| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Seltsame Datei(en)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.02.2013, 16:10
| #1 |
 |  Seltsame Datei(en) Ich hoffe ich bin hier richtig, weil ich nicht weiß ob es ein Virus oder ähnliches ist... Ich bekomme seit gut 1 Woche immer eine Fehlermeldung das ein Programm abgestürzt wäre, so ca. alle 5 Minuten Ich hab nur keine Ahnung welches. Das seltsame...jedesmal wenn der Laptop neu gestartet wurde ist es eine andere Datei mit willkürlichen Namen. mal vbsidvfibvibfdi.exe mal tzruiefbewwfd.exe usw. die Dateien sind auch nicht zu finden auf meiner Platte. Virenscanner hab ich schon durchlaufen lassen, nichts. Hijackthis...nichts Spybot...nichts Ich hoffe jemand kann mir helfen dem Problem auf den Leim zu gehen, weil das echt nervig ist hier is nochmal nen Screenshot hxxp://s1.directupload.net/file/d/3166/2cynkmrx_jpg.htm |
|
14.02.2013, 16:57
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Seltsame Datei(en) Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ |
|
14.02.2013, 18:08
| #3 |
| | Seltsame Datei(en)Code:
ATTFilter OTL Extras logfile created on: 14.02.2013 17:22:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,61 Gb Total Physical Memory | 3,62 Gb Available Physical Memory | 64,63% Memory free
11,21 Gb Paging File | 8,93 Gb Available in Paging File | 79,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 126,73 Gb Free Space | 42,53% Space Free | Partition Type: NTFS
Drive Z: | 82,98 Mb Total Space | 38,64 Mb Free Space | 46,57% Space Free | Partition Type: NTFS
Computer Name: ******** | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E3CCBF-3FB9-4409-862F-07BDB1AA9628}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp5a\wnt500x64\rpcsandrasrv.exe |
"{04A75E48-1535-41EA-8451-CBDEDA35E92F}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{08804E0B-AAD4-4F4B-9201-F51E71C7BDFC}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{153225E6-5F2E-4B1B-BFF6-F818002B7EC3}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1B39C33B-260C-43B8-84CF-8267B23592EF}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{1D0BC636-EB39-44F6-B0FF-9AFFD1E16114}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2A3C10F8-DCF6-4372-A553-C2CD8FC1FB6E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2F4D0F7C-FBB8-4172-9821-AFABB012D0E3}" = rport=445 | protocol=6 | dir=out | app=system |
"{3398B788-7E9B-430C-80E9-93C0B4B4A347}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{359E2146-3163-4970-85FA-C59F967FC7C4}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{369F9ADE-50BE-4829-9AC6-F60DE058F1A7}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{3765E0A7-5620-41FC-AB45-8696F32F1EB1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{380E3080-B290-4690-899E-1CEE67AA92A9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3FB5E170-C484-482C-B9AE-B38EB6B81747}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4D9527DC-A9C8-4694-9821-8FA351656EE5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{520DB9E2-77A1-4BC4-A81C-BEAB8A3320D2}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{56877B28-7827-4EFF-AF6A-737735A75ED3}" = rport=139 | protocol=6 | dir=out | app=system |
"{5AABFCA0-85B7-4A70-A5EA-49F0894A908F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5E94CEC6-6EE9-494B-B519-64D0866B9B3C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6895C39F-3160-4621-9AFB-DA01922A90B0}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7584E4EF-EC90-4626-924A-926BB7A3FB10}" = lport=139 | protocol=6 | dir=in | app=system |
"{7AC167D0-8767-4D38-8773-C5F36723D200}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{7B20C2FA-C3FF-4480-8691-46BE53C6AE17}" = rport=138 | protocol=17 | dir=out | app=system |
"{8419DA14-AC0C-4CD1-9717-173447B7054C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E606FFE-2C12-48C7-AE1A-8426E68C1ED5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{997B6632-848D-450B-8F96-A81317B7187A}" = lport=138 | protocol=17 | dir=in | app=system |
"{A75167E0-A056-4AF4-8CDE-9015A1A549A6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A79D175B-91CB-42C4-B92F-25B5434AEEBF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B0C96D42-47DC-4BCE-A2ED-C78C535B36E3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3EACAAB-E1C2-4139-9A43-93A2A5BBCD89}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD996BA9-B8AC-4CDE-BB85-B7D322E90FCD}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2012.sp5a\rpcagentsrv.exe |
"{C0EC2A78-DE1E-49EC-A4DB-3CE143B0886F}" = lport=137 | protocol=17 | dir=in | app=system |
"{C7FFF57D-7B05-4412-B42A-C2D5D5318FE8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE56AE1B-055B-46C8-9426-820D5E6C007E}" = rport=137 | protocol=17 | dir=out | app=system |
"{E0329FFB-EAB3-494E-8FA3-D8C294F435A9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E698FE32-11E5-44D4-9724-B1962D04CD51}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E7A57DAE-8625-40B0-92C8-F3D8E1791416}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EADF1D63-2485-4B75-9774-F2C7B5B9CD66}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EB73B3D1-A389-443D-A503-81C962A39464}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{ED5EC927-1559-43F7-88E9-27BEA9E7DBF6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EDD81481-9A9F-42A2-9721-BA1BFC8E94BF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFF026D7-B5B5-4243-AFF1-ADEF37D93BEE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F30C74E6-4BD0-4068-B8A0-AFBAEBEF4C92}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D1A32E-E4E1-4D56-8911-81162080B0CD}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{016CC9C1-29D9-4CB9-B9E7-81271EBE2669}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{02AED970-C57C-49FC-8E02-A62C04A6387D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{06272F1E-8BBE-45FC-B0D6-67E7C2979DAE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{10B655C2-9D1E-4850-ADBA-48B094DDB333}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{11B7BD93-A8BB-41E6-98F7-1B7F0AB0EAE7}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{129F9872-7B7D-4B8E-BFA8-FFFFC0FA2C44}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{1472BC71-EEB0-4FAC-B0D9-4435594D3B1C}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{1AC93D93-61A1-41FF-9DC7-6E5726829EF9}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1EEED19B-A595-4998-87E2-87E23B49555B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{21EBFA0E-C08A-4631-B1E7-9E3A0F6787E5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{26B875CE-511E-4D13-B17F-6027894982EC}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{29F53337-9CEA-4C7C-8C17-35B48C7004E4}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{30395A3A-A94C-43E3-8623-2E4ACED28B6C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{31FC7D40-8058-44B3-91A5-C3731C91F947}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{3224269F-7B23-4F01-B3E3-3A7DE236BE4F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{37A01806-8D2A-4E76-A9D1-9EC20F765567}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E494CF8-ADF2-4DB5-87CD-5F2F68C5DBFC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3F3F2945-4457-4F35-8262-697C513AB4D5}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{43768D21-28C7-40FF-886C-8536FD23C52E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4C37DF14-F329-4780-A47A-C84EA182F07B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{53BD0E90-975F-4680-B3BB-BC4AA5EC4C20}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{54519B0F-D865-4E61-91A4-0E361EAE88FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5A9AA93D-DB1F-4680-A1F8-15C5835E394D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{632E0E37-602D-4587-B265-95BAEA58463F}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{69FAE27C-68F5-48E4-9A1F-D79BD60EDE45}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{6C2CC2A6-10D5-43C1-BE89-CB05031514C7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{710B9AD2-02C6-4CCE-B032-BCF360FC16D2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7639E7BA-D335-4807-86B0-8DDB68C4EF5E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7670EC77-509A-4842-88D2-8F58FEFEE832}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{767F2B41-FDF6-47C7-873A-D0212782F782}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{78AD89E7-5F7E-4E51-B7F1-485639211A7C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{79E0C3B8-5D7D-410A-A693-0209293D9C49}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{7BE19AE0-1C57-43F2-80CD-EB3D25E47141}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7F4C3BC4-729A-4BF1-9A60-7F169C7E7200}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{8869E106-6A4C-4AA9-968D-7661AD9FFC39}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{897659E5-7CD4-42CC-A2DA-84EFE54DF32A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8FE601BD-189C-4E4B-8955-DC191BBB204C}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{9400A339-468F-4C89-A1E7-A1F4357B5787}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{94A32C34-88CB-436D-A292-5E2BA21AF491}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{98273B4E-1AF1-46D2-8C09-7ED71F680E2D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9DA72641-B166-48EC-A4F0-E98664E819B9}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{A177C15E-3770-4B4E-A9A2-9D6A20D9FB54}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{A18B3813-AA78-4EAA-84B5-EDE92AAD5CFA}" = protocol=17 | dir=in | app=c:\users\*****\downloads\utorrent.exe |
"{A29784DA-5AB3-4DB7-B006-7555F1CCAE9E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AAA9BD73-1ABE-4CC8-9723-98F1DF954642}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AE94C606-D1A1-4CDB-8E94-A556A00A96B2}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{B23A1B4C-49A3-428E-B0DC-FEEBE8CAD7B1}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{B602B93E-6BFD-4721-9575-11CEE7219025}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BCFD3201-AC7B-4470-847D-76C97DD5CB36}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3743B09-0B3A-496E-A19C-D7571C0F5A5C}" = protocol=6 | dir=out | app=system |
"{C486D0DC-7E04-42FD-9AA3-F9110E5B20A8}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{C7FFA64B-286B-4816-BC91-1868BADEFF96}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CB38137D-4AD9-4B6F-994B-5968E3A00D8A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CBA86CCB-7047-4481-ADEE-CBE1A6893339}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{CD8C56F0-72EA-4037-AE17-E86459042D98}" = protocol=17 | dir=in | app=c:\fm13\fussball manager 13\manager13.exe |
"{CDCAC5C7-F6D7-4BAD-94F8-FB8EB1A7133E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D13E5B64-4715-4BE0-AF3F-35291E164F34}" = protocol=6 | dir=in | app=c:\fm13\fussball manager 13\manager13.exe |
"{DD837881-126F-4AE1-9855-D59D3AC56DDD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DDF29D3C-E330-4C6D-8F9B-B6E63813C53D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E1B9CE8D-0F01-4621-9C14-64E0CB74982E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{E4B06DCB-E537-417F-948D-1BB9A3C9291A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E6031F44-B53A-4A23-B80C-793217F89B06}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{EEFE1E07-F612-468D-9E85-278FB1DE4F67}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F3100253-0738-42F2-A7D3-7B6DC8F93611}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F32FB6E4-EEA8-4C64-8723-2E01A1973A4C}" = protocol=6 | dir=in | app=c:\users\*****\downloads\utorrent.exe |
"{F9818710-ED96-4DE6-B97C-43FB7B8185EB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FD01369B-1478-4448-A5C8-E8D1D7A7E5EC}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{166C2EF0-56F3-4477-8D50-A532BFF088D6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{2A938A5B-142C-4418-988B-86FA3F1009AC}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{2E07B278-D21E-40B3-854D-ADE57E8BA46E}C:\program files\realvnc\vnc viewer\vncviewer.exe" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc viewer\vncviewer.exe |
"TCP Query User{4029268D-E60B-4478-B337-DC5AD9A1DE65}C:\program files (x86)\polareditoctagon10x8\polaredit1018.exe" = protocol=6 | dir=in | app=c:\program files (x86)\polareditoctagon10x8\polaredit1018.exe |
"TCP Query User{76214B9B-0654-491B-B864-16CAFB10FD8C}C:\program files (x86)\steam\steamapps\neoforce_v2\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\neoforce_v2\counter-strike source\hl2.exe |
"TCP Query User{78E90940-E41E-4923-8D5B-96A63C46B31D}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{821E7292-EFAB-47F2-BE83-F06416BB8071}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{DDB6C9E4-7BC2-43C8-B34A-B410383388E9}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe" = protocol=6 | dir=in | app=c:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe |
"UDP Query User{399E60CF-C2E2-4EE7-AF61-13F5AE182212}C:\program files (x86)\polareditoctagon10x8\polaredit1018.exe" = protocol=17 | dir=in | app=c:\program files (x86)\polareditoctagon10x8\polaredit1018.exe |
"UDP Query User{473F5B3F-335D-4C00-8FA0-C00AF8F80615}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{5E6C2938-299D-408D-85E6-A15BCE4FC33A}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{824E55CB-C924-4C49-A0FE-144CC9C22C51}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{9FDED4A4-8ED4-4702-AA8F-A77E9E3E8DB5}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{A99D7E1D-30DF-4BB4-8E92-791D956A7993}C:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe" = protocol=17 | dir=in | app=c:\program files (x86)\atari\test drive unlimited\testdriveunlimited.exe |
"UDP Query User{BFB0ED04-CDD2-4097-B278-2F311EF32330}C:\program files (x86)\steam\steamapps\neoforce_v2\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\neoforce_v2\counter-strike source\hl2.exe |
"UDP Query User{FABCBE9A-51AD-422D-9B91-BB6F86A3F193}C:\program files\realvnc\vnc viewer\vncviewer.exe" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc viewer\vncviewer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{0C70221E-BCEB-AABD-7E4F-65476125BF9F}" = ccc-utility64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{28A43593-43C6-30BF-BB23-E9AE543766FB}" = AMD Fuel
"{2CD600E3-55E9-47B3-9611-6FE0ECC04BF9}" = BrazosTweaker
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5749CDC2-06FA-BFCC-C584-562082F50165}" = AMD Accelerated Video Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7660521A-062D-41F5-AA5E-CBA0E0511131}" = Treiber-Studio 2013
"{783DD6D9-3A93-94A3-6B1F-3F534EF09419}" = AMD AVIVO64 Codecs
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82D8994C-8DC1-A68C-E966-AF915C9FE8B5}" = AMD Drag and Drop Transcoding
"{833F5E6D-6E01-11D1-978E-6DFBCEF72570}" = AMD Steady Video Plug-In
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BE9D5B90-787F-F132-876D-3C75ED5DD17A}" = AMD Media Foundation Decoders
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2012.SP5a
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DDDCCFAD-2BCF-4F98-60F1-2D9262E09839}" = AMD Catalyst Install Manager
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 8.0.5.0_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"RealVNCViewer_is1" = VNC Viewer 5.0.3
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0472F2C0-6BA4-03DF-07C8-ADDC8E9CC819}" = CCC Help Thai
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06E098A3-81EF-8426-0233-C00F2E52EC40}" = CCC Help Greek
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09EAF3A0-6EFA-4482-91F5-CAAF4704E7C2}" = CCC Help French
"{0B8D7199-3AD8-2948-55DE-6100AB07DB6F}" = CCC Help Portuguese
"{1235083F-52F9-44CC-9DF5-F9B7802BB9B7}" = ISO Recorder
"{19ADFF5E-D5F5-4132-8D9B-AF07057057C3}" = Angry Birds Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21287F5D-6703-2BBA-F54D-CE6F28332AAB}" = CCC Help Turkish
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2D7088E8-5509-2477-E6D2-3116B8ECD46E}" = AMD VISION Engine Control Center
"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr
"{38717452-B781-2802-F496-F5C8886AA16D}" = CCC Help Norwegian
"{3A40E4DD-D87B-F5B0-4FCE-1C34EA749AB1}" = CCC Help English
"{3D6A3DE8-26F3-7E28-257E-B56244CE978E}" = CCC Help Chinese Traditional
"{40F95BFE-36CF-481F-B7D9-8D8F2F3369F9}" = TSDoctor
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{48E5D832-56EF-D41E-ED72-255DE5AA983C}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4C1998B1-6C82-AFD1-4D8E-0C46042FA679}" = CCC Help Japanese
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D75C9EF-26C4-BA8D-4AA6-D12187CAAF3C}" = CCC Help Chinese Standard
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.24
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{56805EA7-6FC2-2D47-5E97-5B5B529DD2F0}" = Catalyst Control Center Localization All
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5AE46073-8D1C-8C9B-CF59-A50B229C69A5}" = Catalyst Control Center InstallProxy
"{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}" = NVIDIA PhysX
"{668C378C-6D35-1FED-9D8C-A9973AAB847E}" = CCC Help Finnish
"{678A9813-B5F3-7AC9-B630-8AF64034A8F8}" = CCC Help Czech
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{71972D00-4596-11E2-B6EA-B8AC6F97B88E}" = Google Earth Plug-in
"{73B44BD5-3659-88B9-5169-0C0E262CBA42}" = CCC Help Danish
"{74CCD315-40BF-0D42-E291-2136725F0921}" = CCC Help Hungarian
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AA2C7DA-ECDD-46CC-9716-313B0EA050EB}_is1" = PolarEditOctagon 10x8 v 0.7.2.8
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{80AF0300-866F-400F-A350-D53E3C3E34E0}" = FUSSBALL MANAGER 13
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8394355C-ACC9-D7A4-9DC0-9BC7C54E2A1A}" = Catalyst Control Center Graphics Previews Common
"{86F4F32B-77C7-4951-B33C-05D41A8190C1}" = Microsoft RichCopy 4.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8F311E92-C29F-4DF9-8259-B739A1831669}_is1" = SUPER © v2012.build.54 (Nov 18, 2012) Version v2012.build.54
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v4.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B4C94CD6-9A8C-9F8C-F9B8-861704BC917D}" = CCC Help German
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C11E1583-3056-99A7-A8AF-9C84720B615E}" = CCC Help Spanish
"{C1FDB9CE-77EC-4F7B-8AC9-5E18277101F3}" = Multiecuscan
"{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}" = Test Drive Unlimited
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CC6A1270-2C4F-87A5-7C3E-3419EF6C54B4}" = CCC Help Italian
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D12FCFF9-13E2-B599-8703-FF5975AA8AA0}" = CCC Help Russian
"{D71C27AF-6C35-4F85-B60F-1237BD3B469A}" = BlueStacks
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DBE5DACF-BC0A-5932-62FD-C0348EA880C4}" = CCC Help Polish
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode Version 3.1.2.5
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F37A70E0-9D34-A9EB-183A-8B5516759631}" = CCC Help Swedish
"{F47D8BFA-EFEA-16BF-A4DD-4490F81F5D60}" = CCC Help Dutch
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArtMoney SE_is1" = ArtMoney SE v7.39.1
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v.10.0.15
"Audacity_is1" = Audacity 2.0.2
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin (64 bit)
"Avira AntiVir Desktop" = Avira Free Antivirus
"AviSynth" = AviSynth 2.5
"Bridge Constructor1.0" = Bridge Constructor
"Buy Script Maker für CSS" = Buy Script Maker für CSS 0.601
"Cool Edit 2000" = Cool Edit 2000
"DAEMON Tools Pro" = DAEMON Tools Pro
"DivX Setup" = DivX-Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVBViewer Pro_is1" = DVBViewer Pro
"DVDFab 8 Qt_is1" = DVDFab 8.2.0.0 (03/08/2012) Qt
"DVDx 4.0" = DVDx 4.0
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"FileZilla Client" = FileZilla Client 3.6.0.2
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"Free Download Manager_is1" = Free Download Manager 3.9
"Game Booster_is1" = Game Booster 3
"HaaliMkx" = Haali Media Splitter
"iBackupBot for iTunes" = iBackupBot for iTunes 3.6.2
"Indeo® Software" = Indeo® Software
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.1.6.0
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"PrintProjects" = PrintProjects
"PS3 Media Server" = PS3 Media Server
"Reason5_is1" = Reason 5.0
"Revo Uninstaller" = Revo Uninstaller 1.94
"Sniper Ghost Warrior - Gold Edition_is1" = Sniper Ghost Warrior - Gold Edition
"Steam App 211" = Source SDK
"Steam App 240" = Counter-Strike: Source
"Steam App 8190" = Just Cause 2
"Sync Blocker 10.6 Release 1_is1" = Sync Blocker 10.6 Release 1
"TeamViewer 8" = TeamViewer 8
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"TmNationsForever_is1" = TmNationsForever
"UltraISO_is1" = UltraISO Premium V9.52
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.4
"VobSub" = VobSub v2.23 (Remove Only)
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 5.1.2
"Xilisoft DVD Ripper Ultimate" = Xilisoft DVD Ripper Ultimate
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"YTdetect" = Yahoo! Detect
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.02.2013 22:33:52 | Computer Name = ******** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: saxbkhbf.exe, Version: 0.0.0.0, Zeitstempel:
