a49\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c4dd7991c69dafde1b5ef08b9559b39b\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\fe8826f7e1bfc2fa1cc1568ffbbfb4b8\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe (McAfee, Inc.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (IGBASVC) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe (Egis Technology Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (FPSensor) -- C:\Windows\SysNative\drivers\FPSensor.sys (EgisTec) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation) DRV:64bit: - (taphss6) -- C:\Windows\SysNative\drivers\taphss6.sys (Anchorfree Inc.) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (nuvotoncir) -- C:\Windows\SysNative\drivers\nuvotoncir.sys (Nuvoton Technology Corporation) DRV:64bit: - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys () DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (winbondcir) -- C:\Windows\SysNative\drivers\winbondcir.sys (Winbond Electronics Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q={searchTerms} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.google.com IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 5E B2 F1 A6 EA CD 01 [binary data] IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://www.google.com IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://www.google.com IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=3231&q={searchTerms} IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb IE - HKU\S-1-5-21-1926261916-575310351-292605388-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.search.useDBForOrder: false FF - prefs.js..browser.startup.homepage: "hxxp://sf-hq-forum.de/index.php|https://service.gmx.net/de/cgi/g.fcgi/application/navigator?CUSTOMERNO=22789777&t=de1866861646.1357772696.f6d969fb|hxxp://w2.de.mymagictales.com/xhodon/chat.php|hxxp://play.cultures-online.de/co/bin/index.php|hxxp://fliplife.com/skills/user|hxxp://forum.starfleetonline.de/login.php?redirect=search.php&search_id=newposts&sid=3d0bda6180c387c67d8b070a31e621ff|http://www.trojaner-board.de/129161-...odes/bttf.htm" FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.3.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..keyword.URL: "hxxp://search.certified-toolbar.com?si=41460&tid=3231&bs=true&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.04 19:15:18 | 000,000,000 | ---D | M] [2013.01.04 19:15:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions [2013.01.06 12:11:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\p3n96zvx.default\extensions [2013.01.05 17:20:20 | 000,000,000 | ---D | M] (Hotspot Shield) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\p3n96zvx.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d} [2013.01.06 12:11:27 | 000,010,656 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\p3n96zvx.default\extensions\youtubeunblocker@unblocker.yt.xpi [2013.01.04 20:12:15 | 000,003,269 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\p3n96zvx.default\searchplugins\Web Search.xml [2013.01.05 17:26:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.01.04 19:17:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.01.04 20:12:15 | 000,003,269 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml [2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.01.08 21:13:06 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) O4 - HKU\S-1-5-21-1926261916-575310351-292605388-1000..\Run: [Driver Whiz] C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe (PC Drivers Headquarters) O4 - HKU\S-1-5-21-1926261916-575310351-292605388-1000..\Run: [icq] C:\Users\User\AppData\Roaming\ICQM\icq.exe (ICQ) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1926261916-575310351-292605388-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{664E0F60-BB30-420D-B617-BDCFB763E28C}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.03.22 16:17:27 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.09 21:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus [2013.01.09 19:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013.01.09 19:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip [2013.01.09 16:40:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.01.09 16:23:17 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller.exe [2013.01.09 16:08:11 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\User\Desktop\aswMBR.exe [2013.01.08 21:35:17 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\mbar-1.01.0.1011 [2013.01.08 21:35:17 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\mbar [2013.01.08 21:13:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.01.08 21:04:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.01.08 21:04:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.01.08 21:04:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.01.08 21:01:31 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.01.08 21:01:27 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.01.08 20:01:49 | 005,019,950 | R--- | C] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe [2013.01.07 22:01:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes [2013.01.07 22:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.01.07 22:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.01.07 22:01:28 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.01.07 22:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.01.07 22:01:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Programs [2013.01.07 22:00:56 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup-1.70.0.1100.exe [2013.01.05 17:20:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Conduit [2013.01.04 23:59:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Adobe [2013.01.04 23:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2013.01.04 23:46:43 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll [2013.01.04 23:45:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\dll-files.com [2013.01.04 23:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer [2013.01.04 23:45:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dll-Files.com Fixer [2013.01.04 23:34:38 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\videos [2013.01.04 23:34:02 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\sf [2013.01.04 23:10:47 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Schule [2013.01.04 23:10:47 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Neuer Ordner [2013.01.04 22:58:25 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Musik [2013.01.04 22:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eSobi [2013.01.04 22:29:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2013.01.04 22:29:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EgisTec IPS [2013.01.04 22:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EgisTec Egis Software Update [2013.01.04 22:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EgisTec [2013.01.04 22:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2013.01.04 22:23:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink [2013.01.04 22:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BS_Player [2013.01.04 22:23:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2013.01.04 22:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer [2013.01.04 22:20:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2013.01.04 22:09:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013.01.04 22:08:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Inc [2013.01.04 21:55:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Macromedia [2013.01.04 21:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer GameZone [2013.01.04 21:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2013.01.04 21:28:32 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2013.01.04 21:28:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan [2013.01.04 21:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.01.04 21:26:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe [2013.01.04 21:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer [2013.01.04 21:21:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.01.04 21:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET [2013.01.04 21:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.01.04 21:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.01.04 21:20:37 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2013.01.04 21:19:08 | 000,000,000 | ---D | C] -- C:\Program Files\HP [2013.01.04 21:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013.01.04 21:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\Doom Shareware for Windows 95 [2013.01.04 21:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2013.01.04 21:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2013.01.04 21:18:59 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom [2013.01.04 21:18:59 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013.01.04 21:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\Acer Accessory Store [2013.01.04 21:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Acer [2013.01.04 21:16:28 | 012,441,960 | ---- | C] (ICQ) -- C:\Program Files\install_icq7.exe [2013.01.04 21:16:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013.01.04 21:15:28 | 000,309,768 | ---- | C] (Dritek System Inc.) -- C:\Windows\GVUni.exe [2013.01.04 21:15:26 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\d3dx9_42.dll [2013.01.04 21:15:24 | 001,664,248 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.EXE [2013.01.04 21:15:10 | 000,000,000 | ---D | C] -- C:\Windows\dsi [2013.01.04 21:14:53 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2013.01.04 21:14:52 | 000,307,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR [2013.01.04 21:14:52 | 000,000,000 | ---D | C] -- C:\Windows\DeployWinRE2 [2013.01.04 21:14:46 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Bilder [2013.01.04 21:14:21 | 000,348,680 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINST32.EXE [2013.01.04 21:13:19 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM [2013.01.04 21:12:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fotokasten comfort [2013.01.04 21:07:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\FileZilla [2013.01.04 21:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2013.01.04 21:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client [2013.01.04 21:04:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apps [2013.01.04 20:54:52 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA% [2013.01.04 20:40:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Macromedia [2013.01.04 20:40:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Adobe [2013.01.04 20:39:11 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.01.04 20:39:11 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.01.04 20:39:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2013.01.04 20:39:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013.01.04 20:23:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\WinRAR [2013.01.04 20:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2013.01.04 20:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013.01.04 20:17:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2013.01.04 20:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013.01.04 20:17:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013.01.04 20:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2013.01.04 20:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2013.01.04 20:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2013.01.04 20:14:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2013.01.04 20:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.01.04 20:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.01.04 20:13:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Microsoft Help [2013.01.04 20:13:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.01.04 20:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.01.04 20:13:33 | 000,000,000 | R--D | C] -- C:\MSOCache [2013.01.04 20:12:05 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\DownTango [2013.01.04 20:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Sky [2013.01.04 20:03:16 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Soundpaket [2013.01.04 19:55:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC [2013.01.04 19:55:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\mIRC [2013.01.04 19:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC [2013.01.04 19:51:33 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB [2013.01.04 19:51:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PC_Drivers_Headquarters [2013.01.04 19:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Whiz [2013.01.04 19:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Whiz [2013.01.04 19:40:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Whiz [2013.01.04 19:20:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ [2013.01.04 19:19:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ICQM [2013.01.04 19:19:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ICQ-Profile [2013.01.04 19:17:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Skype [2013.01.04 19:17:29 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.01.04 19:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.01.04 19:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.01.04 19:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.01.04 19:15:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Mozilla [2013.01.04 