| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.BWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.03.2013, 20:05
| #1 |
 |  mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Guten Abend, vermutlich habe ich mir einen Trojaner eingefangen. Microsoft Essentials berichtete mir kürzlich, dass der oben genannte Trojaner erkannt worden sei, ich aber nichts zu tun bräuchte. Zunächst dachte ich, es würde mit der Installation von einem Spiel zusammenhängen, was ich in dem Moment tat. Hinterher habe ich festgestellt, dass das Problem mit dem Internetexplorer in Verbindung auftritt, ich nutze diesen eben nur, um auf meinvz.de ein einzelnes Flashspiel zu spielen. Durch Recherchen stieß ich auf dieses Forum und fand den Hinweis, zunächst mit Malwarebytes den Rechner zu prüfen - dieser fand jedoch nichts, stoppte aber eine unerlaubte Aktion zu einer IP, als ich den IExplorer nutzen wollte. Ein erneuter Durchlauf (sowohl mit Essentials als auch mit Malwarebytes) ergab nichts. Der Versuch, meinvz.de über meinen Standardbrowser anzuwählen, war mit "Erfolg" gekrönt - auch hier stoppte Malwarebytes einen Zugriff, ferner blockte "NoScript" Teile des Flashspiels mit einer Nachricht, dass hier eine falsche oder fremde Seite aufgerufen werden sollte. Anbei die Textauszüge von: OTL Code:
ATTFilter OTL logfile created on: 18.03.2013 18:45:06 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anti\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 55,16% Memory free 14,00 Gb Paging File | 12,06 Gb Available in Paging File | 86,19% Paging File free Paging file location(s): h:\pagefile.sys 10240 10240 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,65 Gb Total Space | 46,30 Gb Free Space | 47,41% Space Free | Partition Type: NTFS Drive D: | 100,01 Gb Total Space | 78,10 Gb Free Space | 78,09% Space Free | Partition Type: NTFS Drive F: | 195,31 Gb Total Space | 33,51 Gb Free Space | 17,16% Space Free | Partition Type: NTFS Drive G: | 97,65 Gb Total Space | 18,47 Gb Free Space | 18,91% Space Free | Partition Type: NTFS Drive H: | 104,06 Gb Total Space | 93,91 Gb Free Space | 90,25% Space Free | Partition Type: NTFS Drive J: | 7,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: CHAOS-KISTE | User Name: Anti | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.03.17 11:39:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anti\Desktop\OTL.exe PRC - [2013.02.10 04:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013.02.09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.12.20 10:44:32 | 000,844,296 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2012.12.20 10:44:28 | 000,310,280 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe PRC - [2012.12.20 10:44:26 | 001,476,104 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2012.10.17 11:21:04 | 000,168,776 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe PRC - [2012.10.17 11:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe PRC - [2011.12.03 17:10:33 | 000,189,184 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2010.11.20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe PRC - [2010.03.11 00:22:04 | 000,599,408 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe PRC - [2010.03.11 00:21:16 | 000,300,400 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe PRC - [2009.11.07 15:25:10 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2007.04.09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHelper.exe ========== Modules (No Company Name) ========== MOD - [2013.02.14 07:17:31 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll MOD - [2013.01.10 19:07:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll MOD - [2013.01.10 19:06:39 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll MOD - [2013.01.09 22:04:41 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll MOD - [2013.01.09 22:04:30 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll MOD - [2013.01.09 22:04:25 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll MOD - [2013.01.09 22:04:24 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll MOD - [2013.01.09 22:04:23 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll MOD - [2013.01.09 22:04:22 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll MOD - [2013.01.09 22:04:20 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll MOD - [2013.01.09 22:04:15 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll MOD - [2012.10.17 11:21:04 | 000,168,776 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe MOD - [2012.10.17 11:21:02 | 000,553,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe MOD - [2012.06.30 05:18:08 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTMUI.dll MOD - [2012.06.30 05:18:04 | 000,335,872 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTHAL.dll MOD - [2012.06.30 05:17:48 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTCore.dll MOD - [2012.06.30 05:17:40 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTUI.dll MOD - [2012.06.30 05:17:34 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTFC.dll MOD - [2012.06.05 08:23:18 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSSHooks.dll MOD - [2012.06.05 07:03:40 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTMUI.dll MOD - [2012.06.05 07:02:42 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTUI.dll MOD - [2012.06.05 07:02:34 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTFC.dll MOD - [2011.05.01 07:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\RTTSH.dll MOD - [2011.05.01 07:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTTSH.dll ========== Services (SafeList) ========== SRV:64bit: - [2012.04.06 03:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.03.12 20:03:47 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.03.08 06:41:23 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.02.10 04:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.02.09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.01.27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2013.01.27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2013.01.08 15:19:46 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2012.06.19 05:12:06 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.05.18 19:07:26 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service) SRV - [2011.12.03 17:10:33 | 000,189,184 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.03.01 18:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.11.07 15:25:10 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.05.31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007.05.31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.01.20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.09.20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2012.09.20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.02 11:23:05 | 000,035,112 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\teamviewervpn.sys -- (teamviewervpn) DRV:64bit: - [2012.04.06 06:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.04.06 02:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.03.09 09:57:36 | 000,023,816 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.23 13:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.09.02 07:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.02.19 19:57:38 | 000,871,408 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2009.11.23 16:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:64bit: - [2009.11.23 16:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:64bit: - [2009.10.05 10:08:44 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm) DRV:64bit: - [2009.09.28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.07.24 07:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2007.04.12 08:10:28 | 000,151,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL) DRV:64bit: - [2007.04.10 06:07:54 | 000,580,904 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k) DRV:64bit: - [2007.04.10 04:41:54 | 000,295,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k) DRV:64bit: - [2007.04.10 04:41:20 | 000,259,880 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k) DRV:64bit: - [2007.04.10 04:40:24 | 001,359,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k) DRV:64bit: - [2007.04.10 04:39:48 | 000,147,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:64bit: - [2007.04.10 04:38:40 | 000,290,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:64bit: - [2007.04.10 04:38:10 | 000,017,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:64bit: - [2007.04.10 04:37:36 | 000,218,408 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv) DRV:64bit: - [2007.04.10 04:35:28 | 000,863,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) DRV:64bit: - [2007.04.10 04:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL) DRV:64bit: - [2007.04.10 04:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL) DRV:64bit: - [2007.04.10 04:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL) DRV:64bit: - [2007.04.10 04:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL) DRV:64bit: - [2007.04.10 04:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL) DRV:64bit: - [2007.04.10 04:14:28 | 000,142,120 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTERFXFX.DLL -- (CTERFXFX.DLL) DRV:64bit: - [2007.04.10 04:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL) DRV:64bit: - [2007.04.10 04:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL) DRV:64bit: - [2007.04.10 04:12:22 | 000,681,256 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL) DRV:64bit: - [2007.04.10 04:11:46 | 000,700,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL) DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2012.10.17 11:21:00 | 000,015,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys -- (RTCore64) DRV - [2009.09.10 08:50:16 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.meinvz.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 4A C5 72 3A 59 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {900EEA37-B77F-404B-B225-D2EC298058DC} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{57B5E9C0-DDCC-4FC0-9AAA-A99EFED6CEFC}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms} IE - HKCU\..\SearchScopes\{900EEA37-B77F-404B-B225-D2EC298058DC}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129 FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68 FF - prefs.js..extensions.enabledAddons: browserprotect%40browserprotect.com:1.1.3 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.8 FF - prefs.js..extensions.enabledAddons: nasanightlaunch%40example.com:0.6.20130206 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 06:41:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 19:24:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 06:41:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 19:24:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.17 13:50:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.06.11 18:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Extensions [2009.12.21 01:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013.03.05 06:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions [2013.03.03 08:09:04 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2013.01.31 15:45:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013.02.14 18:35:19 | 000,047,822 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\browserprotect@browserprotect.com.xpi [2013.02.23 10:59:45 | 002,345,043 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\nasanightlaunch@example.com.xpi [2013.03.05 06:05:17 | 000,531,283 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.02.14 07:23:01 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.02.14 18:35:19 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013.02.14 18:33:16 | 000,698,764 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013.03.08 06:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.08 06:41:24 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.03.11 00:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2010.03.11 00:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2010.03.11 00:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2010.03.11 00:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2012.02.18 11:21:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.03.11 00:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2011.03.22 19:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010.03.11 00:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2012.06.01 17:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.09 20:59:55 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.01 17:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.01 17:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.01 17:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.01 17:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O4:64bit: - HKLM..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL File not found O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [AsioReg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd) O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd) O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com.tw/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7880B74D-1DFC-4B1E-9DFE-1EED515B6BDC}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found O18:64bit: - Protocol\Filter\ica - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.08.03 16:57:48 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012.11.02 00:38:02 | 000,000,058 | -H-- | M] () - J:\autorun.inf -- [ UDF ] O33 - MountPoints2\{0d8e9394-cb82-11de-b0ab-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{0d8e9394-cb82-11de-b0ab-806e6f6e6963}\Shell\AutoRun\command - "" = J:\StarCraft II Setup.exe -- [2012.11.02 00:38:02 | 002,020,544 | ---- | M] (Blizzard Entertainment) O33 - MountPoints2\{e47033b3-edf8-11e1-b78f-001fc61eb744}\Shell - "" = AutoRun O33 - MountPoints2\{e47033b3-edf8-11e1-b78f-001fc61eb744}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.18 18:36:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Anti\Desktop\OTL.exe [2013.03.17 13:50:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.03.17 11:13:49 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Roaming\Malwarebytes [2013.03.17 11:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.03.17 11:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.17 11:13:34 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.03.17 11:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.03.17 11:13:16 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Local\Programs [2013.03.16 22:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2013.03.16 22:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2013.03.16 22:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2013.03.16 21:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e95598d0.temp [2013.03.16 21:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e7271c42.temp [2013.03.16 20:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.3a018b42.temp [2013.03.16 17:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e6f2b040.temp [2013.03.16 17:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.d48c6a9e.temp [2013.03.16 17:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.a0d452d4.temp [2013.03.16 16:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.3aaca235.temp [2013.03.16 16:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.temp [2013.03.16 16:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2013.03.09 15:31:09 | 000,000,000 | ---D | C] -- C:\Users\Anti\Desktop\div. Programme [2013.03.09 14:31:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013.03.08 06:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.26 19:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.02.26 19:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.02.16 19:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2013.02.16 19:42:56 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Local\EA Core [2013.02.16 19:42:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2013.02.16 19:38:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2013.02.16 19:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2013.02.16 18:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.18 18:47:28 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.18 18:47:28 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.18 18:43:59 | 000,224,853 | ---- | M] () -- C:\Users\Anti\Desktop\reihenfolge.png [2013.03.18 18:39:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.18 18:39:50 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys [2013.03.18 18:38:00 | 000,000,020 | ---- | M] () -- C:\Users\Anti\defogger_reenable [2013.03.18 18:03:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.17 14:59:39 | 000,488,819 | ---- | M] () -- C:\Users\Anti\Desktop\Malwarezugriff.png [2013.03.17 14:12:07 | 013,786,977 | ---- | M] () -- C:\Users\Anti\Desktop\mbar-1.01.0.1021.zip [2013.03.17 11:40:01 | 000,377,856 | ---- | M] () -- C:\Users\Anti\Desktop\gmer_2.1.19155.exe [2013.03.17 11:39:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anti\Desktop\OTL.exe [2013.03.17 11:38:53 | 000,050,477 | ---- | M] () -- C:\Users\Anti\Desktop\Defogger.exe [2013.03.16 22:01:06 | 000,000,739 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2013.03.16 21:32:56 | 000,000,000 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk.temp [2013.03.16 14:15:12 | 000,033,688 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.16 14:15:12 | 000,033,688 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.16 14:15:12 | 000,029,604 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.16 14:15:12 | 000,029,604 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.16 14:15:12 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.14 06:37:55 | 004,958,588 | ---- | M] () -- C:\Windows\{00000008-00000000-00000002-00001102-00000008-10211102}.CDF [2013.03.09 10:31:59 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk [2013.03.06 18:11:16 | 001,642,284 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.03.06 18:11:16 | 000,707,316 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.03.06 18:11:16 | 000,660,934 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.03.06 18:11:16 | 000,152,908 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.03.06 18:11:16 | 000,125,124 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.19 22:44:46 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.18 18:43:59 | 000,224,853 | ---- | C] () -- C:\Users\Anti\Desktop\reihenfolge.png [2013.03.18 18:38:00 | 000,000,020 | ---- | C] () -- C:\Users\Anti\defogger_reenable [2013.03.18 18:36:36 | 013,786,977 | ---- | C] () -- C:\Users\Anti\Desktop\mbar-1.01.0.1021.zip [2013.03.18 18:36:35 | 000,377,856 | ---- | C] () -- C:\Users\Anti\Desktop\gmer_2.1.19155.exe [2013.03.18 18:36:35 | 000,050,477 | ---- | C] () -- C:\Users\Anti\Desktop\Defogger.exe [2013.03.17 14:59:39 | 000,488,819 | ---- | C] () -- C:\Users\Anti\Desktop\Malwarezugriff.png [2013.03.16 22:01:04 | 000,000,739 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2013.03.16 21:32:56 | 000,000,000 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk.temp [2013.03.09 10:31:59 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk [2013.03.08 19:24:39 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2012.08.28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.08.28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.08.28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.08.28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.08.28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.06.20 17:17:59 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012.06.15 19:21:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.04.06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.04.06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.01.10 22:27:55 | 000,000,412 | ---- | C] () -- C:\Users\Anti\AppData\Roaming\All CPU Meter_Settings.ini [2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009.11.07 19:05:35 | 000,007,605 | ---- | C] () -- C:\Users\Anti\AppData\Local\Resmon.ResmonCfg [2009.11.07 16:26:30 | 000,000,092 | ---- | C] () -- C:\Users\Anti\AppData\Local\fusioncache.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011.07.16 13:18:04 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Bioshock2 [2010.10.02 08:18:53 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\BITS [2012.06.11 20:01:27 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\DAEMON Tools Lite [2009.12.06 14:07:59 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\GetRightToGo [2012.12.06 17:58:40 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\ICAClient [2010.07.07 18:36:20 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Leadertech [2012.12.23 15:08:57 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien [2010.06.20 13:56:29 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Nokia [2010.06.20 14:06:56 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\PC Suite [2011.04.16 07:29:30 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\runic games [2012.10.15 19:59:15 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Samsung [2012.08.12 13:44:34 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\TeamViewer [2009.12.21 01:08:11 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Thunderbird [2013.03.09 10:30:57 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\TS3Client [2009.11.07 16:30:19 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\Turbine [2011.06.18 13:17:26 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\wargaming.net [2011.05.12 18:32:35 | 000,000,000 | ---D | M] -- C:\Users\Anti\AppData\Roaming\XRay Engine ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 18.03.2013 18:45:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anti\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 55,16% Memory free
14,00 Gb Paging File | 12,06 Gb Available in Paging File | 86,19% Paging File free
Paging file location(s): h:\pagefile.sys 10240 10240 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 46,30 Gb Free Space | 47,41% Space Free | Partition Type: NTFS
Drive D: | 100,01 Gb Total Space | 78,10 Gb Free Space | 78,09% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 33,51 Gb Free Space | 17,16% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 18,47 Gb Free Space | 18,91% Space Free | Partition Type: NTFS
Drive H: | 104,06 Gb Total Space | 93,91 Gb Free Space | 90,25% Space Free | Partition Type: NTFS
Drive J: | 7,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: CHAOS-KISTE | User Name: Anti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09839E28-ABC0-4EA5-84A6-C580F3D27107}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{15E38D09-512D-4451-85EE-1643B616963F}" = lport=58912 | protocol=17 | dir=in | name=pando media booster |
"{2926B42D-DBB0-4AE9-9978-A99D94299ACE}" = lport=58912 | protocol=6 | dir=in | name=pando media booster |
"{432EA76B-4942-4674-9B0F-4FBBCB43C9F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5499EFEB-2D3B-45B6-9A52-A6675273982B}" = lport=40980 | protocol=6 | dir=in | name=test authoring and execution framework service |
"{5E7CDEBC-27D6-4A3B-AFB4-F8525D82073B}" = lport=445 | protocol=6 | dir=in | app=system |
"{6098B9E1-CFA0-4913-B701-8BDDB0ECA4E8}" = rport=445 | protocol=6 | dir=out | app=system |