0x50f898d7 Name des fehlerhaften Moduls: saxbkhbf.exe, Version: 0.0.0.0, Zeitstempel:
0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften Prozesses:
0x103c Startzeit der fehlerhaften Anwendung: 0x01ce0a5ba6b87e4e Pfad der fehlerhaften
Anwendung: C:\Users\*****\AppData\Local\Temp\mzujlndzzllt\saxbkhbf.exe Pfad des
fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\mzujlndzzllt\saxbkhbf.exe
Berichtskennung:
f7b1e296-764e-11e2-9c73-ce5dd7c5c55c
Error - 14.02.2013 01:36:38 | Computer Name = ******** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: saxbkhbf.exe, Version: 0.0.0.0, Zeitstempel:
0x50f898d7 Name des fehlerhaften Moduls: saxbkhbf.exe, Version: 0.0.0.0, Zeitstempel:
0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften Prozesses:
0x17e0 Startzeit der fehlerhaften Anwendung: 0x01ce0a753d090b15 Pfad der fehlerhaften
Anwendung: C:\Users\*****\AppData\Local\Temp\mzujlndzzllt\saxbkhbf.exe Pfad des
fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\mzujlndzzllt\saxbkhbf.exe
Berichtskennung:
7ffb4230-7668-11e2-9c73-ce5dd7c5c55c
Error - 14.02.2013 01:47:08 | Computer Name = ******** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: saxbkhbf.exe, Version: 0.0.0.0, Zeitstempel:
0x50f898d7 Name des fehlerhaften Moduls: saxbkhbf.exe, Version: 0.0.0.0, Zeitstempel:
0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften Prozesses:
0x107c Startzeit der fehlerhaften Anwendung: 0x01ce0a76b4ce0363 Pfad der fehlerhaften
Anwendung: C:\Users\*****\AppData\Local\Temp\mzujlndzzllt\saxbkhbf.exe Pfad des
fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\mzujlndzzllt\saxbkhbf.exe
Berichtskennung:
f77e91ec-7669-11e2-9c73-ce5dd7c5c55c
Error - 14.02.2013 08:54:15 | Computer Name = ******** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Name des fehlerhaften Moduls: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften
Prozesses: 0x7a0 Startzeit der fehlerhaften Anwendung: 0x01ce0ab25f80d347 Pfad der
fehlerhaften Anwendung: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Pfad
des fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Berichtskennung:
a264c21f-76a5-11e2-945c-ed827a6cc14e
Error - 14.02.2013 10:51:11 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Name des fehlerhaften Moduls: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften
Prozesses: 0x528 Startzeit der fehlerhaften Anwendung: 0x01ce0ac2b5f5ca06 Pfad der
fehlerhaften Anwendung: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Pfad
des fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Berichtskennung:
f836c205-76b5-11e2-945c-ed827a6cc14e
Error - 14.02.2013 11:01:19 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Name des fehlerhaften Moduls: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften
Prozesses: 0xf1c Startzeit der fehlerhaften Anwendung: 0x01ce0ac420c9d010 Pfad der
fehlerhaften Anwendung: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Pfad
des fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Berichtskennung:
629dfc6e-76b7-11e2-945c-ed827a6cc14e
Error - 14.02.2013 11:16:47 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Name des fehlerhaften Moduls: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften
Prozesses: 0x1248 Startzeit der fehlerhaften Anwendung: 0x01ce0ac6497018e7 Pfad der
fehlerhaften Anwendung: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Pfad
des fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Berichtskennung:
8bbfd62b-76b9-11e2-945c-ed827a6cc14e
Error - 14.02.2013 11:19:15 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Name des fehlerhaften Moduls: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften
Prozesses: 0x6f8 Startzeit der fehlerhaften Anwendung: 0x01ce0ac6a18f4bd0 Pfad der
fehlerhaften Anwendung: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Pfad
des fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Berichtskennung:
e3f67142-76b9-11e2-945c-ed827a6cc14e
Error - 14.02.2013 11:22:09 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Name des fehlerhaften Moduls: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften
Prozesses: 0x16b8 Startzeit der fehlerhaften Anwendung: 0x01ce0ac6fd451368 Pfad der
fehlerhaften Anwendung: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Pfad
des fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Berichtskennung:
4bab7c63-76ba-11e2-945c-ed827a6cc14e
Error - 14.02.2013 11:27:23 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Name des fehlerhaften Moduls: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften
Prozesses: 0x15a4 Startzeit der fehlerhaften Anwendung: 0x01ce0ac7c454ce5b Pfad der
fehlerhaften Anwendung: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Pfad
des fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Berichtskennung:
06d4c369-76bb-11e2-945c-ed827a6cc14e
Error - 14.02.2013 11:32:07 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Name des fehlerhaften Moduls: ouqrqxrisu.exe, Version: 0.0.0.0,
Zeitstempel: 0x50f898d7 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00022efc ID des fehlerhaften
Prozesses: 0xa34 Startzeit der fehlerhaften Anwendung: 0x01ce0ac86e5f4b47 Pfad der
fehlerhaften Anwendung: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Pfad
des fehlerhaften Moduls: C:\Users\*****\AppData\Local\Temp\ihmcmstdpp\ouqrqxrisu.exe
Berichtskennung:
b01e1317-76bb-11e2-945c-ed827a6cc14e
[ Media Center Events ]
Error - 20.09.2012 01:58:08 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 07:58:08 - Fehler beim Herstellen der Internetverbindung. 07:58:08
- Serververbindung konnte nicht hergestellt werden..
Error - 20.09.2012 01:58:18 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 07:58:14 - Fehler beim Herstellen der Internetverbindung. 07:58:14
- Serververbindung konnte nicht hergestellt werden..
Error - 24.09.2012 00:40:43 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 06:40:43 - Fehler beim Herstellen der Internetverbindung. 06:40:43
- Serververbindung konnte nicht hergestellt werden..
Error - 24.09.2012 00:41:21 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 06:41:15 - Fehler beim Herstellen der Internetverbindung. 06:41:15
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 01.11.2012 01:41:12 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler
beendet: %%1064
Error - 01.11.2012 09:24:51 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 01.11.2012 09:25:02 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler
beendet: %%1064
Error - 01.11.2012 17:36:07 | Computer Name = *****-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR4 gefunden.
Error - 02.11.2012 12:22:31 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 02.11.2012 12:22:43 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler
beendet: %%1064
Error - 03.11.2012 01:02:41 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 03.11.2012 01:28:44 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 03.11.2012 01:30:25 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Error - 03.11.2012 01:30:25 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0"
wurde aufgrund folgenden Fehlers nicht gestartet: %%1053
< End of report >
Code:
ATTFilter OTL logfile created on: 14.02.2013 17:22:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,61 Gb Total Physical Memory | 3,62 Gb Available Physical Memory | 64,63% Memory free 11,21 Gb Paging File | 8,93 Gb Available in Paging File | 79,67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,99 Gb Total Space | 126,73 Gb Free Space | 42,53% Space Free | Partition Type: NTFS Drive Z: | 82,98 Mb Total Space | 38,64 Mb Free Space | 46,57% Space Free | Partition Type: NTFS Computer Name: *****-PC | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\*****\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\*****\AppData\Roaming\vlc\msdn.exe () PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) PRC - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Eastman Kodak Company) PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files (x86)\BlueStacks\HD-FileSystem.exe (BlueStack Systems, Inc.) PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) PRC - C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems, Inc.) PRC - C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems, Inc.) PRC - C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Fraps\fraps.exe (Beepa P/L) PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f3c2e63623f7a64a35e3dd746b90edbc\PresentationFramework.Classic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_de_31bf3856ad364e35\WindowsBase.resources.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Kodak AiO Network Discovery Service) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) SRV - (Kodak AiO Status Monitor Service) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Eastman Kodak Company) SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation) SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (BrazosTweaker) -- C:\Programme\BrazosTweaker\BrazosTweakerService.exe () SRV - (AxAutoMntSrv) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe (SiSoftware) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (APXACC) -- C:\Windows\SysNative\drivers\appexDrv.sys (AppEx Networks Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation) DRV:64bit: - (Rockusb) -- C:\Windows\SysNative\drivers\rockusb.sys (Fuzhou Rockchip Electronics Co,Ltd.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.) DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.) DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.) DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.) DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\lgandadb.sys (Google Inc) DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (hcw95rc) -- C:\Windows\SysNative\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hcw95bda) -- C:\Windows\SysNative\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (lirsgt) -- C:\Windows\SysWOW64\drivers\lirsgt.sys () DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems) DRV - (WinRing0_1_2_0) -- C:\Programme\BrazosTweaker\WinRing0x64.sys (OpenLibSys.org) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS) DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\WNt500x64\sandra.sys (SiSoftware) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 95 EB 78 70 5A 08 CE 01 [binary data] IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.17 12:56:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 14:57:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 14:57:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.25 17:22:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.08.15 15:21:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2012.06.12 16:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2013.02.09 19:16:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\95b9s0pc.default\extensions [2013.01.11 16:26:41 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\95b9s0pc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.12.13 20:28:09 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\95b9s0pc.default\extensions\fdm_ffext@freedownloadmanager.org [2013.02.05 20:40:04 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\95b9s0pc.default\extensions\ich@maltegoetz.de [2012.08.16 05:43:51 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\DivXWebPlayer@divx.com.xpi [2012.08.16 19:52:14 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\elemhidehelper@adblockplus.org.xpi [2012.08.16 19:52:33 | 000,001,703 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\f6@merike.pri.ee.xpi [2012.12.13 20:28:14 | 002,151,598 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\firebug@software.joehewitt.com.xpi [2013.02.09 19:16:35 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\stealthyextension@gmail.com.xpi [2012.08.16 19:52:33 | 000,004,545 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\support@easy-hideip.com.xpi [2012.08.16 19:52:33 | 000,004,552 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\support@platinumhideip.com.xpi [2012.08.16 19:52:33 | 000,004,526 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\support@real-hide-ip.com.xpi [2013.01.28 17:40:08 | 000,142,907 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\unplug@compunach.xpi [2012.08.16 19:52:33 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\youtube2mp3@mondayx.de.xpi [2012.12.24 10:14:16 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012.12.30 11:28:47 | 000,358,225 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi [2013.01.31 18:20:20 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.08.16 19:52:33 | 000,026,136 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2013.02.06 14:57:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.06 14:57:14 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.20 21:04:34 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.09.24 18:05:05 | 000,000,826 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Driver Genius] File not found O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe (AppEx Networks Corporation) O4 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000..\Run: [Information Schema] C:\Users\*****\AppData\Roaming\vlc\msdn.exe () O4 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DEFE633-334A-461E-82B0-BA362213CF28}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A3AEDDD-0886-427F-B7D5-E45AFF305945}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4cf68b34-1169-11e2-b55c-cf2fbcbd9653}\Shell - "" = AutoRun O33 - MountPoints2\{4cf68b34-1169-11e2-b55c-cf2fbcbd9653}\Shell\AutoRun\command - "" = E:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.14 03:00:54 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.02.14 03:00:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.02.14 03:00:53 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.02.14 03:00:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.02.14 03:00:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.02.14 03:00:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.02.14 03:00:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.02.14 03:00:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.02.14 03:00:50 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.14 03:00:50 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.02.14 03:00:50 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.02.14 03:00:50 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.14 03:00:47 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.14 03:00:47 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.14 03:00:47 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.02.14 02:32:02 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.02.14 02:31:59 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.02.14 02:31:58 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.02.14 02:31:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.02.14 02:31:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.02.14 02:31:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.02.14 02:31:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.02.14 02:31:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.02.14 02:31:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.02.14 02:31:51 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.02.12 20:49:09 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\ProcAlyzer Dumps [2013.02.12 20:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013.02.12 20:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2013.02.12 20:07:27 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2013.02.12 20:07:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013.02.11 16:31:25 | 000,000,000 | --SD | C] -- C:\PS3 [2013.02.10 20:16:20 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Test Drive Ferrari Racing Legends [2013.02.09 20:10:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.02.09 14:30:51 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Euro Truck Simulator 2 [2013.02.08 16:53:30 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Command & Conquer 3 Kanes Rache [2013.02.08 16:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.02.08 16:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013.02.08 16:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2013.02.08 16:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2013.02.08 16:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2013.02.07 19:47:55 | 000,000,000 | ---D | C] -- C:\Multi Protocol Programming System [2013.02.06 14:57:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.05 16:51:36 | 000,064,880 | ---- | C] (Fuzhou Rockchip Electronics Co,Ltd.) -- C:\Windows\SysNative\drivers\rockusb.sys [2013.02.03 19:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDev [2013.02.03 19:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MegaDev [2013.02.03 15:45:07 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\FUSSBALL MANAGER 13 [2013.02.03 15:42:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2013.02.03 15:42:09 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2013.02.03 15:42:09 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2013.02.03 15:42:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2013.02.03 15:42:07 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2013.02.03 15:42:07 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2013.02.03 15:42:06 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2013.02.03 15:42:06 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2013.02.03 15:42:05 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2013.02.03 15:42:05 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2013.02.03 15:42:04 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2013.02.03 15:42:04 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2013.02.03 15:42:03 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2013.02.03 15:42:03 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2013.02.03 15:42:01 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2013.02.03 15:42:01 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2013.02.03 15:26:48 | 000,000,000 | ---D | C] -- C:\FM13 [2013.02.03 15:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013.02.03 15:12:23 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Google [2013.02.03 15:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.02.02 14:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus [2013.02.02 14:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint [2013.02.01 20:46:51 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Privat [2013.02.01 17:58:19 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Command & Conquer 3 Kanes Rache [2013.02.01 13:32:34 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multiecuscan [2013.02.01 13:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Multiecuscan [2013.01.29 06:55:24 | 000,078,640 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2013.01.29 06:55:24 | 000,078,640 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2013.01.29 06:55:20 | 000,071,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2013.01.29 06:55:20 | 000,071,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2013.01.29 06:55:06 | 000,139,904 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2013.01.29 06:55:00 | 000,118,792 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2013.01.29 06:54:54 | 000,113,672 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2013.01.29 06:54:50 | 000,092,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2013.01.29 06:54:46 | 001,150,328 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2013.01.29 06:54:42 | 000,968,560 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2013.01.29 06:54:34 | 008,173,928 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2013.01.29 06:54:28 | 007,159,384 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2013.01.29 06:54:18 | 004,475,192 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2013.01.29 06:54:14 | 006,035,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2013.01.29 06:54:06 | 005,035,000 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2013.01.29 06:54:00 | 007,038,856 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2013.01.29 06:48:38 | 011,612,672 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2013.01.29 06:39:06 | 023,581,184 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2013.01.29 06:27:12 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2013.01.29 06:24:44 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2013.01.29 06:24:42 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2013.01.29 06:24:36 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2013.01.29 06:24:34 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2013.01.29 06:24:22 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2013.01.29 06:21:02 | 019,755,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2013.01.29 06:19:56 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2013.01.29 06:15:54 | 000,077,312 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_12.10.17.dll [2013.01.29 06:03:00 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll [2013.01.29 06:02:50 | 000,561,152 