19:15:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Mozilla [2013.01.04 19:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.01.04 19:15:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.01.04 19:15:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.01.04 10:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2013.01.04 10:30:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Intel Corporation [2013.01.04 10:27:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ATI [2013.01.04 10:27:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\ATI [2013.01.04 10:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.01.04 10:23:04 | 000,123,392 | ---- | C] (Egis Technology Inc.) -- C:\Windows\SysNative\VCryptAPI.dll [2013.01.04 10:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer [2013.01.04 10:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Bio Protection [2013.01.04 10:22:27 | 000,469,552 | ---- | C] (EgisTec) -- C:\Windows\SysWow64\NBMatS1SDK.dll [2013.01.04 10:22:24 | 000,036,400 | ---- | C] (EgisTec) -- C:\Windows\SysNative\drivers\FPSensor.sys [2013.01.04 10:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2013.01.04 10:14:37 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2013.01.04 10:14:01 | 000,652,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys [2013.01.04 10:14:01 | 000,028,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys [2013.01.04 10:13:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\InstallShield [2013.01.04 10:12:59 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2013.01.04 10:12:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2013.01.04 10:12:36 | 000,000,000 | ---D | C] -- C:\Intel [2013.01.04 10:11:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation [2013.01.04 10:11:19 | 002,811,904 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys [2013.01.04 10:11:19 | 002,811,904 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys [2013.01.04 10:09:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2013.01.04 10:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2013.01.04 10:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2013.01.04 10:05:10 | 017,625,088 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\atio6axx.dll [2013.01.04 10:05:10 | 013,487,616 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2013.01.04 10:05:10 | 006,179,328 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2013.01.04 10:05:10 | 004,739,584 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2013.01.04 10:05:10 | 004,684,288 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2013.01.04 10:05:10 | 003,661,824 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2013.01.04 10:05:10 | 003,629,056 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2013.01.04 10:05:10 | 003,618,304 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2013.01.04 10:05:10 | 003,055,616 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2013.01.04 10:05:10 | 002,902,016 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2013.01.04 10:05:10 | 002,604,032 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2013.01.04 10:05:10 | 000,448,000 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2013.01.04 10:05:10 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2013.01.04 10:05:10 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll [2013.01.04 10:05:10 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll [2013.01.04 10:05:10 | 000,312,320 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2013.01.04 10:05:10 | 000,225,280 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2013.01.04 10:05:10 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2013.01.04 10:05:10 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2013.01.04 10:05:10 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe [2013.01.04 10:05:10 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2013.01.04 10:05:10 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2013.01.04 10:05:10 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2013.01.04 10:05:10 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2013.01.04 10:05:10 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2013.01.04 10:05:10 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2013.01.04 10:05:10 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2013.01.04 10:05:10 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2013.01.04 10:05:10 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2013.01.04 10:05:10 | 000,043,008 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2013.01.04 10:05:10 | 000,039,936 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2013.01.04 10:05:10 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2013.01.04 10:05:03 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2013.01.04 10:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2013.01.04 10:03:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2013.01.04 10:02:58 | 002,080,120 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll [2013.01.04 10:02:58 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll [2013.01.04 10:02:58 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll [2013.01.04 10:02:58 | 000,772,224 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll [2013.01.04 10:02:58 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2013.01.04 10:02:58 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll [2013.01.04 10:02:58 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2013.01.04 10:02:58 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2013.01.04 10:02:58 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2013.01.04 10:02:58 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll [2013.01.04 10:02:58 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll [2013.01.04 10:02:58 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll [2013.01.04 10:02:58 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2013.01.04 10:02:58 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll [2013.01.04 10:02:57 | 010,612,736 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat [2013.01.04 10:02:57 | 009,546,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll [2013.01.04 10:02:57 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2013.01.04 10:02:57 | 003,673,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2013.01.04 10:02:57 | 002,743,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2013.01.04 10:02:57 | 002,028,920 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll [2013.01.04 10:02:57 | 001,561,744 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2013.01.04 10:02:57 | 001,460,600 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll [2013.01.04 10:02:57 | 001,269,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2013.01.04 