"{6739CEF6-3B16-4347-AE82-CD15EE3D8831}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9716D1F8-70E4-4DC1-B8BD-647AC15F8628}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9A7B5E8D-8385-44AA-9E66-831CE332A3E2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B4FE28D-283B-4A53-A8FC-86D381829E54}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5311E5B-AF0F-4032-920E-89D800200892}" = lport=139 | protocol=6 | dir=in | app=system |
"{A5634912-DC51-49B9-9675-2B8025D224BA}" = lport=58912 | protocol=17 | dir=in | name=pando media booster |
"{BB4EAE86-5B7C-4EDC-9215-0FE484A7E5F3}" = lport=58912 | protocol=6 | dir=in | name=pando media booster |
"{BBC3905F-11E1-42DB-987A-B1117B46A7D5}" = rport=139 | protocol=6 | dir=out | app=system |
"{CF10ABEB-752B-4F50-80FA-F8B50743CB63}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D262D3E9-5914-469F-994E-7A8892F09F42}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D825D0DF-D942-4E2B-B030-132318ECE4DF}" = lport=137 | protocol=17 | dir=in | app=system |
"{DC5A2D6E-65F9-4600-BDEF-07F8E700AA6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DD5D4EA8-55BD-4746-A18A-2A2AE5702B0E}" = lport=rpc-epmap | protocol=6 | dir=in | name=test authoring and execution framework service (rpc endpoint mapper) |
"{E690912F-1279-4008-A697-ABE0D527FE82}" = lport=138 | protocol=17 | dir=in | app=system |
"{E80E45A4-E645-4FC9-914D-6A7C7938F4DB}" = rport=138 | protocol=17 | dir=out | app=system |
"{E8AA8E93-48C4-461D-9802-40745A1FB09A}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02DDB7DD-176F-46E0-8896-1E813AC823E1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0C3B484D-AF1C-4960-BC5F-D8E1C9D5B29A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{0CB8A718-33E9-41DE-99CD-48543C1EF520}" = protocol=6 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\game.dat |
"{15D02AC0-838B-402D-911A-7E5678B592D0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.exe |
"{1D73AC2D-0F48-4128-88EE-F8478809F61D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1FC1CFE2-7E11-4E94-A1B8-FF850D84B69C}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{2038EBA0-27F8-41E0-A494-F9AAC7D7F159}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2D32ECB0-DFD4-4D03-968D-5D11E85195DA}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{2DE03716-68A2-44EA-919F-65A3429D6A27}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2DE522A4-9FEE-4837-9CA5-2AF98C87009E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{2E486553-B2EA-4CD0-A4B0-66794C0A66EB}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{2EA54C13-3CA1-420F-A6A9-26E6527BA57C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2FBBB557-F1CE-47F2-9C47-9D036CE59234}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{384D9010-4A0F-4E73-BA4B-67D0CA8FAADF}" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\masseffect2launcher.exe |
"{38A55526-A768-4556-B563-B2E815C88C4A}" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii public test.exe |
"{3925B5C4-71F7-43D5-A690-08162B9996BF}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{3C56E207-E997-4375-A152-494B470C64ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{41A26827-FEDE-43DD-BC84-55A12BF53B82}" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\binaries\masseffect2.exe |
"{448E043E-D23D-4B73-A4F3-9B98023DE740}" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\binaries\masseffect2.exe |
"{47C9EC04-093A-4736-A9C0-60E9F42610CD}" = protocol=6 | dir=in | app=f:\spiele-7\wot\worldoftanks.exe |
"{4A5A06CB-BBE5-4F0F-B0E1-4715E261D28E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D5C5E87-59F9-4315-AAFE-F08FC3A72662}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{50A12E94-5577-4639-BA34-EB721A16295C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5196814F-E8A8-4DBB-8683-F9E5C6988B7A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{57622651-0FDD-4D3A-85ED-010AB86BCDEA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{597BCAD2-F66D-45D5-ACE2-3FC044C9C54A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5BF61A3A-219F-4D81-BA49-B9A2662CB8FB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5C846A4F-0183-4F6D-A687-5A9132962638}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{5CA36A3F-5B8B-474C-BECC-80049F660408}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5EFC2240-DDF4-487D-A3C1-4DFB17FA5423}" = protocol=17 | dir=in | app=f:\spiele-7\wot\wotlauncher.exe |
"{62C54429-4C55-4309-991A-FE9C16A31FD2}" = protocol=6 | dir=in | app=f:\spiele-7\wot\wotlauncher.exe |
"{66F17F62-E3EF-41ED-B687-E7DC646575EC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{67275120-00BF-4C5B-AFE7-1CD9F3810AE4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6ED489B5-737C-4FE8-8680-AC1C0459CD47}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{73E14F3D-2241-4B49-A5F9-94B22BFA0916}" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\masseffect2launcher.exe |
"{74C3096E-7161-4125-BF45-14F983FCEA81}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{794E24B4-D7F2-445B-9E08-D25187B3E2A5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{79DAAD6E-60FA-46D7-9119-B6FC5D1D15DA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{7A0AF599-A862-452B-B489-11D09CC72EC5}" = protocol=17 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\game.dat |
"{7B0EA50E-63C2-4B1B-925C-DBEF47AB2F14}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{7B4B93FF-1CE7-4848-B361-B57E9E43E8A2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{81E39794-2740-4C72-8509-568D10FDF616}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{84940352-FED9-40FD-BAAC-E6F741BB790F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{86D14627-41EF-407E-814D-89F27C7E96B0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{8A886395-C3DC-4201-BC97-5F1631E5D1E1}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{98BBEA95-315C-448B-9673-493860E5CF54}" = protocol=17 | dir=in | app=f:\spiele-7\diablo3\diablo iii\diablo iii.exe |
"{9C92E0D0-6CAC-48AC-B777-3A67C1FBA851}" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii public test.exe |
"{9D3F2E67-9FD5-4C68-8492-E25B9AB4CC5D}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{9DD56909-39FD-43F9-B5C1-E70D72824AF9}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{A09D62C8-D5DB-42D2-91FD-37E58F4CBEE2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A30206A4-22AA-4916-9636-9A33E31102CB}" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii.exe |
"{A38A8801-8823-491F-9760-6FFFBCACD04E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A559BE55-7CE4-4942-92EC-64BF018784D5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A6245B2A-4DED-4BC9-97CB-B8C50506F325}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{A8E074B9-C532-4E58-869F-AAB8DA9675B6}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{A96AB6BC-47CB-4865-8A2B-AFE7D62CB8B7}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{B167FF0A-3F5F-4E8A-9442-37DC3E61A786}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{B1939052-93B9-4E06-A371-39B0ABAE660A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B2BCC57F-16C7-4138-9DC2-B9405667E633}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B56C7ED0-D1E3-4CF0-B575-8B9E588964C0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{B67D324F-10AD-4AEE-8839-23857FEE59FB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.exe |
"{BC3F7C99-CAB1-406E-B646-2924CF16CBBA}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{C2A97B82-A585-44EE-9EF1-69E973F8F656}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{C2F907CB-F01E-4D95-9093-9FF7234C2AB9}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{CC08C57E-939A-441B-A2C4-17F4AD5013C5}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{D7F8167B-E09E-46CD-A36F-D3B95C0D700F}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{D88A52D6-70AE-45B9-A998-AA3C75B4E962}" = protocol=17 | dir=in | app=f:\spiele-7\wot\worldoftanks.exe |
"{DB678A6D-AD39-4A16-B6B0-C59C117F5055}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{E01019EC-744D-4D82-A263-F32E77C80A7F}" = protocol=6 | dir=in | app=f:\spiele-7\diablo3\diablo iii\diablo iii.exe |
"{E0A7976A-F99F-421E-B320-FC8C8E151183}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EEA311B4-FAA8-4B13-91D7-376BDFBB5EEB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F4DADB3C-C2F5-4471-A223-7ED34872928E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F64FC89F-47D0-4AF9-80B5-4FAB9A80DB24}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F950C5D7-1D3E-44D7-8922-4462B0E4DAB9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FA55BA45-5DB4-45E5-8B22-7250A7F3F041}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{FC325BDA-78AC-4DD4-A257-F8CDEEEF529F}" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii.exe |
"TCP Query User{13C32560-1425-4969-B6AD-EF9816AB61AF}F:\spiele-7\hdr-schlacht um mittelerde\patchget.dat" = protocol=6 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\patchget.dat |
"TCP Query User{15450AE5-9AA0-4F1A-B837-8ADF655448B4}F:\spiele-7\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=f:\spiele-7\guild wars 2\gw2.exe |
"TCP Query User{6CFDB880-D270-4167-8806-5FE84AF66AAD}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{9C7DDDFC-CF25-43DB-9666-45DD1F04AA1B}F:\spiele-7\lotro\lotroclient.exe" = protocol=6 | dir=in | app=f:\spiele-7\lotro\lotroclient.exe |
"TCP Query User{A5E768D8-1514-4596-ABD4-910588E4900E}F:\spiele\steam\steam.exe" = protocol=6 | dir=in | app=f:\spiele\steam\steam.exe |
"TCP Query User{CC505C34-D773-478D-87CB-D9209D2A6907}F:\spiele-7\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{CCBDA70B-0F7D-4BE2-BCB0-F0B9382AA2AF}F:\spiele-7\mass effect 2\binaries\eacoreserver.exe" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\binaries\eacoreserver.exe |
"UDP Query User{2A7F565A-B4CA-4785-9DF3-5394D652C6B3}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{8738BDA9-F7E6-4F71-B745-A7B92124EB2E}F:\spiele-7\mass effect 2\binaries\eacoreserver.exe" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\binaries\eacoreserver.exe |
"UDP Query User{9FB92513-373A-452E-B7BF-AC4F26AA5699}F:\spiele-7\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{DD2097BB-F408-44A4-A1B0-3F161B337989}F:\spiele-7\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=f:\spiele-7\guild wars 2\gw2.exe |
"UDP Query User{E6BE6D34-A68D-476E-92A1-FDB0C6A1B537}F:\spiele\steam\steam.exe" = protocol=17 | dir=in | app=f:\spiele\steam\steam.exe |
"UDP Query User{E82EA5AB-340E-4D48-ABDE-E0C8B4019D34}F:\spiele-7\hdr-schlacht um mittelerde\patchget.dat" = protocol=17 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\patchget.dat |
"UDP Query User{F6807266-FBD5-4F4B-BD03-71974F569FC6}F:\spiele-7\lotro\lotroclient.exe" = protocol=17 | dir=in | app=f:\spiele-7\lotro\lotroclient.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"SP6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{023D64D7-E7B4-47C7-BE6E-B7C2E8960D08}" = Citrix Online Plug-in (Web)
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{3ff842b6-4ab0-4291-8ebf-0a26b3701b04}" = Windows Driver Kit
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper Version 3.2.0
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60D66D9B-760B-4006-9443-08960A811D4C}" = Windows Driver Frameworks Update Packages
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DA2AF51-EE25-BB21-9106-FF69FC83DDB7}" = Kits Configuration Installer
"{6F8EAC65-314D-4D86-9557-BC9312AACCB0}" = Citrix Online Plug-in (USB)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8144262B-25B4-44F6-8204-FCC8EF50179F}" = Citrix Online Plug-in (DV)
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{D1C1F497-452C-89D8-EE26-014184714B78}" = Windows Driver Kit
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{EA74A293-3FAC-4D1B-AE3A-3BD47FADDC20}" = Citrix Online Plug-in (HDX)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Stalker Complete 2009 v1.4.4}}_is1" = Stalker Complete 2009 v1.4.4
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = Der Herr der Ringe Online v03.05.01.8027
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"CitrixOnlinePluginPackWeb" = Citrix Online Plug-in - Web
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"Diablo III" = Diablo III
"EA Installer.-2062380449" = EA Installer
"Fraps" = Fraps
"Guild Wars" = GUILD WARS
"Guild Wars 2" = Guild Wars 2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 17.0.4 (x86 de)" = Mozilla Thunderbird 17.0.4 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PrecisionX" = EVGA Precision X 3.0.4
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218" = Source SDK Base 2007
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 8" = TeamViewer 8
"Winamp" = Winamp
"WinRAR archiver" = WinRAR Archivierer
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 07.03.2013 01:23:52 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: winamp.exe, Version: 5.6.1.3133,
Zeitstempel: 0x4d88ec8b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00038dc9 ID des fehlerhaften
Prozesses: 0x6c44 Startzeit der fehlerhaften Anwendung: 0x01ce1af3e82e1ca6 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Winamp\winamp.exe Pfad des fehlerhaften
Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 329e8adf-86e7-11e2-8594-001fc61eb744
Error - 07.03.2013 14:16:08 | Computer Name = Chaos-Kiste | Source = Application Hang | ID = 1002
Description = Programm WorldOfTanks.exe, Version 0.8.4.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d24 Startzeit:
01ce1b5f83909598 Endzeit: 96 Anwendungspfad: F:\Spiele-7\World_of_Tanks\WorldOfTanks.exe
Berichts-ID:
Error - 08.03.2013 14:22:41 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
Zeitstempel: 0x5138a1d3 Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
Zeitstempel: 0x5138a0ed Ausnahmecode: 0xc0000005 Fehleroffset: 0x00172818 ID des fehlerhaften
Prozesses: 0x2b48 Startzeit der fehlerhaften Anwendung: 0x01ce1c29d52e8977 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
29439745-881d-11e2-b42a-001fc61eb744
Error - 11.03.2013 01:16:05 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: lcdmon.exe, Version: 3.6.109.0, Zeitstempel:
0x4c58421d Name des fehlerhaften Moduls: lcdmon.exe, Version: 3.6.109.0, Zeitstempel:
0x4c58421d Ausnahmecode: 0x40000015 Fehleroffset: 0x000000000009f674 ID des fehlerhaften
Prozesses: 0xbb0 Startzeit der fehlerhaften Anwendung: 0x01ce1d6775f12fe7 Pfad der
fehlerhaften Anwendung: C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
Berichtskennung:
c568f5d2-8a0a-11e2-86a8-001fc61eb744
Error - 11.03.2013 01:44:29 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
Zeitstempel: 0x5138a1d3 Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
Zeitstempel: 0x5138a0ed Ausnahmecode: 0xc0000005 Fehleroffset: 0x00172818 ID des fehlerhaften
Prozesses: 0xac4 Startzeit der fehlerhaften Anwendung: 0x01ce1e177361144c Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
bd2d1dab-8a0e-11e2-86a8-001fc61eb744
Error - 12.03.2013 16:50:46 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
Zeitstempel: 0x5138a1d3 Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
Zeitstempel: 0x5138a0ed Ausnahmecode: 0xc0000005 Fehleroffset: 0x00172818 ID des fehlerhaften
Prozesses: 0x654c Startzeit der fehlerhaften Anwendung: 0x01ce1f5ea104099e Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
82daa783-8b56-11e2-86a8-001fc61eb744
Error - 14.03.2013 01:40:33 | Computer Name = Chaos-Kiste | Source = Windows Search Service | ID = 3007
Description =
Error - 16.03.2013 11:38:39 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
Zeitstempel: 0x5138a1d3 Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
Zeitstempel: 0x5138a0ed Ausnahmecode: 0xc0000005 Fehleroffset: 0x00172818 ID des fehlerhaften
Prozesses: 0xe14 Startzeit der fehlerhaften Anwendung: 0x01ce225b7e298738 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
925ae5d7-8e4f-11e2-ba6e-001fc61eb744
Error - 16.03.2013 16:14:37 | Computer Name = Chaos-Kiste | Source = Application Hang | ID = 1002
Description = Programm fraps.exe, Version 3.5.9.15587 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 838 Startzeit:
01ce225b0eac4df0 Endzeit: 90 Anwendungspfad: C:\Fraps\fraps.exe Berichts-ID:
Error - 18.03.2013 12:43:53 | Computer Name = Chaos-Kiste | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: LCDMon.exe, Version: 3.6.109.0, Zeitstempel:
0x4c58421d Name des fehlerhaften Moduls: LCDMon.exe, Version: 3.6.109.0, Zeitstempel:
0x4c58421d Ausnahmecode: 0x40000015 Fehleroffset: 0x000000000009f674 ID des fehlerhaften
Prozesses: 0xf5c Startzeit der fehlerhaften Anwendung: 0x01ce23293ea5558c Pfad der
fehlerhaften Anwendung: C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
Berichtskennung:
0453c2e1-8feb-11e2-b3ff-001fc61eb744
[ System Events ]
Error - 16.03.2013 11:29:36 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 17.03.2013 08:40:29 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 17.03.2013 08:40:35 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 17.03.2013 11:54:52 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 17.03.2013 11:55:12 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 17.03.2013 11:55:14 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst MsMpSvc erreicht.
Error - 17.03.2013 12:04:53 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 17.03.2013 12:04:56 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 18.03.2013 13:40:05 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 18.03.2013 13:40:09 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
Code:
ATTFilter GMER 2.1.19155 - hxxp://www.gmer.net
Rootkit scan 2013-03-18 19:38:02
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 SAMSUNG_HD753LJ rev.1AA01118 698,64GB
Running: gmer_2.1.19155.exe; Driver: C:\Users\Anti\AppData\Local\Temp\fwriipog.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000072831a22 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000072831ad0 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000072831b08 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000072831bba 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[368] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000072831bda 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000072831a22 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000072831ad0 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000072831b08 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000072831bba 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000072831bda 2 bytes [83, 72]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075f01465 2 bytes [F0, 75]
.text C:\Windows\SysWOW64\PnkBstrB.exe[1944] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075f014bb 2 bytes [F0, 75]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f01465 2 bytes [F0, 75]
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[4048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f014bb 2 bytes [F0, 75]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3284] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 0000000077a1000c 1 byte [C3]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3284] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 0000000077a9f85a 5 bytes JMP 0000000177a4d571
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f01465 2 bytes [F0, 75]
.text C:\Program Files (x86)\Skype\Phone\Skype.exe[3516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f014bb 2 bytes [F0, 75]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f01465 2 bytes [F0, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f014bb 2 bytes [F0, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\svchost.exe [472:1732] 000007fef63f0ea8
Thread C:\Windows\system32\svchost.exe [472:1836] 000007fef63e9db0
Thread C:\Windows\system32\svchost.exe [472:2564] 000007fef63f1c94
Thread C:\Windows\system32\svchost.exe [472:944] 000007fef63eaa10
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [1792:5116] 000007fefc2a2a7c
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [1792:5188] 000007fef6cf5124
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEE 0x9D 0x5B 0x8A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x87 0xAE 0xC3 0xC2 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x13 0x89 0xC3 0x9E ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEE 0x9D 0x5B 0x8A ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x87 0xAE 0xC3 0xC2 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x13 0x89 0xC3 0x9E ...
---- EOF - GMER 2.1 ----
Vielen Dank im Vorab! |
|
19.03.2013, 12:52
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Hallo und
__________________ Zitat:
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner? Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
19.03.2013, 18:44
| #3 |
| | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Hallo Cosinus,
__________________nein, dies ist kein Firmen PC, der hätte wahrscheinlich nicht Anti als Benutzername oder Chaos-Kiste als Computer Bezeichnung. Meine liebe Freundin hatte seinerzeit ein Erbarmen mit mir und hatte sich die Ultimate Edition gekauft, wo auch ein Schlüssel für mich abfiel (warum diese Version entzieht sich auch meinem Verständnis, aber egal, nem geschenktem Gaul...). Sonst wäre ich tatsächlich noch bei XP geblieben, oder eventuell auch schon bei 8 angelangt (mit Vista bin ich nicht warm geworden). Ich hatte Malwarebytes nicht gepostet, da das System nichts gefunden hatte - scusi, hier nun das Logfile Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.03.17.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Anti :: CHAOS-KISTE [Administrator] Schutz: Aktiviert 17.03.2013 17:07:52 mbam-log-2013-03-17 (17-07-52).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 389994 Laufzeit: 40 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
20.03.2013, 10:27
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Ok, danke für die kurze Erklärung zu Ultimate  Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.03.2013, 19:26
| #5 |
| | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Hi Cosinus, entschuldige bitte die späte Antwort, aber Essentials Infos abzuringen, ist garnicht so einfach. Dank der Ereignisanzeige und viel Geduld hab ich doch noch einen Eintrag gefunden: Code:
ATTFilter Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
Name: Trojan:JS/Seedabutor.B
ID: 2147678632
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9PH9RS6D\s59215310232470[1].htm
Ursprung der Erkennung: Internet
Typ der Erkennung: Konkret
Quelle der Erkennung: Echtzeitschutz
Benutzer: Chaos-Kiste\Anti
Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0
Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
Name: Trojan:JS/Seedabutor.B
ID: 2147678632
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKOZHO68\s59089406316513[1].htm
Ursprung der Erkennung: Internet
Typ der Erkennung: Konkret
Quelle der Erkennung: Echtzeitschutz
Benutzer: Chaos-Kiste\Anti
Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0
Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
Name: Trojan:JS/Seedabutor.B
ID: 2147678632
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XOR3J0TK\s52734453937041[1].htm
Ursprung der Erkennung: Internet
Typ der Erkennung: Konkret
Quelle der Erkennung: Echtzeitschutz
Benutzer: Chaos-Kiste\Anti
Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0
Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
Name: Trojan:JS/Seedabutor.B
ID: 2147678632
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKOZHO68\s53227908140648[1].htm
Ursprung der Erkennung: Internet
Typ der Erkennung: Konkret
Quelle der Erkennung: Echtzeitschutz
Benutzer: Chaos-Kiste\Anti
Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0
Von Microsoft-Antischadsoftware wurde Schadsoftware oder andere potenziell unerwünschte Software entdeckt.