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2013.01.29 06:01:58 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2013.01.29 06:00:20 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2013.01.29 06:00:00 | 000,025,600 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2013.01.29 05:59:56 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2013.01.29 05:59:50 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2013.01.29 05:34:28 | 000,629,760 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2013.01.29 05:34:16 | 000,425,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2013.01.29 05:34:00 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2013.01.29 05:33:56 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2013.01.29 05:33:56 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll [2013.01.29 05:33:52 | 000,044,032 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2013.01.29 05:33:44 | 000,034,816 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2013.01.29 05:33:36 | 000,576,000 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2013.01.29 05:30:44 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2013.01.28 23:20:40 | 000,076,288 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll [2013.01.28 23:20:36 | 000,065,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll [2013.01.28 23:20:32 | 000,064,000 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll [2013.01.28 23:20:30 | 000,056,320 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll [2013.01.28 23:20:20 | 029,150,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2013.01.28 23:18:24 | 023,810,048 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2013.01.28 23:16:40 | 000,054,784 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.01.28 23:16:36 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.01.28 23:10:28 | 005,067,264 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdsc64.dll [2013.01.28 23:10:26 | 004,083,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdsc.dll [2013.01.28 17:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Publish Data [2013.01.28 16:58:27 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Publish_Data [2013.01.28 16:45:02 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Treiber-Studio 2013 [2013.01.28 16:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Publish Data [2013.01.25 17:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.01.25 16:53:46 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile [2013.01.23 14:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED [2013.01.23 14:45:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CI Games [2013.01.23 06:45:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CI Games [2013.01.23 06:45:11 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Programs [2013.01.21 19:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2013.01.19 11:12:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PolarEditor10x8 [2013.01.18 06:17:25 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.01.18 06:17:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.01.15 21:41:53 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Innovative Solutions [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.14 17:24:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.14 16:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.14 15:24:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.14 13:49:14 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.14 13:49:14 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.14 13:41:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.14 13:40:55 | 218,869,759 | -HS- | M] () -- C:\hiberfil.sys [2013.02.14 03:31:15 | 004,912,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.14 03:05:51 | 001,635,332 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.14 03:05:51 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.14 03:05:51 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.14 03:05:51 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.14 03:05:51 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.09 21:48:14 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.02.09 21:48:14 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.02.09 13:25:41 | 000,196,608 | ---- | M] () -- C:\Users\*****\Documents\Aktuell.fdu [2013.02.09 13:21:28 | 000,196,608 | ---- | M] () -- C:\Users\*****\Documents\PolarEdit 10x8 2.fdu [2013.02.02 14:49:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf [2013.01.29 13:30:36 | 001,590,506 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.01.29 06:55:24 | 000,078,640 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2013.01.29 06:55:24 | 000,078,640 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2013.01.29 06:55:20 | 000,071,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2013.01.29 06:55:20 | 000,071,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2013.01.29 06:55:06 | 000,139,904 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2013.01.29 06:55:00 | 000,118,792 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2013.01.29 06:54:54 | 000,113,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2013.01.29 06:54:50 | 000,092,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2013.01.29 06:54:46 | 001,150,328 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2013.01.29 06:54:42 | 000,968,560 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2013.01.29 06:54:34 | 008,173,928 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2013.01.29 06:54:28 | 007,159,384 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2013.01.29 06:54:18 | 004,475,192 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2013.01.29 06:54:14 | 006,035,136 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2013.01.29 06:54:06 | 005,035,000 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2013.01.29 06:54:00 | 007,038,856 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2013.01.29 06:48:38 | 011,612,672 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2013.01.29 06:39:06 | 023,581,184 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2013.01.29 06:28:32 | 000,340,256 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb [2013.01.29 06:28:32 | 000,340,256 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb [2013.01.29 06:27:12 | 000,163,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2013.01.29 06:24:44 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2013.01.29 06:24:42 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2013.01.29 06:24:36 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2013.01.29 06:24:34 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2013.01.29 06:24:22 | 016,082,944 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2013.01.29 06:21:02 | 019,755,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2013.01.29 06:19:56 | 013,703,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2013.01.29 06:15:54 | 000,077,312 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_12.10.17.dll [2013.01.29 06:03:00 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll [2013.01.29 06:02:50 | 000,561,152 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2013.01.29 06:01:58 | 000,240,640 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2013.01.29 06:00:20 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2013.01.29 06:00:00 | 000,025,600 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2013.01.29 05:59:56 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2013.01.29 05:59:50 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2013.01.29 05:34:28 | 000,629,760 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2013.01.29 05:34:16 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2013.01.29 05:34:00 | 000,017,920 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2013.01.29 05:33:56 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2013.01.29 05:33:56 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll [2013.01.29 05:33:52 | 000,044,032 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2013.01.29 05:33:44 | 000,034,816 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2013.01.29 05:33:36 | 000,576,000 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2013.01.29 05:30:44 | 000,053,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2013.01.29 04:50:40 | 003,296,864 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap [2013.01.29 04:50:40 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat [2013.01.29 04:50:40 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat [2013.01.29 04:50:40 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat [2013.01.29 04:50:40 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat [2013.01.29 04:36:10 | 003,330,608 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap [2013.01.28 23:20:58 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe [2013.01.28 23:20:40 | 000,076,288 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll [2013.01.28 23:20:36 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll [2013.01.28 23:20:32 | 000,064,000 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll [2013.01.28 23:20:30 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll [2013.01.28 23:20:20 | 029,150,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2013.01.28 23:18:24 | 023,810,048 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2013.01.28 23:16:40 | 000,054,784 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.01.28 23:16:36 | 000,050,176 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.01.28 23:10:28 | 005,067,264 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdsc64.dll [2013.01.28 23:10:26 | 004,083,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdsc.dll [2013.01.25 16:55:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2013.01.23 14:24:36 | 000,405,309 | ---- | M] () -- C:\plugin.rar [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.12 20:07:36 | 000,002,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2013.02.09 13:25:41 | 000,196,608 | ---- | C] () -- C:\Users\*****\Documents\Aktuell.fdu [2013.02.09 13:21:27 | 000,196,608 | ---- | C] () -- C:\Users\*****\Documents\PolarEdit 10x8 2.fdu [2013.02.03 15:12:27 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.03 15:12:26 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.02 14:49:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf [2013.01.29 06:28:32 | 000,340,256 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb [2013.01.29 06:28:32 | 000,340,256 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2013.01.29 04:50:40 | 003,296,864 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2013.01.29 04:50:40 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2013.01.29 04:50:40 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat [2013.01.29 04:50:40 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2013.01.29 04:50:40 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat [2013.01.29 04:36:10 | 003,330,608 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2013.01.28 23:20:58 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe [2013.01.28 16:43:02 | 001,590,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.01.25 16:55:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2013.01.25 16:54:01 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk [2013.01.08 16:48:57 | 000,027,783 | ---- | C] () -- C:\Users\*****\AppData\Roaming\*****3SQLite3.dll [2013.01.07 16:27:51 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2013.01.06 19:36:59 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2012.12.23 10:39:25 | 000,000,029 | ---- | C] () -- C:\Windows\wordpad.ini [2012.12.15 18:24:33 | 000,000,600 | ---- | C] () -- C:\Users\*****\AppData\Roaming\winscp.rnd [2012.12.06 20:35:11 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\lirsgt.sys [2012.12.06 20:33:15 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [2012.11.27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.11.05 21:52:43 | 000,000,078 | ---- | C] () -- C:\Windows\wininit.ini [2012.10.26 17:05:38 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.10.26 17:05:30 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.10.03 19:35:41 | 000,000,534 | ---- | C] () -- C:\Windows\eReg.dat [2012.10.03 13:48:16 | 000,001,574 | ---- | C] () -- C:\Windows\cdplayer.ini [2012.10.03 13:46:11 | 000,078,085 | ---- | C] () -- C:\Windows\SysWow64\pattern.dat [2012.10.03 13:46:05 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\fxstudio.dll [2012.10.03 13:46:04 | 000,282,624 | ---- | C] () -- C:\Windows\SysWow64\animation2.dll [2012.09.15 17:31:17 | 000,092,168 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2012.08.26 18:54:01 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll [2012.08.24 19:05:26 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\dvttrn.dll [2012.08.22 05:40:50 | 002,097,152 | ---- | C] () -- C:\Windows\sample5x.dat [2012.08.20 17:05:42 | 000,000,064 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Sandra.ldb [2012.08.20 17:05:41 | 011,730,944 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Sandra.mdb [2012.08.16 18:38:56 | 000,007,605 | ---- | C] () -- C:\Users\*****\AppData\Local\resmon.resmoncfg [2012.08.15 14:01:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
15.02.2013, 00:22
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Seltsame Datei(en) Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus. Anleitung MBAR: Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.02.2013, 15:01
| #5 |
| | Seltsame Datei(en)Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org
Database version: v2013.02.15.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Lappi :: LAPPI-PC [administrator]
15.02.2013 14:54:51
mbar-log-2013-02-15 (14-54-51).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30379
Time elapsed: 8 hour(s), 12 minute(s), 11 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
15.02.2013, 15:36
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Seltsame Datei(en) Was ist mit GMER? Ging das nicht?
__________________ --> Seltsame Datei(en) |
|
15.02.2013, 19:03
| #7 |
| | Seltsame Datei(en) Sorry vergessen Code:
ATTFilter GMER 2.1.18952 - hxxp://www.gmer.net
Rootkit scan 2013-02-15 19:02:20
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000074 WDC_WD32 rev.01.0 298,09GB
Running: GMER_2.1.18952.exe; Driver: C:\Users\Lappi\AppData\Local\Temp\pgloapoc.sys
---- Kernel code sections - GMER 2.1 ----
PAGE C:\Windows\system32\drivers\PCIIDEX.SYS!DllUnload fffff88000e6ba50 12 bytes {MOV RAX, 0xfffffa80057992a0; JMP RAX}
PAGE C:\Windows\system32\drivers\ataport.SYS!DllUnload fffff88000db44a0 12 bytes {MOV RAX, 0xfffffa80057912a0; JMP RAX}
.text C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload fffff88006fb2d64 12 bytes {MOV RAX, 0xfffffa8006d152a0; JMP RAX}
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Windows Sidebar\sidebar.exe[3556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077901465 2 bytes [90, 77]
.text C:\Program Files (x86)\Windows Sidebar\sidebar.exe[3556] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779014bb 2 bytes [90, 77]
.text ... * 2
.text C:\Users\Lappi\AppData\Roaming\vlc\msdn.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077901465 2 bytes [90, 77]
.text C:\Users\Lappi\AppData\Roaming\vlc\msdn.exe[3572] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779014bb 2 bytes [90, 77]
.text ... * 2
.text C:\Users\Lappi\AppData\Local\Temp\matxjkmolczoo\lrdgdrxfbge.exe[4880] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077901465 2 bytes [90, 77]
.text C:\Users\Lappi\AppData\Local\Temp\matxjkmolczoo\lrdgdrxfbge.exe[4880] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000779014bb 2 bytes [90, 77]
.text ... * 2
---- Kernel IAT/EAT - GMER 2.1 ----
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [fffff88001046f1c] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [fffff88001046cc0] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [fffff8800104769c] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [fffff88001047a98] \SystemRoot\System32\Drivers\sptd.sys [.text]
IAT C:\Windows\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [fffff880010478f4] \SystemRoot\System32\Drivers\sptd.sys [.text]
---- Devices - GMER 2.1 ----
Device \Driver\atapi \Device\Ide\IdePort0 fffffa80060c02c0
Device \Driver\atapi \Device\Ide\IdePort1 fffffa80060c02c0
Device \Driver\aboaao71 \Device\Scsi\aboaao711 fffffa8006e642c0
Device \Driver\aboaao71 \Device\Scsi\aboaao711Port3Path0Target0Lun0 fffffa8006e642c0
Device \Driver\afn5ktry \Device\Scsi\afn5ktry1 fffffa8006e7f2c0
Device \FileSystem\Ntfs \Ntfs fffffa80060ca2c0
Device \Driver\dtsoftbus01 \Device\00000078 fffffa8006ae22c0
Device \Driver\usbohci \Device\USBPDO-5 fffffa8006d1d2c0
Device \Driver\usbehci \Device\USBFDO-3 fffffa8006dad2c0
Device \Driver\amd_sata \Device\00000074 fffffa80060c42c0
Device \Driver\usbehci \Device\USBPDO-1 fffffa8006dad2c0
Device \Driver\amd_sata \Device\RaidPort0 fffffa80060c42c0
Device \Driver\cdrom \Device\CdRom0 fffffa8006b952c0
Device \Driver\cdrom \Device\CdRom1 fffffa8006b952c0
Device \Driver\cdrom \Device\CdRom2 fffffa8006b952c0
Device \Driver\amd_sata \Device\Dev_fffffa80061e0060 fffffa8008f832a0
Device \Driver\usbehci \Device\USBPDO-6 fffffa8006dad2c0
Device \Driver\usbohci \Device\USBFDO-4 fffffa8006d1d2c0
Device \Driver\amd_sata \Device\00000075 fffffa80060c42c0
Device \Driver\usbohci \Device\USBFDO-0 fffffa8006d1d2c0
Device \Driver\usbohci \Device\USBPDO-2 fffffa8006d1d2c0
Device \Driver\dtsoftbus01 \Device\DTSoftBusCtl fffffa8006ae22c0
Device \Driver\NetBT \Device\NetBT_Tcpip_{2DEFE633-334A-461E-82B0-BA362213CF28} fffffa8006ca72c0
Device \Driver\usbohci \Device\USBFDO-5 fffffa8006d1d2c0
Device \Driver\NetBT \Device\NetBT_Tcpip_{491677A8-7883-4F6F-9356-2802941F11E9} fffffa8006ca72c0
Device \Driver\usbehci \Device\USBPDO-3 fffffa8006dad2c0
Device \Driver\usbehci \Device\USBFDO-1 fffffa8006dad2c0
Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8006ca72c0
Device \Driver\usbehci \Device\USBFDO-6 fffffa8006dad2c0
Device \Driver\usbohci \Device\USBPDO-4 fffffa8006d1d2c0
Device \Driver\atapi \Device\ScsiPort0 fffffa80060c02c0
Device \Driver\usbohci \Device\USBFDO-2 fffffa8006d1d2c0
Device \Driver\usbohci \Device\USBPDO-0 fffffa8006d1d2c0
Device \Driver\atapi \Device\ScsiPort1 fffffa80060c02c0
Device \Driver\amd_sata \Device\ScsiPort2 fffffa80060c42c0
Device \Driver\aboaao71 \Device\ScsiPort3 fffffa8006e642c0
Device \Driver\afn5ktry \Device\ScsiPort4 fffffa8006e7f2c0
---- Trace I/O - GMER 2.1 ----
Trace ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80060c62c0]<< sptd.sys amd_xata.sys storport.sys hal.dll amd_sata.sys fffffa80060c62c0
Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006746790] fffffa8006746790
Trace 3 CLASSPNP.SYS[fffff88001ba043f] -> nt!IofCallDriver -> [0xfffffa80061e1ac0] fffffa80061e1ac0
Trace \Driver\amd_xata[0xfffffa80057dc980] -> IRP_MJ_CREATE -> 0xfffffa80060c62c0 fffffa80060c62c0
Trace 5 amd_xata.sys[fffff880012d3d00] -> nt!IofCallDriver -> \Device\00000074[0xfffffa80061e0060] fffffa80061e0060
Trace \Driver\amd_sata[0xfffffa80061cb920] -> IRP_MJ_CREATE -> 0xfffffa80060c42c0 fffffa80060c42c0
---- Modules - GMER 2.1 ----
Module \SystemRoot\System32\Drivers\aboaao71.SYS fffff88006d1e000-fffff88006d6a000 (311296 bytes)
Module \SystemRoot\System32\Drivers\afn5ktry.SYS fffff88006d6a000-fffff88006dbb000 (331776 bytes)
---- Threads - GMER 2.1 ----
Thread C:\Windows\SysWOW64\ntdll.dll [3700:3704] 0000000000ee72be
Thread C:\Windows\System32\svchost.exe [3836:3272] 000007fef9fa9874
Thread C:\Windows\system32\svchost.exe [3284:4956] 00000000619eb5fc
Thread C:\Windows\system32\svchost.exe [3284:4412] 0000000062a21760
Thread C:\Windows\system32\svchost.exe [3284:1944] 0000000062a78b1c
Thread C:\Windows\system32\svchost.exe [3284:3200] 0000000062a7c740
Thread C:\Windows\system32\svchost.exe [3284:2024] 0000000062a8498c
Thread C:\Windows\system32\svchost.exe [3284:3400] 00000000619e6394
Thread C:\Windows\system32\svchost.exe [3284:3168] 00000000619b2234
Thread C:\Windows\system32\svchost.exe [3284:4668] 0000000061a10398
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 (null)
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x8C 0x1B 0xAB 0x37 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x6C 0x1B 0x07 0xE7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x15 0x47 0xE0 0x22 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 (null)
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x71 0x6D 0x1A 0x1F ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x98 0xC6 0x7B 0x64 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x25 0x28 0xF8 0x1F ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 (null)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x8C 0x1B 0xAB 0x37 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x6C 0x1B 0x07 0xE7 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x15 0x47 0xE0 0x22 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 (null)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x71 0x6D 0x1A 0x1F ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x98 0xC6 0x7B 0x64 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x25 0x28 0xF8 0x1F ...