10:02:57 | 000,881,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2013.01.04 10:02:57 | 000,869,752 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2013.01.04 10:02:57 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll [2013.01.04 10:02:57 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2013.01.04 10:02:57 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2013.01.04 10:02:57 | 000,394,616 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2013.01.04 10:02:57 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2013.01.04 10:02:57 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2013.01.04 10:02:57 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2013.01.04 10:02:57 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2013.01.04 10:02:57 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2013.01.04 10:02:57 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2013.01.04 10:02:57 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2013.01.04 10:02:57 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2013.01.04 10:02:57 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2013.01.04 10:02:57 | 000,118,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll [2013.01.04 10:02:57 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2013.01.04 10:02:57 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2013.01.04 10:02:57 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2013.01.04 10:02:57 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll [2013.01.04 10:02:56 | 002,714,720 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2013.01.04 10:02:56 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2013.01.04 10:02:56 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2013.01.04 10:02:56 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2013.01.04 10:02:56 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2013.01.04 10:02:56 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2013.01.04 10:02:56 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2013.01.04 10:02:56 | 000,501,192 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll [2013.01.04 10:02:56 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2013.01.04 10:02:56 | 000,487,368 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll [2013.01.04 10:02:56 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2013.01.04 10:02:56 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2013.01.04 10:02:56 | 000,415,688 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll [2013.01.04 10:02:56 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2013.01.04 10:02:56 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2013.01.04 10:02:56 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2013.01.04 10:02:56 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2013.01.04 10:02:56 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll [2013.01.04 10:02:56 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2013.01.04 10:02:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2013.01.04 10:02:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2013.01.04 10:02:51 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2013.01.04 10:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2013.01.04 10:01:38 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2013.01.04 10:01:34 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll [2013.01.04 10:01:34 | 003,746,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll [2013.01.04 10:01:34 | 002,526,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll [2013.01.04 10:01:34 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll [2013.01.04 10:01:34 | 000,372,056 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64H.dll [2013.01.04 10:01:34 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2013.01.04 10:01:34 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2013.01.04 10:01:34 | 000,237,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys [2013.01.04 10:01:34 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64H.dll [2013.01.04 10:01:34 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll [2013.01.04 10:01:34 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll [2013.01.04 10:01:34 | 000,097,624 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64H.dll [2013.01.04 10:01:34 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll [2013.01.04 10:01:34 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64H.dll [2013.01.04 10:01:34 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll [2013.01.04 10:01:31 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2013.01.04 10:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nuvoton Technology Corporation [2013.01.04 10:00:24 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013.01.04 09:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2013.01.04 09:45:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DriverGenius [2013.01.04 09:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius [2013.01.04 09:41:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft [2013.01.04 09:35:19 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2013.01.04 09:35:19 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2013.01.04 09:35:19 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2013.01.04 09:35:07 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2013.01.04 09:35:07 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.01.04 09:35:07 | 000,000,000 | R--D | C] -- C:\Users\User\Searches [2013.01.04 09:35:07 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.01.04 09:35:06 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2013.01.04 09:35:06 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2013.01.04 09:34:53 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.01.04 09:34:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2013.01.04 09:34:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Identities [2013.01.04 09:34:41 | 000,000,000 | R--D | C] -- C:\Users\User\Contacts [2013.01.04 09:34:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\VirtualStore [2013.01.04 09:34:27 | 000,000,000 | --SD | C] -- C:\Users\User\AppData\Roaming\Microsoft [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\Videos [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\Saved Games [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\Pictures [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\Music [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\Links [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\Favorites [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\Downloads [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\Documents [2013.01.04 09:34:27 | 000,000,000 | R--D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Vorlagen [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Verlauf [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Temporary Internet Files [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Startmenü [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\SendTo [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Recent [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Netzwerkumgebung [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Lokale Einstellungen [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\Eigene Videos [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\Eigene Musik [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Eigene Dateien [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Documents\Eigene Bilder [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Druckumgebung [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Cookies [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Local\Anwendungsdaten [2013.01.04 09:34:27 | 000,000,000 | -HSD | C] -- C:\Users\User\Anwendungsdaten [2013.01.04 09:34:27 | 000,000,000 | -H-D | C] -- C:\Users\User\AppData [2013.01.04 09:34:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Temp [2013.01.04 09:34:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Microsoft [2013.01.04 09:34:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Media Center Programs [2013.01.04 09:34:27 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\Programme [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.01.04 09:34:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.01.04 09:34:14 | 000,000,000 | ---D | C] -- C:\Recovery [2013.01.03 20:06:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.01.03 20:03:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013.01.03 20:03:02 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2013.01.03 20:02:01 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.12.25 05:05:31 | 000,435,512 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\k57nd60a.sys [2012.12.13 17:38:03 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2012.12.13 17:38:03 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2012.12.13 17:37:36 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.12.13 17:37:36 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.12.13 17:37:36 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012.12.13 17:37:36 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll [2012.12.13 17:37:36 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll [2012.12.13 17:37:36 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012.12.13 17:37:17 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.12.13 17:37:17 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.12.13 17:37:17 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.12.13 17:37:17 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.12.13 17:37:17 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.12.13 17:37:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.12.13 17:37:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.12.13 17:37:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.12.13 17:37:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.12.13 17:37:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.12.13 17:37:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.12.13 17:37:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.12.13 17:37:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.12.13 17:37:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.12.13 17:37:17 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.12.13 17:37:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.12.13 17:37:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.12.13 17:37:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.12.13 17:36:54 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.12.13 17:36:54 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012.12.13 17:36:54 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2012.12.13 17:36:54 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2012.12.13 17:36:54 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.12.13 17:36:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.12.13 17:36:22 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.12.13 17:36:22 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.12.13 17:36:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.12.13 17:36:22 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.12.13 17:36:22 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.12.13 17:36:22 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.12.13 17:36:22 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.12.13 17:36:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.12.13 17:36:22 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.12.13 17:36:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.12.13 17:36:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.12.13 17:36:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.12.13 17:36:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.12.13 17:36:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.12.13 17:36:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll ========== Files - Modified Within 30 Days ========== [2013.01.10 00:45:29 | 001,475,250 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.10 00:45:29 | 000,644,904 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.10 00:45:29 | 000,608,228 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.10 00:45:29 | 000,126,930 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.10 00:45:29 | 000,104,104 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.10 00:38:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.10 00:38:53 | 3111,546,880 | -HS- | M] () -- C:\hiberfil.sys [2013.01.10 00:38:06 | 000,016,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.10 00:38:06 | 000,016,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.09 23:47:42 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job [2013.01.09 21:28:43 | 000,002,046 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2013.01.09 21:28:43 | 000,002,046 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013.01.09 16:40:27 | 462,941,528 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.01.09 16:23:28 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller.exe [2013.01.09 16:21:13 | 000,000,512 | ---- | M] () -- C:\Users\User\Desktop\MBR.dat [2013.01.09 16:09:06 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\User\Desktop\aswMBR.exe [2013.01.08 21:34:30 | 013,485,902 | R--- | M] () -- C:\Users\User\Desktop\mbar-1.01.0.1011.zip [2013.01.08 21:13:06 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.01.08 20:02:13 | 