Weitere Informationen finden Sie hier:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/Seedabutor.B&threatid=2147678632
Name: Trojan:JS/Seedabutor.B
ID: 2147678632
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\Anti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AI3GDSMS\s57697688038445[1].htm
Ursprung der Erkennung: Internet
Typ der Erkennung: Konkret
Quelle der Erkennung: Echtzeitschutz
Benutzer: Chaos-Kiste\Anti
Prozessname: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Signaturversion: AV: 1.145.1976.0, AS: 1.145.1976.0, NIS: 18.151.0.0
Modulversion: AM: 1.1.9203.0, NIS: 2.1.8904.0
|
|
20.03.2013, 23:05
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B |
|
21.03.2013, 17:17
| #7 |
| | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Während mein Mikrowellenfrass dahinköchelt, poste ich die Berichte der drei Scans: MBAR Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 2.838000 GHz
Memory total: 4294033408, free: 2559893504
------------ Kernel report ------------
03/21/2013 16:44:19
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\SysWOW64\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ctxusbm.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\yk62x64.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\teamviewervpn.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\LUsbFilt.Sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\cpuz135_x64.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\LGVirHid.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\lpk.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\oleaut32.dll
\Windows\System32\user32.dll
\Windows\System32\normaliz.dll
\Windows\System32\nsi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\difxapi.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8004d7a060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\
Lower Device Object: 0xfffffa8004b15060
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
Downloaded database version: v2013.03.21.10
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 4
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004d7a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004d7ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004d7a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80049489b0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004b15060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a003208180, 0xfffffa8004d7a060, 0xfffffa8006a7f790
Lower DeviceData: 0xfffff8a00e7914e0, 0xfffffa8004b15060, 0xfffffa80040640f0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 4
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 81B7869C
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 209728512
Partition file system is NTFS
Partition is bootable
Partition 1 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 209728575 Numsec = 1255415490
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 750156374016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-62-1465129168-1465149168)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-03-21 16:53:35
-----------------------------
16:53:35.119 OS Version: Windows x64 6.1.7601 Service Pack 1
16:53:35.119 Number of processors: 4 586 0x170A
16:53:35.119 ComputerName: CHAOS-KISTE UserName: Anti
16:53:35.499 Initialize success
16:55:24.509 AVAST engine defs: 13032101
16:57:59.977 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
16:57:59.977 Disk 0 Vendor: SAMSUNG_HD753LJ 1AA01118 Size: 715404MB BusType: 3
16:58:00.107 Disk 0 MBR read successfully
16:58:00.107 Disk 0 MBR scan
16:58:00.117 Disk 0 Windows 7 default MBR code
16:58:00.117 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102406 MB offset 63
16:58:00.117 Disk 0 Partition - 00 0F Extended LBA 612995 MB offset 209728575
16:58:00.147 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 199996 MB offset 209728638
16:58:00.147 Disk 0 Partition - 00 05 Extended 99998 MB offset 619321815
16:58:00.187 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 99998 MB offset 619321878
16:58:00.187 Disk 0 Partition - 00 05 Extended 99998 MB offset 1233711675
16:58:00.227 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 99998 MB offset 824118498
16:58:00.227 Disk 0 Partition - 00 05 Extended 213002 MB offset 1643304915
16:58:00.247 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 106555 MB offset 1028915118
16:58:00.277 Disk 0 scanning C:\Windows\system32\drivers
16:58:08.177 Service scanning
16:58:24.787 Modules scanning
16:58:24.787 Disk 0 trace - called modules:
16:58:24.797
16:58:25.127 AVAST engine scan C:\Windows
16:58:26.367 AVAST engine scan C:\Windows\system32
17:00:46.847 AVAST engine scan C:\Windows\system32\drivers
17:00:56.747 AVAST engine scan C:\Users\Anti
17:05:42.337 AVAST engine scan C:\ProgramData
17:07:15.198 Scan finished successfully
17:10:18.898 Disk 0 MBR has been saved successfully to "C:\Users\Anti\Desktop\MBR.dat"
17:10:18.898 The log file has been saved successfully to "C:\Users\Anti\Desktop\aswMBR.txt"
Code:
ATTFilter 17:10:49.0228 3024 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:10:49.0248 3024 ============================================================
17:10:49.0248 3024 Current date / time: 2013/03/21 17:10:49.0248
17:10:49.0248 3024 SystemInfo:
17:10:49.0248 3024
17:10:49.0248 3024 OS Version: 6.1.7601 ServicePack: 1.0
17:10:49.0248 3024 Product type: Workstation
17:10:49.0248 3024 ComputerName: CHAOS-KISTE
17:10:49.0248 3024 UserName: Anti
17:10:49.0248 3024 Windows directory: C:\Windows
17:10:49.0248 3024 System windows directory: C:\Windows
17:10:49.0248 3024 Running under WOW64
17:10:49.0248 3024 Processor architecture: Intel x64
17:10:49.0248 3024 Number of processors: 4
17:10:49.0248 3024 Page size: 0x1000
17:10:49.0248 3024 Boot type: Normal boot
17:10:49.0248 3024 ============================================================
17:10:50.0318 3024 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:10:50.0318 3024 ============================================================
17:10:50.0318 3024 \Device\Harddisk0\DR0:
17:10:50.0318 3024 MBR partitions:
17:10:50.0318 3024 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC803400
17:10:50.0348 3024 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC80347E, BlocksNum 0x1869E559
17:10:50.0348 3024 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x24EA1A16, BlocksNum 0xC34F28D
17:10:50.0368 3024 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x311F0CE2, BlocksNum 0xC34F28D
17:10:50.0388 3024 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x3D53FFAE, BlocksNum 0xD01DB53
17:10:50.0388 3024 ============================================================
17:10:50.0428 3024 C: <-> \Device\Harddisk0\DR0\Partition4
17:10:50.0458 3024 D: <-> \Device\Harddisk0\DR0\Partition1
17:10:50.0488 3024 F: <-> \Device\Harddisk0\DR0\Partition2
17:10:50.0538 3024 G: <-> \Device\Harddisk0\DR0\Partition3
17:10:50.0578 3024 H: <-> \Device\Harddisk0\DR0\Partition5
17:10:50.0578 3024 ============================================================
17:10:50.0578 3024 Initialize success
17:10:50.0578 3024 ============================================================
17:10:53.0308 2864 ============================================================
17:10:53.0308 2864 Scan started
17:10:53.0308 2864 Mode: Manual;
17:10:53.0308 2864 ============================================================
17:10:54.0358 2864 ================ Scan system memory ========================
17:10:54.0358 2864 System memory - ok
17:10:54.0358 2864 ================ Scan services =============================
17:10:54.0468 2864 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:10:54.0478 2864 1394ohci - ok
17:10:54.0508 2864 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:10:54.0508 2864 ACPI - ok
17:10:54.0518 2864 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:10:54.0518 2864 AcpiPmi - ok
17:10:54.0648 2864 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:10:54.0648 2864 AdobeARMservice - ok
17:10:54.0778 2864 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:10:54.0778 2864 AdobeFlashPlayerUpdateSvc - ok
17:10:54.0828 2864 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:10:54.0838 2864 adp94xx - ok
17:10:54.0848 2864 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:10:54.0848 2864 adpahci - ok
17:10:54.0868 2864 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:10:54.0868 2864 adpu320 - ok
17:10:54.0888 2864 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:10:54.0888 2864 AeLookupSvc - ok
17:10:54.0938 2864 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:10:54.0938 2864 AFD - ok
17:10:54.0948 2864 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:10:54.0948 2864 agp440 - ok
17:10:54.0968 2864 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:10:54.0968 2864 ALG - ok
17:10:54.0978 2864 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:10:54.0978 2864 aliide - ok
17:10:55.0038 2864 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:10:55.0048 2864 AMD External Events Utility - ok
17:10:55.0058 2864 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:10:55.0058 2864 amdide - ok
17:10:55.0058 2864 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:10:55.0058 2864 AmdK8 - ok
17:10:55.0288 2864 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:10:55.0388 2864 amdkmdag - ok
17:10:55.0468 2864 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:10:55.0468 2864 amdkmdap - ok
17:10:55.0478 2864 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:10:55.0478 2864 AmdPPM - ok
17:10:55.0508 2864 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:10:55.0508 2864 amdsata - ok
17:10:55.0528 2864 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:10:55.0528 2864 amdsbs - ok
17:10:55.0538 2864 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:10:55.0538 2864 amdxata - ok
17:10:55.0598 2864 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:10:55.0598 2864 AppID - ok
17:10:55.0618 2864 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:10:55.0618 2864 AppIDSvc - ok
17:10:55.0658 2864 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:10:55.0658 2864 Appinfo - ok
17:10:55.0678 2864 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:10:55.0688 2864 AppMgmt - ok
17:10:55.0698 2864 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:10:55.0698 2864 arc - ok
17:10:55.0698 2864 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:10:55.0698 2864 arcsas - ok
17:10:55.0808 2864 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:10:55.0818 2864 aspnet_state - ok
17:10:55.0828 2864 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:10:55.0828 2864 AsyncMac - ok
17:10:55.0848 2864 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:10:55.0848 2864 atapi - ok
17:10:55.0888 2864 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:10:55.0888 2864 AtiHDAudioService - ok
17:10:55.0908 2864 [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
17:10:55.0908 2864 AtiHdmiService - ok
17:10:55.0938 2864 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:10:55.0948 2864 AudioEndpointBuilder - ok
17:10:55.0958 2864 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:10:55.0958 2864 AudioSrv - ok
17:10:55.0988 2864 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:10:55.0988 2864 AxInstSV - ok
17:10:56.0008 2864 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:10:56.0018 2864 b06bdrv - ok
17:10:56.0038 2864 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:10:56.0038 2864 b57nd60a - ok
17:10:56.0068 2864 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:10:56.0068 2864 BDESVC - ok
17:10:56.0078 2864 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:10:56.0078 2864 Beep - ok
17:10:56.0108 2864 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:10:56.0118 2864 BFE - ok
17:10:56.0138 2864 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:10:56.0148 2864 BITS - ok
17:10:56.0158 2864 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:10:56.0158 2864 blbdrive - ok
17:10:56.0178 2864 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:10:56.0178 2864 bowser - ok
17:10:56.0178 2864 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:10:56.0178 2864 BrFiltLo - ok
17:10:56.0188 2864 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:10:56.0188 2864 BrFiltUp - ok
17:10:56.0208 2864 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:10:56.0208 2864 Browser - ok
17:10:56.0218 2864 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:10:56.0218 2864 Brserid - ok
17:10:56.0228 2864 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:10:56.0228 2864 BrSerWdm - ok
17:10:56.0248 2864 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:10:56.0248 2864 BrUsbMdm - ok
17:10:56.0258 2864 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:10:56.0258 2864 BrUsbSer - ok
17:10:56.0268 2864 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:10:56.0268 2864 BTHMODEM - ok
17:10:56.0268 2864 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:10:56.0268 2864 bthserv - ok
17:10:56.0278 2864 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:10:56.0278 2864 cdfs - ok
17:10:56.0318 2864 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:10:56.0318 2864 cdrom - ok
17:10:56.0338 2864 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:10:56.0338 2864 CertPropSvc - ok
17:10:56.0338 2864 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:10:56.0338 2864 circlass - ok
17:10:56.0378 2864 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:10:56.0378 2864 CLFS - ok
17:10:56.0428 2864 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:10:56.0428 2864 clr_optimization_v2.0.50727_32 - ok
17:10:56.0478 2864 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:10:56.0478 2864 clr_optimization_v2.0.50727_64 - ok
17:10:56.0538 2864 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:10:56.0538 2864 clr_optimization_v4.0.30319_32 - ok
17:10:56.0558 2864 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:10:56.0578 2864 clr_optimization_v4.0.30319_64 - ok
17:10:56.0588 2864 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:10:56.0588 2864 CmBatt - ok
17:10:56.0598 2864 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:10:56.0598 2864 cmdide - ok
17:10:56.0618 2864 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
17:10:56.0628 2864 CNG - ok
17:10:56.0648 2864 [ 66AC4FDAD5A2D4FF4E3DB41810B39DE2 ] COMMONFX.DLL C:\Windows\system32\COMMONFX.DLL
17:10:56.0658 2864 COMMONFX.DLL - ok
17:10:56.0668 2864 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:10:56.0668 2864 Compbatt - ok
17:10:56.0688 2864 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:10:56.0688 2864 CompositeBus - ok
17:10:56.0688 2864 COMSysApp - ok
17:10:56.0738 2864 [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
17:10:56.0738 2864 cpuz135 - ok
17:10:56.0758 2864 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:10:56.0758 2864 crcdisk - ok
17:10:56.0788 2864 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:10:56.0788 2864 CryptSvc - ok
17:10:56.0818 2864 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:10:56.0818 2864 CSC - ok
17:10:56.0848 2864 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:10:56.0858 2864 CscService - ok
17:10:56.0878 2864 [ 01BBD5CB85423B12E445209D243A49A9 ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL
17:10:56.0878 2864 CT20XUT.DLL - ok
17:10:56.0918 2864 [ B81C989C6D3B770F44316A3DC5F607B3 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
17:10:56.0928 2864 ctac32k - ok
17:10:56.0958 2864 [ 7321BD704CC3B34B78F8574E64258F39 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
17:10:56.0968 2864 ctaud2k - ok
17:10:56.0988 2864 [ E873319F281115EBEA75E519C5B4D0C4 ] CTAUDFX.DLL C:\Windows\system32\CTAUDFX.DLL
17:10:56.0998 2864 CTAUDFX.DLL - ok
17:10:57.0008 2864 [ 06300545BEDF49B6A51FDFE1861F9CAF ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL
17:10:57.0008 2864 CTEAPSFX.DLL - ok
17:10:57.0028 2864 [ 2D902F8EC247F0ED0D458CDCAF786544 ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL
17:10:57.0028 2864 CTEDSPFX.DLL - ok
17:10:57.0038 2864 [ 0D3F99CDA2BEA14E4911A698441F1A29 ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL
17:10:57.0038 2864 CTEDSPIO.DLL - ok
17:10:57.0068 2864 [ 9D26AA450AC1CAADDE25F1621BA89842 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL
17:10:57.0068 2864 CTEDSPSY.DLL - ok
17:10:57.0068 2864 [ E5F88DAD5EC69665DFA3E5E87791F800 ] CTERFXFX.DLL C:\Windows\system32\CTERFXFX.DLL
17:10:57.0078 2864 CTERFXFX.DLL - ok
17:10:57.0108 2864 [ FA6DCA331835997D2F7C83B9AAABC4BB ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL
17:10:57.0118 2864 CTEXFIFX.DLL - ok
17:10:57.0128 2864 [ 9E6A0A3CA3825BB568D42F5F3CB09453 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL
17:10:57.0128 2864 CTHWIUT.DLL - ok
17:10:57.0138 2864 [ 6A05134810301FA6FDD6E95583A91F35 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
17:10:57.0138 2864 ctprxy2k - ok
17:10:57.0158 2864 [ 99047FCEBAB495410CD58AB17284720A ] CTSBLFX.DLL C:\Windows\system32\CTSBLFX.DLL
17:10:57.0168 2864 CTSBLFX.DLL - ok
17:10:57.0178 2864 [ F792246CF9D8EE17F2B32E9069415CDD ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
17:10:57.0178 2864 ctsfm2k - ok
17:10:57.0218 2864 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
17:10:57.0228 2864 ctxusbm - ok
17:10:57.0248 2864 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:10:57.0248 2864 DcomLaunch - ok
17:10:57.0278 2864 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:10:57.0278 2864 defragsvc - ok
17:10:57.0308 2864 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:10:57.0308 2864 DfsC - ok
17:10:57.0358 2864 DgiVecp - ok
17:10:57.0388 2864 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:10:57.0398 2864 dg_ssudbus - ok
17:10:57.0488 2864 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:10:57.0498 2864 Dhcp - ok
17:10:57.0518 2864 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:10:57.0518 2864 discache - ok
17:10:57.0568 2864 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:10:57.0568 2864 Disk - ok
17:10:57.0588 2864 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:10:57.0588 2864 Dnscache - ok
17:10:57.0618 2864 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:10:57.0628 2864 dot3svc - ok
17:10:57.0658 2864 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:10:57.0658 2864 DPS - ok
17:10:57.0698 2864 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:10:57.0698 2864 drmkaud - ok
17:10:57.0728 2864 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:10:57.0738 2864 DXGKrnl - ok
17:10:57.0778 2864 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:10:57.0778 2864 EapHost - ok
17:10:57.0838 2864 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:10:57.0868 2864 ebdrv - ok
17:10:57.0878 2864 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:10:57.0878 2864 EFS - ok
17:10:57.0918 2864 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:10:57.0928 2864 ehRecvr - ok
17:10:57.0948 2864 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:10:57.0958 2864 ehSched - ok
17:10:57.0988 2864 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:10:57.0998 2864 elxstor - ok
17:10:58.0008 2864 [ 1E2F860D9521FB73566C85CD17D58291 ] emupia C:\Windows\system32\drivers\emupia2k.sys
17:10:58.0018 2864 emupia - ok
17:10:58.0018 2864 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:10:58.0018 2864 ErrDev - ok
17:10:58.0038 2864 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:10:58.0048 2864 EventSystem - ok
17:10:58.0048 2864 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:10:58.0048 2864 exfat - ok
17:10:58.0058 2864 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:10:58.0058 2864 fastfat - ok
17:10:58.0108 2864 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:10:58.0108 2864 Fax - ok
17:10:58.0148 2864 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:10:58.0148 2864 fdc - ok
17:10:58.0278 2864 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:10:58.0308 2864 fdPHost - ok
17:10:58.0328 2864 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:10:58.0328 2864 FDResPub - ok
17:10:58.0328 2864 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:10:58.0328 2864 FileInfo - ok
17:10:58.0348 2864 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:10:58.0348 2864 Filetrace - ok
17:10:58.0358 2864 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:10:58.0358 2864 flpydisk - ok
17:10:58.0368 2864 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:10:58.0368 2864 FltMgr - ok
17:10:58.0448 2864 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
17:10:58.0468 2864 FontCache - ok
17:10:58.0498 2864 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:10:58.0498 2864 FontCache3.0.0.0 - ok
17:10:58.0508 2864 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:10:58.0508 2864 FsDepends - ok
17:10:58.0528 2864 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:10:58.0528 2864 Fs_Rec - ok
17:10:58.0598 2864 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
17:10:58.0598 2864 Futuremark SystemInfo Service - ok
17:10:58.0638 2864 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:10:58.0638 2864 fvevol - ok
17:10:58.0668 2864 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:10:58.0668 2864 gagp30kx - ok
17:10:58.0688 2864 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:10:58.0688 2864 gpsvc - ok
17:10:58.0758 2864 [ B3F220AD6EEDDC2546780B84A8919B7A ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys
17:10:58.0768 2864 ha10kx2k - ok
17:10:58.0788 2864 [ 5D6AEC608B871CC2C724114F34CAD3C8 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys
17:10:58.0788 2864 hap16v2k - ok
17:10:58.0828 2864 [ B95BA8D7EA73A47FAC3A59CF4A3B3043 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys
17:10:58.0828 2864 hap17v2k - ok
17:10:58.0838 2864 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:10:58.0838 2864 hcw85cir - ok
17:10:58.0878 2864 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:10:58.0878 2864 HdAudAddService - ok
17:10:58.0908 2864 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:10:58.0908 2864 HDAudBus - ok
17:10:58.0918 2864 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:10:58.0918 2864 HidBatt - ok
17:10:58.0928 2864 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:10:58.0928 2864 HidBth - ok
17:10:58.0938 2864 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:10:58.0938 2864 HidIr - ok
17:10:58.0968 2864 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:10:58.0968 2864 hidserv - ok
17:10:58.0998 2864 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:10:58.0998 2864 HidUsb - ok
17:10:59.0018 2864 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:10:59.0028 2864 hkmsvc - ok
17:10:59.0038 2864 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:10:59.0048 2864 HomeGroupListener - ok
17:10:59.0068 2864 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:10:59.0068 2864 HomeGroupProvider - ok
17:10:59.0108 2864 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:10:59.0108 2864 HpSAMD - ok
17:10:59.0138 2864 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:10:59.0148 2864 HTTP - ok
17:10:59.0188 2864 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:10:59.0188 2864 hwpolicy - ok
17:10:59.0208 2864 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:10:59.0208 2864 i8042prt - ok
17:10:59.0218 2864 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:10:59.0218 2864 iaStorV - ok
17:10:59.0258 2864 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:10:59.0268 2864 idsvc - ok
17:10:59.0288 2864 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:10:59.0288 2864 iirsp - ok
17:10:59.0328 2864 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:10:59.0328 2864 IKEEXT - ok
17:10:59.0358 2864 IntcAzAudAddService - ok
17:10:59.0368 2864 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:10:59.0368 2864 intelide - ok
17:10:59.0378 2864 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:10:59.0388 2864 intelppm - ok
17:10:59.0408 2864 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:10:59.0408 2864 IPBusEnum - ok
17:10:59.0418 2864 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:59.0418 2864 IpFilterDriver - ok
17:10:59.0448 2864 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:10:59.0448 2864 iphlpsvc - ok
17:10:59.0458 2864 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:10:59.0468 2864 IPMIDRV - ok
17:10:59.0468 2864 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:10:59.0468 2864 IPNAT - ok
17:10:59.0478 2864 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:10:59.0478 2864 IRENUM - ok
17:10:59.0478 2864 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:10:59.0478 2864 isapnp - ok
17:10:59.0498 2864 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:10:59.0498 2864 iScsiPrt - ok
17:10:59.0518 2864 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:10:59.0518 2864 kbdclass - ok
17:10:59.0538 2864 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:10:59.0538 2864 kbdhid - ok
17:10:59.0548 2864 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:10:59.0548 2864 KeyIso - ok
17:10:59.0568 2864 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:10:59.0568 2864 KSecDD - ok
17:10:59.0588 2864 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:10:59.0588 2864 KSecPkg - ok
17:10:59.0608 2864 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:10:59.0608 2864 ksthunk - ok
17:10:59.0638 2864 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:10:59.0648 2864 KtmRm - ok
17:10:59.0668 2864 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:10:59.0668 2864 LanmanServer - ok
17:10:59.0678 2864 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:10:59.0678 2864 LanmanWorkstation - ok
17:10:59.0788 2864 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:10:59.0788 2864 LBTServ - ok
17:10:59.0818 2864 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
17:10:59.0818 2864 LGBusEnum - ok
17:10:59.0908 2864 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
17:10:59.0908 2864 LGVirHid - ok
17:10:59.0968 2864 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:10:59.0968 2864 LHidFilt - ok
17:10:59.0978 2864 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:10:59.0978 2864 lltdio - ok
17:10:59.0988 2864 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:10:59.0998 2864 lltdsvc - ok
17:11:00.0008 2864 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:11:00.0008 2864 lmhosts - ok
17:11:00.0018 2864 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:11:00.0018 2864 LMouFilt - ok
17:11:00.0028 2864 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:11:00.0028 2864 LSI_FC - ok
17:11:00.0048 2864 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:11:00.0048 2864 LSI_SAS - ok
17:11:00.0048 2864 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:11:00.0048 2864 LSI_SAS2 - ok
17:11:00.0058 2864 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:11:00.0058 2864 LSI_SCSI - ok
17:11:00.0098 2864 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:11:00.0098 2864 luafv - ok
17:11:00.0118 2864 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