---- EOF - GMER 2.1 ----
|
|
16.02.2013, 15:31
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Seltsame Datei(en) aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2013, 16:17
| #9 |
| | Seltsame Datei(en)Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-16 15:38:39
-----------------------------
15:38:39.734 OS Version: Windows x64 6.1.7601 Service Pack 1
15:38:39.734 Number of processors: 2 586 0x200
15:38:39.734 ComputerName: LAPPI-PC UserName: Lappi
15:38:41.357 Initialize success
15:42:47.189 AVAST engine defs: 13021600
15:46:01.488 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000074
15:46:01.504 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 11
15:46:01.535 Disk 0 MBR read successfully
15:46:01.535 Disk 0 MBR scan
15:46:01.566 Disk 0 Windows 7 default MBR code
15:46:01.582 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:46:01.613 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
15:46:01.675 Disk 0 scanning C:\Windows\system32\drivers
15:46:32.329 Service scanning
15:47:15.105 Modules scanning
15:47:15.105 Disk 0 trace - called modules:
15:47:15.136 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80060c62c0]<<sptd.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
15:47:15.136 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006746790]
15:47:15.151 3 CLASSPNP.SYS[fffff88001ba043f] -> nt!IofCallDriver -> [0xfffffa80061e1ac0]
15:47:15.151 \Driver\amd_xata[0xfffffa80057dc980] -> IRP_MJ_CREATE -> 0xfffffa80060c62c0
15:47:15.167 5 amd_xata.sys[fffff880012d3d00] -> nt!IofCallDriver -> \Device\00000074[0xfffffa80061e0060]
15:47:15.183 \Driver\amd_sata[0xfffffa80061cb920] -> IRP_MJ_CREATE -> 0xfffffa80060c42c0
15:47:16.774 AVAST engine scan C:\Windows
15:47:31.719 AVAST engine scan C:\Windows\system32
15:56:25.304 AVAST engine scan C:\Windows\system32\drivers
15:56:58.345 AVAST engine scan C:\Users\Lappi
16:07:54.522 AVAST engine scan C:\ProgramData
16:11:15.387 Scan finished successfully
16:16:57.841 Disk 0 MBR has been saved successfully to "C:\Users\Lappi\Desktop\MBR.dat"
16:16:57.857 The log file has been saved successfully to "C:\Users\Lappi\Desktop\aswMBR.txt"
TDSS-Killer hat nix gefunden |
|
16.02.2013, 18:39
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Seltsame Datei(en)Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2013, 19:48
| #11 |
| | Seltsame Datei(en)Code:
ATTFilter 15:54:53.0949 4468 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:54:54.0183 4468 ============================================================
15:54:54.0183 4468 Current date / time: 2013/02/16 15:54:54.0183
15:54:54.0183 4468 SystemInfo:
15:54:54.0183 4468
15:54:54.0183 4468 OS Version: 6.1.7601 ServicePack: 1.0
15:54:54.0183 4468 Product type: Workstation
15:54:54.0183 4468 ComputerName: LAPPI-PC
15:54:54.0183 4468 UserName: Lappi
15:54:54.0183 4468 Windows directory: C:\Windows
15:54:54.0183 4468 System windows directory: C:\Windows
15:54:54.0183 4468 Running under WOW64
15:54:54.0183 4468 Processor architecture: Intel x64
15:54:54.0183 4468 Number of processors: 2
15:54:54.0183 4468 Page size: 0x1000
15:54:54.0183 4468 Boot type: Normal boot
15:54:54.0183 4468 ============================================================
15:54:55.0447 4468 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:54:55.0447 4468 ============================================================
15:54:55.0447 4468 \Device\Harddisk0\DR0:
15:54:55.0447 4468 MBR partitions:
15:54:55.0447 4468 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:54:55.0447 4468 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
15:54:55.0447 4468 ============================================================
15:54:55.0462 4468 C: <-> \Device\Harddisk0\DR0\Partition2
15:54:55.0478 4468 ============================================================
15:54:55.0478 4468 Initialize success
15:54:55.0478 4468 ============================================================
15:54:57.0459 3584 ============================================================
15:54:57.0459 3584 Scan started
15:54:57.0459 3584 Mode: Manual;
15:54:57.0459 3584 ============================================================
15:54:58.0036 3584 ================ Scan system memory ========================
15:54:58.0036 3584 System memory - ok
15:54:58.0036 3584 ================ Scan services =============================
15:54:58.0411 3584 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:54:58.0411 3584 1394ohci - ok
15:54:58.0457 3584 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:54:58.0473 3584 ACPI - ok
15:54:58.0535 3584 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:54:58.0535 3584 AcpiPmi - ok
15:54:58.0785 3584 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:54:58.0863 3584 AdobeFlashPlayerUpdateSvc - ok
15:54:58.0925 3584 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:54:58.0941 3584 adp94xx - ok
15:54:58.0972 3584 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:54:58.0988 3584 adpahci - ok
15:54:59.0081 3584 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:54:59.0081 3584 adpu320 - ok
15:54:59.0128 3584 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:54:59.0128 3584 AeLookupSvc - ok
15:54:59.0191 3584 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:54:59.0206 3584 AFD - ok
15:54:59.0253 3584 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:54:59.0253 3584 agp440 - ok
15:54:59.0284 3584 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:54:59.0284 3584 ALG - ok
15:54:59.0393 3584 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:54:59.0393 3584 aliide - ok
15:54:59.0534 3584 [ 4587B257BFAAC2BA9CD457141D8AAC1A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:54:59.0534 3584 AMD External Events Utility - ok
15:54:59.0674 3584 AMD FUEL Service - ok
15:54:59.0705 3584 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:54:59.0705 3584 amdide - ok
15:54:59.0752 3584 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:54:59.0752 3584 amdiox64 - ok
15:54:59.0877 3584 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:54:59.0877 3584 AmdK8 - ok
15:55:00.0267 3584 [ 7A66C937F029D3FA7018281E271A767C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:55:00.0517 3584 amdkmdag - ok
15:55:00.0657 3584 [ 104B134AF77E4D48A9D07BD8457F5FDB ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:55:00.0673 3584 amdkmdap - ok
15:55:00.0719 3584 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:55:00.0719 3584 AmdPPM - ok
15:55:00.0860 3584 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:55:00.0860 3584 amdsata - ok
15:55:00.0969 3584 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:55:01.0016 3584 amdsbs - ok
15:55:01.0047 3584 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:55:01.0047 3584 amdxata - ok
15:55:01.0094 3584 [ EE4797DFEBBE8ACDB548DD8E80BE0A88 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
15:55:01.0094 3584 amd_sata - ok
15:55:01.0109 3584 [ D56EAD71A86FD2ACAE2DB47D0A6A3A41 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
15:55:01.0109 3584 amd_xata - ok
15:55:01.0156 3584 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
15:55:01.0156 3584 Andbus - ok
15:55:01.0203 3584 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
15:55:01.0203 3584 AndDiag - ok
15:55:01.0219 3584 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
15:55:01.0219 3584 AndGps - ok
15:55:01.0250 3584 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
15:55:01.0250 3584 ANDModem - ok
15:55:01.0281 3584 [ 9C1751B2E733471AE07561028B7D2A9B ] androidusb C:\Windows\system32\Drivers\lgandadb.sys
15:55:01.0281 3584 androidusb - ok
15:55:01.0453 3584 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:55:01.0453 3584 AntiVirSchedulerService - ok
15:55:01.0468 3584 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:55:01.0468 3584 AntiVirService - ok
15:55:01.0531 3584 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:55:01.0531 3584 AppID - ok
15:55:01.0577 3584 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:55:01.0577 3584 AppIDSvc - ok
15:55:01.0687 3584 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:55:01.0687 3584 Appinfo - ok
15:55:01.0796 3584 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:55:01.0796 3584 Apple Mobile Device - ok
15:55:01.0967 3584 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:55:01.0967 3584 AppMgmt - ok
15:55:02.0030 3584 [ 0260B9E197970DBEEA256A45BCBFCADC ] APXACC C:\Windows\system32\DRIVERS\appexDrv.sys
15:55:02.0045 3584 APXACC - ok
15:55:02.0092 3584 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:55:02.0092 3584 arc - ok
15:55:02.0108 3584 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:55:02.0108 3584 arcsas - ok
15:55:02.0155 3584 ASInsHelp - ok
15:55:02.0295 3584 [ A3626C6D3F2DC95497F3F61842D7FD89 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:55:02.0295 3584 ASLDRService - ok
15:55:02.0373 3584 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:55:02.0389 3584 ASMMAP64 - ok
15:55:02.0669 3584 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:55:02.0669 3584 aspnet_state - ok
15:55:02.0794 3584 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:55:02.0794 3584 AsyncMac - ok
15:55:02.0903 3584 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:55:02.0903 3584 atapi - ok
15:55:03.0106 3584 [ 161C115A1C1BE48E18566639426DF371 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:55:03.0184 3584 athr - ok
15:55:03.0340 3584 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:55:03.0340 3584 AtiHDAudioService - ok
15:55:03.0387 3584 [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:55:03.0387 3584 ATKGFNEXSrv - ok
15:55:03.0449 3584 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:55:03.0449 3584 ATKWMIACPIIO - ok
15:55:03.0512 3584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:55:03.0512 3584 AudioEndpointBuilder - ok
15:55:03.0527 3584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:55:03.0543 3584 AudioSrv - ok
15:55:03.0590 3584 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:55:03.0590 3584 avgntflt - ok
15:55:03.0621 3584 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:55:03.0621 3584 avipbb - ok
15:55:03.0652 3584 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:55:03.0652 3584 avkmgr - ok
15:55:03.0746 3584 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
15:55:03.0777 3584 AxAutoMntSrv - ok
15:55:03.0839 3584 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:55:03.0839 3584 AxInstSV - ok
15:55:03.0933 3584 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:55:03.0949 3584 b06bdrv - ok
15:55:03.0995 3584 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:55:04.0011 3584 b57nd60a - ok
15:55:04.0105 3584 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:55:04.0105 3584 BDESVC - ok
15:55:04.0151 3584 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:55:04.0151 3584 Beep - ok
15:55:04.0292 3584 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:55:04.0307 3584 BFE - ok
15:55:04.0354 3584 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:55:04.0370 3584 BITS - ok
15:55:04.0463 3584 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:55:04.0463 3584 blbdrive - ok
15:55:04.0557 3584 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:55:04.0604 3584 Bonjour Service - ok
15:55:04.0635 3584 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:55:04.0635 3584 bowser - ok
15:55:04.0682 3584 [ BB2DFF9D111C35AE0119E969987A7A2C ] BrazosTweaker C:\Program Files\BrazosTweaker\BrazosTweakerService.exe
15:55:04.0682 3584 BrazosTweaker - ok
15:55:04.0729 3584 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:55:04.0729 3584 BrFiltLo - ok
15:55:04.0744 3584 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:55:04.0744 3584 BrFiltUp - ok
15:55:04.0775 3584 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:55:04.0775 3584 Browser - ok
15:55:04.0822 3584 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:55:04.0822 3584 Brserid - ok
15:55:04.0853 3584 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:55:04.0853 3584 BrSerWdm - ok
15:55:04.0885 3584 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:55:04.0885 3584 BrUsbMdm - ok
15:55:04.0900 3584 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:55:04.0900 3584 BrUsbSer - ok
15:55:04.0994 3584 [ 8C5356D946476F90E4C2AA4066897023 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
15:55:05.0009 3584 BstHdAndroidSvc - ok
15:55:05.0087 3584 [ D30B2C76296F3ECE19F7695D66C4C2A5 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
15:55:05.0087 3584 BstHdDrv - ok
15:55:05.0103 3584 [ 02E8B432BD2357E8E6CF9DEAACFF6B45 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
15:55:05.0119 3584 BstHdLogRotatorSvc - ok
15:55:05.0150 3584 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:55:05.0150 3584 BTHMODEM - ok
15:55:05.0259 3584 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:55:05.0259 3584 bthserv - ok
15:55:05.0368 3584 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:55:05.0368 3584 cdfs - ok
15:55:05.0477 3584 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:55:05.0493 3584 cdrom - ok
15:55:05.0540 3584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:55:05.0555 3584 CertPropSvc - ok
15:55:05.0618 3584 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:55:05.0618 3584 circlass - ok
15:55:05.0680 3584 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:55:05.0680 3584 CLFS - ok
15:55:05.0805 3584 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:55:05.0821 3584 clr_optimization_v2.0.50727_32 - ok
15:55:05.0930 3584 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:55:06.0008 3584 clr_optimization_v2.0.50727_64 - ok
15:55:06.0195 3584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:55:06.0211 3584 clr_optimization_v4.0.30319_32 - ok
15:55:06.0242 3584 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:55:06.0257 3584 clr_optimization_v4.0.30319_64 - ok
15:55:06.0289 3584 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:55:06.0289 3584 CmBatt - ok
15:55:06.0335 3584 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:55:06.0335 3584 cmdide - ok
15:55:06.0367 3584 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:55:06.0382 3584 CNG - ok
15:55:06.0429 3584 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:55:06.0429 3584 Compbatt - ok
15:55:06.0460 3584 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:55:06.0460 3584 CompositeBus - ok
15:55:06.0476 3584 COMSysApp - ok
15:55:06.0554 3584 cpuz135 - ok
15:55:06.0569 3584 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:55:06.0585 3584 crcdisk - ok
15:55:06.0632 3584 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:55:06.0632 3584 CryptSvc - ok
15:55:06.0694 3584 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:55:06.0710 3584 CSC - ok
15:55:06.0757 3584 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:55:06.0772 3584 CscService - ok
15:55:06.0835 3584 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
15:55:06.0835 3584 dc3d - ok
15:55:06.0897 3584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:55:06.0913 3584 DcomLaunch - ok
15:55:06.0959 3584 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:55:06.0975 3584 defragsvc - ok
15:55:07.0006 3584 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:55:07.0006 3584 DfsC - ok
15:55:07.0084 3584 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:55:07.0100 3584 Dhcp - ok
15:55:07.0131 3584 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:55:07.0131 3584 discache - ok
15:55:07.0271 3584 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:55:07.0271 3584 Disk - ok
15:55:07.0396 3584 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:55:07.0396 3584 Dnscache - ok
15:55:07.0474 3584 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:55:07.0537 3584 dot3svc - ok
15:55:07.0583 3584 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:55:07.0583 3584 DPS - ok
15:55:07.0724 3584 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:55:07.0724 3584 drmkaud - ok
15:55:07.0849 3584 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:55:07.0880 3584 dtsoftbus01 - ok
15:55:07.0942 3584 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:55:07.0958 3584 DXGKrnl - ok
15:55:08.0005 3584 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:55:08.0020 3584 EapHost - ok
15:55:08.0129 3584 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:55:08.0207 3584 ebdrv - ok
15:55:08.0239 3584 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:55:08.0239 3584 EFS - ok
15:55:08.0301 3584 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:55:08.0301 3584 ehRecvr - ok
15:55:08.0332 3584 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:55:08.0332 3584 ehSched - ok
15:55:08.0441 3584 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:55:08.0441 3584 elxstor - ok
15:55:08.0473 3584 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:55:08.0488 3584 ErrDev - ok
15:55:08.0535 3584 [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:55:08.0551 3584 ETD - ok
15:55:08.0644 3584 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:55:08.0644 3584 EventSystem - ok
15:55:08.0675 3584 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:55:08.0675 3584 exfat - ok
15:55:08.0707 3584 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:55:08.0707 3584 fastfat - ok
15:55:08.0785 3584 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:55:08.0800 3584 Fax - ok
15:55:08.0863 3584 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:55:08.0863 3584 fdc - ok
15:55:08.0894 3584 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:55:08.0894 3584 fdPHost - ok
15:55:08.0925 3584 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:55:08.0925 3584 FDResPub - ok
15:55:08.0956 3584 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:55:08.0956 3584 FileInfo - ok
15:55:08.0987 3584 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:55:08.0987 3584 Filetrace - ok
15:55:09.0019 3584 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:55:09.0019 3584 flpydisk - ok
15:55:09.0081 3584 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:55:09.0097 3584 FltMgr - ok
15:55:09.0190 3584 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:55:09.0206 3584 FontCache - ok
15:55:09.0268 3584 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:55:09.0268 3584 FontCache3.0.0.0 - ok
15:55:09.0299 3584 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:55:09.0299 3584 FsDepends - ok
15:55:09.0331 3584 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:55:09.0331 3584 Fs_Rec - ok
15:55:09.0409 3584 [ C5A4A998EEA6297A235169CCD1F2D93F ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
15:55:09.0440 3584 Futuremark SystemInfo Service - ok
15:55:09.0518 3584 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:55:09.0518 3584 fvevol - ok
15:55:09.0549 3584 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:55:09.0565 3584 gagp30kx - ok
15:55:09.0611 3584 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:55:09.0611 3584 GEARAspiWDM - ok
15:55:09.0674 3584 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:55:09.0689 3584 gpsvc - ok
15:55:09.0799 3584 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:09.0830 3584 gupdate - ok
15:55:09.0892 3584 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:09.0892 3584 gupdatem - ok
15:55:09.0908 3584 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:55:09.0908 3584 hcw85cir - ok
15:55:09.0955 3584 [ 2249B35899312A3AE137B23636B31763 ] hcw95bda C:\Windows\system32\Drivers\hcw95bda.sys
15:55:09.0970 3584 hcw95bda - ok
15:55:10.0001 3584 [ 3688D4B84E9F98F70A71D5B4B720940E ] hcw95rc C:\Windows\system32\DRIVERS\hcw95rc.sys
15:55:10.0001 3584 hcw95rc - ok
15:55:10.0064 3584 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:55:10.0079 3584 HdAudAddService - ok
15:55:10.0126 3584 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:55:10.0126 3584 HDAudBus - ok
15:55:10.0173 3584 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:55:10.0173 3584 HidBatt - ok
15:55:10.0204 3584 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:55:10.0220 3584 HidBth - ok
15:55:10.0235 3584 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:55:10.0235 3584 HidIr - ok
15:55:10.0282 3584 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:55:10.0282 3584 hidserv - ok
15:55:10.0329 3584 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:55:10.0329 3584 HidUsb - ok
15:55:10.0376 3584 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:55:10.0376 3584 hkmsvc - ok
15:55:10.0438 3584 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:55:10.0438 3584 HomeGroupListener - ok
15:55:10.0501 3584 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:55:10.0501 3584 HomeGroupProvider - ok
15:55:10.0532 3584 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:55:10.0532 3584 HpSAMD - ok
15:55:10.0625 3584 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:55:10.0625 3584 HTTP - ok
15:55:10.0672 3584 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:55:10.0672 3584 hwpolicy - ok
15:55:10.0719 3584 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:55:10.0719 3584 i8042prt - ok
15:55:10.0750 3584 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:55:10.0750 3584 iaStorV - ok
15:55:10.0906 3584 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:55:10.0922 3584 IDriverT - ok
15:55:11.0015 3584 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:55:11.0062 3584 idsvc - ok
15:55:11.0187 3584 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:55:11.0187 3584 iirsp - ok
15:55:11.0265 3584 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:55:11.0281 3584 IKEEXT - ok
15:55:11.0452 3584 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:55:11.0546 3584 IntcAzAudAddService - ok
15:55:11.0593 3584 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:55:11.0593 3584 intelide - ok
15:55:11.0671 3584 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:55:11.0671 3584 intelppm - ok
15:55:11.0749 3584 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:55:11.0749 3584 IPBusEnum - ok
15:55:11.0795 3584 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:55:11.0795 3584 IpFilterDriver - ok
15:55:11.0858 3584 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:55:11.0873 3584 iphlpsvc - ok
15:55:11.0905 3584 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:55:11.0905 3584 IPMIDRV - ok
15:55:11.0983 3584 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:55:11.0983 3584 IPNAT - ok
15:55:12.0248 3584 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:55:12.0263 3584 iPod Service - ok
15:55:12.0295 3584 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:55:12.0295 3584 IRENUM - ok
15:55:12.0341 3584 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:55:12.0341 3584 isapnp - ok
15:55:12.0388 3584 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:55:12.0404 3584 iScsiPrt - ok
15:55:12.0466 3584 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
15:55:12.0466 3584 ivusb - ok
15:55:12.0575 3584 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:55:12.0575 3584 kbdclass - ok
15:55:12.0669 3584 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:55:12.0669 3584 kbdhid - ok
15:55:12.0685 3584 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:55:12.0685 3584 KeyIso - ok
15:55:13.0012 3584 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
15:55:13.0059 3584 Kodak AiO Network Discovery Service - ok
15:55:13.0106 3584 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
15:55:13.0153 3584 Kodak AiO Status Monitor Service - ok
15:55:13.0168 3584 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:55:13.0184 3584 KSecDD - ok
15:55:13.0215 3584 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:55:13.0215 3584 KSecPkg - ok
15:55:13.0340 3584 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:55:13.0355 3584 ksthunk - ok
15:55:13.0511 3584 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:55:13.0543 3584 KtmRm - ok
15:55:13.0761 3584 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:55:13.0777 3584 LanmanServer - ok
15:55:13.0823 3584 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:55:13.0839 3584 LanmanWorkstation - ok
15:55:13.0901 3584 lirsgt - ok
15:55:14.0042 3584 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:55:14.0042 3584 lltdio - ok
15:55:14.0135 3584 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:55:14.0151 3584 lltdsvc - ok
15:55:14.0167 3584 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:55:14.0167 3584 lmhosts - ok
15:55:14.0198 3584 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:55:14.0198 3584 LSI_FC - ok
15:55:14.0245 3584 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:55:14.0245 3584 LSI_SAS - ok
15:55:14.0260 3584 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:55:14.0260 3584 LSI_SAS2 - ok
15:55:14.0291 3584 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:55:14.0291 3584 LSI_SCSI - ok
15:55:14.0323 3584 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:55:14.0323 3584 luafv - ok
15:55:14.0369 3584 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:55:14.0369 3584 Mcx2Svc - ok
15:55:14.0401 3584 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:55:14.0401 3584 megasas - ok
15:55:14.0432 3584 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:55:14.0447 3584 MegaSR - ok
15:55:14.0525 3584 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:55:14.0525 3584 MMCSS - ok
15:55:14.0572 3584 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:55:14.0572 3584 Modem - ok
15:55:14.0603 3584 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:55:14.0603 3584 monitor - ok
15:55:14.0697 3584 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:55:14.0697 3584 mouclass - ok
15:55:14.0759 3584 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:55:14.0759 3584 mouhid - ok
15:55:14.0853 3584 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:55:14.0869 3584 mountmgr - ok
15:55:14.0915 3584 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:55:14.0931 3584 MozillaMaintenance - ok
15:55:14.0978 3584 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:55:14.0978 3584 mpio - ok
15:55:15.0009 3584 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:55:15.0009 3584 mpsdrv - ok
15:55:15.0071 3584 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:55:15.0103 3584 MpsSvc - ok
15:55:15.0149 3584 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:55:15.0149 3584 MRxDAV - ok
15:55:15.0243 3584 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:55:15.0243 3584 mrxsmb - ok
15:55:15.0243 3584 Scan interrupted by user!
15:55:15.0243 3584 ================ Scan global ===============================
15:55:15.0243 3584 Scan interrupted by user!