005,019,950 | R--- | M] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe [2013.01.07 22:08:35 | 000,000,074 | ---- | M] () -- C:\Users\User\AppData\Roaming\mbam.context.scan [2013.01.07 22:01:29 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.07 22:01:05 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\User\Desktop\mbam-setup-1.70.0.1100.exe [2013.01.06 18:58:11 | 178,040,490 | ---- | M] () -- C:\Users\User\Desktop\6x12 - The Egg Salad Equivalency.avi [2013.01.06 02:02:34 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job [2013.01.05 12:46:40 | 000,417,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.01.04 23:46:46 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll [2013.01.04 22:19:11 | 000,000,355 | ---- | M] () -- C:\Users\User\Desktop\Computer - Verknüpfung.lnk [2013.01.04 21:55:00 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.01.04 21:54:59 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.01.04 20:17:50 | 000,003,047 | ---- | M] () -- C:\Users\User\Desktop\Microsoft Excel 2010.lnk [2013.01.04 20:17:50 | 000,003,029 | ---- | M] () -- C:\Users\User\Desktop\Microsoft Word 2010.lnk [2013.01.04 19:55:33 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk [2013.01.04 19:20:02 | 000,001,798 | ---- | M] () -- C:\Users\User\Desktop\ICQ.lnk [2013.01.04 19:17:29 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013.01.04 19:15:21 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.01.04 10:30:56 | 001,500,444 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.01.04 10:25:34 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2013.01.04 10:22:27 | 000,469,552 | ---- | M] (EgisTec) -- C:\Windows\SysWow64\NBMatS1SDK.dll [2013.01.04 10:22:24 | 000,036,400 | ---- | M] (EgisTec) -- C:\Windows\SysNative\drivers\FPSensor.sys [2013.01.04 10:00:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_nuvotoncir_01009.Wdf [2013.01.04 10:00:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2013.01.03 20:10:00 | 000,207,887 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013.01.03 20:10:00 | 000,207,887 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2013.01.03 20:07:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.12.13 17:39:17 | 000,066,048 | ---- | M] (Legolash2o) -- C:\Windows\SysNative\WinToolkitRunOnce.exe [2012.12.13 17:38:03 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2012.12.13 17:38:03 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2012.12.13 17:37:36 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.12.13 17:37:36 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.12.13 17:37:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012.12.13 17:37:36 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll [2012.12.13 17:37:36 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll [2012.12.13 17:37:36 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012.12.13 17:37:17 | 001,162,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.12.13 17:37:17 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.12.13 17:37:17 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.12.13 17:37:17 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.12.13 17:37:17 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.12.13 17:37:17 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.12.13 17:37:17 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.12.13 17:37:17 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.12.13 17:37:17 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.12.13 17:37:17 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.12.13 17:37:17 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.12.13 17:37:17 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.12.13 17:37:17 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.12.13 17:37:17 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.12.13 17:37:17 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.12.13 17:37:17 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.12.13 17:37:17 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.12.13 17:37:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.12.13 17:37:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.12.13 17:37:17 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.12.13 17:36:54 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.12.13 17:36:54 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012.12.13 17:36:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2012.12.13 17:36:54 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2012.12.13 17:36:54 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.12.13 17:36:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.12.13 17:36:22 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.12.13 17:36:22 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.12.13 17:36:22 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.12.13 17:36:22 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.12.13 17:36:22 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.12.13 17:36:22 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.12.13 17:36:22 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.12.13 17:36:22 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.12.13 17:36:22 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.12.13 17:36:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.12.13 17:36:22 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.12.13 17:36:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.12.13 17:36:22 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.12.13 17:36:22 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.12.13 17:36:22 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll ========== Files Created - No Company Name ========== [2013.01.09 16:40:27 | 462,941,528 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.01.09 16:21:13 | 000,000,512 | ---- | C] () -- C:\Users\User\Desktop\MBR.dat [2013.01.08 21:34:13 | 013,485,902 | R--- | C] () -- C:\Users\User\Desktop\mbar-1.01.0.1011.zip [2013.01.08 21:04:50 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.01.08 21:04:50 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.01.08 21:04:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.01.08 21:04:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.01.08 21:04:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.01.07 22:08:35 | 000,000,074 | ---- | C] () -- C:\Users\User\AppData\Roaming\mbam.context.scan [2013.01.07 22:01:29 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.06 18:33:51 | 178,040,490 | ---- | C] () -- C:\Users\User\Desktop\6x12 - The Egg Salad Equivalency.avi [2013.01.04 23:46:24 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job [2013.01.04 23:46:14 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job [2013.01.04 23:36:06 | 000,579,878 | ---- | C] () -- C:\Users\User\Desktop\DSC01332.JPG [2013.01.04 22:19:11 | 000,000,355 | ---- | C] () -- C:\Users\User\Desktop\Computer - Verknüpfung.lnk [2013.01.04 21:28:32 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013.01.04 21:28:31 | 000,002,046 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk [2013.01.04 21:16:32 | 019,223,879 | ---- | C] () -- C:\Program Files\Sims3_1.2.7.00002_from_1.0.631.00002.zip [2013.01.04 21:16:30 | 001,729,115 | ---- | C] () -- C:\Program Files\mirc635.zip [2013.01.04 21:15:37 | 000,206,072 | ---- | C] () -- C:\Windows\PLFSetI.exe [2013.01.04 21:15:37 | 000,000,741 | ---- | C] () -- C:\Windows\NewDeployWinRE.cmd [2013.01.04 21:15:37 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini [2013.01.04 21:15:37 | 000,000,070 | ---- | C] () -- C:\Windows\patch.loag [2013.01.04 21:15:37 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2013.01.04 21:15:31 | 000,002,080 | ---- | C] () -- C:\Windows\MOD01SET78000G000X.enc [2013.01.04 21:15:31 | 000,002,048 | ---- | C] () -- C:\Windows\MOD01SET75000N0006.enc [2013.01.04 21:15:30 | 000,002,476 | ---- | C] () -- C:\Windows\MOD01SET74DE0N0003.enc [2013.01.04 21:15:30 | 000,002,112 | ---- | C] () -- C:\Windows\MOD01SET0J000N000M.enc [2013.01.04 21:15:30 | 000,002,008 | ---- | C] () -- C:\Windows\MOD01SET5K000G0002.enc [2013.01.04 21:15:30 | 000,001,976 | ---- | C] () -- C:\Windows\MOD01SET00000000H7.enc [2013.01.04 21:15:29 | 000,002,572 | ---- | C] () -- C:\Windows\MOD01OPK04000N0001.enc [2013.01.04 21:15:29 | 000,000,184 | ---- | C] () -- C:\Windows\LManager.UNI [2013.01.04 21:15:28 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll [2013.01.04 21:15:28 | 000,000,098 | ---- | C] () -- C:\Windows\GridV.UNI [2013.01.04 21:15:28 | 000,000,037 | ---- | C] () -- C:\Windows\EB6BE8A5-11AE-4e2b-8B6E-974168C301C8.DSI [2013.01.04 21:15:26 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag [2013.01.04 21:15:26 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2013.01.04 21:15:26 | 000,000,050 | ---- | C] () -- C:\Windows\cdplayer.ini [2013.01.04 21:15:26 | 000,000,000 | ---- | C] () -- C:\Windows\Acer.tag [2013.01.04 21:15:24 | 000,000,033 | ---- | C] () -- C:\Windows\0 [2013.01.04 21:14:45 | 000,038,028 | ---- | C] () -- C:\Users\User\Desktop\Haushalt 2009.ods [2013.01.04 21:14:22 | 239,728,683 | ---- | C] () -- C:\Windows\VGA_ATI_8.670.5.1000_W7x86W7x64_A.zip [2013.01.04 21:14:22 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe [2013.01.04 21:14:21 | 000,009,168 | ---- | C] () -- C:\Windows\Suyin.reg [2013.01.04 20:17:50 | 000,003,047 | ---- | C] () -- C:\Users\User\Desktop\Microsoft Excel 2010.lnk [2013.01.04 20:17:50 | 000,003,029 | ---- | C] () -- C:\Users\User\Desktop\Microsoft Word 2010.lnk [2013.01.04 20:12:17 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe [2013.01.04 19:55:33 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk [2013.01.04 19:20:02 | 000,001,798 | ---- | C] () -- C:\Users\User\Desktop\ICQ.lnk [2013.01.04 19:17:29 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2013.01.04 19:15:21 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.01.04 19:15:21 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.01.04 10:30:56 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.01.04 10:25:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013.01.04 10:23:04 | 000,952,683 | ---- | C] () -- C:\Windows\SysNative\VMC3KAPI.dll [2013.01.04 10:11:19 | 000,481,350 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf [2013.01.04 10:11:19 | 000,073,919 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat [2013.01.04 10:05:10 | 000,402,016 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2013.01.04 10:05:10 | 000,402,016 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2013.01.04 10:05:10 | 000,332,288 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe [2013.01.04 10:05:10 | 000,196,565 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat [2013.01.04 10:05:10 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe [2013.01.04 10:05:10 | 000,019,017 | ---- | C] () -- C:\Windows\atiogl.xml [2013.01.04 10:02:57 | 000,381,365 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2013.01.04 10:00:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_nuvotoncir_01009.Wdf [2013.01.04 10:00:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2013.01.04 09:35:22 | 000,001,439 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.01.04 09:35:21 | 000,001,405 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2013.01.03 20:08:53 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013.01.03 20:08:51 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013.01.03 20:07:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.01.03 20:03:02 | 3111,546,880 | -HS- | C] () -- C:\hiberfil.sys [2012.11.23 19:31:40 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.11.23 20:23:20 | 014,176,768 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.11.23 20:23:20 | 012,874,752 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
10.01.2013, 00:54
| #15 |
| | Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus otl2: Code:
ATTFilter OTL Extras logfile created on: 10.01.2013 00:44:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,86 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 51,01% Memory free
7,73 Gb Paging File | 5,49 Gb Available in Paging File | 71,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,00 Gb Total Space | 54,79 Gb Free Space | 36,53% Space Free | Partition Type: NTFS
Drive D: | 315,66 Gb Total Space | 205,96 Gb Free Space | 65,25% Space Free | Partition Type: NTFS
Drive E: | 761,15 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{856A94B9-0C24-4034-92F1-3A3D9998A807}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{75F8A468-106F-4148-A4AA-AF1F42E7C590}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{78FA8668-2499-4B24-9C25-82CD6EB4C6B0}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{91B130EA-86BD-492E-938E-A1BDD792C748}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{A4EA0AC4-47E7-48A3-B4A2-8EB5A712C356}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{11F38253-8940-FFDA-D131-B14120C357E4}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BD41C9CA-7722-7C0F-8BFE-E88A81865287}" = ccc-utility64
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 UVC HD WebCam" = USB 2.0 UVC HD WebCam
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B540DA4-41AE-4B79-BEAB-0F07E09669AB}" = Driver Whiz
"{14D6085A-9A42-C0B5-823E-8C9619AC1026}" = Catalyst Control Center Graphics Full New
"{1FF19BBD-554D-733C-3BDF-B55C99349198}" = Catalyst Control Center Core Implementation
"{346D6B7A-4AD8-5C2C-E249-34CA3CD7D34B}" = CCC Help Polish