17:11:00.0118 2864 LUsbFilt - ok
17:11:00.0178 2864 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:11:00.0178 2864 MBAMProtector - ok
17:11:00.0228 2864 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:11:00.0238 2864 MBAMScheduler - ok
17:11:00.0278 2864 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:11:00.0278 2864 MBAMService - ok
17:11:00.0298 2864 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:11:00.0298 2864 Mcx2Svc - ok
17:11:00.0318 2864 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:11:00.0318 2864 megasas - ok
17:11:00.0328 2864 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:11:00.0328 2864 MegaSR - ok
17:11:00.0348 2864 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:11:00.0348 2864 MMCSS - ok
17:11:00.0358 2864 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:11:00.0358 2864 Modem - ok
17:11:00.0378 2864 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:11:00.0378 2864 monitor - ok
17:11:00.0408 2864 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:11:00.0408 2864 mouclass - ok
17:11:00.0408 2864 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:11:00.0418 2864 mouhid - ok
17:11:00.0428 2864 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:11:00.0438 2864 mountmgr - ok
17:11:00.0478 2864 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:11:00.0478 2864 MozillaMaintenance - ok
17:11:00.0538 2864 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:11:00.0538 2864 MpFilter - ok
17:11:00.0548 2864 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:11:00.0548 2864 mpio - ok
17:11:00.0568 2864 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:11:00.0568 2864 mpsdrv - ok
17:11:00.0598 2864 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:11:00.0608 2864 MpsSvc - ok
17:11:00.0628 2864 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:11:00.0628 2864 MRxDAV - ok
17:11:00.0648 2864 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:11:00.0648 2864 mrxsmb - ok
17:11:00.0678 2864 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:11:00.0678 2864 mrxsmb10 - ok
17:11:00.0688 2864 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:11:00.0688 2864 mrxsmb20 - ok
17:11:00.0708 2864 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:11:00.0708 2864 msahci - ok
17:11:00.0728 2864 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:11:00.0728 2864 msdsm - ok
17:11:00.0738 2864 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:11:00.0738 2864 MSDTC - ok
17:11:00.0758 2864 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:11:00.0758 2864 Msfs - ok
17:11:00.0768 2864 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:11:00.0768 2864 mshidkmdf - ok
17:11:00.0778 2864 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:11:00.0778 2864 msisadrv - ok
17:11:00.0848 2864 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:11:00.0848 2864 MSiSCSI - ok
17:11:00.0848 2864 msiserver - ok
17:11:00.0868 2864 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:11:00.0868 2864 MSKSSRV - ok
17:11:00.0928 2864 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
17:11:00.0928 2864 MsMpSvc - ok
17:11:00.0958 2864 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:11:00.0958 2864 MSPCLOCK - ok
17:11:00.0958 2864 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:11:00.0958 2864 MSPQM - ok
17:11:00.0978 2864 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:11:00.0988 2864 MsRPC - ok
17:11:00.0998 2864 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:11:00.0998 2864 mssmbios - ok
17:11:01.0018 2864 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:11:01.0018 2864 MSTEE - ok
17:11:01.0018 2864 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:11:01.0018 2864 MTConfig - ok
17:11:01.0048 2864 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
17:11:01.0048 2864 MTsensor - ok
17:11:01.0078 2864 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:11:01.0078 2864 Mup - ok
17:11:01.0098 2864 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:11:01.0098 2864 napagent - ok
17:11:01.0128 2864 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:11:01.0138 2864 NativeWifiP - ok
17:11:01.0198 2864 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:11:01.0208 2864 NDIS - ok
17:11:01.0228 2864 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:11:01.0228 2864 NdisCap - ok
17:11:01.0238 2864 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:11:01.0238 2864 NdisTapi - ok
17:11:01.0258 2864 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:11:01.0258 2864 Ndisuio - ok
17:11:01.0278 2864 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:11:01.0278 2864 NdisWan - ok
17:11:01.0288 2864 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:11:01.0288 2864 NDProxy - ok
17:11:01.0298 2864 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:11:01.0298 2864 NetBIOS - ok
17:11:01.0318 2864 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:11:01.0318 2864 NetBT - ok
17:11:01.0328 2864 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:11:01.0328 2864 Netlogon - ok
17:11:01.0348 2864 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:11:01.0348 2864 Netman - ok
17:11:01.0428 2864 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:01.0428 2864 NetMsmqActivator - ok
17:11:01.0448 2864 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:01.0448 2864 NetPipeActivator - ok
17:11:01.0478 2864 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:11:01.0488 2864 netprofm - ok
17:11:01.0498 2864 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:01.0508 2864 NetTcpActivator - ok
17:11:01.0508 2864 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:01.0508 2864 NetTcpPortSharing - ok
17:11:01.0538 2864 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:11:01.0538 2864 nfrd960 - ok
17:11:01.0578 2864 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:11:01.0578 2864 NisDrv - ok
17:11:01.0628 2864 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
17:11:01.0628 2864 NisSrv - ok
17:11:01.0658 2864 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:11:01.0668 2864 NlaSvc - ok
17:11:01.0678 2864 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:11:01.0678 2864 Npfs - ok
17:11:01.0688 2864 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:11:01.0688 2864 nsi - ok
17:11:01.0698 2864 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:11:01.0698 2864 nsiproxy - ok
17:11:01.0748 2864 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:11:01.0768 2864 Ntfs - ok
17:11:01.0788 2864 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:11:01.0788 2864 Null - ok
17:11:02.0038 2864 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:11:02.0138 2864 nvlddmkm - ok
17:11:02.0188 2864 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:11:02.0198 2864 nvraid - ok
17:11:02.0208 2864 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:11:02.0208 2864 nvstor - ok
17:11:02.0258 2864 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:11:02.0268 2864 nvsvc - ok
17:11:02.0348 2864 [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:11:02.0358 2864 nvUpdatusService - ok
17:11:02.0428 2864 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:11:02.0428 2864 nv_agp - ok
17:11:02.0538 2864 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:11:02.0548 2864 odserv - ok
17:11:02.0558 2864 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:11:02.0558 2864 ohci1394 - ok
17:11:02.0568 2864 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:11:02.0568 2864 ose - ok
17:11:02.0588 2864 [ 678CC7DCF607BBD69A9F9333D39C2F1D ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
17:11:02.0588 2864 ossrv - ok
17:11:02.0608 2864 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:11:02.0618 2864 p2pimsvc - ok
17:11:02.0638 2864 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:11:02.0638 2864 p2psvc - ok
17:11:02.0668 2864 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:11:02.0668 2864 Parport - ok
17:11:02.0688 2864 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:11:02.0688 2864 partmgr - ok
17:11:02.0698 2864 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:11:02.0708 2864 PcaSvc - ok
17:11:02.0778 2864 pccsmcfd - ok
17:11:02.0788 2864 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:11:02.0798 2864 pci - ok
17:11:02.0818 2864 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:11:02.0818 2864 pciide - ok
17:11:02.0838 2864 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:11:02.0838 2864 pcmcia - ok
17:11:02.0848 2864 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:11:02.0848 2864 pcw - ok
17:11:02.0868 2864 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:11:02.0878 2864 PEAUTH - ok
17:11:02.0918 2864 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:11:02.0938 2864 PeerDistSvc - ok
17:11:02.0998 2864 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:11:02.0998 2864 PerfHost - ok
17:11:03.0038 2864 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:11:03.0058 2864 pla - ok
17:11:03.0088 2864 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:11:03.0098 2864 PlugPlay - ok
17:11:03.0098 2864 PnkBstrA - ok
17:11:03.0098 2864 PnkBstrB - ok
17:11:03.0118 2864 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:11:03.0118 2864 PNRPAutoReg - ok
17:11:03.0118 2864 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:11:03.0128 2864 PNRPsvc - ok
17:11:03.0138 2864 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:11:03.0148 2864 PolicyAgent - ok
17:11:03.0178 2864 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:11:03.0188 2864 Power - ok
17:11:03.0238 2864 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:11:03.0238 2864 PptpMiniport - ok
17:11:03.0258 2864 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:11:03.0258 2864 Processor - ok
17:11:03.0288 2864 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:11:03.0288 2864 ProfSvc - ok
17:11:03.0308 2864 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:11:03.0308 2864 ProtectedStorage - ok
17:11:03.0358 2864 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:11:03.0358 2864 Psched - ok
17:11:03.0388 2864 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:11:03.0408 2864 ql2300 - ok
17:11:03.0418 2864 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:11:03.0418 2864 ql40xx - ok
17:11:03.0438 2864 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:11:03.0448 2864 QWAVE - ok
17:11:03.0448 2864 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:11:03.0458 2864 QWAVEdrv - ok
17:11:03.0508 2864 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:11:03.0508 2864 RapiMgr - ok
17:11:03.0518 2864 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:11:03.0518 2864 RasAcd - ok
17:11:03.0538 2864 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:11:03.0548 2864 RasAgileVpn - ok
17:11:03.0558 2864 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:11:03.0558 2864 RasAuto - ok
17:11:03.0578 2864 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:11:03.0578 2864 Rasl2tp - ok
17:11:03.0598 2864 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:11:03.0598 2864 RasMan - ok
17:11:03.0608 2864 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:11:03.0608 2864 RasPppoe - ok
17:11:03.0608 2864 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:11:03.0618 2864 RasSstp - ok
17:11:03.0638 2864 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:11:03.0638 2864 rdbss - ok
17:11:03.0648 2864 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:11:03.0648 2864 rdpbus - ok
17:11:03.0658 2864 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:11:03.0658 2864 RDPCDD - ok
17:11:03.0688 2864 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:11:03.0688 2864 RDPDR - ok
17:11:03.0708 2864 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:11:03.0708 2864 RDPENCDD - ok
17:11:03.0718 2864 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:11:03.0718 2864 RDPREFMP - ok
17:11:03.0798 2864 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:11:03.0798 2864 RdpVideoMiniport - ok
17:11:03.0828 2864 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:11:03.0828 2864 RDPWD - ok
17:11:03.0858 2864 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:11:03.0858 2864 rdyboost - ok
17:11:03.0888 2864 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:11:03.0888 2864 RemoteAccess - ok
17:11:03.0908 2864 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:11:03.0908 2864 RemoteRegistry - ok
17:11:03.0928 2864 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:11:03.0928 2864 RpcEptMapper - ok
17:11:03.0938 2864 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:11:03.0938 2864 RpcLocator - ok
17:11:03.0968 2864 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:11:03.0968 2864 RpcSs - ok
17:11:03.0978 2864 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:11:03.0978 2864 rspndr - ok
17:11:04.0028 2864 [ D63C9C1A427A134461258B7B8742858F ] RTCore64 C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
17:11:04.0028 2864 RTCore64 - ok
17:11:04.0048 2864 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:11:04.0048 2864 s3cap - ok
17:11:04.0048 2864 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:11:04.0048 2864 SamSs - ok
17:11:04.0058 2864 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:11:04.0058 2864 sbp2port - ok
17:11:04.0078 2864 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:11:04.0078 2864 SCardSvr - ok
17:11:04.0108 2864 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:11:04.0108 2864 scfilter - ok
17:11:04.0138 2864 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:11:04.0148 2864 Schedule - ok
17:11:04.0168 2864 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:11:04.0168 2864 SCPolicySvc - ok
17:11:04.0188 2864 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:11:04.0198 2864 SDRSVC - ok
17:11:04.0228 2864 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:11:04.0228 2864 secdrv - ok
17:11:04.0238 2864 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:11:04.0238 2864 seclogon - ok
17:11:04.0258 2864 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:11:04.0268 2864 SENS - ok
17:11:04.0268 2864 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:11:04.0278 2864 SensrSvc - ok
17:11:04.0278 2864 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:11:04.0278 2864 Serenum - ok
17:11:04.0298 2864 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:11:04.0298 2864 Serial - ok
17:11:04.0318 2864 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:11:04.0318 2864 sermouse - ok
17:11:04.0338 2864 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:11:04.0338 2864 SessionEnv - ok
17:11:04.0348 2864 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:11:04.0348 2864 sffdisk - ok
17:11:04.0358 2864 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:11:04.0358 2864 sffp_mmc - ok
17:11:04.0368 2864 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:11:04.0368 2864 sffp_sd - ok
17:11:04.0378 2864 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:11:04.0378 2864 sfloppy - ok
17:11:04.0408 2864 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:11:04.0418 2864 SharedAccess - ok
17:11:04.0438 2864 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:11:04.0448 2864 ShellHWDetection - ok
17:11:04.0478 2864 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:11:04.0488 2864 SiSRaid2 - ok
17:11:04.0498 2864 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:11:04.0498 2864 SiSRaid4 - ok
17:11:04.0568 2864 [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:11:04.0568 2864 SkypeUpdate - ok
17:11:04.0578 2864 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:11:04.0588 2864 Smb - ok
17:11:04.0608 2864 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:11:04.0608 2864 SNMPTRAP - ok
17:11:04.0628 2864 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys
17:11:04.0628 2864 speedfan - ok
17:11:04.0638 2864 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:11:04.0638 2864 spldr - ok
17:11:04.0668 2864 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:11:04.0678 2864 Spooler - ok
17:11:04.0738 2864 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:11:04.0768 2864 sppsvc - ok
17:11:04.0798 2864 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:11:04.0798 2864 sppuinotify - ok
17:11:04.0848 2864 [ 88E5162E58C8919CC873F5D8946197CF ] sptd C:\Windows\System32\Drivers\sptd.sys
17:11:04.0858 2864 sptd - ok
17:11:04.0898 2864 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:11:04.0898 2864 srv - ok
17:11:04.0918 2864 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:11:04.0918 2864 srv2 - ok
17:11:04.0928 2864 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:11:04.0928 2864 srvnet - ok
17:11:04.0958 2864 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:11:04.0958 2864 SSDPSRV - ok
17:11:04.0988 2864 SSPORT - ok
17:11:04.0998 2864 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:11:05.0008 2864 SstpSvc - ok
17:11:05.0068 2864 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:11:05.0068 2864 ssudmdm - ok
17:11:05.0088 2864 Steam Client Service - ok
17:11:05.0148 2864 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:11:05.0148 2864 Stereo Service - ok
17:11:05.0168 2864 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:11:05.0168 2864 stexstor - ok
17:11:05.0218 2864 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:11:05.0218 2864 stisvc - ok
17:11:05.0258 2864 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:11:05.0258 2864 storflt - ok
17:11:05.0278 2864 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:11:05.0278 2864 storvsc - ok
17:11:05.0298 2864 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:11:05.0298 2864 swenum - ok
17:11:05.0318 2864 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:11:05.0328 2864 swprv - ok
17:11:05.0348 2864 Synth3dVsc - ok
17:11:05.0428 2864 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:11:05.0448 2864 SysMain - ok
17:11:05.0508 2864 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:11:05.0508 2864 TabletInputService - ok
17:11:05.0528 2864 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:11:05.0538 2864 TapiSrv - ok
17:11:05.0548 2864 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:11:05.0548 2864 TBS - ok
17:11:05.0588 2864 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:11:05.0608 2864 Tcpip - ok
17:11:05.0628 2864 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:11:05.0638 2864 TCPIP6 - ok
17:11:05.0658 2864 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:11:05.0658 2864 tcpipreg - ok
17:11:05.0698 2864 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:11:05.0698 2864 TDPIPE - ok
17:11:05.0718 2864 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:11:05.0718 2864 TDTCP - ok
17:11:05.0748 2864 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:11:05.0748 2864 tdx - ok
17:11:05.0858 2864 [ F7BE59881AEBE72722B0AB669EF23BB4 ] Te.Service C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
17:11:05.0858 2864 Te.Service - ok
17:11:05.0998 2864 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
17:11:06.0008 2864 TeamViewer8 - ok
17:11:06.0048 2864 [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
17:11:06.0048 2864 teamviewervpn - ok
17:11:06.0058 2864 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:11:06.0058 2864 TermDD - ok
17:11:06.0088 2864 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:11:06.0088 2864 TermService - ok
17:11:06.0108 2864 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:11:06.0108 2864 Themes - ok
17:11:06.0128 2864 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:11:06.0128 2864 THREADORDER - ok
17:11:06.0158 2864 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:11:06.0158 2864 TrkWks - ok
17:11:06.0198 2864 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:11:06.0198 2864 TrustedInstaller - ok
17:11:06.0218 2864 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:11:06.0228 2864 tssecsrv - ok
17:11:06.0228 2864 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:11:06.0238 2864 TsUsbFlt - ok
17:11:06.0238 2864 tsusbhub - ok
17:11:06.0268 2864 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:11:06.0278 2864 tunnel - ok
17:11:06.0288 2864 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:11:06.0288 2864 uagp35 - ok
17:11:06.0308 2864 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:11:06.0318 2864 udfs - ok
17:11:06.0348 2864 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:11:06.0348 2864 UI0Detect - ok
17:11:06.0388 2864 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:11:06.0388 2864 uliagpkx - ok
17:11:06.0388 2864 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:11:06.0388 2864 umbus - ok
17:11:06.0408 2864 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:11:06.0408 2864 UmPass - ok
17:11:06.0428 2864 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:11:06.0428 2864 UmRdpService - ok
17:11:06.0438 2864 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:11:06.0438 2864 upnphost - ok
17:11:06.0468 2864 upperdev - ok
17:11:06.0508 2864 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:11:06.0508 2864 usbccgp - ok
17:11:06.0518 2864 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:11:06.0518 2864 usbcir - ok
17:11:06.0538 2864 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:11:06.0538 2864 usbehci - ok
17:11:06.0558 2864 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:11:06.0568 2864 usbhub - ok
17:11:06.0578 2864 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:11:06.0588 2864 usbohci - ok
17:11:06.0618 2864 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:11:06.0618 2864 usbprint - ok
17:11:06.0628 2864 UsbserFilt - ok
17:11:06.0648 2864 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:11:06.0648 2864 USBSTOR - ok
17:11:06.0668 2864 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:11:06.0668 2864 usbuhci - ok
17:11:06.0678 2864 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:11:06.0678 2864 UxSms - ok
17:11:06.0688 2864 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:11:06.0688 2864 VaultSvc - ok
17:11:06.0698 2864 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:11:06.0698 2864 vdrvroot - ok
17:11:06.0728 2864 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:11:06.0738 2864 vds - ok
17:11:06.0738 2864 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:11:06.0748 2864 vga - ok
17:11:06.0748 2864 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:11:06.0748 2864 VgaSave - ok
17:11:06.0778 2864 VGPU - ok
17:11:06.0838 2864 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:11:06.0838 2864 vhdmp - ok
17:11:06.0838 2864 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:11:06.0838 2864 viaide - ok
17:11:06.0868 2864 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:11:06.0868 2864 vmbus - ok
17:11:06.0878 2864 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:11:06.0878 2864 VMBusHID - ok
17:11:06.0888 2864 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:11:06.0888 2864 volmgr - ok
17:11:06.0908 2864 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:11:06.0918 2864 volmgrx - ok
17:11:06.0928 2864 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:11:06.0938 2864 volsnap - ok
17:11:06.0968 2864 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:11:06.0968 2864 vsmraid - ok
17:11:07.0008 2864 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:11:07.0018 2864 VSS - ok
17:11:07.0038 2864 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:11:07.0038 2864 vwifibus - ok
17:11:07.0068 2864 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:11:07.0068 2864 W32Time - ok
17:11:07.0078 2864 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:11:07.0078 2864 WacomPen - ok
17:11:07.0098 2864 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:11:07.0098 2864 WANARP - ok
17:11:07.0098 2864 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:11:07.0098 2864 Wanarpv6 - ok
17:11:07.0138 2864 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:11:07.0148 2864 wbengine - ok
17:11:07.0188 2864 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:11:07.0188 2864 WbioSrvc - ok
17:11:07.0208 2864 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:11:07.0218 2864 WcesComm - ok
17:11:07.0228 2864 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:11:07.0238 2864 wcncsvc - ok
17:11:07.0238 2864 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:11:07.0248 2864 WcsPlugInService - ok
17:11:07.0248 2864 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:11:07.0248 2864 Wd - ok
17:11:07.0278 2864 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:11:07.0288 2864 Wdf01000 - ok
17:11:07.0298 2864 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:11:07.0298 2864 WdiServiceHost - ok
17:11:07.0298 2864 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:11:07.0298 2864 WdiSystemHost - ok
17:11:07.0308 2864 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:11:07.0308 2864 WebClient - ok
17:11:07.0328 2864 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:11:07.0328 2864 Wecsvc - ok
17:11:07.0338 2864 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:11:07.0348 2864 wercplsupport - ok
17:11:07.0368 2864 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:11:07.0368 2864 WerSvc - ok
17:11:07.0388 2864 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:11:07.0388 2864 WfpLwf - ok
17:11:07.0388 2864 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:11:07.0388 2864 WIMMount - ok
17:11:07.0418 2864 WinDefend - ok
17:11:07.0418 2864 WinHttpAutoProxySvc - ok
17:11:07.0478 2864 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:11:07.0488 2864 Winmgmt - ok
17:11:07.0538 2864 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:11:07.0558 2864 WinRM - ok
17:11:07.0578 2864 [ FE88B288356E7B47B74B13372ADD906D ] WINUSB C:\Windows\system32\DRIVERS\WinUsb.sys
17:11:07.0578 2864 WINUSB - ok
17:11:07.0608 2864 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:11:07.0618 2864 Wlansvc - ok
17:11:07.0738 2864 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:11:07.0748 2864 wlidsvc - ok
17:11:07.0778 2864 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:11:07.0778 2864 WmiAcpi - ok
17:11:07.0798 2864 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:11:07.0798 2864 wmiApSrv - ok
17:11:07.0818 2864 WMPNetworkSvc - ok
17:11:07.0828 2864 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:11:07.0838 2864 WPCSvc - ok
17:11:07.0848 2864 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:11:07.0848 2864 WPDBusEnum - ok
17:11:07.0858 2864 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:11:07.0858 2864 ws2ifsl - ok
17:11:07.0868 2864 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:11:07.0868 2864 wscsvc - ok
17:11:07.0878 2864 WSearch - ok
17:11:07.0938 2864 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:11:07.0958 2864 wuauserv - ok
17:11:07.0978 2864 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:11:07.0978 2864 WudfPf - ok
17:11:08.0018 2864 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:11:08.0018 2864 WUDFRd - ok