15:55:15.0243 3584 ================ Scan MBR ==================================
15:55:15.0243 3584 Scan interrupted by user!
15:55:15.0243 3584 ================ Scan VBR ==================================
15:55:15.0243 3584 Scan interrupted by user!
15:55:15.0243 3584 ============================================================
15:55:15.0243 3584 Scan finished
15:55:15.0243 3584 ============================================================
15:55:15.0274 1328 Detected object count: 0
15:55:15.0274 1328 Actual detected object count: 0
15:56:09.0765 4560 ============================================================
15:56:09.0765 4560 Scan started
15:56:09.0765 4560 Mode: Manual; SigCheck; TDLFS;
15:56:09.0765 4560 ============================================================
15:56:10.0265 4560 ================ Scan system memory ========================
15:56:10.0265 4560 System memory - ok
15:56:10.0265 4560 ================ Scan services =============================
15:56:10.0718 4560 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:56:10.0889 4560 1394ohci - ok
15:56:10.0952 4560 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:56:10.0983 4560 ACPI - ok
15:56:11.0030 4560 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:56:11.0155 4560 AcpiPmi - ok
15:56:11.0420 4560 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:56:11.0451 4560 AdobeFlashPlayerUpdateSvc - ok
15:56:11.0513 4560 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:56:11.0560 4560 adp94xx - ok
15:56:11.0591 4560 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:56:11.0623 4560 adpahci - ok
15:56:11.0654 4560 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:56:11.0685 4560 adpu320 - ok
15:56:11.0716 4560 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:56:12.0871 4560 AeLookupSvc - ok
15:56:12.0949 4560 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:56:13.0058 4560 AFD - ok
15:56:13.0089 4560 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:56:13.0120 4560 agp440 - ok
15:56:13.0183 4560 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:56:13.0307 4560 ALG - ok
15:56:13.0354 4560 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:56:13.0370 4560 aliide - ok
15:56:13.0448 4560 [ 4587B257BFAAC2BA9CD457141D8AAC1A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:56:13.0541 4560 AMD External Events Utility - ok
15:56:13.0651 4560 AMD FUEL Service - ok
15:56:13.0666 4560 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:56:13.0682 4560 amdide - ok
15:56:13.0729 4560 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:56:13.0744 4560 amdiox64 - ok
15:56:13.0791 4560 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:56:13.0900 4560 AmdK8 - ok
15:56:14.0243 4560 [ 7A66C937F029D3FA7018281E271A767C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:56:14.0509 4560 amdkmdag - ok
15:56:14.0571 4560 [ 104B134AF77E4D48A9D07BD8457F5FDB ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:56:14.0618 4560 amdkmdap - ok
15:56:14.0649 4560 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:56:14.0696 4560 AmdPPM - ok
15:56:14.0758 4560 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:56:14.0774 4560 amdsata - ok
15:56:14.0821 4560 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:56:14.0836 4560 amdsbs - ok
15:56:14.0867 4560 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:56:14.0883 4560 amdxata - ok
15:56:14.0961 4560 [ EE4797DFEBBE8ACDB548DD8E80BE0A88 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
15:56:14.0977 4560 amd_sata - ok
15:56:15.0008 4560 [ D56EAD71A86FD2ACAE2DB47D0A6A3A41 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
15:56:15.0023 4560 amd_xata - ok
15:56:15.0055 4560 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys
15:56:15.0133 4560 Andbus - ok
15:56:15.0148 4560 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys
15:56:15.0179 4560 AndDiag - ok
15:56:15.0211 4560 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys
15:56:15.0242 4560 AndGps - ok
15:56:15.0273 4560 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys
15:56:15.0320 4560 ANDModem - ok
15:56:15.0335 4560 [ 9C1751B2E733471AE07561028B7D2A9B ] androidusb C:\Windows\system32\Drivers\lgandadb.sys
15:56:15.0413 4560 androidusb - ok
15:56:15.0538 4560 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:56:15.0569 4560 AntiVirSchedulerService - ok
15:56:15.0601 4560 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:56:15.0616 4560 AntiVirService - ok
15:56:15.0663 4560 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:56:15.0991 4560 AppID - ok
15:56:16.0022 4560 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:56:16.0100 4560 AppIDSvc - ok
15:56:16.0147 4560 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:56:16.0256 4560 Appinfo - ok
15:56:16.0381 4560 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:56:16.0412 4560 Apple Mobile Device - ok
15:56:16.0474 4560 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:56:16.0615 4560 AppMgmt - ok
15:56:16.0677 4560 [ 0260B9E197970DBEEA256A45BCBFCADC ] APXACC C:\Windows\system32\DRIVERS\appexDrv.sys
15:56:16.0708 4560 APXACC - ok
15:56:16.0739 4560 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:56:16.0771 4560 arc - ok
15:56:16.0771 4560 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:56:16.0802 4560 arcsas - ok
15:56:16.0817 4560 ASInsHelp - ok
15:56:16.0958 4560 [ A3626C6D3F2DC95497F3F61842D7FD89 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:56:16.0989 4560 ASLDRService - ok
15:56:17.0005 4560 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:56:17.0036 4560 ASMMAP64 - ok
15:56:17.0176 4560 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:56:17.0207 4560 aspnet_state - ok
15:56:17.0239 4560 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:56:17.0332 4560 AsyncMac - ok
15:56:17.0379 4560 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:56:17.0410 4560 atapi - ok
15:56:17.0519 4560 [ 161C115A1C1BE48E18566639426DF371 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:56:17.0644 4560 athr - ok
15:56:17.0691 4560 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:56:17.0800 4560 AtiHDAudioService - ok
15:56:17.0831 4560 [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:56:17.0863 4560 ATKGFNEXSrv - ok
15:56:17.0925 4560 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:56:17.0941 4560 ATKWMIACPIIO - ok
15:56:18.0019 4560 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:56:18.0128 4560 AudioEndpointBuilder - ok
15:56:18.0159 4560 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:56:18.0237 4560 AudioSrv - ok
15:56:18.0268 4560 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:56:18.0299 4560 avgntflt - ok
15:56:18.0346 4560 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:56:18.0362 4560 avipbb - ok
15:56:18.0393 4560 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:56:18.0424 4560 avkmgr - ok
15:56:18.0502 4560 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
15:56:18.0518 4560 AxAutoMntSrv - ok
15:56:18.0580 4560 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:56:18.0674 4560 AxInstSV - ok
15:56:18.0721 4560 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:56:18.0767 4560 b06bdrv - ok
15:56:18.0814 4560 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:56:18.0861 4560 b57nd60a - ok
15:56:18.0908 4560 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:56:18.0986 4560 BDESVC - ok
15:56:19.0001 4560 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:56:19.0095 4560 Beep - ok
15:56:19.0157 4560 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:56:19.0251 4560 BFE - ok
15:56:19.0329 4560 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:56:19.0423 4560 BITS - ok
15:56:19.0438 4560 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:56:19.0469 4560 blbdrive - ok
15:56:19.0516 4560 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:56:19.0547 4560 Bonjour Service - ok
15:56:19.0579 4560 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:56:19.0657 4560 bowser - ok
15:56:19.0688 4560 [ BB2DFF9D111C35AE0119E969987A7A2C ] BrazosTweaker C:\Program Files\BrazosTweaker\BrazosTweakerService.exe
15:56:19.0719 4560 BrazosTweaker ( UnsignedFile.Multi.Generic ) - warning
15:56:19.0719 4560 BrazosTweaker - detected UnsignedFile.Multi.Generic (1)
15:56:19.0781 4560 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:56:19.0875 4560 BrFiltLo - ok
15:56:19.0906 4560 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:56:19.0969 4560 BrFiltUp - ok
15:56:20.0015 4560 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:56:20.0125 4560 Browser - ok
15:56:20.0156 4560 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:56:20.0281 4560 Brserid - ok
15:56:20.0296 4560 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:56:20.0359 4560 BrSerWdm - ok
15:56:20.0374 4560 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:56:20.0421 4560 BrUsbMdm - ok
15:56:20.0452 4560 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:56:20.0499 4560 BrUsbSer - ok
15:56:20.0624 4560 [ 8C5356D946476F90E4C2AA4066897023 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
15:56:20.0655 4560 BstHdAndroidSvc - ok
15:56:20.0702 4560 [ D30B2C76296F3ECE19F7695D66C4C2A5 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
15:56:20.0717 4560 BstHdDrv - ok
15:56:20.0764 4560 [ 02E8B432BD2357E8E6CF9DEAACFF6B45 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
15:56:20.0795 4560 BstHdLogRotatorSvc - ok
15:56:20.0827 4560 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:56:20.0873 4560 BTHMODEM - ok
15:56:20.0920 4560 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:56:20.0998 4560 bthserv - ok
15:56:21.0045 4560 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:56:21.0123 4560 cdfs - ok
15:56:21.0185 4560 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:56:21.0232 4560 cdrom - ok
15:56:21.0295 4560 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:56:21.0373 4560 CertPropSvc - ok
15:56:21.0404 4560 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:56:21.0451 4560 circlass - ok
15:56:21.0513 4560 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:56:21.0544 4560 CLFS - ok
15:56:21.0638 4560 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:56:21.0653 4560 clr_optimization_v2.0.50727_32 - ok
15:56:21.0731 4560 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:56:21.0763 4560 clr_optimization_v2.0.50727_64 - ok
15:56:21.0887 4560 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:56:21.0903 4560 clr_optimization_v4.0.30319_32 - ok
15:56:21.0934 4560 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:56:21.0965 4560 clr_optimization_v4.0.30319_64 - ok
15:56:21.0981 4560 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:56:22.0059 4560 CmBatt - ok
15:56:22.0090 4560 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:56:22.0121 4560 cmdide - ok
15:56:22.0184 4560 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:56:22.0246 4560 CNG - ok
15:56:22.0277 4560 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:56:22.0293 4560 Compbatt - ok
15:56:22.0324 4560 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:56:22.0402 4560 CompositeBus - ok
15:56:22.0418 4560 COMSysApp - ok
15:56:22.0465 4560 cpuz135 - ok
15:56:22.0511 4560 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:56:22.0527 4560 crcdisk - ok
15:56:22.0605 4560 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:56:22.0683 4560 CryptSvc - ok
15:56:22.0730 4560 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:56:22.0839 4560 CSC - ok
15:56:22.0901 4560 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:56:22.0964 4560 CscService - ok
15:56:23.0011 4560 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
15:56:23.0104 4560 dc3d - ok
15:56:23.0167 4560 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:56:23.0260 4560 DcomLaunch - ok
15:56:23.0307 4560 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:56:23.0385 4560 defragsvc - ok
15:56:23.0432 4560 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:56:23.0525 4560 DfsC - ok
15:56:23.0572 4560 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:56:23.0635 4560 Dhcp - ok
15:56:23.0666 4560 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:56:23.0759 4560 discache - ok
15:56:23.0791 4560 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:56:23.0806 4560 Disk - ok
15:56:23.0837 4560 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:56:23.0915 4560 Dnscache - ok
15:56:23.0962 4560 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:56:24.0056 4560 dot3svc - ok
15:56:24.0103 4560 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:56:24.0181 4560 DPS - ok
15:56:24.0227 4560 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:56:24.0274 4560 drmkaud - ok
15:56:24.0337 4560 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:56:24.0368 4560 dtsoftbus01 - ok
15:56:24.0430 4560 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:56:24.0477 4560 DXGKrnl - ok
15:56:24.0508 4560 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:56:24.0602 4560 EapHost - ok
15:56:24.0695 4560 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:56:24.0805 4560 ebdrv - ok
15:56:24.0836 4560 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:56:24.0898 4560 EFS - ok
15:56:24.0945 4560 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:56:25.0054 4560 ehRecvr - ok
15:56:25.0070 4560 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:56:25.0148 4560 ehSched - ok
15:56:25.0195 4560 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:56:25.0241 4560 elxstor - ok
15:56:25.0273 4560 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:56:25.0319 4560 ErrDev - ok
15:56:25.0366 4560 [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] ETD C:\Windows\system32\DRIVERS\ETD.sys
15:56:25.0382 4560 ETD - ok
15:56:25.0444 4560 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:56:25.0553 4560 EventSystem - ok
15:56:25.0585 4560 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:56:25.0663 4560 exfat - ok
15:56:25.0694 4560 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:56:25.0772 4560 fastfat - ok
15:56:25.0834 4560 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:56:25.0990 4560 Fax - ok
15:56:26.0021 4560 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:56:26.0068 4560 fdc - ok
15:56:26.0099 4560 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:56:26.0162 4560 fdPHost - ok
15:56:26.0193 4560 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:56:26.0287 4560 FDResPub - ok
15:56:26.0318 4560 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:56:26.0349 4560 FileInfo - ok
15:56:26.0380 4560 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:56:26.0474 4560 Filetrace - ok
15:56:26.0489 4560 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:56:26.0536 4560 flpydisk - ok
15:56:26.0583 4560 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:56:26.0630 4560 FltMgr - ok
15:56:26.0723 4560 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:56:26.0801 4560 FontCache - ok
15:56:26.0911 4560 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:56:26.0926 4560 FontCache3.0.0.0 - ok
15:56:26.0957 4560 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:56:26.0989 4560 FsDepends - ok
15:56:27.0035 4560 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:56:27.0051 4560 Fs_Rec - ok
15:56:27.0145 4560 [ C5A4A998EEA6297A235169CCD1F2D93F ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
15:56:27.0160 4560 Futuremark SystemInfo Service - ok
15:56:27.0223 4560 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:56:27.0269 4560 fvevol - ok
15:56:27.0285 4560 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:56:27.0316 4560 gagp30kx - ok
15:56:27.0363 4560 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:56:27.0379 4560 GEARAspiWDM - ok
15:56:27.0441 4560 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:56:27.0519 4560 gpsvc - ok
15:56:27.0566 4560 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:56:27.0597 4560 gupdate - ok
15:56:27.0597 4560 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:56:27.0628 4560 gupdatem - ok
15:56:27.0644 4560 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:56:27.0706 4560 hcw85cir - ok
15:56:27.0769 4560 [ 2249B35899312A3AE137B23636B31763 ] hcw95bda C:\Windows\system32\Drivers\hcw95bda.sys
15:56:27.0847 4560 hcw95bda - ok
15:56:27.0878 4560 [ 3688D4B84E9F98F70A71D5B4B720940E ] hcw95rc C:\Windows\system32\DRIVERS\hcw95rc.sys
15:56:27.0909 4560 hcw95rc - ok
15:56:27.0971 4560 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:56:28.0018 4560 HdAudAddService - ok
15:56:28.0049 4560 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:56:28.0096 4560 HDAudBus - ok
15:56:28.0143 4560 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:56:28.0174 4560 HidBatt - ok
15:56:28.0205 4560 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:56:28.0237 4560 HidBth - ok
15:56:28.0268 4560 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:56:28.0330 4560 HidIr - ok
15:56:28.0377 4560 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:56:28.0455 4560 hidserv - ok
15:56:28.0502 4560 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:56:28.0533 4560 HidUsb - ok
15:56:28.0580 4560 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:56:28.0689 4560 hkmsvc - ok
15:56:28.0736 4560 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:56:28.0814 4560 HomeGroupListener - ok
15:56:28.0861 4560 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:56:28.0907 4560 HomeGroupProvider - ok
15:56:28.0970 4560 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:56:28.0985 4560 HpSAMD - ok
15:56:29.0063 4560 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:56:29.0157 4560 HTTP - ok
15:56:29.0204 4560 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:56:29.0235 4560 hwpolicy - ok
15:56:29.0266 4560 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:56:29.0297 4560 i8042prt - ok
15:56:29.0329 4560 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:56:29.0360 4560 iaStorV - ok
15:56:29.0453 4560 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:56:29.0500 4560 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:56:29.0500 4560 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:56:29.0594 4560 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:56:29.0641 4560 idsvc - ok
15:56:29.0672 4560 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:56:29.0687 4560 iirsp - ok
15:56:29.0765 4560 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:56:29.0859 4560 IKEEXT - ok
15:56:30.0015 4560 [ C2F868881D48A568B525255F084EF063 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:56:30.0140 4560 IntcAzAudAddService - ok
15:56:30.0171 4560 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:56:30.0202 4560 intelide - ok
15:56:30.0233 4560 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:56:30.0280 4560 intelppm - ok
15:56:30.0343 4560 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:56:30.0421 4560 IPBusEnum - ok
15:56:30.0499 4560 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:56:30.0577 4560 IpFilterDriver - ok
15:56:30.0639 4560 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:56:30.0717 4560 iphlpsvc - ok
15:56:30.0764 4560 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:56:30.0811 4560 IPMIDRV - ok
15:56:30.0842 4560 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:56:30.0935 4560 IPNAT - ok
15:56:31.0013 4560 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:56:31.0060 4560 iPod Service - ok
15:56:31.0076 4560 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:56:31.0185 4560 IRENUM - ok
15:56:31.0216 4560 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:56:31.0247 4560 isapnp - ok
15:56:31.0294 4560 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:56:31.0325 4560 iScsiPrt - ok
15:56:31.0388 4560 [ BD5BF20EC242E003A2F570B8754A56D1 ] ivusb C:\Windows\system32\DRIVERS\ivusb.sys
15:56:31.0403 4560 ivusb - ok
15:56:31.0450 4560 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:56:31.0466 4560 kbdclass - ok
15:56:31.0481 4560 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:56:31.0544 4560 kbdhid - ok
15:56:31.0575 4560 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:56:31.0591 4560 KeyIso - ok
15:56:31.0762 4560 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
15:56:31.0793 4560 Kodak AiO Network Discovery Service - ok
15:56:31.0856 4560 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
15:56:31.0903 4560 Kodak AiO Status Monitor Service - ok
15:56:31.0934 4560 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:56:31.0949 4560 KSecDD - ok
15:56:31.0981 4560 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:56:32.0012 4560 KSecPkg - ok
15:56:32.0043 4560 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:56:32.0137 4560 ksthunk - ok
15:56:32.0168 4560 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:56:32.0277 4560 KtmRm - ok
15:56:32.0324 4560 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:56:32.0402 4560 LanmanServer - ok
15:56:32.0449 4560 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:56:32.0527 4560 LanmanWorkstation - ok
15:56:32.0542 4560 lirsgt - ok
15:56:32.0573 4560 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:56:32.0667 4560 lltdio - ok
15:56:32.0698 4560 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:56:32.0792 4560 lltdsvc - ok
15:56:32.0807 4560 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:56:32.0885 4560 lmhosts - ok
15:56:32.0917 4560 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:56:32.0948 4560 LSI_FC - ok
15:56:32.0979 4560 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:56:33.0010 4560 LSI_SAS - ok
15:56:33.0026 4560 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:56:33.0057 4560 LSI_SAS2 - ok
15:56:33.0088 4560 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:56:33.0104 4560 LSI_SCSI - ok
15:56:33.0135 4560 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:56:33.0213 4560 luafv - ok
15:56:33.0244 4560 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:56:33.0291 4560 Mcx2Svc - ok
15:56:33.0307 4560 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:56:33.0338 4560 megasas - ok
15:56:33.0369 4560 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:56:33.0400 4560 MegaSR - ok
15:56:33.0463 4560 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:56:33.0556 4560 MMCSS - ok
15:56:33.0572 4560 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:56:33.0665 4560 Modem - ok
15:56:33.0712 4560 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:56:33.0775 4560 monitor - ok
15:56:33.0790 4560 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:56:33.0821 4560 mouclass - ok
15:56:33.0853 4560 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:56:33.0884 4560 mouhid - ok
15:56:33.0915 4560 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:56:33.0946 4560 mountmgr - ok
15:56:34.0009 4560 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:56:34.0040 4560 MozillaMaintenance - ok
15:56:34.0071 4560 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:56:34.0102 4560 mpio - ok
15:56:34.0149 4560 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:56:34.0227 4560 mpsdrv - ok
15:56:34.0289 4560 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:56:34.0383 4560 MpsSvc - ok
15:56:34.0445 4560 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:56:34.0492 4560 MRxDAV - ok
15:56:34.0555 4560 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:56:34.0601 4560 mrxsmb - ok
15:56:34.0648 4560 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:56:34.0695 4560 mrxsmb10 - ok
15:56:34.0742 4560 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:56:34.0789 4560 mrxsmb20 - ok
15:56:34.0804 4560 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:56:34.0835 4560 msahci - ok
15:56:34.0882 4560 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:56:34.0913 4560 msdsm - ok
15:56:34.0929 4560 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:56:34.0976 4560 MSDTC - ok
15:56:35.0038 4560 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:56:35.0132 4560 Msfs - ok
15:56:35.0163 4560 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:56:35.0257 4560 mshidkmdf - ok
15:56:35.0303 4560 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:56:35.0335 4560 msisadrv - ok
15:56:35.0381 4560 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:56:35.0459 4560 MSiSCSI - ok
15:56:35.0475 4560 msiserver - ok
15:56:35.0522 4560 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:56:35.0615 4560 MSKSSRV - ok
15:56:35.0662 4560 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:56:35.0756 4560 MSPCLOCK - ok
15:56:35.0787 4560 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:56:35.0865 4560 MSPQM - ok
15:56:35.0912 4560 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:56:35.0959 4560 MsRPC - ok
15:56:36.0005 4560 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:56:36.0021 4560 mssmbios - ok
15:56:36.0068 4560 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:56:36.0161 4560 MSTEE - ok
15:56:36.0177 4560 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:56:36.0208 4560 MTConfig - ok
15:56:36.0239 4560 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:56:36.0271 4560 Mup - ok
15:56:36.0333 4560 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:56:36.0427 4560 napagent - ok
15:56:36.0505 4560 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:56:36.0598 4560 NativeWifiP - ok
15:56:36.0676 4560 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:56:36.0723 4560 NDIS - ok
15:56:36.0785 4560 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:56:36.0863 4560 NdisCap - ok
15:56:36.0941 4560 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:56:37.0004 4560 NdisTapi - ok
15:56:37.0097 4560 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:56:37.0175 4560 Ndisuio - ok
15:56:37.0222 4560 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:56:37.0316 4560 NdisWan - ok
15:56:37.0378 4560 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:56:37.0456 4560 NDProxy - ok
15:56:37.0503 4560 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:56:37.0597 4560 NetBIOS - ok