"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding
"{357C0C30-051F-FE77-4709-025786123FB1}" = ccc-core-static
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{41BC23C5-157F-77A0-6662-17A5096E7946}" = Catalyst Control Center Graphics Previews Vista
"{4507185D-FAB8-B77D-4546-2CF31DA906AD}" = Catalyst Control Center Graphics Full Existing
"{4967ADB1-27A6-635F-A217-754BD9A05E2E}" = CCC Help Czech
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{54DFD48E-0E0D-5D0C-BD93-CE3DF090EC1C}" = CCC Help Japanese
"{5528C69D-4018-C4BD-7D00-67F90623EB33}" = CCC Help Italian
"{5582C24D-5597-42D2-537E-BA329164D78D}" = CCC Help Thai
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{785F975B-50FB-C523-5E58-C6EFE9E62424}" = CCC Help Portuguese
"{7D62622F-78B7-91B0-5B75-4082DDFAC775}" = CCC Help Swedish
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{7DE2B39B-97F0-EC01-06D6-E25C6D4164DF}" = CCC Help German
"{878789F8-276E-4D98-20E6-78DCBD77AD7D}" = CCC Help Turkish
"{8F2AE892-C036-C2F8-0D45-0ED891440D68}" = CCC Help French
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{95D40BD8-2EA7-C51E-A218-B2F863481573}" = CCC Help Chinese Standard
"{98A7C691-304F-31DC-A21C-3675E1D68501}" = CCC Help Chinese Traditional
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A33B56D0-F273-F6C2-C335-50AE0C83C85C}" = CCC Help Finnish
"{A8CB3994-B273-D81E-315C-CA3A8376415E}" = Catalyst Control Center Localization All
"{A8D450FB-F8F7-4250-7CE3-A3C24CDE5722}" = CCC Help Hungarian
"{AB82BA59-B05B-70DC-992B-D2D7A2AF4EE5}" = CCC Help Korean
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BFB59706-4FEC-37A8-96CD-C7F6932AD6DD}" = CCC Help Norwegian
"{C09EECFB-8925-5E54-1580-3FAEB6A78856}" = Catalyst Control Center Graphics Light
"{C0ED2557-8BCC-71B6-253C-BDFE26A9B37D}" = CCC Help Spanish
"{CC62C6C8-0D7F-3F0D-9BD6-49CB16029A6A}" = CCC Help Greek
"{CC6D2A70-B152-E250-ABEA-5D7D681469F8}" = CCC Help English
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DAFFBC42-ABA2-882C-68CB-593B9CF9ACF5}" = CCC Help Russian
"{DFF2D0B9-1706-6AA8-85CD-A70DF44AE3F8}" = CCC Help Danish
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{E6AAFC37-EB31-768D-A9A5-AA8A84612615}" = CCC Help Dutch
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6B7BF58-36D0-A76E-53E2-F65DBD4A6A52}" = Catalyst Control Center InstallProxy
"{FBC79D04-051E-4367-8051-1DB0C893FBE0}" = Nuvoton CIR Device Drivers
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Dll-Files Fixer_is1" = Dll-Files Fixer
"FileZilla Client" = FileZilla Client 3.6.0.2
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"McAfee Security Scan" = McAfee Security Scan Plus
"mIRC" = mIRC
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Protected Search_is1" = Protected Search 1.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1926261916-575310351-292605388-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ICQ" = ICQ 8.0 (build 5981, für aktuellen Benutzer)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08.01.2013 16:12:56 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.01.2013 16:20:57 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.01.2013 16:37:51 | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = Programm icq.exe, Version 8.0.5981.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 8f8 Startzeit:
01cdeddd985ca771 Endzeit: 10 Anwendungspfad: C:\Users\User\AppData\Roaming\ICQM\icq.exe
Berichts-ID:
Error - 08.01.2013 19:08:41 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.01.2013 11:00:12 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.01.2013 11:16:15 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 6.0.60.126, Zeitstempel:
0x509cf347 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000204 ID des fehlerhaften Prozesses:
0xc34 Startzeit der fehlerhaften Anwendung: 0x01cdee7a0c6a08bd Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: 823575c4-5a6f-11e2-b2cf-506313da0578
Error - 09.01.2013 11:17:38 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: aswMBR.exe, Version: 0.9.9.1707,
Zeitstempel: 0x509be8bf Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.22044,
Zeitstempel: 0x4ff4b27e Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002e3be ID des fehlerhaften
Prozesses: 0x1290 Startzeit der fehlerhaften Anwendung: 0x01cdee7bb1846d25 Pfad der
fehlerhaften Anwendung: C:\Users\User\Desktop\aswMBR.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: b37c9f5b-5a6f-11e2-b2cf-506313da0578
Error - 09.01.2013 11:19:01 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 6.0.60.126, Zeitstempel:
0x509cf347 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000204 ID des fehlerhaften Prozesses:
0x11bc Startzeit der fehlerhaften Anwendung: 0x01cdee7ca55ccdbf Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: e4ca0a9a-5a6f-11e2-b2cf-506313da0578
Error - 09.01.2013 11:19:10 | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 6.0.60.126, Zeitstempel:
0x509cf347 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000204 ID des fehlerhaften Prozesses:
0x394 Startzeit der fehlerhaften Anwendung: 0x01cdee7ca9df8098 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
unknown Berichtskennung: ea63fde9-5a6f-11e2-b2cf-506313da0578
Error - 09.01.2013 11:41:05 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.01.2013 19:40:47 | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 08.01.2013 16:03:26 | Computer Name = User-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 08.01.2013 16:04:16 | Computer Name = User-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Skype C2C Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 08.01.2013 16:04:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147024891
Error - 08.01.2013 16:04:42 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147024891
Error - 08.01.2013 16:09:06 | Computer Name = User-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 08.01.2013 16:10:39 | Computer Name = User-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 08.01.2013 16:11:06 | Computer Name = User-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 08.01.2013 16:11:13 | Computer Name = User-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 09.01.2013 11:40:32 | Computer Name = User-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?09.?01.?2013 um 16:38:39 unerwartet heruntergefahren.
Error - 09.01.2013 11:40:40 | Computer Name = User-PC | Source = BugCheck | ID = 1001
Description =
< End of report >
|
|
| Themen zu Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus |
| 00000008.@, administrator, anti-malware, autostart, avira, dateien, ergebnis, explorer, festplatte, folge, gelöscht, home, laptop, log, malwarebytes, microsoft, neue, neue festplatte, scan, services.exe, software, system, system32, tr/atraps.gen, treiber, trojaner, virus |
Linear-Darstellung