17:11:08.0038 2864 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:11:08.0038 2864 wudfsvc - ok
17:11:08.0068 2864 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:11:08.0078 2864 WwanSvc - ok
17:11:08.0118 2864 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
17:11:08.0118 2864 yukonw7 - ok
17:11:08.0148 2864 ================ Scan global ===============================
17:11:08.0178 2864 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:11:08.0198 2864 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:11:08.0208 2864 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:11:08.0228 2864 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:11:08.0248 2864 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:11:08.0248 2864 [Global] - ok
17:11:08.0248 2864 ================ Scan MBR ==================================
17:11:08.0278 2864 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:11:08.0448 2864 \Device\Harddisk0\DR0 - ok
17:11:08.0448 2864 ================ Scan VBR ==================================
17:11:08.0448 2864 [ 8304284C8AF402C47C10C489E8B59195 ] \Device\Harddisk0\DR0\Partition1
17:11:08.0448 2864 \Device\Harddisk0\DR0\Partition1 - ok
17:11:08.0478 2864 [ EE62AD6D47539CF10D9206CBB5FC686C ] \Device\Harddisk0\DR0\Partition2
17:11:08.0478 2864 \Device\Harddisk0\DR0\Partition2 - ok
17:11:08.0488 2864 [ 8FE3F3F0466D586300826F29D993A30D ] \Device\Harddisk0\DR0\Partition3
17:11:08.0488 2864 \Device\Harddisk0\DR0\Partition3 - ok
17:11:08.0518 2864 [ CA7E2C4D3007289BE632A1B8A45C85DC ] \Device\Harddisk0\DR0\Partition4
17:11:08.0518 2864 \Device\Harddisk0\DR0\Partition4 - ok
17:11:08.0548 2864 [ 37880DBEA529076994E1834A693D0F00 ] \Device\Harddisk0\DR0\Partition5
17:11:08.0548 2864 \Device\Harddisk0\DR0\Partition5 - ok
17:11:08.0548 2864 ============================================================
17:11:08.0548 2864 Scan finished
17:11:08.0548 2864 ============================================================
17:11:08.0558 4496 Detected object count: 0
17:11:08.0558 4496 Actual detected object count: 0
|
|
21.03.2013, 17:43
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Bitte die Anleitungen sorgfältiger lesen und umsetzen! 1. falsches Log von MBAR 2. falsche Einstellungen mit tdsskiller
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.03.2013, 18:38
| #9 |
| | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Guten Abend Cosinus, anbei die gewünschten Logdaten: MBAR Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.03.21.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Anti :: CHAOS-KISTE [administrator]
21.03.2013 16:51:59
mbar-log-2013-03-21 (16-51-59).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28448
Time elapsed: 6 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
tdsskiller Code:
ATTFilter 18:30:46.0184 14856 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:30:46.0214 14856 ============================================================
18:30:46.0214 14856 Current date / time: 2013/03/22 18:30:46.0214
18:30:46.0214 14856 SystemInfo:
18:30:46.0214 14856
18:30:46.0214 14856 OS Version: 6.1.7601 ServicePack: 1.0
18:30:46.0214 14856 Product type: Workstation
18:30:46.0214 14856 ComputerName: CHAOS-KISTE
18:30:46.0214 14856 UserName: Anti
18:30:46.0214 14856 Windows directory: C:\Windows
18:30:46.0214 14856 System windows directory: C:\Windows
18:30:46.0214 14856 Running under WOW64
18:30:46.0214 14856 Processor architecture: Intel x64
18:30:46.0214 14856 Number of processors: 4
18:30:46.0214 14856 Page size: 0x1000
18:30:46.0214 14856 Boot type: Normal boot
18:30:46.0214 14856 ============================================================
18:30:47.0424 14856 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:30:47.0424 14856 ============================================================
18:30:47.0424 14856 \Device\Harddisk0\DR0:
18:30:47.0454 14856 MBR partitions:
18:30:47.0454 14856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC803400
18:30:47.0474 14856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC80347E, BlocksNum 0x1869E559
18:30:47.0484 14856 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x24EA1A16, BlocksNum 0xC34F28D
18:30:47.0494 14856 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x311F0CE2, BlocksNum 0xC34F28D
18:30:47.0524 14856 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x3D53FFAE, BlocksNum 0xD01DB53
18:30:47.0524 14856 ============================================================
18:30:47.0564 14856 C: <-> \Device\Harddisk0\DR0\Partition4
18:30:47.0584 14856 D: <-> \Device\Harddisk0\DR0\Partition1
18:30:47.0614 14856 F: <-> \Device\Harddisk0\DR0\Partition2
18:30:47.0654 14856 G: <-> \Device\Harddisk0\DR0\Partition3
18:30:47.0704 14856 H: <-> \Device\Harddisk0\DR0\Partition5
18:30:47.0704 14856 ============================================================
18:30:47.0704 14856 Initialize success
18:30:47.0704 14856 ============================================================
18:31:45.0055 0220 ============================================================
18:31:45.0055 0220 Scan started
18:31:45.0055 0220 Mode: Manual; SigCheck; TDLFS;
18:31:45.0055 0220 ============================================================
18:31:46.0615 0220 ================ Scan system memory ========================
18:31:46.0615 0220 System memory - ok
18:31:46.0615 0220 ================ Scan services =============================
18:31:46.0735 0220 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:31:46.0825 0220 1394ohci - ok
18:31:46.0875 0220 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:31:46.0885 0220 ACPI - ok
18:31:46.0895 0220 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:31:46.0965 0220 AcpiPmi - ok
18:31:47.0115 0220 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:31:47.0125 0220 AdobeARMservice - ok
18:31:47.0255 0220 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:31:47.0265 0220 AdobeFlashPlayerUpdateSvc - ok
18:31:47.0305 0220 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:31:47.0325 0220 adp94xx - ok
18:31:47.0345 0220 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:31:47.0355 0220 adpahci - ok
18:31:47.0375 0220 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:31:47.0385 0220 adpu320 - ok
18:31:47.0405 0220 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:31:47.0495 0220 AeLookupSvc - ok
18:31:47.0545 0220 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:31:47.0615 0220 AFD - ok
18:31:47.0675 0220 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:31:47.0685 0220 agp440 - ok
18:31:47.0705 0220 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:31:47.0745 0220 ALG - ok
18:31:47.0775 0220 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:31:47.0785 0220 aliide - ok
18:31:47.0855 0220 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:31:47.0925 0220 AMD External Events Utility - ok
18:31:47.0925 0220 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:31:47.0935 0220 amdide - ok
18:31:47.0955 0220 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:31:47.0995 0220 AmdK8 - ok
18:31:48.0215 0220 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:31:48.0415 0220 amdkmdag - ok
18:31:48.0495 0220 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:31:48.0525 0220 amdkmdap - ok
18:31:48.0535 0220 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:31:48.0575 0220 AmdPPM - ok
18:31:48.0625 0220 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:31:48.0635 0220 amdsata - ok
18:31:48.0655 0220 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:31:48.0665 0220 amdsbs - ok
18:31:48.0685 0220 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:31:48.0695 0220 amdxata - ok
18:31:48.0745 0220 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:31:48.0875 0220 AppID - ok
18:31:48.0905 0220 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:31:48.0945 0220 AppIDSvc - ok
18:31:48.0995 0220 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:31:49.0035 0220 Appinfo - ok
18:31:49.0065 0220 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:31:49.0115 0220 AppMgmt - ok
18:31:49.0135 0220 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:31:49.0145 0220 arc - ok
18:31:49.0145 0220 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:31:49.0155 0220 arcsas - ok
18:31:49.0275 0220 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:31:49.0345 0220 aspnet_state - ok
18:31:49.0385 0220 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:31:49.0425 0220 AsyncMac - ok
18:31:49.0455 0220 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:31:49.0465 0220 atapi - ok
18:31:49.0545 0220 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:31:49.0555 0220 AtiHDAudioService - ok
18:31:49.0575 0220 [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
18:31:49.0585 0220 AtiHdmiService - ok
18:31:49.0625 0220 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:31:49.0705 0220 AudioEndpointBuilder - ok
18:31:49.0715 0220 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:31:49.0745 0220 AudioSrv - ok
18:31:49.0765 0220 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:31:49.0825 0220 AxInstSV - ok
18:31:49.0845 0220 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:31:49.0875 0220 b06bdrv - ok
18:31:49.0905 0220 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:31:49.0945 0220 b57nd60a - ok
18:31:49.0975 0220 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:31:50.0025 0220 BDESVC - ok
18:31:50.0035 0220 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:31:50.0085 0220 Beep - ok
18:31:50.0135 0220 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:31:50.0165 0220 BFE - ok
18:31:50.0185 0220 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:31:50.0295 0220 BITS - ok
18:31:50.0315 0220 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:31:50.0335 0220 blbdrive - ok
18:31:50.0355 0220 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:31:50.0365 0220 bowser - ok
18:31:50.0385 0220 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:31:50.0425 0220 BrFiltLo - ok
18:31:50.0445 0220 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:31:50.0465 0220 BrFiltUp - ok
18:31:50.0485 0220 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:31:50.0505 0220 Browser - ok
18:31:50.0505 0220 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:31:50.0535 0220 Brserid - ok
18:31:50.0545 0220 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:31:50.0555 0220 BrSerWdm - ok
18:31:50.0565 0220 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:31:50.0595 0220 BrUsbMdm - ok
18:31:50.0605 0220 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:31:50.0615 0220 BrUsbSer - ok
18:31:50.0635 0220 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:31:50.0675 0220 BTHMODEM - ok
18:31:50.0705 0220 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:31:50.0755 0220 bthserv - ok
18:31:50.0765 0220 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:31:50.0815 0220 cdfs - ok
18:31:50.0855 0220 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:31:50.0955 0220 cdrom - ok
18:31:51.0015 0220 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:31:51.0035 0220 CertPropSvc - ok
18:31:51.0045 0220 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:31:51.0055 0220 circlass - ok
18:31:51.0085 0220 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:31:51.0095 0220 CLFS - ok
18:31:51.0155 0220 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:31:51.0165 0220 clr_optimization_v2.0.50727_32 - ok
18:31:51.0235 0220 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:31:51.0235 0220 clr_optimization_v2.0.50727_64 - ok
18:31:51.0305 0220 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:31:51.0365 0220 clr_optimization_v4.0.30319_32 - ok
18:31:51.0385 0220 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:31:51.0395 0220 clr_optimization_v4.0.30319_64 - ok
18:31:51.0425 0220 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:31:51.0465 0220 CmBatt - ok
18:31:51.0475 0220 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:31:51.0485 0220 cmdide - ok
18:31:51.0515 0220 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
18:31:51.0585 0220 CNG - ok
18:31:51.0615 0220 [ 66AC4FDAD5A2D4FF4E3DB41810B39DE2 ] COMMONFX.DLL C:\Windows\system32\COMMONFX.DLL
18:31:51.0675 0220 COMMONFX.DLL - ok
18:31:51.0685 0220 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:31:51.0695 0220 Compbatt - ok
18:31:51.0725 0220 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:31:51.0745 0220 CompositeBus - ok
18:31:51.0755 0220 COMSysApp - ok
18:31:51.0805 0220 [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
18:31:51.0845 0220 cpuz135 - ok
18:31:51.0845 0220 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:31:51.0855 0220 crcdisk - ok
18:31:51.0885 0220 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:31:51.0945 0220 CryptSvc - ok
18:31:51.0965 0220 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:31:52.0025 0220 CSC - ok
18:31:52.0045 0220 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:31:52.0075 0220 CscService - ok
18:31:52.0095 0220 [ 01BBD5CB85423B12E445209D243A49A9 ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL
18:31:52.0105 0220 CT20XUT.DLL - ok
18:31:52.0175 0220 [ B81C989C6D3B770F44316A3DC5F607B3 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
18:31:52.0185 0220 ctac32k - ok
18:31:52.0215 0220 [ 7321BD704CC3B34B78F8574E64258F39 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
18:31:52.0235 0220 ctaud2k - ok
18:31:52.0255 0220 [ E873319F281115EBEA75E519C5B4D0C4 ] CTAUDFX.DLL C:\Windows\system32\CTAUDFX.DLL
18:31:52.0275 0220 CTAUDFX.DLL - ok
18:31:52.0285 0220 [ 06300545BEDF49B6A51FDFE1861F9CAF ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL
18:31:52.0295 0220 CTEAPSFX.DLL - ok
18:31:52.0325 0220 [ 2D902F8EC247F0ED0D458CDCAF786544 ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL
18:31:52.0335 0220 CTEDSPFX.DLL - ok
18:31:52.0345 0220 [ 0D3F99CDA2BEA14E4911A698441F1A29 ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL
18:31:52.0355 0220 CTEDSPIO.DLL - ok
18:31:52.0375 0220 [ 9D26AA450AC1CAADDE25F1621BA89842 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL
18:31:52.0385 0220 CTEDSPSY.DLL - ok
18:31:52.0385 0220 [ E5F88DAD5EC69665DFA3E5E87791F800 ] CTERFXFX.DLL C:\Windows\system32\CTERFXFX.DLL
18:31:52.0395 0220 CTERFXFX.DLL - ok
18:31:52.0435 0220 [ FA6DCA331835997D2F7C83B9AAABC4BB ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL
18:31:52.0465 0220 CTEXFIFX.DLL - ok
18:31:52.0475 0220 [ 9E6A0A3CA3825BB568D42F5F3CB09453 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL
18:31:52.0485 0220 CTHWIUT.DLL - ok
18:31:52.0495 0220 [ 6A05134810301FA6FDD6E95583A91F35 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
18:31:52.0505 0220 ctprxy2k - ok
18:31:52.0515 0220 [ 99047FCEBAB495410CD58AB17284720A ] CTSBLFX.DLL C:\Windows\system32\CTSBLFX.DLL
18:31:52.0535 0220 CTSBLFX.DLL - ok
18:31:52.0555 0220 [ F792246CF9D8EE17F2B32E9069415CDD ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
18:31:52.0565 0220 ctsfm2k - ok
18:31:52.0605 0220 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
18:31:52.0615 0220 ctxusbm - ok
18:31:52.0665 0220 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:31:52.0705 0220 DcomLaunch - ok
18:31:52.0745 0220 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:31:52.0805 0220 defragsvc - ok
18:31:52.0845 0220 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:31:52.0885 0220 DfsC - ok
18:31:52.0935 0220 DgiVecp - ok
18:31:52.0965 0220 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:31:52.0975 0220 dg_ssudbus - ok
18:31:52.0995 0220 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:31:53.0065 0220 Dhcp - ok
18:31:53.0085 0220 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:31:53.0115 0220 discache - ok
18:31:53.0135 0220 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:31:53.0145 0220 Disk - ok
18:31:53.0165 0220 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:31:53.0235 0220 Dnscache - ok
18:31:53.0255 0220 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:31:53.0295 0220 dot3svc - ok
18:31:53.0315 0220 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:31:53.0355 0220 DPS - ok
18:31:53.0385 0220 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:31:53.0405 0220 drmkaud - ok
18:31:53.0445 0220 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:31:53.0465 0220 DXGKrnl - ok
18:31:53.0495 0220 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:31:53.0525 0220 EapHost - ok
18:31:53.0585 0220 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:31:53.0665 0220 ebdrv - ok
18:31:53.0675 0220 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:31:53.0725 0220 EFS - ok
18:31:53.0775 0220 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:31:53.0805 0220 ehRecvr - ok
18:31:53.0825 0220 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:31:53.0835 0220 ehSched - ok
18:31:53.0855 0220 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:31:53.0875 0220 elxstor - ok
18:31:53.0885 0220 [ 1E2F860D9521FB73566C85CD17D58291 ] emupia C:\Windows\system32\drivers\emupia2k.sys
18:31:53.0895 0220 emupia - ok
18:31:53.0905 0220 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:31:53.0925 0220 ErrDev - ok
18:31:53.0965 0220 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:31:53.0995 0220 EventSystem - ok
18:31:54.0005 0220 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:31:54.0065 0220 exfat - ok
18:31:54.0065 0220 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:31:54.0115 0220 fastfat - ok
18:31:54.0155 0220 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:31:54.0235 0220 Fax - ok
18:31:54.0245 0220 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:31:54.0255 0220 fdc - ok
18:31:54.0275 0220 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:31:54.0305 0220 fdPHost - ok
18:31:54.0305 0220 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:31:54.0355 0220 FDResPub - ok
18:31:54.0385 0220 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:31:54.0395 0220 FileInfo - ok
18:31:54.0405 0220 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:31:54.0435 0220 Filetrace - ok
18:31:54.0455 0220 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:31:54.0505 0220 flpydisk - ok
18:31:54.0525 0220 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:31:54.0545 0220 FltMgr - ok
18:31:54.0635 0220 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:31:54.0675 0220 FontCache - ok
18:31:54.0715 0220 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:31:54.0725 0220 FontCache3.0.0.0 - ok
18:31:54.0735 0220 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:31:54.0745 0220 FsDepends - ok
18:31:54.0755 0220 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:31:54.0765 0220 Fs_Rec - ok
18:31:54.0855 0220 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
18:31:54.0865 0220 Futuremark SystemInfo Service - ok
18:31:54.0905 0220 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:31:54.0925 0220 fvevol - ok
18:31:54.0935 0220 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:31:54.0945 0220 gagp30kx - ok
18:31:54.0975 0220 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:31:55.0015 0220 gpsvc - ok
18:31:55.0065 0220 [ B3F220AD6EEDDC2546780B84A8919B7A ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys
18:31:55.0115 0220 ha10kx2k - ok
18:31:55.0145 0220 [ 5D6AEC608B871CC2C724114F34CAD3C8 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys
18:31:55.0165 0220 hap16v2k - ok
18:31:55.0195 0220 [ B95BA8D7EA73A47FAC3A59CF4A3B3043 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys
18:31:55.0215 0220 hap17v2k - ok
18:31:55.0225 0220 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:31:55.0265 0220 hcw85cir - ok
18:31:55.0335 0220 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:31:55.0365 0220 HdAudAddService - ok
18:31:55.0425 0220 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:31:55.0455 0220 HDAudBus - ok
18:31:55.0465 0220 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:31:55.0495 0220 HidBatt - ok
18:31:55.0515 0220 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:31:55.0525 0220 HidBth - ok
18:31:55.0525 0220 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:31:55.0565 0220 HidIr - ok
18:31:55.0585 0220 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:31:55.0635 0220 hidserv - ok
18:31:55.0695 0220 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:31:55.0705 0220 HidUsb - ok
18:31:55.0725 0220 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:31:55.0775 0220 hkmsvc - ok
18:31:55.0815 0220 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:31:55.0835 0220 HomeGroupListener - ok
18:31:55.0845 0220 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:31:55.0865 0220 HomeGroupProvider - ok
18:31:55.0875 0220 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:31:55.0885 0220 HpSAMD - ok
18:31:55.0925 0220 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:31:55.0985 0220 HTTP - ok
18:31:56.0005 0220 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:31:56.0015 0220 hwpolicy - ok
18:31:56.0035 0220 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:31:56.0045 0220 i8042prt - ok
18:31:56.0095 0220 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:31:56.0115 0220 iaStorV - ok
18:31:56.0155 0220 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:31:56.0175 0220 idsvc - ok
18:31:56.0195 0220 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:31:56.0205 0220 iirsp - ok
18:31:56.0235 0220 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:31:56.0295 0220 IKEEXT - ok
18:31:56.0345 0220 IntcAzAudAddService - ok
18:31:56.0355 0220 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:31:56.0365 0220 intelide - ok
18:31:56.0375 0220 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:31:56.0395 0220 intelppm - ok
18:31:56.0405 0220 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:31:56.0445 0220 IPBusEnum - ok
18:31:56.0475 0220 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:31:56.0515 0220 IpFilterDriver - ok
18:31:56.0555 0220 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:31:56.0585 0220 iphlpsvc - ok
18:31:56.0605 0220 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:31:56.0645 0220 IPMIDRV - ok
18:31:56.0675 0220 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:31:56.0705 0220 IPNAT - ok
18:31:56.0745 0220 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:31:56.0775 0220 IRENUM - ok
18:31:56.0785 0220 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:31:56.0795 0220 isapnp - ok
18:31:56.0815 0220 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:31:56.0835 0220 iScsiPrt - ok
18:31:56.0855 0220 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:31:56.0865 0220 kbdclass - ok
18:31:56.0885 0220 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:31:56.0895 0220 kbdhid - ok
18:31:56.0895 0220 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:31:56.0905 0220 KeyIso - ok
18:31:56.0925 0220 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:31:56.0935 0220 KSecDD - ok
18:31:56.0955 0220 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:31:56.0965 0220 KSecPkg - ok
18:31:56.0985 0220 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:31:57.0015 0220 ksthunk - ok
18:31:57.0045 0220 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:31:57.0085 0220 KtmRm - ok
18:31:57.0115 0220 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:31:57.0165 0220 LanmanServer - ok
18:31:57.0195 0220 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:31:57.0225 0220 LanmanWorkstation - ok
18:31:57.0335 0220 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:31:57.0345 0220 LBTServ - ok
18:31:57.0395 0220 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
18:31:57.0405 0220 LGBusEnum - ok
18:31:57.0475 0220 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
18:31:57.0485 0220 LGVirHid - ok
18:31:57.0555 0220 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:31:57.0565 0220 LHidFilt - ok
18:31:57.0605 0220 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:31:57.0665 0220 lltdio - ok
18:31:57.0695 0220 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:31:57.0735 0220 lltdsvc - ok
18:31:57.0745 0220 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:31:57.0775 0220 lmhosts - ok
18:31:57.0775 0220 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:31:57.0785 0220 LMouFilt - ok
18:31:57.0815 0220 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:31:57.0825 0220 LSI_FC - ok
18:31:57.0835 0220 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:31:57.0845 0220 LSI_SAS - ok
18:31:57.0845 0220 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:31:57.0855 0220 LSI_SAS2 - ok
18:31:57.0855 0220 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:31:57.0865 0220 LSI_SCSI - ok
18:31:57.0885 0220 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:31:57.0945 0220 luafv - ok
18:31:57.0985 0220 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
18:31:57.0995 0220 LUsbFilt - ok
18:31:58.0065 0220 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:31:58.0075 0220 MBAMProtector - ok
18:31:58.0115 0220 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:31:58.0125 0220 MBAMScheduler - ok
18:31:58.0175 0220 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:31:58.0185 0220 MBAMService - ok
18:31:58.0215 0220 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:31:58.0235 0220 Mcx2Svc - ok
18:31:58.0245 0220 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:31:58.0255 0220 megasas - ok
18:31:58.0265 0220 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:31:58.0285 0220 MegaSR - ok
18:31:58.0305 0220 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:31:58.0345 0220 MMCSS - ok
18:31:58.0365 0220 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:31:58.0395 0220 Modem - ok
18:31:58.0435 0220 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:31:58.0455 0220 monitor - ok
18:31:58.0515 0220 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:31:58.0515 0220 mouclass - ok
18:31:58.0555 0220 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:31:58.0585 0220 mouhid - ok
18:31:58.0605 0220 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:31:58.0615 0220 mountmgr - ok
18:31:58.0675 0220 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:31:58.0685 0220 MozillaMaintenance - ok
18:31:58.0715 0220 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:31:58.0735 0220 MpFilter - ok
18:31:58.0745 0220 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:31:58.0765 0220 mpio - ok
18:31:58.0775 0220 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:31:58.0815 0220 mpsdrv - ok
18:31:58.0915 0220 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:31:59.0025 0220 MpsSvc - ok
18:31:59.0065 0220 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:31:59.0105 0220 MRxDAV - ok
18:31:59.0125 0220 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:31:59.0185 0220 mrxsmb - ok
18:31:59.0235 0220 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:31:59.0255 0220 mrxsmb10 - ok