15:56:37.0659 4560 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:56:37.0753 4560 NetBT - ok
15:56:37.0753 4560 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:56:37.0784 4560 Netlogon - ok
15:56:37.0831 4560 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:56:37.0924 4560 Netman - ok
15:56:37.0987 4560 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:56:38.0049 4560 NetMsmqActivator - ok
15:56:38.0065 4560 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:56:38.0096 4560 NetPipeActivator - ok
15:56:38.0127 4560 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:56:38.0221 4560 netprofm - ok
15:56:38.0236 4560 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:56:38.0267 4560 NetTcpActivator - ok
15:56:38.0283 4560 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:56:38.0299 4560 NetTcpPortSharing - ok
15:56:38.0361 4560 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:56:38.0377 4560 nfrd960 - ok
15:56:38.0455 4560 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:56:38.0486 4560 NlaSvc - ok
15:56:38.0517 4560 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:56:38.0611 4560 Npfs - ok
15:56:38.0642 4560 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:56:38.0720 4560 nsi - ok
15:56:38.0751 4560 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:56:38.0829 4560 nsiproxy - ok
15:56:38.0938 4560 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:56:39.0016 4560 Ntfs - ok
15:56:39.0032 4560 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:56:39.0141 4560 Null - ok
15:56:39.0172 4560 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:56:39.0188 4560 nvraid - ok
15:56:39.0219 4560 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:56:39.0250 4560 nvstor - ok
15:56:39.0297 4560 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:56:39.0328 4560 nv_agp - ok
15:56:39.0344 4560 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:56:39.0391 4560 ohci1394 - ok
15:56:39.0422 4560 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:56:39.0500 4560 p2pimsvc - ok
15:56:39.0547 4560 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:56:39.0609 4560 p2psvc - ok
15:56:39.0640 4560 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:56:39.0671 4560 Parport - ok
15:56:39.0703 4560 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:56:39.0734 4560 partmgr - ok
15:56:39.0765 4560 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:56:39.0812 4560 PcaSvc - ok
15:56:39.0859 4560 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:56:39.0890 4560 pci - ok
15:56:39.0921 4560 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:56:39.0937 4560 pciide - ok
15:56:39.0983 4560 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:56:40.0015 4560 pcmcia - ok
15:56:40.0046 4560 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:56:40.0077 4560 pcw - ok
15:56:40.0108 4560 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:56:40.0217 4560 PEAUTH - ok
15:56:40.0295 4560 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:56:40.0436 4560 PeerDistSvc - ok
15:56:40.0639 4560 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:56:40.0670 4560 PerfHost - ok
15:56:40.0748 4560 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:56:40.0888 4560 pla - ok
15:56:40.0951 4560 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:56:41.0013 4560 PlugPlay - ok
15:56:41.0044 4560 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:56:41.0091 4560 PNRPAutoReg - ok
15:56:41.0122 4560 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:56:41.0153 4560 PNRPsvc - ok
15:56:41.0263 4560 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
15:56:41.0278 4560 Point64 - ok
15:56:41.0341 4560 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:56:41.0434 4560 PolicyAgent - ok
15:56:41.0465 4560 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:56:41.0559 4560 Power - ok
15:56:41.0637 4560 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:56:41.0715 4560 PptpMiniport - ok
15:56:41.0746 4560 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:56:41.0809 4560 Processor - ok
15:56:41.0855 4560 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:56:41.0918 4560 ProfSvc - ok
15:56:41.0949 4560 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:56:41.0980 4560 ProtectedStorage - ok
15:56:42.0043 4560 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:56:42.0136 4560 Psched - ok
15:56:42.0199 4560 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:56:42.0308 4560 ql2300 - ok
15:56:42.0339 4560 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:56:42.0355 4560 ql40xx - ok
15:56:42.0401 4560 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:56:42.0448 4560 QWAVE - ok
15:56:42.0479 4560 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:56:42.0526 4560 QWAVEdrv - ok
15:56:42.0620 4560 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:56:42.0651 4560 RapiMgr - ok
15:56:42.0667 4560 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:56:42.0760 4560 RasAcd - ok
15:56:42.0838 4560 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:56:42.0932 4560 RasAgileVpn - ok
15:56:42.0979 4560 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:56:43.0072 4560 RasAuto - ok
15:56:43.0119 4560 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:56:43.0213 4560 Rasl2tp - ok
15:56:43.0259 4560 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:56:43.0369 4560 RasMan - ok
15:56:43.0400 4560 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:56:43.0493 4560 RasPppoe - ok
15:56:43.0540 4560 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:56:43.0618 4560 RasSstp - ok
15:56:43.0681 4560 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:56:43.0774 4560 rdbss - ok
15:56:43.0790 4560 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:56:43.0821 4560 rdpbus - ok
15:56:43.0852 4560 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:56:43.0930 4560 RDPCDD - ok
15:56:43.0977 4560 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:56:44.0055 4560 RDPDR - ok
15:56:44.0102 4560 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:56:44.0180 4560 RDPENCDD - ok
15:56:44.0211 4560 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:56:44.0305 4560 RDPREFMP - ok
15:56:44.0336 4560 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:56:44.0398 4560 RdpVideoMiniport - ok
15:56:44.0429 4560 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:56:44.0523 4560 RDPWD - ok
15:56:44.0585 4560 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:56:44.0617 4560 rdyboost - ok
15:56:44.0679 4560 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:56:44.0757 4560 RemoteAccess - ok
15:56:44.0788 4560 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:56:44.0882 4560 RemoteRegistry - ok
15:56:44.0960 4560 [ CA204A629758FD53D8C63E8B5164539E ] Rockusb C:\Windows\system32\DRIVERS\rockusb.sys
15:56:44.0991 4560 Rockusb - ok
15:56:45.0038 4560 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:56:45.0116 4560 RpcEptMapper - ok
15:56:45.0178 4560 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:56:45.0225 4560 RpcLocator - ok
15:56:45.0272 4560 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:56:45.0350 4560 RpcSs - ok
15:56:45.0397 4560 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:56:45.0490 4560 rspndr - ok
15:56:45.0553 4560 [ 2B12B0B32BA058F1DF2706E8FD7DBEBB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:56:45.0631 4560 RSUSBSTOR - ok
15:56:45.0677 4560 [ C435AC77704EB16E85C9D630F4D4B4F7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
15:56:45.0693 4560 RTHDMIAzAudService - ok
15:56:45.0755 4560 [ BD9BA262CF26EFE9A9867EBE32D12164 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:56:45.0802 4560 RTL8167 - ok
15:56:45.0833 4560 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:56:45.0896 4560 s3cap - ok
15:56:45.0911 4560 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:56:45.0943 4560 SamSs - ok
15:56:46.0099 4560 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\WNt500x64\Sandra.sys
15:56:46.0114 4560 SANDRA - ok
15:56:46.0161 4560 [ AD24E7AB9CBE59CF1014ED4C9BCBD199 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe
15:56:46.0208 4560 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
15:56:46.0208 4560 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
15:56:46.0239 4560 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:56:46.0270 4560 sbp2port - ok
15:56:46.0301 4560 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:56:46.0411 4560 SCardSvr - ok
15:56:46.0457 4560 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:56:46.0535 4560 scfilter - ok
15:56:46.0613 4560 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:56:46.0723 4560 Schedule - ok
15:56:46.0816 4560 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:56:46.0879 4560 SCPolicySvc - ok
15:56:46.0941 4560 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:56:46.0988 4560 SDRSVC - ok
15:56:47.0300 4560 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
15:56:47.0425 4560 SDScannerService - ok
15:56:47.0487 4560 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:56:47.0581 4560 SDUpdateService - ok
15:56:47.0612 4560 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:56:47.0643 4560 SDWSCService - ok
15:56:47.0705 4560 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:56:47.0799 4560 secdrv - ok
15:56:47.0846 4560 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:56:47.0924 4560 seclogon - ok
15:56:47.0955 4560 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:56:48.0033 4560 SENS - ok
15:56:48.0064 4560 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:56:48.0095 4560 SensrSvc - ok
15:56:48.0111 4560 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:56:48.0158 4560 Serenum - ok
15:56:48.0173 4560 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:56:48.0220 4560 Serial - ok
15:56:48.0236 4560 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:56:48.0251 4560 sermouse - ok
15:56:48.0329 4560 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:56:48.0423 4560 SessionEnv - ok
15:56:48.0423 4560 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:56:48.0485 4560 sffdisk - ok
15:56:48.0501 4560 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:56:48.0532 4560 sffp_mmc - ok
15:56:48.0548 4560 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:56:48.0610 4560 sffp_sd - ok
15:56:48.0626 4560 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:56:48.0657 4560 sfloppy - ok
15:56:48.0704 4560 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:56:48.0813 4560 SharedAccess - ok
15:56:48.0891 4560 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:56:48.0985 4560 ShellHWDetection - ok
15:56:49.0016 4560 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:56:49.0047 4560 SiSRaid2 - ok
15:56:49.0078 4560 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:56:49.0109 4560 SiSRaid4 - ok
15:56:49.0156 4560 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:56:49.0250 4560 SkypeUpdate - ok
15:56:49.0297 4560 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:56:49.0406 4560 Smb - ok
15:56:49.0484 4560 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:56:49.0531 4560 SNMPTRAP - ok
15:56:49.0577 4560 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:56:49.0609 4560 spldr - ok
15:56:49.0655 4560 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:56:49.0733 4560 Spooler - ok
15:56:49.0952 4560 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:56:50.0123 4560 sppsvc - ok
15:56:50.0186 4560 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:56:50.0279 4560 sppuinotify - ok
15:56:50.0435 4560 [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd C:\Windows\System32\Drivers\sptd.sys
15:56:50.0467 4560 sptd - ok
15:56:50.0529 4560 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:56:50.0638 4560 srv - ok
15:56:50.0716 4560 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:56:50.0779 4560 srv2 - ok
15:56:50.0841 4560 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:56:50.0919 4560 srvnet - ok
15:56:50.0981 4560 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:56:51.0091 4560 SSDPSRV - ok
15:56:51.0106 4560 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:56:51.0200 4560 SstpSvc - ok
15:56:51.0371 4560 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
15:56:51.0403 4560 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning
15:56:51.0403 4560 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1)
15:56:51.0465 4560 Steam Client Service - ok
15:56:51.0496 4560 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:56:51.0527 4560 stexstor - ok
15:56:51.0590 4560 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:56:51.0621 4560 StillCam - ok
15:56:51.0699 4560 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:56:51.0746 4560 stisvc - ok
15:56:51.0793 4560 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:56:51.0855 4560 storflt - ok
15:56:51.0886 4560 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:56:51.0917 4560 storvsc - ok
15:56:51.0964 4560 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:56:51.0995 4560 swenum - ok
15:56:52.0198 4560 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:56:52.0261 4560 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:56:52.0261 4560 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:56:52.0323 4560 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:56:52.0401 4560 swprv - ok
15:56:52.0417 4560 Synth3dVsc - ok
15:56:52.0526 4560 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:56:52.0604 4560 SysMain - ok
15:56:52.0651 4560 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:56:52.0713 4560 TabletInputService - ok
15:56:52.0760 4560 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:56:52.0869 4560 TapiSrv - ok
15:56:52.0916 4560 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:56:53.0009 4560 TBS - ok
15:56:53.0103 4560 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:56:53.0197 4560 Tcpip - ok
15:56:53.0259 4560 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:56:53.0337 4560 TCPIP6 - ok
15:56:53.0384 4560 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:56:53.0415 4560 tcpipreg - ok
15:56:53.0462 4560 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:56:53.0493 4560 TDPIPE - ok
15:56:53.0555 4560 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:56:53.0602 4560 TDTCP - ok
15:56:53.0665 4560 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:56:53.0758 4560 tdx - ok
15:56:53.0945 4560 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
15:56:54.0117 4560 TeamViewer8 - ok
15:56:54.0164 4560 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:56:54.0179 4560 TermDD - ok
15:56:54.0242 4560 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:56:54.0351 4560 TermService - ok
15:56:54.0382 4560 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:56:54.0429 4560 Themes - ok
15:56:54.0460 4560 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:56:54.0523 4560 THREADORDER - ok
15:56:54.0632 4560 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
15:56:54.0663 4560 TomTomHOMEService - ok
15:56:54.0710 4560 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:56:54.0803 4560 TrkWks - ok
15:56:54.0881 4560 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:56:54.0975 4560 TrustedInstaller - ok
15:56:55.0037 4560 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:56:55.0100 4560 tssecsrv - ok
15:56:55.0131 4560 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:56:55.0209 4560 TsUsbFlt - ok
15:56:55.0225 4560 tsusbhub - ok
15:56:55.0318 4560 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:56:55.0412 4560 tunnel - ok
15:56:55.0443 4560 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:56:55.0474 4560 uagp35 - ok
15:56:55.0521 4560 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:56:55.0599 4560 udfs - ok
15:56:55.0661 4560 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:56:55.0708 4560 UI0Detect - ok
15:56:55.0739 4560 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:56:55.0771 4560 uliagpkx - ok
15:56:55.0817 4560 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:56:55.0849 4560 umbus - ok
15:56:55.0880 4560 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:56:55.0895 4560 UmPass - ok
15:56:55.0942 4560 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:56:56.0005 4560 UmRdpService - ok
15:56:56.0067 4560 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:56:56.0161 4560 upnphost - ok
15:56:56.0207 4560 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:56:56.0254 4560 USBAAPL64 - ok
15:56:56.0301 4560 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:56:56.0332 4560 usbccgp - ok
15:56:56.0395 4560 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:56:56.0426 4560 usbcir - ok
15:56:56.0473 4560 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:56:56.0519 4560 usbehci - ok
15:56:56.0582 4560 [ 5AE9C87A1ED4B243942B3FDDD902134B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
15:56:56.0597 4560 usbfilter - ok
15:56:56.0644 4560 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:56:56.0691 4560 usbhub - ok
15:56:56.0722 4560 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:56:56.0753 4560 usbohci - ok
15:56:56.0785 4560 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:56:56.0831 4560 usbprint - ok
15:56:56.0847 4560 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:56:56.0909 4560 USBSTOR - ok
15:56:56.0925 4560 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:56:56.0972 4560 usbuhci - ok
15:56:57.0034 4560 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:56:57.0112 4560 usbvideo - ok
15:56:57.0175 4560 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:56:57.0221 4560 usb_rndisx - ok
15:56:57.0253 4560 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:56:57.0362 4560 UxSms - ok
15:56:57.0393 4560 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:56:57.0424 4560 VaultSvc - ok
15:56:57.0455 4560 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:56:57.0487 4560 vdrvroot - ok
15:56:57.0518 4560 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:56:57.0611 4560 vds - ok
15:56:57.0643 4560 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:56:57.0674 4560 vga - ok
15:56:57.0689 4560 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:56:57.0783 4560 VgaSave - ok
15:56:57.0783 4560 VGPU - ok
15:56:57.0830 4560 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:56:57.0861 4560 vhdmp - ok
15:56:57.0892 4560 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:56:57.0923 4560 viaide - ok
15:56:57.0955 4560 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:56:57.0986 4560 vmbus - ok
15:56:58.0017 4560 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:56:58.0048 4560 VMBusHID - ok
15:56:58.0079 4560 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:56:58.0111 4560 volmgr - ok
15:56:58.0157 4560 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:56:58.0189 4560 volmgrx - ok
15:56:58.0220 4560 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:56:58.0251 4560 volsnap - ok
15:56:58.0298 4560 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:56:58.0329 4560 vsmraid - ok
15:56:58.0407 4560 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:56:58.0532 4560 VSS - ok
15:56:58.0547 4560 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:56:58.0610 4560 vwifibus - ok
15:56:58.0641 4560 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:56:58.0688 4560 vwififlt - ok
15:56:58.0750 4560 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:56:58.0797 4560 vwifimp - ok
15:56:58.0875 4560 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:56:58.0969 4560 W32Time - ok
15:56:59.0031 4560 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:56:59.0078 4560 WacomPen - ok
15:56:59.0171 4560 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:56:59.0265 4560 WANARP - ok
15:56:59.0281 4560 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:56:59.0343 4560 Wanarpv6 - ok
15:56:59.0483 4560 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:56:59.0577 4560 wbengine - ok
15:56:59.0639 4560 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:56:59.0686 4560 WbioSrvc - ok
15:56:59.0749 4560 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
15:56:59.0780 4560 WcesComm - ok
15:56:59.0827 4560 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:56:59.0920 4560 wcncsvc - ok
15:56:59.0951 4560 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:57:00.0029 4560 WcsPlugInService - ok
15:57:00.0061 4560 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:57:00.0076 4560 Wd - ok
15:57:00.0139 4560 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:57:00.0201 4560 Wdf01000 - ok
15:57:00.0232 4560 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:57:00.0497 4560 WdiServiceHost - ok
15:57:00.0513 4560 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:57:00.0560 4560 WdiSystemHost - ok
15:57:00.0622 4560 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:57:00.0685 4560 WebClient - ok
15:57:00.0747 4560 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:57:00.0841 4560 Wecsvc - ok
15:57:00.0872 4560 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:57:00.0981 4560 wercplsupport - ok
15:57:01.0028 4560 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:57:01.0090 4560 WerSvc - ok
15:57:01.0168 4560 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:57:01.0246 4560 WfpLwf - ok
15:57:01.0262 4560 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:57:01.0293 4560 WIMMount - ok
15:57:01.0324 4560 WinDefend - ok
15:57:01.0340 4560 WinHttpAutoProxySvc - ok
15:57:01.0449 4560 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:57:01.0558 4560 Winmgmt - ok
15:57:01.0683 4560 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files\BrazosTweaker\WinRing0x64.sys
15:57:01.0714 4560 WinRing0_1_2_0 - ok
15:57:01.0808 4560 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:57:01.0933 4560 WinRM - ok
15:57:02.0026 4560 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:57:02.0057 4560 WinUsb - ok
15:57:02.0120 4560 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:57:02.0182 4560 Wlansvc - ok
15:57:02.0416 4560 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:57:02.0541 4560 wlidsvc - ok
15:57:02.0603 4560 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:57:02.0650 4560 WmiAcpi - ok
15:57:02.0713 4560 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:57:02.0775 4560 wmiApSrv - ok
15:57:02.0806 4560 WMPNetworkSvc - ok
15:57:02.0837 4560 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:57:02.0884 4560 WPCSvc - ok
15:57:02.0931 4560 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:57:02.0978 4560 WPDBusEnum - ok
15:57:03.0025 4560 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:57:03.0118 4560 ws2ifsl - ok
15:57:03.0134 4560 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:57:03.0196 4560 wscsvc - ok
15:57:03.0212 4560 WSearch - ok
15:57:03.0352 4560 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:57:03.0461 4560 wuauserv - ok
15:57:03.0508 4560 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:57:03.0586 4560 WudfPf - ok
15:57:03.0633 4560 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:57:03.0664 4560 WUDFRd - ok
15:57:03.0727 4560 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:57:03.0758 4560 wudfsvc - ok
15:57:03.0789 4560 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:57:03.0851 4560 WwanSvc - ok
15:57:03.0929 4560 ================ Scan global ===============================
15:57:03.0992 4560 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:57:04.0054 4560 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:57:04.0070 4560 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:57:04.0132 4560 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:57:04.0163 4560 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:57:04.0179 4560 [Global] - ok
15:57:04.0179 4560 ================ Scan MBR ==================================
15:57:04.0210 4560 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:57:04.0897 4560 \Device\Harddisk0\DR0 - ok
15:57:04.0897 4560 ================ Scan VBR ==================================
15:57:04.0943 4560 [ 87CCFFAF43F7290D6D2C69F71FFCCB07 ] \Device\Harddisk0\DR0\Partition1
15:57:04.0990 4560 \Device\Harddisk0\DR0\Partition1 - ok
15:57:05.0037 4560 [ DD4995FDE9313BEF42371676941A08D2 ] \Device\Harddisk0\DR0\Partition2
15:57:05.0053 4560 \Device\Harddisk0\DR0\Partition2 - ok
15:57:05.0053 4560 ============================================================
15:57:05.0053 4560 Scan finished
15:57:05.0053 4560 ============================================================
15:57:05.0068 4444 Detected object count: 5
15:57:05.0068 4444 Actual detected object count: 5
15:59:10.0872 4444 BrazosTweaker ( UnsignedFile.Multi.Generic ) - skipped by user
15:59:10.0872 4444 BrazosTweaker ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:59:10.0872 4444 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:59:10.0872 4444 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:59:10.0888 4444 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
15:59:10.0888 4444 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:59:10.0888 4444 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user
15:59:10.0888 4444 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:59:10.0888 4444 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
15:59:10.0888 4444 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:59:18.0766 5068 Deinitialize success
|
|
16.02.2013, 20:04
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Seltsame Datei(en) Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2013, 22:31
| #13 |
| | Seltsame Datei(en)Code:
ATTFilter ComboFix 13-02-15.01 - Lappi 16.02.2013 22:13:23.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.5740.4326 [GMT 1:00]
ausgeführt von:: c:\users\Lappi\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lappi\AppData\Roaming\Lappi3SQLite3.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-01-16 bis 2013-02-16 ))))))))))))))))))))))))))))))
.
.
2013-02-15 05:41 . 2013-02-15 05:41 -------- d-----w- c:\programdata\Malwarebytes
2013-02-14 02:03 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 02:03 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 01:32 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 01:32 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 01:31 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-14 01:31 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-14 01:31 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-14 01:31 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-14 01:31 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-14 01:31 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-14 01:31 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-14 01:31 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-14 01:31 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 01:31 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 19:07 . 2013-02-12 19:49 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-12 19:07 . 2009-01-25 11:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-02-12 19:07 . 2013-02-12 19:07 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-02-11 15:31 . 2013-02-11 16:38 -------- d-----w- C:\PS3
2013-02-08 15:39 . 2013-02-08 15:39 -------- d-----w- c:\programdata\ATI
2013-02-08 15:38 . 2013-02-08 15:38 -------- d-----w- c:\program files (x86)\AMD AVT
2013-02-08 15:38 . 2013-02-08 15:38 -------- d-----w- c:\program files\AMD
2013-02-08 15:38 . 2013-02-08 15:38 -------- d-----w- c:\program files (x86)\AMD APP
2013-02-07 18:47 . 2013-02-07 18:51 -------- d-----w- C:\Multi Protocol Programming System
2013-02-05 15:51 . 2011-05-11 12:29 64880 ----a-w- c:\windows\system32\drivers\rockusb.sys
2013-02-03 18:14 . 2013-02-03 18:14 -------- d-----w- c:\program files (x86)\MegaDev
2013-02-03 14:26 . 2013-02-03 14:26 -------- d-----w- C:\FM13
2013-02-03 14:12 . 2013-02-03 14:14 -------- d-----w- c:\program files (x86)\Google
2013-02-03 14:12 . 2013-02-03 14:12 -------- d-----w- c:\users\Lappi\AppData\Local\Google
2013-02-02 13:49 . 2013-02-02 13:49 -------- d-----w- c:\program files\Microsoft IntelliPoint
2013-02-01 19:46 . 2013-02-01 19:46 -------- d-----w- c:\users\Lappi\AppData\Local\Privat
2013-02-01 16:58 . 2013-02-05 20:33 -------- d-----w- c:\users\Lappi\AppData\Roaming\Command & Conquer 3 Kanes Rache
2013-02-01 12:32 . 2013-02-01 12:35 -------- d-----w- c:\program files (x86)\Multiecuscan
2013-01-29 05:55 . 2013-01-29 05:55 78640 ----a-w- c:\windows\system32\atimpc64.dll
2013-01-29 05:55 . 2013-01-29 05:55 78640 ----a-w- c:\windows\system32\amdpcom64.dll
2013-01-29 05:55 . 2013-01-29 05:55 71912 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-01-29 05:55 . 2013-01-29 05:55 71912 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-01-29 05:55 . 2013-01-29 05:55 139904 ----a-w- c:\windows\system32\atiuxp64.dll
2013-01-29 05:55 . 2013-01-29 05:55 118792 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-01-29 05:54 . 2013-01-29 05:54 113672 ----a-w- c:\windows\system32\atiu9p64.dll
2013-01-29 05:54 . 2013-01-29 05:54 92512 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-01-29 05:54 . 2013-01-29 05:54 1150328 ----a-w- c:\windows\system32\aticfx64.dll
2013-01-29 05:54 . 2013-01-29 05:54 968560 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-01-29 05:54 . 2013-01-29 05:54 8173928 ----a-w- c:\windows\system32\atidxx64.dll
2013-01-29 05:54 . 2013-01-29 05:54 7159384 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-01-29 05:54 . 2013-01-29 05:54 4475192 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-01-29 05:54 . 2013-01-29 05:54 6035136 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-01-29 05:54 . 2013-01-29 05:54 5035000 ----a-w- c:\windows\system32\atiumd6a.dll
2013-01-29 05:54 . 2013-01-29 05:54 7038856 ----a-w- c:\windows\system32\atiumd64.dll
2013-01-29 05:48 . 2013-01-29 05:48 11612672 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-01-29 05:39 . 2013-01-29 05:39 23581184 ----a-w- c:\windows\system32\atio6axx.dll
2013-01-29 05:27 . 2013-01-29 05:27 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2013-01-29 05:24 . 2013-01-29 05:24 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2013-01-29 05:24 . 2013-01-29 05:24 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-01-29 05:24 . 2013-01-29 05:24 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2013-01-29 05:24 . 2013-01-29 05:24 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-01-29 05:24 . 2013-01-29 05:24 16082944 ----a-w- c:\windows\system32\aticaldd64.dll
2013-01-29 05:21 . 2013-01-29 05:21 19755520 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-01-29 05:19 . 2013-01-29 05:19 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-01-29 05:15 . 2013-01-29 05:15 77312 ----a-w- c:\windows\system32\coinst_12.10.17.dll
2013-01-29 05:03 . 2013-01-29 05:03 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-01-29 05:02 . 2013-01-29 05:02 561152 ----a-w- c:\windows\system32\atieclxx.exe
2013-01-29 05:01 . 2013-01-29 05:01 240640 ----a-w- c:\windows\system32\atiesrxx.exe
2013-01-29 05:00 . 2013-01-29 05:00 120320 ----a-w- c:\windows\system32\atitmm64.dll
2013-01-29 05:00 . 2013-01-29 05:00 25600 ----a-w- c:\windows\system32\atimuixx.dll
2013-01-29 04:59 . 2013-01-29 04:59 59392 ----a-w- c:\windows\system32\atiedu64.dll
2013-01-29 04:59 . 2013-01-29 04:59 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2013-01-29 04:34 . 2013-01-29 04:34 629760 ----a-w- c:\windows\system32\atiadlxx.dll
2013-01-29 04:34 . 2013-01-29 04:34 425984 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-01-29 04:34 . 2013-01-29 04:34 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2013-01-29 04:33 . 2013-01-29 04:33 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-01-29 04:33 . 2013-01-29 04:33 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2013-01-29 04:33 . 2013-01-29 04:33 44032 ----a-w- c:\windows\system32\atig6txx.dll
2013-01-29 04:33 . 2013-01-29 04:33 34816 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-01-29 04:33 . 2013-01-29 04:33 576000 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-01-29 04:30 . 2013-01-29 04:30 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-01-28 22:20 . 2013-01-28 22:20 222720 ----a-w- c:\windows\system32\clinfo.exe
2013-01-28 22:20 . 2013-01-28 22:20 76288 ----a-w- c:\windows\system32\OpenVideo64.dll
2013-01-28 22:20 . 2013-01-28 22:20 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2013-01-28 22:20 . 2013-01-28 22:20 64000 ----a-w- c:\windows\system32\OVDecode64.dll
2013-01-28 22:20 . 2013-01-28 22:20 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2013-01-28 22:20 . 2013-01-28 22:20 29150208 ----a-w- c:\windows\system32\amdocl64.dll
2013-01-28 22:18 . 2013-01-28 22:18 23810048 ----a-w- c:\windows\SysWow64\amdocl.dll
2013-01-28 22:16 . 2013-01-28 22:16 54784 ----a-w- c:\windows\system32\OpenCL.dll
2013-01-28 22:16 . 2013-01-28 22:16 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-01-28 22:10 . 2013-01-28 22:10 5067264 ----a-w- c:\windows\system32\amdsc64.dll
2013-01-28 22:10 . 2013-01-28 22:10 4083200 ----a-w- c:\windows\SysWow64\amdsc.dll
2013-01-28 16:01 . 2013-01-28 16:01 -------- d-----w- c:\programdata\Publish Data
2013-01-28 15:58 . 2013-01-28 15:58 -------- d-----w- c:\users\Lappi\AppData\Local\Publish_Data
2013-01-28 15:45 . 2013-01-28 15:45 -------- d-----w- c:\program files\Publish Data
2013-01-25 16:22 . 2013-01-28 16:01 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-01-25 15:53 . 2013-01-25 15:54 -------- d-----w- c:\windows\WindowsMobile
2013-01-23 13:48 . 2013-01-23 13:48 -------- d-----w- c:\programdata\RELOADED
2013-01-23 05:45 . 2013-01-23 05:45 -------- d-----w- c:\program files (x86)\CI Games
2013-01-23 05:45 . 2013-01-23 05:45 -------- d-----w- c:\users\Lappi\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-14 02:07 . 2012-08-15 05:54 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-02-09 20:48 . 2012-08-15 10:32 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-09 20:48 . 2012-08-15 10:32 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-04 04:43 . 2013-02-14 01:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 21:22 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 21:22 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 21:22 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 21:22 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 20:02 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 20:02 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 20:02 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 20:02 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 20:02 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 20:02 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 20:02 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 20:02 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 20:02 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 20:02 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 20:02 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 20:02 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 20:02 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 20:02 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 20:02 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 20:02 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 20:02 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 20:02 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 20:02 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 20:02 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 20:02 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 20:02 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 20:02 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 20:02 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 20:02 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 20:02 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 20:02 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 20:02 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 20:02 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 20:02 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 20:02 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 20:02 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-12-06 19:35 . 2012-12-06 19:35 18048 ----a-w- c:\windows\SysWow64\drivers\lirsgt.sys
2012-11-30 05:45 . 2013-01-09 20:01 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 20:01 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 20:01 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:43 . 2013-01-09 20:01 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 20:01 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 20:01 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:53 . 2013-01-09 20:01 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 20:01 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:01 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
2010-01-06 23:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppEx Accelerator UI"="c:\program files\AMD Quick Stream\AppexAcceleratorUI.exe" [2012-05-22 1000288]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Information Schema"="c:\users\Lappi\AppData\Roaming\vlc\msdn.exe" [2013-02-10 4355072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-02-16 322176]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-24 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [2009-07-06 658432]
R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [2009-07-06 19456]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 29720]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Rockusb;Driver for Rockusb Device;c:\windows\system32\DRIVERS\rockusb.sys [2011-05-11 64880]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-11 708200]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
R4 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [2012-08-21 384888]
R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-09-20 136896]
R4 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
R4 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe [2009-08-13 68760]
R4 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R4 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2012-08-15 82560]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2012-08-15 42624]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-15 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-01-29 240640]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-01-28 361984]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
S2 APXACC;AppEx Networks Accelerator LWF;c:\windows\system32\DRIVERS\appexDrv.sys [2012-05-23 199008]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 BrazosTweaker;BrazosTweaker service;c:\program files\BrazosTweaker\BrazosTweakerService.exe [2012-01-21 187904]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2012-08-21 74616]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-03-02 244224]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2012-08-15 56448]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\BrazosTweaker\WinRing0x64.sys [2012-01-21 14544]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 95692914
*Deregistered* - 95692914
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 20:48]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-03 14:12]
.
2013-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-03 14:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Alles mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Videos mit FDM herunterladen - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Lappi\AppData\Roaming\Mozilla\Firefox\Profiles\95b9s0pc.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: network.proxy.ftp - proxyus5.stealthy.co
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - proxyus5.stealthy.co
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - proxyus5.stealthy.co
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - proxyus5.stealthy.co
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 2
FF - ExtSQL: 2012-12-23 19:52; stealthyextension@gmail.com; c:\users\Lappi\AppData\Roaming\Mozilla\Firefox\Profiles\95b9s0pc.default\extensions\stealthyextension@gmail.com.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-Driver Genius - (no file)
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{CC59E0F9-7E43-44FA-9FAA-8377850BF205}"=hex:51,66,7a,6c,4c,1d,38,12,97,e3,4a,
c8,71,30,94,01,e0,bc,c0,37,80,55,b6,11
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:15,55,71,ff,73,a0,cd,01
.
[HKEY_USERS\S-1-5-21-830199503-3038931148-3267462750-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:34,04,93,bc,64,58,05,65,77,ba,82,87,03,78,a2,79,76,1c,33,d4,91,10,5e,
f9,b2,30,36,51,c4,c6,76,63,2b,78,12,95,b0,58,8d,72,42,75,a2,f8,73,6e,60,28,\
"??"=hex:69,3e,43,58,9f,64,ba,75,fe,6b,77,07,2a,78,dd,74
.
[HKEY_USERS\S-1-5-21-830199503-3038931148-3267462750-1000\Software\SecuROM\License information*]
"datasecu"=hex:bd,2e,b7,c7,89,b0,24,7d,5f,f1,37,19,3f,5b,e9,bb,90,29,29,87,ef,
40,09,e5,d0,53,86,42,a7,f6,7a,8a,ba,9a,40,c3,6b,5b,92,eb,94,75,e7,08,79,df,\
"rkeysecu"=hex:76,d2,b4,5b,f5,29,78,f9,97,0a,bc,b8,02,15,f3,47
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-16 22:28:44
ComboFix-quarantined-files.txt 2013-02-16 21:28
.
Vor Suchlauf: 17 Verzeichnis(se), 133.806.510.080 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 133.836.120.064 Bytes frei
.