18:31:59.0275 0220 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:31:59.0285 0220 mrxsmb20 - ok
18:31:59.0295 0220 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:31:59.0305 0220 msahci - ok
18:31:59.0315 0220 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:31:59.0335 0220 msdsm - ok
18:31:59.0345 0220 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:31:59.0365 0220 MSDTC - ok
18:31:59.0385 0220 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:31:59.0415 0220 Msfs - ok
18:31:59.0425 0220 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:31:59.0475 0220 mshidkmdf - ok
18:31:59.0495 0220 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:31:59.0505 0220 msisadrv - ok
18:31:59.0545 0220 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:31:59.0575 0220 MSiSCSI - ok
18:31:59.0585 0220 msiserver - ok
18:31:59.0605 0220 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:31:59.0645 0220 MSKSSRV - ok
18:31:59.0735 0220 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:31:59.0745 0220 MsMpSvc - ok
18:31:59.0775 0220 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:31:59.0815 0220 MSPCLOCK - ok
18:31:59.0815 0220 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:31:59.0855 0220 MSPQM - ok
18:31:59.0875 0220 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:31:59.0895 0220 MsRPC - ok
18:31:59.0905 0220 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:31:59.0915 0220 mssmbios - ok
18:31:59.0925 0220 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:31:59.0955 0220 MSTEE - ok
18:31:59.0975 0220 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:32:00.0015 0220 MTConfig - ok
18:32:00.0055 0220 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
18:32:00.0115 0220 MTsensor - ok
18:32:00.0145 0220 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:32:00.0155 0220 Mup - ok
18:32:00.0185 0220 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:32:00.0245 0220 napagent - ok
18:32:00.0285 0220 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:32:00.0295 0220 NativeWifiP - ok
18:32:00.0335 0220 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:32:00.0365 0220 NDIS - ok
18:32:00.0375 0220 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:32:00.0405 0220 NdisCap - ok
18:32:00.0415 0220 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:32:00.0475 0220 NdisTapi - ok
18:32:00.0495 0220 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:32:00.0525 0220 Ndisuio - ok
18:32:00.0555 0220 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:32:00.0585 0220 NdisWan - ok
18:32:00.0625 0220 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:32:00.0655 0220 NDProxy - ok
18:32:00.0655 0220 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:32:00.0695 0220 NetBIOS - ok
18:32:00.0705 0220 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:32:00.0755 0220 NetBT - ok
18:32:00.0775 0220 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:32:00.0785 0220 Netlogon - ok
18:32:00.0835 0220 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:32:00.0925 0220 Netman - ok
18:32:00.0995 0220 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:01.0015 0220 NetMsmqActivator - ok
18:32:01.0015 0220 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:01.0025 0220 NetPipeActivator - ok
18:32:01.0065 0220 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:32:01.0105 0220 netprofm - ok
18:32:01.0115 0220 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:01.0125 0220 NetTcpActivator - ok
18:32:01.0125 0220 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:32:01.0135 0220 NetTcpPortSharing - ok
18:32:01.0145 0220 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:32:01.0155 0220 nfrd960 - ok
18:32:01.0195 0220 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:32:01.0215 0220 NisDrv - ok
18:32:01.0275 0220 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
18:32:01.0285 0220 NisSrv - ok
18:32:01.0315 0220 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:32:01.0345 0220 NlaSvc - ok
18:32:01.0355 0220 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:32:01.0385 0220 Npfs - ok
18:32:01.0405 0220 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:32:01.0445 0220 nsi - ok
18:32:01.0455 0220 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:32:01.0495 0220 nsiproxy - ok
18:32:01.0545 0220 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:32:01.0575 0220 Ntfs - ok
18:32:01.0585 0220 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:32:01.0615 0220 Null - ok
18:32:01.0845 0220 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:32:02.0025 0220 nvlddmkm - ok
18:32:02.0085 0220 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:32:02.0105 0220 nvraid - ok
18:32:02.0105 0220 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:32:02.0125 0220 nvstor - ok
18:32:02.0155 0220 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:32:02.0175 0220 nvsvc - ok
18:32:02.0245 0220 [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:32:02.0275 0220 nvUpdatusService - ok
18:32:02.0325 0220 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:32:02.0345 0220 nv_agp - ok
18:32:02.0455 0220 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:32:02.0465 0220 odserv - ok
18:32:02.0485 0220 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:32:02.0495 0220 ohci1394 - ok
18:32:02.0515 0220 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:32:02.0525 0220 ose - ok
18:32:02.0545 0220 [ 678CC7DCF607BBD69A9F9333D39C2F1D ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
18:32:02.0555 0220 ossrv - ok
18:32:02.0575 0220 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:32:02.0605 0220 p2pimsvc - ok
18:32:02.0625 0220 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:32:02.0635 0220 p2psvc - ok
18:32:02.0675 0220 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:32:02.0695 0220 Parport - ok
18:32:02.0715 0220 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:32:02.0735 0220 partmgr - ok
18:32:02.0745 0220 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:32:02.0765 0220 PcaSvc - ok
18:32:02.0795 0220 pccsmcfd - ok
18:32:02.0805 0220 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:32:02.0815 0220 pci - ok
18:32:02.0835 0220 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:32:02.0835 0220 pciide - ok
18:32:02.0855 0220 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:32:02.0865 0220 pcmcia - ok
18:32:02.0875 0220 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:32:02.0885 0220 pcw - ok
18:32:02.0905 0220 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:32:02.0975 0220 PEAUTH - ok
18:32:03.0025 0220 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:32:03.0095 0220 PeerDistSvc - ok
18:32:03.0155 0220 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:32:03.0175 0220 PerfHost - ok
18:32:03.0215 0220 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:32:03.0275 0220 pla - ok
18:32:03.0325 0220 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:32:03.0345 0220 PlugPlay - ok
18:32:03.0375 0220 PnkBstrA - ok
18:32:03.0385 0220 PnkBstrB - ok
18:32:03.0415 0220 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:32:03.0435 0220 PNRPAutoReg - ok
18:32:03.0455 0220 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:32:03.0465 0220 PNRPsvc - ok
18:32:03.0485 0220 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:32:03.0535 0220 PolicyAgent - ok
18:32:03.0575 0220 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:32:03.0615 0220 Power - ok
18:32:03.0665 0220 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:32:03.0705 0220 PptpMiniport - ok
18:32:03.0745 0220 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:32:03.0775 0220 Processor - ok
18:32:03.0815 0220 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:32:03.0835 0220 ProfSvc - ok
18:32:03.0835 0220 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:32:03.0845 0220 ProtectedStorage - ok
18:32:03.0895 0220 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:32:03.0935 0220 Psched - ok
18:32:03.0975 0220 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:32:04.0015 0220 ql2300 - ok
18:32:04.0025 0220 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:32:04.0035 0220 ql40xx - ok
18:32:04.0065 0220 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:32:04.0085 0220 QWAVE - ok
18:32:04.0095 0220 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:32:04.0125 0220 QWAVEdrv - ok
18:32:04.0185 0220 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
18:32:04.0195 0220 RapiMgr - ok
18:32:04.0215 0220 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:32:04.0245 0220 RasAcd - ok
18:32:04.0265 0220 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:32:04.0285 0220 RasAgileVpn - ok
18:32:04.0305 0220 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:32:04.0335 0220 RasAuto - ok
18:32:04.0345 0220 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:32:04.0385 0220 Rasl2tp - ok
18:32:04.0405 0220 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:32:04.0435 0220 RasMan - ok
18:32:04.0455 0220 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:32:04.0495 0220 RasPppoe - ok
18:32:04.0505 0220 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:32:04.0535 0220 RasSstp - ok
18:32:04.0565 0220 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:32:04.0605 0220 rdbss - ok
18:32:04.0615 0220 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:32:04.0635 0220 rdpbus - ok
18:32:04.0645 0220 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:32:04.0675 0220 RDPCDD - ok
18:32:04.0715 0220 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:32:04.0735 0220 RDPDR - ok
18:32:04.0765 0220 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:32:04.0795 0220 RDPENCDD - ok
18:32:04.0805 0220 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:32:04.0835 0220 RDPREFMP - ok
18:32:04.0895 0220 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:32:04.0945 0220 RdpVideoMiniport - ok
18:32:04.0985 0220 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:32:05.0055 0220 RDPWD - ok
18:32:05.0075 0220 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:32:05.0095 0220 rdyboost - ok
18:32:05.0115 0220 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:32:05.0155 0220 RemoteAccess - ok
18:32:05.0185 0220 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:32:05.0225 0220 RemoteRegistry - ok
18:32:05.0255 0220 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:32:05.0295 0220 RpcEptMapper - ok
18:32:05.0315 0220 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:32:05.0345 0220 RpcLocator - ok
18:32:05.0365 0220 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:32:05.0395 0220 RpcSs - ok
18:32:05.0405 0220 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:32:05.0435 0220 rspndr - ok
18:32:05.0505 0220 [ D63C9C1A427A134461258B7B8742858F ] RTCore64 C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
18:32:05.0515 0220 RTCore64 - ok
18:32:05.0545 0220 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:32:05.0575 0220 s3cap - ok
18:32:05.0585 0220 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:32:05.0595 0220 SamSs - ok
18:32:05.0605 0220 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:32:05.0615 0220 sbp2port - ok
18:32:05.0635 0220 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:32:05.0675 0220 SCardSvr - ok
18:32:05.0695 0220 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:32:05.0725 0220 scfilter - ok
18:32:05.0755 0220 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:32:05.0805 0220 Schedule - ok
18:32:05.0845 0220 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:32:05.0865 0220 SCPolicySvc - ok
18:32:05.0895 0220 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:32:05.0945 0220 SDRSVC - ok
18:32:05.0965 0220 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:32:06.0005 0220 secdrv - ok
18:32:06.0015 0220 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:32:06.0055 0220 seclogon - ok
18:32:06.0075 0220 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:32:06.0125 0220 SENS - ok
18:32:06.0135 0220 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:32:06.0175 0220 SensrSvc - ok
18:32:06.0195 0220 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:32:06.0215 0220 Serenum - ok
18:32:06.0245 0220 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:32:06.0255 0220 Serial - ok
18:32:06.0285 0220 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:32:06.0295 0220 sermouse - ok
18:32:06.0325 0220 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:32:06.0365 0220 SessionEnv - ok
18:32:06.0375 0220 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:32:06.0395 0220 sffdisk - ok
18:32:06.0405 0220 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:32:06.0445 0220 sffp_mmc - ok
18:32:06.0455 0220 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:32:06.0485 0220 sffp_sd - ok
18:32:06.0495 0220 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:32:06.0505 0220 sfloppy - ok
18:32:06.0555 0220 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:32:06.0585 0220 SharedAccess - ok
18:32:06.0605 0220 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:32:06.0635 0220 ShellHWDetection - ok
18:32:06.0655 0220 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:32:06.0665 0220 SiSRaid2 - ok
18:32:06.0675 0220 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:32:06.0685 0220 SiSRaid4 - ok
18:32:06.0765 0220 [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:32:06.0765 0220 SkypeUpdate - ok
18:32:06.0785 0220 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:32:06.0815 0220 Smb - ok
18:32:06.0855 0220 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:32:06.0865 0220 SNMPTRAP - ok
18:32:06.0905 0220 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys
18:32:06.0915 0220 speedfan - ok
18:32:06.0925 0220 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:32:06.0935 0220 spldr - ok
18:32:06.0965 0220 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:32:06.0995 0220 Spooler - ok
18:32:07.0065 0220 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:32:07.0155 0220 sppsvc - ok
18:32:07.0175 0220 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:32:07.0215 0220 sppuinotify - ok
18:32:07.0255 0220 [ 88E5162E58C8919CC873F5D8946197CF ] sptd C:\Windows\System32\Drivers\sptd.sys
18:32:07.0275 0220 sptd - ok
18:32:07.0315 0220 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:32:07.0345 0220 srv - ok
18:32:07.0365 0220 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:32:07.0395 0220 srv2 - ok
18:32:07.0425 0220 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:32:07.0435 0220 srvnet - ok
18:32:07.0465 0220 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:32:07.0525 0220 SSDPSRV - ok
18:32:07.0565 0220 SSPORT - ok
18:32:07.0595 0220 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:32:07.0625 0220 SstpSvc - ok
18:32:07.0675 0220 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:32:07.0685 0220 ssudmdm - ok
18:32:07.0715 0220 Steam Client Service - ok
18:32:07.0775 0220 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:32:07.0795 0220 Stereo Service - ok
18:32:07.0805 0220 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:32:07.0815 0220 stexstor - ok
18:32:07.0925 0220 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:32:07.0975 0220 stisvc - ok
18:32:08.0015 0220 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:32:08.0025 0220 storflt - ok
18:32:08.0055 0220 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:32:08.0065 0220 storvsc - ok
18:32:08.0085 0220 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:32:08.0095 0220 swenum - ok
18:32:08.0145 0220 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:32:08.0195 0220 swprv - ok
18:32:08.0215 0220 Synth3dVsc - ok
18:32:08.0285 0220 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:32:08.0325 0220 SysMain - ok
18:32:08.0345 0220 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:32:08.0355 0220 TabletInputService - ok
18:32:08.0385 0220 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:32:08.0425 0220 TapiSrv - ok
18:32:08.0445 0220 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:32:08.0475 0220 TBS - ok
18:32:08.0525 0220 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:32:08.0565 0220 Tcpip - ok
18:32:08.0595 0220 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:32:08.0645 0220 TCPIP6 - ok
18:32:08.0675 0220 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:32:08.0685 0220 tcpipreg - ok
18:32:08.0705 0220 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:32:08.0745 0220 TDPIPE - ok
18:32:08.0775 0220 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:32:08.0785 0220 TDTCP - ok
18:32:08.0815 0220 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:32:08.0855 0220 tdx - ok
18:32:08.0935 0220 [ F7BE59881AEBE72722B0AB669EF23BB4 ] Te.Service C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
18:32:08.0965 0220 Te.Service ( UnsignedFile.Multi.Generic ) - warning
18:32:08.0965 0220 Te.Service - detected UnsignedFile.Multi.Generic (1)
18:32:09.0095 0220 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
18:32:09.0155 0220 TeamViewer8 - ok
18:32:09.0205 0220 [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
18:32:09.0205 0220 teamviewervpn - ok
18:32:09.0245 0220 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:32:09.0255 0220 TermDD - ok
18:32:09.0275 0220 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:32:09.0315 0220 TermService - ok
18:32:09.0345 0220 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:32:09.0375 0220 Themes - ok
18:32:09.0405 0220 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:32:09.0435 0220 THREADORDER - ok
18:32:09.0445 0220 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:32:09.0485 0220 TrkWks - ok
18:32:09.0535 0220 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:32:09.0585 0220 TrustedInstaller - ok
18:32:09.0615 0220 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:32:09.0635 0220 tssecsrv - ok
18:32:09.0655 0220 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:32:09.0675 0220 TsUsbFlt - ok
18:32:09.0675 0220 tsusbhub - ok
18:32:09.0735 0220 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:32:09.0775 0220 tunnel - ok
18:32:09.0805 0220 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:32:09.0815 0220 uagp35 - ok
18:32:09.0825 0220 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:32:09.0875 0220 udfs - ok
18:32:09.0925 0220 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:32:09.0935 0220 UI0Detect - ok
18:32:09.0965 0220 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:32:09.0975 0220 uliagpkx - ok
18:32:09.0985 0220 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:32:09.0995 0220 umbus - ok
18:32:10.0005 0220 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:32:10.0025 0220 UmPass - ok
18:32:10.0045 0220 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:32:10.0065 0220 UmRdpService - ok
18:32:10.0095 0220 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:32:10.0145 0220 upnphost - ok
18:32:10.0165 0220 upperdev - ok
18:32:10.0205 0220 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:32:10.0245 0220 usbccgp - ok
18:32:10.0315 0220 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:32:10.0325 0220 usbcir - ok
18:32:10.0355 0220 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:32:10.0365 0220 usbehci - ok
18:32:10.0395 0220 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:32:10.0435 0220 usbhub - ok
18:32:10.0445 0220 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:32:10.0455 0220 usbohci - ok
18:32:10.0485 0220 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:32:10.0495 0220 usbprint - ok
18:32:10.0505 0220 UsbserFilt - ok
18:32:10.0545 0220 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:32:10.0605 0220 USBSTOR - ok
18:32:10.0655 0220 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:32:10.0675 0220 usbuhci - ok
18:32:10.0685 0220 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:32:10.0735 0220 UxSms - ok
18:32:10.0745 0220 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:32:10.0755 0220 VaultSvc - ok
18:32:10.0795 0220 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:32:10.0805 0220 vdrvroot - ok
18:32:10.0835 0220 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:32:10.0875 0220 vds - ok
18:32:10.0895 0220 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:32:10.0905 0220 vga - ok
18:32:10.0915 0220 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:32:10.0955 0220 VgaSave - ok
18:32:10.0975 0220 VGPU - ok
18:32:10.0985 0220 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:32:10.0995 0220 vhdmp - ok
18:32:11.0005 0220 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:32:11.0015 0220 viaide - ok
18:32:11.0035 0220 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:32:11.0045 0220 vmbus - ok
18:32:11.0055 0220 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:32:11.0065 0220 VMBusHID - ok
18:32:11.0085 0220 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:32:11.0095 0220 volmgr - ok
18:32:11.0115 0220 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:32:11.0125 0220 volmgrx - ok
18:32:11.0145 0220 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:32:11.0155 0220 volsnap - ok
18:32:11.0175 0220 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:32:11.0185 0220 vsmraid - ok
18:32:11.0245 0220 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:32:11.0295 0220 VSS - ok
18:32:11.0315 0220 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:32:11.0335 0220 vwifibus - ok
18:32:11.0355 0220 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:32:11.0385 0220 W32Time - ok
18:32:11.0395 0220 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:32:11.0415 0220 WacomPen - ok
18:32:11.0435 0220 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:32:11.0475 0220 WANARP - ok
18:32:11.0485 0220 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:32:11.0505 0220 Wanarpv6 - ok
18:32:11.0545 0220 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:32:11.0585 0220 wbengine - ok
18:32:11.0625 0220 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:32:11.0645 0220 WbioSrvc - ok
18:32:11.0705 0220 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
18:32:11.0715 0220 WcesComm - ok
18:32:11.0725 0220 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:32:11.0775 0220 wcncsvc - ok
18:32:11.0785 0220 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:32:11.0795 0220 WcsPlugInService - ok
18:32:11.0805 0220 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:32:11.0815 0220 Wd - ok
18:32:11.0845 0220 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:32:11.0865 0220 Wdf01000 - ok
18:32:11.0875 0220 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:32:11.0925 0220 WdiServiceHost - ok
18:32:11.0925 0220 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:32:11.0945 0220 WdiSystemHost - ok
18:32:11.0965 0220 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:32:11.0995 0220 WebClient - ok
18:32:12.0015 0220 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:32:12.0065 0220 Wecsvc - ok
18:32:12.0075 0220 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:32:12.0115 0220 wercplsupport - ok
18:32:12.0145 0220 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:32:12.0185 0220 WerSvc - ok
18:32:12.0195 0220 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:32:12.0225 0220 WfpLwf - ok
18:32:12.0225 0220 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:32:12.0235 0220 WIMMount - ok
18:32:12.0255 0220 WinDefend - ok
18:32:12.0265 0220 WinHttpAutoProxySvc - ok
18:32:12.0375 0220 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:32:12.0405 0220 Winmgmt - ok
18:32:12.0455 0220 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:32:12.0515 0220 WinRM - ok
18:32:12.0545 0220 [ FE88B288356E7B47B74B13372ADD906D ] WINUSB C:\Windows\system32\DRIVERS\WinUsb.sys
18:32:12.0565 0220 WINUSB - ok
18:32:12.0595 0220 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:32:12.0625 0220 Wlansvc - ok
18:32:12.0735 0220 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:32:12.0765 0220 wlidsvc - ok
18:32:12.0795 0220 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:32:12.0805 0220 WmiAcpi - ok
18:32:12.0815 0220 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:32:12.0845 0220 wmiApSrv - ok
18:32:12.0865 0220 WMPNetworkSvc - ok
18:32:12.0895 0220 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:32:12.0915 0220 WPCSvc - ok
18:32:12.0945 0220 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:32:12.0955 0220 WPDBusEnum - ok
18:32:12.0975 0220 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:32:13.0005 0220 ws2ifsl - ok
18:32:13.0015 0220 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:32:13.0045 0220 wscsvc - ok
18:32:13.0045 0220 WSearch - ok
18:32:13.0125 0220 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:32:13.0175 0220 wuauserv - ok
18:32:13.0205 0220 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:32:13.0265 0220 WudfPf - ok
18:32:13.0295 0220 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:32:13.0305 0220 WUDFRd - ok
18:32:13.0335 0220 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:32:13.0375 0220 wudfsvc - ok
18:32:13.0405 0220 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:32:13.0435 0220 WwanSvc - ok
18:32:13.0485 0220 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
18:32:13.0515 0220 yukonw7 - ok
18:32:13.0535 0220 ================ Scan global ===============================
18:32:13.0555 0220 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:32:13.0585 0220 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:32:13.0585 0220 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:32:13.0605 0220 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:32:13.0625 0220 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:32:13.0635 0220 [Global] - ok
18:32:13.0635 0220 ================ Scan MBR ==================================
18:32:13.0645 0220 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:32:13.0915 0220 \Device\Harddisk0\DR0 - ok
18:32:13.0915 0220 ================ Scan VBR ==================================
18:32:13.0915 0220 [ 8304284C8AF402C47C10C489E8B59195 ] \Device\Harddisk0\DR0\Partition1
18:32:13.0915 0220 \Device\Harddisk0\DR0\Partition1 - ok
18:32:13.0915 0220 [ EE62AD6D47539CF10D9206CBB5FC686C ] \Device\Harddisk0\DR0\Partition2
18:32:13.0915 0220 \Device\Harddisk0\DR0\Partition2 - ok
18:32:13.0935 0220 [ 8FE3F3F0466D586300826F29D993A30D ] \Device\Harddisk0\DR0\Partition3
18:32:13.0935 0220 \Device\Harddisk0\DR0\Partition3 - ok
18:32:13.0955 0220 [ CA7E2C4D3007289BE632A1B8A45C85DC ] \Device\Harddisk0\DR0\Partition4
18:32:13.0955 0220 \Device\Harddisk0\DR0\Partition4 - ok
18:32:13.0985 0220 [ 37880DBEA529076994E1834A693D0F00 ] \Device\Harddisk0\DR0\Partition5
18:32:13.0985 0220 \Device\Harddisk0\DR0\Partition5 - ok
18:32:13.0985 0220 ============================================================
18:32:13.0985 0220 Scan finished
18:32:13.0985 0220 ============================================================
18:32:13.0995 5376 Detected object count: 1
18:32:13.0995 5376 Actual detected object count: 1
18:32:24.0055 5376 Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:32:24.0055 5376 Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
Gruß Fitzendrix |
|
22.03.2013, 18:48
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.BZitat:
 Du hast den tdsskiller vorher nicht neu runtergeladen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.03.2013, 18:52
| #11 |
| | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Ah saddamt, stimmt - das habe ich vergessen: das Laden hat gestern nicht so recht funktioniert (bekam nur eine Meldung wegen Umzug auf der Seite), hatte die Vorgängerversion genommen.... Bin mal kurz ne Mauer suchen... Danach folgt der dritte Versuch. Update (18.57Uhr): Code:
ATTFilter 18:53:25.0150 8556 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:53:25.0390 8556 ============================================================
18:53:25.0390 8556 Current date / time: 2013/03/22 18:53:25.0390
18:53:25.0390 8556 SystemInfo:
18:53:25.0390 8556
18:53:25.0390 8556 OS Version: 6.1.7601 ServicePack: 1.0
18:53:25.0390 8556 Product type: Workstation
18:53:25.0390 8556 ComputerName: CHAOS-KISTE
18:53:25.0390 8556 UserName: Anti
18:53:25.0390 8556 Windows directory: C:\Windows
18:53:25.0390 8556 System windows directory: C:\Windows
18:53:25.0390 8556 Running under WOW64
18:53:25.0390 8556 Processor architecture: Intel x64
18:53:25.0390 8556 Number of processors: 4
18:53:25.0390 8556 Page size: 0x1000
18:53:25.0390 8556 Boot type: Normal boot
18:53:25.0390 8556 ============================================================
18:53:26.0650 8556 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:53:26.0710 8556 ============================================================
18:53:26.0710 8556 \Device\Harddisk0\DR0:
18:53:26.0710 8556 MBR partitions:
18:53:26.0710 8556 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC803400
18:53:26.0720 8556 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC80347E, BlocksNum 0x1869E559
18:53:26.0730 8556 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x24EA1A16, BlocksNum 0xC34F28D
18:53:26.0750 8556 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x311F0CE2, BlocksNum 0xC34F28D
18:53:26.0790 8556 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x3D53FFAE, BlocksNum 0xD01DB53
18:53:26.0790 8556 ============================================================
18:53:26.0840 8556 C: <-> \Device\Harddisk0\DR0\Partition4
18:53:26.0860 8556 D: <-> \Device\Harddisk0\DR0\Partition1
18:53:26.0900 8556 F: <-> \Device\Harddisk0\DR0\Partition2
18:53:26.0960 8556 G: <-> \Device\Harddisk0\DR0\Partition3
18:53:27.0000 8556 H: <-> \Device\Harddisk0\DR0\Partition5
18:53:27.0000 8556 ============================================================
18:53:27.0000 8556 Initialize success
18:53:27.0000 8556 ============================================================
18:53:49.0950 18036 ============================================================
18:53:49.0950 18036 Scan started
18:53:49.0950 18036 Mode: Manual; SigCheck; TDLFS;
18:53:49.0950 18036 ============================================================
18:53:50.0590 18036 ================ Scan system memory ========================
18:53:50.0590 18036 System memory - ok
18:53:50.0590 18036 ================ Scan services =============================
18:53:50.0670 18036 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:53:50.0720 18036 1394ohci - ok
18:53:50.0770 18036 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:53:50.0790 18036 ACPI - ok
18:53:50.0800 18036 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:53:50.0810 18036 AcpiPmi - ok
18:53:50.0900 18036 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:53:50.0910 18036 AdobeARMservice - ok
18:53:51.0030 18036 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:53:51.0040 18036 AdobeFlashPlayerUpdateSvc - ok
18:53:51.0080 18036 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:53:51.0100 18036 adp94xx - ok
18:53:51.0110 18036 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:53:51.0130 18036 adpahci - ok
18:53:51.0140 18036 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:53:51.0150 18036 adpu320 - ok
18:53:51.0190 18036 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:53:51.0220 18036 AeLookupSvc - ok
18:53:51.0320 18036 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:53:51.0330 18036 AFD - ok
18:53:51.0390 18036 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:53:51.0400 18036 agp440 - ok
18:53:51.0410 18036 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:53:51.0420 18036 ALG - ok
18:53:51.0430 18036 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:53:51.0430 18036 aliide - ok
18:53:51.0510 18036 [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:53:51.0520 18036 AMD External Events Utility - ok
18:53:51.0530 18036 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:53:51.0540 18036 amdide - ok
18:53:51.0550 18036 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:53:51.0560 18036 AmdK8 - ok
18:53:51.0780 18036 [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:53:51.0880 18036 amdkmdag - ok
18:53:51.0940 18036 [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:53:51.0960 18036 amdkmdap - ok
18:53:51.0960 18036 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:53:51.0970 18036 AmdPPM - ok
18:53:52.0000 18036 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:53:52.0010 18036 amdsata - ok
18:53:52.0030 18036 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:53:52.0040 18036 amdsbs - ok
18:53:52.0040 18036 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:53:52.0050 18036 amdxata - ok
18:53:52.0120 18036 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:53:52.0150 18036 AppID - ok
18:53:52.0170 18036 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:53:52.0200 18036 AppIDSvc - ok
18:53:52.0250 18036 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:53:52.0280 18036 Appinfo - ok
18:53:52.0310 18036 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:53:52.0320 18036 AppMgmt - ok
18:53:52.0340 18036 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:53:52.0350 18036 arc - ok
18:53:52.0350 18036 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:53:52.0360 18036 arcsas - ok
18:53:52.0470 18036 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:53:52.0480 18036 aspnet_state - ok
18:53:52.0510 18036 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:53:52.0530 18036 AsyncMac - ok
18:53:52.0550 18036 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:53:52.0560 18036 atapi - ok
18:53:52.0610 18036 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:53:52.0620 18036 AtiHDAudioService - ok
18:53:52.0630 18036 [ 3B9014FB7CE9E20FD726321C7DB7D8B0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
18:53:52.0640 18036 AtiHdmiService - ok
18:53:52.0670 18036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:53:52.0700 18036 AudioEndpointBuilder - ok
18:53:52.0710 18036 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:53:52.0740 18036 AudioSrv - ok
18:53:52.0770 18036 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:53:52.0780 18036 AxInstSV - ok
18:53:52.0810 18036 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:53:52.0820 18036 b06bdrv - ok
18:53:52.0830 18036 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:53:52.0850 18036 b57nd60a - ok
18:53:52.0870 18036 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:53:52.0880 18036 BDESVC - ok
18:53:52.0890 18036 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:53:52.0920 18036 Beep - ok
18:53:52.0970 18036 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:53:53.0000 18036 BFE - ok
18:53:53.0020 18036 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:53:53.0060 18036 BITS - ok
18:53:53.0070 18036 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:53:53.0080 18036 blbdrive - ok
18:53:53.0100 18036 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:53:53.0110 18036 bowser - ok
18:53:53.0110 18036 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:53:53.0130 18036 BrFiltLo - ok
18:53:53.0140 18036 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:53:53.0150 18036 BrFiltUp - ok
18:53:53.0170 18036 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:53:53.0190 18036 Browser - ok
18:53:53.0190 18036 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:53:53.0200 18036 Brserid - ok
18:53:53.0220 18036 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:53:53.0230 18036 BrSerWdm - ok
18:53:53.0280 18036 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:53:53.0290 18036 BrUsbMdm - ok
18:53:53.0300 18036 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:53:53.0310 18036 BrUsbSer - ok
18:53:53.0320 18036 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:53:53.0330 18036 BTHMODEM - ok
18:53:53.0340 18036 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:53:53.0370 18036 bthserv - ok
18:53:53.0370 18036 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:53:53.0400 18036 cdfs - ok
18:53:53.0410 18036 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:53:53.0430 18036 cdrom - ok
18:53:53.0440 18036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:53:53.0470 18036 CertPropSvc - ok
18:53:53.0480 18036 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:53:53.0490 18036 circlass - ok
18:53:53.0520 18036 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:53:53.0530 18036 CLFS - ok
18:53:53.0580 18036 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:53:53.0580 18036 clr_optimization_v2.0.50727_32 - ok
18:53:53.0630 18036 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:53:53.0640 18036 clr_optimization_v2.0.50727_64 - ok
18:53:53.0700 18036 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:53:53.0710 18036 clr_optimization_v4.0.30319_32 - ok
18:53:53.0720 18036 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:53:53.0730 18036 clr_optimization_v4.0.30319_64 - ok
18:53:53.0750 18036 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:53:53.0760 18036 CmBatt - ok
18:53:53.0770 18036 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:53:53.0780 18036 cmdide - ok
18:53:53.0810 18036 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
18:53:53.0830 18036 CNG - ok
18:53:53.0850 18036 [ 66AC4FDAD5A2D4FF4E3DB41810B39DE2 ] COMMONFX.DLL C:\Windows\system32\COMMONFX.DLL
18:53:53.0860 18036 COMMONFX.DLL - ok
18:53:53.0870 18036 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:53:53.0880 18036 Compbatt - ok
18:53:53.0940 18036 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:53:53.0960 18036 CompositeBus - ok
18:53:53.0960 18036 COMSysApp - ok
18:53:54.0000 18036 [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
18:53:54.0010 18036 cpuz135 - ok
18:53:54.0030 18036 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:53:54.0030 18036 crcdisk - ok
18:53:54.0080 18036 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:53:54.0090 18036 CryptSvc - ok
18:53:54.0120 18036 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:53:54.0130 18036 CSC - ok
18:53:54.0160 18036 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:53:54.0170 18036 CscService - ok
18:53:54.0200 18036 [ 01BBD5CB85423B12E445209D243A49A9 ] CT20XUT.DLL C:\Windows\system32\CT20XUT.DLL
18:53:54.0210 18036 CT20XUT.DLL - ok
18:53:54.0250 18036 [ B81C989C6D3B770F44316A3DC5F607B3 ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
18:53:54.0260 18036 ctac32k - ok
18:53:54.0290 18036 [ 7321BD704CC3B34B78F8574E64258F39 ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
18:53:54.0310 18036 ctaud2k - ok
18:53:54.0330 18036 [ E873319F281115EBEA75E519C5B4D0C4 ] CTAUDFX.DLL C:\Windows\system32\CTAUDFX.DLL
18:53:54.0340 18036 CTAUDFX.DLL - ok
18:53:54.0360 18036 [ 06300545BEDF49B6A51FDFE1861F9CAF ] CTEAPSFX.DLL C:\Windows\system32\CTEAPSFX.DLL
18:53:54.0370 18036 CTEAPSFX.DLL - ok
18:53:54.0390 18036 [ 2D902F8EC247F0ED0D458CDCAF786544 ] CTEDSPFX.DLL C:\Windows\system32\CTEDSPFX.DLL
18:53:54.0400 18036 CTEDSPFX.DLL - ok
18:53:54.0410 18036 [ 0D3F99CDA2BEA14E4911A698441F1A29 ] CTEDSPIO.DLL C:\Windows\system32\CTEDSPIO.DLL
18:53:54.0420 18036 CTEDSPIO.DLL - ok
18:53:54.0420 18036 [ 9D26AA450AC1CAADDE25F1621BA89842 ] CTEDSPSY.DLL C:\Windows\system32\CTEDSPSY.DLL
18:53:54.0440 18036 CTEDSPSY.DLL - ok
18:53:54.0440 18036 [ E5F88DAD5EC69665DFA3E5E87791F800 ] CTERFXFX.DLL C:\Windows\system32\CTERFXFX.DLL
18:53:54.0450 18036 CTERFXFX.DLL - ok
18:53:54.0490 18036 [ FA6DCA331835997D2F7C83B9AAABC4BB ] CTEXFIFX.DLL C:\Windows\system32\CTEXFIFX.DLL
18:53:54.0510 18036 CTEXFIFX.DLL - ok
18:53:54.0520 18036 [ 9E6A0A3CA3825BB568D42F5F3CB09453 ] CTHWIUT.DLL C:\Windows\system32\CTHWIUT.DLL
18:53:54.0530 18036 CTHWIUT.DLL - ok
18:53:54.0540 18036 [ 6A05134810301FA6FDD6E95583A91F35 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
18:53:54.0550 18036 ctprxy2k - ok
18:53:54.0570 18036 [ 99047FCEBAB495410CD58AB17284720A ] CTSBLFX.DLL C:\Windows\system32\CTSBLFX.DLL
18:53:54.0590 18036 CTSBLFX.DLL - ok
18:53:54.0590 18036 [ F792246CF9D8EE17F2B32E9069415CDD ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
18:53:54.0610 18036 ctsfm2k - ok
18:53:54.0660 18036 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
18:53:54.0670 18036 ctxusbm - ok
18:53:54.0730 18036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:53:54.0770 18036 DcomLaunch - ok
18:53:54.0790 18036 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:53:54.0820 18036 defragsvc - ok
18:53:54.0850 18036 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:53:54.0880 18036 DfsC - ok
18:53:54.0920 18036 DgiVecp - ok
18:53:54.0960 18036 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:53:54.0960 18036 dg_ssudbus - ok
18:53:55.0000 18036 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:53:55.0010 18036 Dhcp - ok
18:53:55.0030 18036 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:53:55.0060 18036 discache - ok
18:53:55.0080 18036 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:53:55.0090 18036 Disk - ok
18:53:55.0110 18036 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:53:55.0120 18036 Dnscache - ok
18:53:55.0150 18036 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:53:55.0180 18036 dot3svc - ok
18:53:55.0210 18036 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:53:55.0240 18036 DPS - ok
18:53:55.0280 18036 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:53:55.0290 18036 drmkaud - ok
18:53:55.0320 18036 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:53:55.0340 18036 DXGKrnl - ok
18:53:55.0360 18036 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:53:55.0390 18036 EapHost - ok
18:53:55.0470 18036 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:53:55.0510 18036 ebdrv - ok
18:53:55.0520 18036 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:53:55.0530 18036 EFS - ok
18:53:55.0570 18036 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:53:55.0580 18036 ehRecvr - ok
18:53:55.0610 18036 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:53:55.0620 18036 ehSched - ok
18:53:55.0640 18036 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:53:55.0650 18036 elxstor - ok
18:53:55.0670 18036 [ 1E2F860D9521FB73566C85CD17D58291 ] emupia C:\Windows\system32\drivers\emupia2k.sys
18:53:55.0680 18036 emupia - ok
18:53:55.0700 18036 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:53:55.0710 18036 ErrDev - ok
18:53:55.0730 18036 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:53:55.0760 18036 EventSystem - ok
18:53:55.0770 18036 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:53:55.0800 18036 exfat - ok
18:53:55.0800 18036 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:53:55.0830 18036 fastfat - ok
18:53:55.0870 18036 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:53:55.0880 18036 Fax - ok
18:53:55.0890 18036 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:53:55.0900 18036 fdc - ok
18:53:55.0910 18036 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:53:55.0940 18036 fdPHost - ok
18:53:55.0950 18036 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:53:55.0970 18036 FDResPub - ok
18:53:55.0990 18036 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:53:56.0000 18036 FileInfo - ok
18:53:56.0010 18036 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:53:56.0030 18036 Filetrace - ok
18:53:56.0040 18036 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:53:56.0050 18036 flpydisk - ok
18:53:56.0070 18036 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:53:56.0080 18036 FltMgr - ok
18:53:56.0170 18036 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:53:56.0190 18036 FontCache - ok
18:53:56.0220 18036 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:53:56.0230 18036 FontCache3.0.0.0 - ok
18:53:56.0250 18036 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:53:56.0260 18036 FsDepends - ok
18:53:56.0270 18036 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:53:56.0280 18036 Fs_Rec - ok
18:53:56.0350 18036 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
18:53:56.0360 18036 Futuremark SystemInfo Service - ok
18:53:56.0400 18036 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:53:56.0410 18036 fvevol - ok
18:53:56.0440 18036 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:53:56.0450 18036 gagp30kx - ok
18:53:56.0480 18036 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:53:56.0510 18036 gpsvc - ok
18:53:56.0560 18036 [ B3F220AD6EEDDC2546780B84A8919B7A ] ha10kx2k C:\Windows\system32\drivers\ha10kx2k.sys
18:53:56.0580 18036 ha10kx2k - ok
18:53:56.0600 18036 [ 5D6AEC608B871CC2C724114F34CAD3C8 ] hap16v2k C:\Windows\system32\drivers\hap16v2k.sys
18:53:56.0610 18036 hap16v2k - ok
18:53:56.0650 18036 [ B95BA8D7EA73A47FAC3A59CF4A3B3043 ] hap17v2k C:\Windows\system32\drivers\hap17v2k.sys
18:53:56.0660 18036 hap17v2k - ok
18:53:56.0680 18036 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:53:56.0690 18036 hcw85cir - ok
18:53:56.0740 18036 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:53:56.0750 18036 HdAudAddService - ok
18:53:56.0820 18036 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:53:56.0830 18036 HDAudBus - ok
18:53:56.0840 18036 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:53:56.0850 18036 HidBatt - ok
18:53:56.0870 18036 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:53:56.0880 18036 HidBth - ok
18:53:56.0890 18036 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:53:56.0900 18036 HidIr - ok
18:53:56.0920 18036 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:53:56.0950 18036 hidserv - ok
18:53:56.0980 18036 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:53:56.0990 18036 HidUsb - ok
18:53:57.0020 18036 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:53:57.0040 18036 hkmsvc - ok
18:53:57.0070 18036 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:53:57.0080 18036 HomeGroupListener - ok
18:53:57.0100 18036 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:53:57.0110 18036 HomeGroupProvider - ok
18:53:57.0130 18036 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:53:57.0140 18036 HpSAMD - ok
18:53:57.0180 18036 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:53:57.0210 18036 HTTP - ok
18:53:57.0230 18036 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:53:57.0240 18036 hwpolicy - ok
18:53:57.0260 18036 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:53:57.0270 18036 i8042prt - ok
18:53:57.0290 18036 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:53:57.0310 18036 iaStorV - ok
18:53:57.0340 18036 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:53:57.0360 18036 idsvc - ok
18:53:57.0390 18036 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:53:57.0400 18036 iirsp - ok
18:53:57.0430 18036 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:53:57.0460 18036 IKEEXT - ok
18:53:57.0510 18036 IntcAzAudAddService - ok
18:53:57.0520 18036 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:53:57.0530 18036 intelide - ok
18:53:57.0550 18036 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:53:57.0560 18036 intelppm - ok
18:53:57.0580 18036 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:53:57.0620 18036 IPBusEnum - ok
18:53:57.0650 18036 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:53:57.0670 18036 IpFilterDriver - ok
18:53:57.0700 18036 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:53:57.0720 18036 iphlpsvc - ok
18:53:57.0730 18036 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:53:57.0740 18036 IPMIDRV - ok
18:53:57.0750 18036 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:53:57.0780 18036 IPNAT - ok
18:53:57.0810 18036 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:53:57.0820 18036 IRENUM - ok
18:53:57.0830 18036 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:53:57.0840 18036 isapnp - ok
18:53:57.0850 18036 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:53:57.0860 18036 iScsiPrt - ok
18:53:57.0880 18036 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:53:57.0890 18036 kbdclass - ok
18:53:57.0900 18036 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:53:57.0910 18036 kbdhid - ok
18:53:57.0930 18036 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:53:57.0940 18036 KeyIso - ok
18:53:57.0960 18036 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:53:57.0970 18036 KSecDD - ok
18:53:57.0990 18036 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:53:58.0000 18036 KSecPkg - ok
18:53:58.0010 18036 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:53:58.0040 18036 ksthunk - ok
18:53:58.0070 18036 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:53:58.0100 18036 KtmRm - ok
18:53:58.0120 18036 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:53:58.0150 18036 LanmanServer - ok
18:53:58.0170 18036 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:53:58.0200 18036 LanmanWorkstation - ok
18:53:58.0310 18036 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:53:58.0330 18036 LBTServ - ok
18:53:58.0390 18036 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
18:53:58.0390 18036 LGBusEnum - ok
18:53:58.0420 18036 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
18:53:58.0430 18036 LGVirHid - ok
18:53:58.0480 18036 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:53:58.0490 18036 LHidFilt - ok
18:53:58.0520 18036 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:53:58.0540 18036 lltdio - ok
18:53:58.0570 18036 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:53:58.0600 18036 lltdsvc - ok
18:53:58.0610 18036 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:53:58.0640 18036 lmhosts - ok
18:53:58.0640 18036 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:53:58.0650 18036 LMouFilt - ok
18:53:58.0700 18036 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:53:58.0710 18036 LSI_FC - ok
18:53:58.0720 18036 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:53:58.0730 18036 LSI_SAS - ok
18:53:58.0730 18036 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:53:58.0740 18036 LSI_SAS2 - ok
18:53:58.0750 18036 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:53:58.0760 18036 LSI_SCSI - ok
18:53:58.0810 18036 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:53:58.0840 18036 luafv - ok
18:53:58.0920 18036 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
18:53:58.0930 18036 LUsbFilt - ok
18:53:59.0100 18036 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:53:59.0110 18036 MBAMProtector - ok
18:53:59.0140 18036 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:53:59.0150 18036 MBAMScheduler - ok
18:53:59.0190 18036 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:53:59.0210 18036 MBAMService - ok
18:53:59.0240 18036 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:53:59.0250 18036 Mcx2Svc - ok
18:53:59.0260 18036 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:53:59.0270 18036 megasas - ok
18:53:59.0290 18036 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:53:59.0300 18036 MegaSR - ok
18:53:59.0300 18036 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:53:59.0330 18036 MMCSS - ok
18:53:59.0340 18036 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:53:59.0360 18036 Modem - ok
18:53:59.0390 18036 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:53:59.0400 18036 monitor - ok
18:53:59.0430 18036 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:53:59.0440 18036 mouclass - ok
18:53:59.0450 18036 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:53:59.0460 18036 mouhid - ok
18:53:59.0480 18036 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:53:59.0490 18036 mountmgr - ok
18:53:59.0540 18036 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:53:59.0550 18036 MozillaMaintenance - ok
18:53:59.0600 18036 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:53:59.0610 18036 MpFilter - ok
18:53:59.0630 18036 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:53:59.0640 18036 mpio - ok
18:53:59.0660 18036 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:53:59.0690 18036 mpsdrv - ok
18:53:59.0720 18036 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:53:59.0750 18036 MpsSvc - ok
18:53:59.0770 18036 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:53:59.0790 18036 MRxDAV - ok
18:53:59.0810 18036 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:53:59.0820 18036 mrxsmb - ok
18:53:59.0870 18036 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:53:59.0880 18036 mrxsmb10 - ok
18:53:59.0880 18036 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:53:59.0890 18036 mrxsmb20 - ok
18:53:59.0900 18036 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:53:59.0910 18036 msahci - ok
18:53:59.0930 18036 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:53:59.0940 18036 msdsm - ok
18:53:59.0950 18036 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:53:59.0960 18036 MSDTC - ok
18:53:59.0990 18036 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:54:00.0010 18036 Msfs - ok
18:54:00.0020 18036 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:54:00.0050 18036 mshidkmdf - ok
18:54:00.0060 18036 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:54:00.0070 18036 msisadrv - ok
18:54:00.0090 18036 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:54:00.0120 18036 MSiSCSI - ok
18:54:00.0120 18036 msiserver - ok
18:54:00.0140 18036 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:54:00.0170 18036 MSKSSRV - ok
18:54:00.0240 18036 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:54:00.0250 18036 MsMpSvc - ok
18:54:00.0270 18036 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:54:00.0300 18036 MSPCLOCK - ok
18:54:00.0300 18036 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:54:00.0330 18036 MSPQM - ok
18:54:00.0350 18036 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:54:00.0370 18036 MsRPC - ok
18:54:00.0370 18036 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:54:00.0380 18036 mssmbios - ok
18:54:00.0380 18036 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:54:00.0410 18036 MSTEE - ok
18:54:00.0420 18036 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:54:00.0430 18036 MTConfig - ok