- - End Of File - - 6C0C619E9749041CD0798720770F405E
|
|
18.02.2013, 13:21
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Seltsame Datei(en) adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.02.2013, 18:17
| #15 |
| | Seltsame Datei(en)Code:
ATTFilter # AdwCleaner v2.112 - Datei am 18/02/2013 um 17:28:48 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : Lappi - LAPPI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Lappi\Downloads\adwcleaner0.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Users\Lappi\AppData\LocalLow\boost_interprocess
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16464
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v18.0.2 (de)
Datei : C:\Users\Lappi\AppData\Roaming\Mozilla\Firefox\Profiles\1okp12qb.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Users\Lappi\AppData\Roaming\Mozilla\Firefox\Profiles\95b9s0pc.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [1042 octets] - [18/02/2013 17:28:17]
AdwCleaner[S1].txt - [977 octets] - [18/02/2013 17:28:48]
########## EOF - C:\AdwCleaner[S1].txt - [1036 octets] ##########
Code:
ATTFilter OTL logfile created on: 18.02.2013 17:33:08 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lappi\Downloads 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,61 Gb Total Physical Memory | 4,16 Gb Available Physical Memory | 74,22% Memory free 11,21 Gb Paging File | 9,66 Gb Available in Paging File | 86,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,99 Gb Total Space | 127,48 Gb Free Space | 42,78% Space Free | Partition Type: NTFS Drive Z: | 82,98 Mb Total Space | 38,64 Mb Free Space | 46,57% Space Free | Partition Type: NTFS Computer Name: LAPPI-PC | User Name: Lappi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Lappi\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Users\Lappi\AppData\Roaming\vlc\msdn.exe () PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f3c2e63623f7a64a35e3dd746b90edbc\PresentationFramework.Classic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_de_31bf3856ad364e35\WindowsBase.resources.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Kodak AiO Network Discovery Service) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company) SRV - (Kodak AiO Status Monitor Service) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Eastman Kodak Company) SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation) SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (BrazosTweaker) -- C:\Programme\BrazosTweaker\BrazosTweakerService.exe () SRV - (AxAutoMntSrv) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software) SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe (SiSoftware) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (APXACC) -- C:\Windows\SysNative\drivers\appexDrv.sys (AppEx Networks Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation) DRV:64bit: - (Rockusb) -- C:\Windows\SysNative\drivers\rockusb.sys (Fuzhou Rockchip Electronics Co,Ltd.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.) DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.) DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.) DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.) DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\lgandadb.sys (Google Inc) DRV:64bit: - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation) DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (hcw95rc) -- C:\Windows\SysNative\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hcw95bda) -- C:\Windows\SysNative\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (lirsgt) -- C:\Windows\SysWOW64\drivers\lirsgt.sys () DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems) DRV - (WinRing0_1_2_0) -- C:\Programme\BrazosTweaker\WinRing0x64.sys (OpenLibSys.org) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS) DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\WNt500x64\sandra.sys (SiSoftware) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 95 EB 78 70 5A 08 CE 01 [binary data] IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.02.17 20:17:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 14:57:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 14:57:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.25 17:22:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013.02.17 20:17:21 | 000,000,000 | ---D | M] [2012.08.15 15:21:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\Extensions [2012.06.12 16:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2013.02.15 06:34:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\Firefox\Profiles\95b9s0pc.default\extensions [2013.01.11 16:26:41 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Lappi\AppData\Roaming\mozilla\Firefox\Profiles\95b9s0pc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.12.13 20:28:09 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\Users\Lappi\AppData\Roaming\mozilla\Firefox\Profiles\95b9s0pc.default\extensions\fdm_ffext@freedownloadmanager.org [2013.02.05 20:40:04 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Lappi\AppData\Roaming\mozilla\Firefox\Profiles\95b9s0pc.default\extensions\ich@maltegoetz.de [2012.08.16 05:43:51 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\DivXWebPlayer@divx.com.xpi [2012.08.16 19:52:14 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\elemhidehelper@adblockplus.org.xpi [2012.08.16 19:52:33 | 000,001,703 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\f6@merike.pri.ee.xpi [2012.12.13 20:28:14 | 002,151,598 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\firebug@software.joehewitt.com.xpi [2013.02.09 19:16:35 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\stealthyextension@gmail.com.xpi [2012.08.16 19:52:33 | 000,004,545 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\support@easy-hideip.com.xpi [2012.08.16 19:52:33 | 000,004,552 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\support@platinumhideip.com.xpi [2012.08.16 19:52:33 | 000,004,526 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\support@real-hide-ip.com.xpi [2013.01.28 17:40:08 | 000,142,907 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\unplug@compunach.xpi [2012.08.16 19:52:33 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\youtube2mp3@mondayx.de.xpi [2012.12.24 10:14:16 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012.12.30 11:28:47 | 000,358,225 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi [2013.02.15 06:34:03 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.08.16 19:52:33 | 000,026,136 | ---- | M] () (No name found) -- C:\Users\Lappi\AppData\Roaming\mozilla\firefox\profiles\95b9s0pc.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2013.02.06 14:57:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.06 14:57:14 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.20 21:04:34 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.02.16 22:24:35 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe File not found O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe (AppEx Networks Corporation) O4 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000..\Run: [Information Schema] C:\Users\Lappi\AppData\Roaming\vlc\msdn.exe () O4 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-830199503-3038931148-3267462750-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm () O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DEFE633-334A-461E-82B0-BA362213CF28}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6A3AEDDD-0886-427F-B7D5-E45AFF305945}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.16 22:28:47 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.02.16 22:10:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.02.16 22:10:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.02.16 22:10:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.02.16 22:09:55 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.02.16 22:09:40 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.02.16 14:54:05 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\Temp [2013.02.15 06:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.14 03:00:54 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.02.14 03:00:54 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.02.14 03:00:53 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.02.14 03:00:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.02.14 03:00:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.02.14 03:00:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.02.14 03:00:51 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.02.14 03:00:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.02.14 03:00:50 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.14 03:00:50 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.02.14 03:00:50 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.02.14 03:00:50 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.14 03:00:47 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.14 03:00:47 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.14 03:00:47 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.02.14 02:32:02 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.02.14 02:31:59 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.02.14 02:31:58 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.02.14 02:31:56 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.02.14 02:31:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.02.14 02:31:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.02.14 02:31:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.02.14 02:31:55 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.02.14 02:31:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.02.14 02:31:51 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.02.12 20:49:09 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Documents\ProcAlyzer Dumps [2013.02.12 20:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013.02.12 20:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2013.02.12 20:07:27 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2013.02.12 20:07:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013.02.11 16:31:25 | 000,000,000 | ---D | C] -- C:\PS3 [2013.02.10 20:16:20 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Documents\Test Drive Ferrari Racing Legends [2013.02.09 20:10:09 | 000,000,000 | ---D | C] -- C:\Config.Msi [2013.02.09 14:30:51 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Documents\Euro Truck Simulator 2 [2013.02.08 16:53:30 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Documents\Command & Conquer 3 Kanes Rache [2013.02.08 16:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.02.08 16:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013.02.08 16:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2013.02.08 16:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2013.02.08 16:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2013.02.07 19:47:55 | 000,000,000 | ---D | C] -- C:\Multi Protocol Programming System [2013.02.06 14:57:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.05 16:51:36 | 000,064,880 | ---- | C] (Fuzhou Rockchip Electronics Co,Ltd.) -- C:\Windows\SysNative\drivers\rockusb.sys [2013.02.03 19:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDev [2013.02.03 19:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MegaDev [2013.02.03 15:45:07 | 000,000,000 | ---D | C] -- C:\Users\Lappi\Documents\FUSSBALL MANAGER 13 [2013.02.03 15:42:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2013.02.03 15:42:09 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2013.02.03 15:42:09 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2013.02.03 15:42:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2013.02.03 15:42:07 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2013.02.03 15:42:07 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2013.02.03 15:42:06 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2013.02.03 15:42:06 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2013.02.03 15:42:05 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2013.02.03 15:42:05 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2013.02.03 15:42:04 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2013.02.03 15:42:04 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2013.02.03 15:42:03 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2013.02.03 15:42:03 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2013.02.03 15:42:01 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2013.02.03 15:42:01 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2013.02.03 15:26:48 | 000,000,000 | ---D | C] -- C:\FM13 [2013.02.03 15:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013.02.03 15:12:23 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\Google [2013.02.03 15:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.02.02 14:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus [2013.02.02 14:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint [2013.02.01 20:46:51 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\Privat [2013.02.01 17:58:19 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Roaming\Command & Conquer 3 Kanes Rache [2013.02.01 13:32:34 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multiecuscan [2013.02.01 13:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Multiecuscan [2013.01.29 06:55:24 | 000,078,640 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2013.01.29 06:55:24 | 000,078,640 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2013.01.29 06:55:20 | 000,071,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2013.01.29 06:55:20 | 000,071,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2013.01.29 06:55:06 | 000,139,904 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2013.01.29 06:55:00 | 000,118,792 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2013.01.29 06:54:54 | 000,113,672 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2013.01.29 06:54:50 | 000,092,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2013.01.29 06:54:46 | 001,150,328 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2013.01.29 06:54:42 | 000,968,560 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2013.01.29 06:54:34 | 008,173,928 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2013.01.29 06:54:28 | 007,159,384 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2013.01.29 06:54:18 | 004,475,192 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2013.01.29 06:54:14 | 006,035,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2013.01.29 06:54:06 | 005,035,000 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2013.01.29 06:54:00 | 007,038,856 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2013.01.29 06:48:38 | 011,612,672 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2013.01.29 06:39:06 | 023,581,184 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2013.01.29 06:27:12 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2013.01.29 06:24:44 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2013.01.29 06:24:42 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2013.01.29 06:24:36 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2013.01.29 06:24:34 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2013.01.29 06:24:22 | 016,082,944 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2013.01.29 06:21:02 | 019,755,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2013.01.29 06:19:56 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2013.01.29 06:15:54 | 000,077,312 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_12.10.17.dll [2013.01.29 06:03:00 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll [2013.01.29 06:02:50 | 000,561,152 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2013.01.29 06:01:58 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2013.01.29 06:00:20 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2013.01.29 06:00:00 | 000,025,600 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2013.01.29 05:59:56 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2013.01.29 05:59:50 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2013.01.29 05:34:28 | 000,629,760 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2013.01.29 05:34:16 | 000,425,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2013.01.29 05:34:00 | 000,017,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2013.01.29 05:33:56 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2013.01.29 05:33:56 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll [2013.01.29 05:33:52 | 000,044,032 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2013.01.29 05:33:44 | 000,034,816 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2013.01.29 05:33:36 | 000,576,000 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2013.01.29 05:30:44 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2013.01.28 23:20:40 | 000,076,288 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll [2013.01.28 23:20:36 | 000,065,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll [2013.01.28 23:20:32 | 000,064,000 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll [2013.01.28 23:20:30 | 000,056,320 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll [2013.01.28 23:20:20 | 029,150,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2013.01.28 23:18:24 | 023,810,048 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2013.01.28 23:16:40 | 000,054,784 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.01.28 23:16:36 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.01.28 23:10:28 | 005,067,264 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdsc64.dll [2013.01.28 23:10:26 | 004,083,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdsc.dll [2013.01.28 17:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Publish Data [2013.01.28 16:58:27 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\Publish_Data [2013.01.28 16:45:02 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Treiber-Studio 2013 [2013.01.28 16:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Publish Data [2013.01.25 17:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.01.25 16:53:46 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile [2013.01.23 14:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED [2013.01.23 14:45:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CI Games [2013.01.23 06:45:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CI Games [2013.01.23 06:45:11 | 000,000,000 | ---D | C] -- C:\Users\Lappi\AppData\Local\Programs [2013.01.21 19:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.18 17:37:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.18 17:37:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.18 17:30:15 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.18 17:30:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.18 17:30:03 | 218,869,759 | -HS- | M] () -- C:\hiberfil.sys [2013.02.18 17:24:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.18 17:19:30 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.16 22:24:35 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.02.16 15:37:52 | 438,265,730 | ---- | M] () -- C:\Users\Lappi\Desktop\DC SHOES_ KEN BLOCK_S GYMKHANA FIVE_ ULTIMATE URBAN PLAYGROU.mp4 [2013.02.14 03:31:15 | 004,912,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.14 03:05:51 | 001,635,332 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.14 03:05:51 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.14 03:05:51 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.14 03:05:51 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.14 03:05:51 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.09 21:48:14 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.02.09 21:48:14 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.02.09 13:25:41 | 000,196,608 | ---- | M] () -- C:\Users\Lappi\Documents\Aktuell.fdu [2013.02.09 13:21:28 | 000,196,608 | ---- | M] () -- C:\Users\Lappi\Documents\PolarEdit 10x8 2.fdu [2013.02.02 14:49:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf [2013.01.29 13:30:36 | 001,590,506 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.01.29 06:55:24 | 000,078,640 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2013.01.29 06:55:24 | 000,078,640 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2013.01.29 06:55:20 | 000,071,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2013.01.29 06:55:20 | 000,071,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2013.01.29 06:55:06 | 000,139,904 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll [2013.01.29 06:55:00 | 000,118,792 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll [2013.01.29 06:54:54 | 000,113,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll [2013.01.29 06:54:50 | 000,092,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll [2013.01.29 06:54:46 | 001,150,328 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll [2013.01.29 06:54:42 | 000,968,560 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll [2013.01.29 06:54:34 | 008,173,928 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2013.01.29 06:54:28 | 007,159,384 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2013.01.29 06:54:18 | 004,475,192 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2013.01.29 06:54:14 | 006,035,136 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2013.01.29 06:54:06 | 005,035,000 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2013.01.29 06:54:00 | 007,038,856 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2013.01.29 06:48:38 | 011,612,672 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2013.01.29 06:39:06 | 023,581,184 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll [2013.01.29 06:28:32 | 000,340,256 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb [2013.01.29 06:28:32 | 000,340,256 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb [2013.01.29 06:27:12 | 000,163,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe [2013.01.29 06:24:44 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2013.01.29 06:24:42 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2013.01.29 06:24:36 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2013.01.29 06:24:34 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2013.01.29 06:24:22 | 016,082,944 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2013.01.29 06:21:02 | 019,755,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2013.01.29 06:19:56 | 013,703,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2013.01.29 06:15:54 | 000,077,312 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_12.10.17.dll [2013.01.29 06:03:00 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll [2013.01.29 06:02:50 | 000,561,152 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2013.01.29 06:01:58 | 000,240,640 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2013.01.29 06:00:20 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2013.01.29 06:00:00 | 000,025,600 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2013.01.29 05:59:56 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2013.01.29 05:59:50 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2013.01.29 05:34:28 | 000,629,760 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2013.01.29 05:34:16 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2013.01.29 05:34:00 | 000,017,920 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll [2013.01.29 05:33:56 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll [2013.01.29 05:33:56 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll [2013.01.29 05:33:52 | 000,044,032 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll [2013.01.29 05:33:44 | 000,034,816 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll [2013.01.29 05:33:36 | 000,576,000 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys [2013.01.29 05:30:44 | 000,053,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2013.01.29 04:50:40 | 003,296,864 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap [2013.01.29 04:50:40 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat [2013.01.29 04:50:40 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat [2013.01.29 04:50:40 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat [2013.01.29 04:50:40 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat [2013.01.29 04:36:10 | 003,330,608 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap [2013.01.28 23:20:58 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe [2013.01.28 23:20:40 | 000,076,288 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll [2013.01.28 23:20:36 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll [2013.01.28 23:20:32 | 000,064,000 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll [2013.01.28 23:20:30 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll [2013.01.28 23:20:20 | 029,150,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll [2013.01.28 23:18:24 | 023,810,048 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll [2013.01.28 23:16:40 | 000,054,784 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2013.01.28 23:16:36 | 000,050,176 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2013.01.28 23:10:28 | 005,067,264 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdsc64.dll [2013.01.28 23:10:26 | 004,083,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdsc.dll [2013.01.25 16:55:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2013.01.23 14:24:36 | 000,405,309 | ---- | M] () -- C:\plugin.rar [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.16 22:10:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.02.16 22:10:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.02.16 22:10:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.02.16 22:10:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.02.16 22:10:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.02.16 15:15:32 | 438,265,730 | ---- | C] () -- C:\Users\Lappi\Desktop\DC SHOES_ KEN BLOCK_S GYMKHANA FIVE_ ULTIMATE URBAN PLAYGROU.mp4 [2013.02.12 20:07:36 | 000,002,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2013.02.09 13:25:41 | 000,196,608 | ---- | C] () -- C:\Users\Lappi\Documents\Aktuell.fdu [2013.02.09 13:21:27 | 000,196,608 | ---- | C] () -- C:\Users\Lappi\Documents\PolarEdit 10x8 2.fdu [2013.02.03 15:12:27 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.03 15:12:26 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.02 14:49:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf [2013.01.29 06:28:32 | 000,340,256 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb [2013.01.29 06:28:32 | 000,340,256 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2013.01.29 04:50:40 | 003,296,864 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2013.01.29 04:50:40 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2013.01.29 04:50:40 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat [2013.01.29 04:50:40 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2013.01.29 04:50:40 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat [2013.01.29 04:36:10 | 003,330,608 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2013.01.28 23:20:58 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe [2013.01.28 16:43:02 | 001,590,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.01.25 16:55:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2013.01.25 16:54:01 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk [2013.01.07 16:27:51 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2013.01.06 19:36:59 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2012.12.23 10:39:25 | 000,000,029 | ---- | C] () -- C:\Windows\wordpad.ini [2012.12.15 18:24:33 | 000,000,600 | ---- | C] () -- C:\Users\Lappi\AppData\Roaming\winscp.rnd [2012.12.06 20:35:11 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\lirsgt.sys [2012.12.06 20:33:15 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [2012.11.27 00:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.11.05 21:52:43 | 000,000,078 | ---- | C] () -- C:\Windows\wininit.ini [2012.10.26 17:05:38 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.10.26 17:05:30 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.10.03 19:35:41 | 000,000,534 | ---- | C] () -- C:\Windows\eReg.dat [2012.10.03 13:48:16 | 000,001,574 | ---- | C] () -- C:\Windows\cdplayer.ini [2012.10.03 13:46:11 | 000,078,085 | ---- | C] () -- C:\Windows\SysWow64\pattern.dat [2012.10.03 13:46:05 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\fxstudio.dll [2012.10.03 13:46:04 | 000,282,624 | ---- | C] () -- C:\Windows\SysWow64\animation2.dll [2012.09.15 17:31:17 | 000,092,168 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2012.08.26 18:54:01 | 000,036,892 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll [2012.08.24 19:05:26 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\dvttrn.dll [2012.08.22 05:40:50 | 002,097,152 | ---- | C] () -- C:\Windows\sample5x.dat [2012.08.20 17:05:42 | 000,000,064 | ---- | C] () -- C:\Users\Lappi\AppData\Roaming\Sandra.ldb [2012.08.20 17:05:41 | 011,730,944 | ---- | C] () -- C:\Users\Lappi\AppData\Roaming\Sandra.mdb [2012.08.16 18:38:56 | 000,007,605 | ---- | C] () -- C:\Users\Lappi\AppData\Local\resmon.resmoncfg [2012.08.15 14:01:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report >  |
|
| Themen zu Seltsame Datei(en) |
| abges, abgestürzt, ahnung, andere, datei, dateien, fehlermeldung, gestartet, hoffe, keine ahnung, laptop, minute, nervig, neu, problem, programm, richtig, scan, scanner, seltsame, virus, woche, ähnliches |
Linear-Darstellung