18:54:00.0460 18036 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
18:54:00.0470 18036 MTsensor - ok
18:54:00.0500 18036 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:54:00.0510 18036 Mup - ok
18:54:00.0550 18036 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:54:00.0580 18036 napagent - ok
18:54:00.0610 18036 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:54:00.0630 18036 NativeWifiP - ok
18:54:00.0670 18036 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:54:00.0680 18036 NDIS - ok
18:54:00.0710 18036 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:54:00.0740 18036 NdisCap - ok
18:54:00.0750 18036 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:54:00.0780 18036 NdisTapi - ok
18:54:00.0810 18036 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:54:00.0830 18036 Ndisuio - ok
18:54:00.0860 18036 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:54:00.0890 18036 NdisWan - ok
18:54:00.0910 18036 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:54:00.0940 18036 NDProxy - ok
18:54:00.0940 18036 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:54:00.0970 18036 NetBIOS - ok
18:54:00.0980 18036 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:54:01.0010 18036 NetBT - ok
18:54:01.0020 18036 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:54:01.0030 18036 Netlogon - ok
18:54:01.0060 18036 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:54:01.0090 18036 Netman - ok
18:54:01.0140 18036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:54:01.0150 18036 NetMsmqActivator - ok
18:54:01.0150 18036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:54:01.0160 18036 NetPipeActivator - ok
18:54:01.0180 18036 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:54:01.0210 18036 netprofm - ok
18:54:01.0230 18036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:54:01.0240 18036 NetTcpActivator - ok
18:54:01.0240 18036 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:54:01.0250 18036 NetTcpPortSharing - ok
18:54:01.0270 18036 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:54:01.0280 18036 nfrd960 - ok
18:54:01.0340 18036 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:54:01.0360 18036 NisDrv - ok
18:54:01.0420 18036 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
18:54:01.0430 18036 NisSrv - ok
18:54:01.0500 18036 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:54:01.0520 18036 NlaSvc - ok
18:54:01.0580 18036 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:54:01.0610 18036 Npfs - ok
18:54:01.0680 18036 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:54:01.0710 18036 nsi - ok
18:54:01.0720 18036 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:54:01.0740 18036 nsiproxy - ok
18:54:01.0790 18036 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:54:01.0820 18036 Ntfs - ok
18:54:01.0830 18036 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:54:01.0860 18036 Null - ok
18:54:02.0090 18036 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:54:02.0230 18036 nvlddmkm - ok
18:54:02.0300 18036 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:54:02.0310 18036 nvraid - ok
18:54:02.0320 18036 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:54:02.0330 18036 nvstor - ok
18:54:02.0370 18036 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:54:02.0390 18036 nvsvc - ok
18:54:02.0460 18036 [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:54:02.0490 18036 nvUpdatusService - ok
18:54:02.0530 18036 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:54:02.0540 18036 nv_agp - ok
18:54:02.0620 18036 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:54:02.0630 18036 odserv - ok
18:54:02.0640 18036 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:54:02.0650 18036 ohci1394 - ok
18:54:02.0670 18036 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:54:02.0680 18036 ose - ok
18:54:02.0690 18036 [ 678CC7DCF607BBD69A9F9333D39C2F1D ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
18:54:02.0700 18036 ossrv - ok
18:54:02.0730 18036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:54:02.0740 18036 p2pimsvc - ok
18:54:02.0760 18036 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:54:02.0770 18036 p2psvc - ok
18:54:02.0790 18036 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:54:02.0800 18036 Parport - ok
18:54:02.0820 18036 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:54:02.0830 18036 partmgr - ok
18:54:02.0840 18036 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:54:02.0860 18036 PcaSvc - ok
18:54:02.0890 18036 pccsmcfd - ok
18:54:02.0900 18036 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:54:02.0910 18036 pci - ok
18:54:02.0920 18036 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:54:02.0930 18036 pciide - ok
18:54:02.0950 18036 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:54:02.0960 18036 pcmcia - ok
18:54:02.0970 18036 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:54:02.0980 18036 pcw - ok
18:54:03.0000 18036 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:54:03.0040 18036 PEAUTH - ok
18:54:03.0080 18036 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:54:03.0100 18036 PeerDistSvc - ok
18:54:03.0170 18036 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:54:03.0180 18036 PerfHost - ok
18:54:03.0230 18036 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:54:03.0270 18036 pla - ok
18:54:03.0320 18036 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:54:03.0340 18036 PlugPlay - ok
18:54:03.0350 18036 PnkBstrA - ok
18:54:03.0350 18036 PnkBstrB - ok
18:54:03.0360 18036 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:54:03.0370 18036 PNRPAutoReg - ok
18:54:03.0390 18036 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:54:03.0400 18036 PNRPsvc - ok
18:54:03.0420 18036 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:54:03.0450 18036 PolicyAgent - ok
18:54:03.0480 18036 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:54:03.0510 18036 Power - ok
18:54:03.0550 18036 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:54:03.0580 18036 PptpMiniport - ok
18:54:03.0590 18036 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:54:03.0600 18036 Processor - ok
18:54:03.0640 18036 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:54:03.0650 18036 ProfSvc - ok
18:54:03.0660 18036 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:54:03.0670 18036 ProtectedStorage - ok
18:54:03.0710 18036 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:54:03.0740 18036 Psched - ok
18:54:03.0770 18036 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:54:03.0800 18036 ql2300 - ok
18:54:03.0810 18036 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:54:03.0820 18036 ql40xx - ok
18:54:03.0830 18036 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:54:03.0850 18036 QWAVE - ok
18:54:03.0860 18036 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:54:03.0870 18036 QWAVEdrv - ok
18:54:03.0910 18036 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
18:54:03.0920 18036 RapiMgr - ok
18:54:03.0940 18036 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:54:03.0970 18036 RasAcd - ok
18:54:03.0980 18036 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:54:04.0010 18036 RasAgileVpn - ok
18:54:04.0020 18036 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:54:04.0050 18036 RasAuto - ok
18:54:04.0070 18036 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:54:04.0100 18036 Rasl2tp - ok
18:54:04.0120 18036 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:54:04.0150 18036 RasMan - ok
18:54:04.0160 18036 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:54:04.0190 18036 RasPppoe - ok
18:54:04.0200 18036 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:54:04.0230 18036 RasSstp - ok
18:54:04.0250 18036 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:54:04.0280 18036 rdbss - ok
18:54:04.0290 18036 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:54:04.0310 18036 rdpbus - ok
18:54:04.0310 18036 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:54:04.0340 18036 RDPCDD - ok
18:54:04.0380 18036 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:54:04.0390 18036 RDPDR - ok
18:54:04.0410 18036 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:54:04.0430 18036 RDPENCDD - ok
18:54:04.0450 18036 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:54:04.0480 18036 RDPREFMP - ok
18:54:04.0530 18036 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:54:04.0540 18036 RdpVideoMiniport - ok
18:54:04.0580 18036 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:54:04.0590 18036 RDPWD - ok
18:54:04.0610 18036 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:54:04.0620 18036 rdyboost - ok
18:54:04.0650 18036 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:54:04.0680 18036 RemoteAccess - ok
18:54:04.0700 18036 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:54:04.0730 18036 RemoteRegistry - ok
18:54:04.0760 18036 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:54:04.0780 18036 RpcEptMapper - ok
18:54:04.0790 18036 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:54:04.0800 18036 RpcLocator - ok
18:54:04.0830 18036 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:54:04.0860 18036 RpcSs - ok
18:54:04.0870 18036 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:54:04.0900 18036 rspndr - ok
18:54:04.0950 18036 [ D63C9C1A427A134461258B7B8742858F ] RTCore64 C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
18:54:04.0960 18036 RTCore64 - ok
18:54:05.0000 18036 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:54:05.0010 18036 s3cap - ok
18:54:05.0010 18036 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:54:05.0020 18036 SamSs - ok
18:54:05.0040 18036 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:54:05.0050 18036 sbp2port - ok
18:54:05.0070 18036 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:54:05.0100 18036 SCardSvr - ok
18:54:05.0120 18036 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:54:05.0140 18036 scfilter - ok
18:54:05.0170 18036 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:54:05.0210 18036 Schedule - ok
18:54:05.0240 18036 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:54:05.0270 18036 SCPolicySvc - ok
18:54:05.0290 18036 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:54:05.0300 18036 SDRSVC - ok
18:54:05.0310 18036 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:54:05.0340 18036 secdrv - ok
18:54:05.0350 18036 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:54:05.0380 18036 seclogon - ok
18:54:05.0380 18036 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:54:05.0410 18036 SENS - ok
18:54:05.0420 18036 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:54:05.0430 18036 SensrSvc - ok
18:54:05.0430 18036 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:54:05.0440 18036 Serenum - ok
18:54:05.0460 18036 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:54:05.0470 18036 Serial - ok
18:54:05.0500 18036 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:54:05.0510 18036 sermouse - ok
18:54:05.0540 18036 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:54:05.0570 18036 SessionEnv - ok
18:54:05.0580 18036 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:54:05.0590 18036 sffdisk - ok
18:54:05.0610 18036 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:54:05.0620 18036 sffp_mmc - ok
18:54:05.0630 18036 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:54:05.0640 18036 sffp_sd - ok
18:54:05.0650 18036 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:54:05.0660 18036 sfloppy - ok
18:54:05.0700 18036 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:54:05.0730 18036 SharedAccess - ok
18:54:05.0750 18036 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:54:05.0780 18036 ShellHWDetection - ok
18:54:05.0780 18036 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:54:05.0790 18036 SiSRaid2 - ok
18:54:05.0810 18036 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:54:05.0820 18036 SiSRaid4 - ok
18:54:05.0870 18036 [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:54:05.0880 18036 SkypeUpdate - ok
18:54:05.0890 18036 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:54:05.0920 18036 Smb - ok
18:54:05.0940 18036 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:54:05.0950 18036 SNMPTRAP - ok
18:54:05.0960 18036 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys
18:54:05.0970 18036 speedfan - ok
18:54:05.0990 18036 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:54:05.0990 18036 spldr - ok
18:54:06.0040 18036 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:54:06.0060 18036 Spooler - ok
18:54:06.0130 18036 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:54:06.0180 18036 sppsvc - ok
18:54:06.0200 18036 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:54:06.0230 18036 sppuinotify - ok
18:54:06.0280 18036 [ 88E5162E58C8919CC873F5D8946197CF ] sptd C:\Windows\System32\Drivers\sptd.sys
18:54:06.0300 18036 sptd - ok
18:54:06.0320 18036 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:54:06.0340 18036 srv - ok
18:54:06.0350 18036 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:54:06.0360 18036 srv2 - ok
18:54:06.0370 18036 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:54:06.0380 18036 srvnet - ok
18:54:06.0410 18036 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:54:06.0440 18036 SSDPSRV - ok
18:54:06.0460 18036 SSPORT - ok
18:54:06.0470 18036 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:54:06.0500 18036 SstpSvc - ok
18:54:06.0550 18036 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:54:06.0560 18036 ssudmdm - ok
18:54:06.0590 18036 Steam Client Service - ok
18:54:06.0650 18036 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:54:06.0670 18036 Stereo Service - ok
18:54:06.0680 18036 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:54:06.0690 18036 stexstor - ok
18:54:06.0740 18036 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:54:06.0760 18036 stisvc - ok
18:54:06.0780 18036 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:54:06.0790 18036 storflt - ok
18:54:06.0800 18036 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:54:06.0810 18036 storvsc - ok
18:54:06.0840 18036 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:54:06.0850 18036 swenum - ok
18:54:06.0870 18036 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:54:06.0910 18036 swprv - ok
18:54:06.0920 18036 Synth3dVsc - ok
18:54:06.0970 18036 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:54:07.0000 18036 SysMain - ok
18:54:07.0010 18036 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:54:07.0030 18036 TabletInputService - ok
18:54:07.0050 18036 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:54:07.0080 18036 TapiSrv - ok
18:54:07.0090 18036 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:54:07.0120 18036 TBS - ok
18:54:07.0170 18036 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:54:07.0200 18036 Tcpip - ok
18:54:07.0220 18036 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:54:07.0250 18036 TCPIP6 - ok
18:54:07.0270 18036 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:54:07.0280 18036 tcpipreg - ok
18:54:07.0290 18036 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:54:07.0300 18036 TDPIPE - ok
18:54:07.0310 18036 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:54:07.0320 18036 TDTCP - ok
18:54:07.0360 18036 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:54:07.0380 18036 tdx - ok
18:54:07.0480 18036 [ F7BE59881AEBE72722B0AB669EF23BB4 ] Te.Service C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
18:54:07.0480 18036 Te.Service ( UnsignedFile.Multi.Generic ) - warning
18:54:07.0480 18036 Te.Service - detected UnsignedFile.Multi.Generic (1)
18:54:07.0590 18036 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
18:54:07.0640 18036 TeamViewer8 - ok
18:54:07.0670 18036 [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
18:54:07.0680 18036 teamviewervpn - ok
18:54:07.0690 18036 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:54:07.0700 18036 TermDD - ok
18:54:07.0730 18036 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:54:07.0760 18036 TermService - ok
18:54:07.0770 18036 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:54:07.0790 18036 Themes - ok
18:54:07.0810 18036 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:54:07.0840 18036 THREADORDER - ok
18:54:07.0850 18036 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:54:07.0880 18036 TrkWks - ok
18:54:07.0920 18036 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:54:07.0950 18036 TrustedInstaller - ok
18:54:07.0970 18036 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:54:08.0000 18036 tssecsrv - ok
18:54:08.0020 18036 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:54:08.0030 18036 TsUsbFlt - ok
18:54:08.0030 18036 tsusbhub - ok
18:54:08.0060 18036 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:54:08.0090 18036 tunnel - ok
18:54:08.0110 18036 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:54:08.0120 18036 uagp35 - ok
18:54:08.0140 18036 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:54:08.0170 18036 udfs - ok
18:54:08.0180 18036 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:54:08.0190 18036 UI0Detect - ok
18:54:08.0210 18036 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:54:08.0220 18036 uliagpkx - ok
18:54:08.0220 18036 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:54:08.0240 18036 umbus - ok
18:54:08.0250 18036 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:54:08.0260 18036 UmPass - ok
18:54:08.0270 18036 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:54:08.0290 18036 UmRdpService - ok
18:54:08.0300 18036 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:54:08.0330 18036 upnphost - ok
18:54:08.0350 18036 upperdev - ok
18:54:08.0370 18036 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:54:08.0380 18036 usbccgp - ok
18:54:08.0390 18036 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:54:08.0410 18036 usbcir - ok
18:54:08.0430 18036 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:54:08.0440 18036 usbehci - ok
18:54:08.0470 18036 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:54:08.0480 18036 usbhub - ok
18:54:08.0500 18036 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:54:08.0510 18036 usbohci - ok
18:54:08.0530 18036 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:54:08.0540 18036 usbprint - ok
18:54:08.0550 18036 UsbserFilt - ok
18:54:08.0580 18036 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:54:08.0590 18036 USBSTOR - ok
18:54:08.0620 18036 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:54:08.0630 18036 usbuhci - ok
18:54:08.0640 18036 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:54:08.0670 18036 UxSms - ok
18:54:08.0680 18036 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:54:08.0690 18036 VaultSvc - ok
18:54:08.0700 18036 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:54:08.0710 18036 vdrvroot - ok
18:54:08.0750 18036 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:54:08.0780 18036 vds - ok
18:54:08.0780 18036 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:54:08.0800 18036 vga - ok
18:54:08.0810 18036 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:54:08.0830 18036 VgaSave - ok
18:54:08.0840 18036 VGPU - ok
18:54:08.0860 18036 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:54:08.0870 18036 vhdmp - ok
18:54:08.0880 18036 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:54:08.0890 18036 viaide - ok
18:54:08.0910 18036 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:54:08.0920 18036 vmbus - ok
18:54:08.0930 18036 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:54:08.0940 18036 VMBusHID - ok
18:54:08.0960 18036 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:54:08.0970 18036 volmgr - ok
18:54:08.0990 18036 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:54:09.0010 18036 volmgrx - ok
18:54:09.0020 18036 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:54:09.0030 18036 volsnap - ok
18:54:09.0060 18036 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:54:09.0070 18036 vsmraid - ok
18:54:09.0110 18036 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:54:09.0150 18036 VSS - ok
18:54:09.0160 18036 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:54:09.0170 18036 vwifibus - ok
18:54:09.0210 18036 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:54:09.0240 18036 W32Time - ok
18:54:09.0240 18036 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:54:09.0250 18036 WacomPen - ok
18:54:09.0280 18036 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:54:09.0300 18036 WANARP - ok
18:54:09.0310 18036 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:54:09.0330 18036 Wanarpv6 - ok
18:54:09.0370 18036 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:54:09.0390 18036 wbengine - ok
18:54:09.0410 18036 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:54:09.0420 18036 WbioSrvc - ok
18:54:09.0480 18036 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
18:54:09.0490 18036 WcesComm - ok
18:54:09.0490 18036 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:54:09.0510 18036 wcncsvc - ok
18:54:09.0520 18036 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:54:09.0540 18036 WcsPlugInService - ok
18:54:09.0540 18036 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:54:09.0550 18036 Wd - ok
18:54:09.0580 18036 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:54:09.0600 18036 Wdf01000 - ok
18:54:09.0610 18036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:54:09.0630 18036 WdiServiceHost - ok
18:54:09.0630 18036 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:54:09.0640 18036 WdiSystemHost - ok
18:54:09.0660 18036 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:54:09.0680 18036 WebClient - ok
18:54:09.0690 18036 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:54:09.0720 18036 Wecsvc - ok
18:54:09.0730 18036 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:54:09.0760 18036 wercplsupport - ok
18:54:09.0780 18036 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:54:09.0810 18036 WerSvc - ok
18:54:09.0830 18036 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:54:09.0850 18036 WfpLwf - ok
18:54:09.0860 18036 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:54:09.0870 18036 WIMMount - ok
18:54:09.0880 18036 WinDefend - ok
18:54:09.0920 18036 WinHttpAutoProxySvc - ok
18:54:09.0970 18036 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:54:10.0000 18036 Winmgmt - ok
18:54:10.0040 18036 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:54:10.0090 18036 WinRM - ok
18:54:10.0100 18036 [ FE88B288356E7B47B74B13372ADD906D ] WINUSB C:\Windows\system32\DRIVERS\WinUsb.sys
18:54:10.0110 18036 WINUSB - ok
18:54:10.0140 18036 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:54:10.0170 18036 Wlansvc - ok
18:54:10.0280 18036 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:54:10.0310 18036 wlidsvc - ok
18:54:10.0330 18036 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:54:10.0340 18036 WmiAcpi - ok
18:54:10.0360 18036 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:54:10.0370 18036 wmiApSrv - ok
18:54:10.0380 18036 WMPNetworkSvc - ok
18:54:10.0380 18036 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:54:10.0400 18036 WPCSvc - ok
18:54:10.0410 18036 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:54:10.0430 18036 WPDBusEnum - ok
18:54:10.0430 18036 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:54:10.0460 18036 ws2ifsl - ok
18:54:10.0470 18036 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:54:10.0480 18036 wscsvc - ok
18:54:10.0480 18036 WSearch - ok
18:54:10.0560 18036 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:54:10.0600 18036 wuauserv - ok
18:54:10.0620 18036 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:54:10.0630 18036 WudfPf - ok
18:54:10.0660 18036 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:54:10.0670 18036 WUDFRd - ok
18:54:10.0690 18036 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:54:10.0700 18036 wudfsvc - ok
18:54:10.0730 18036 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:54:10.0740 18036 WwanSvc - ok
18:54:10.0780 18036 [ 64F88AF327AA74E03658AE32B48CCB8B ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
18:54:10.0800 18036 yukonw7 - ok
18:54:10.0810 18036 ================ Scan global ===============================
18:54:10.0840 18036 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:54:10.0870 18036 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:54:10.0880 18036 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:54:10.0900 18036 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:54:10.0920 18036 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:54:10.0920 18036 [Global] - ok
18:54:10.0920 18036 ================ Scan MBR ==================================
18:54:10.0940 18036 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:54:11.0210 18036 \Device\Harddisk0\DR0 - ok
18:54:11.0210 18036 ================ Scan VBR ==================================
18:54:11.0210 18036 [ 8304284C8AF402C47C10C489E8B59195 ] \Device\Harddisk0\DR0\Partition1
18:54:11.0210 18036 \Device\Harddisk0\DR0\Partition1 - ok
18:54:11.0230 18036 [ EE62AD6D47539CF10D9206CBB5FC686C ] \Device\Harddisk0\DR0\Partition2
18:54:11.0230 18036 \Device\Harddisk0\DR0\Partition2 - ok
18:54:11.0270 18036 [ 8FE3F3F0466D586300826F29D993A30D ] \Device\Harddisk0\DR0\Partition3
18:54:11.0270 18036 \Device\Harddisk0\DR0\Partition3 - ok
18:54:11.0280 18036 [ CA7E2C4D3007289BE632A1B8A45C85DC ] \Device\Harddisk0\DR0\Partition4
18:54:11.0280 18036 \Device\Harddisk0\DR0\Partition4 - ok
18:54:11.0320 18036 [ 37880DBEA529076994E1834A693D0F00 ] \Device\Harddisk0\DR0\Partition5
18:54:11.0320 18036 \Device\Harddisk0\DR0\Partition5 - ok
18:54:11.0320 18036 ============================================================
18:54:11.0320 18036 Scan finished
18:54:11.0320 18036 ============================================================
18:54:11.0320 18016 Detected object count: 1
18:54:11.0320 18016 Actual detected object count: 1
18:56:38.0820 18016 Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:56:38.0820 18016 Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
Geändert von Fitzendrix (22.03.2013 um 18:58 Uhr) |
|
23.03.2013, 10:04
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.03.2013, 12:08
| #13 |
| | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Hallo Cosinus, das Programm ComboFix ist bei dem ersten Durchlauf bei Erstellung der Logdatei vermutlich gestorben - nach ca. 20min hatte sich da immer noch nichts getan. Der zweite Durchlauf war erfolgreich, hier die Daten: [code] Combofix Logfile: Code:
ATTFilter ComboFix 13-03-21.02 - Anti 23.03.2013 10:48:20.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.4095.2554 [GMT 1:00]
ausgeführt von:: c:\users\Anti\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
H:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-02-23 bis 2013-03-23 ))))))))))))))))))))))))))))))
.
.
2013-03-23 09:51 . 2013-03-23 09:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-23 09:51 . 2013-03-23 09:51 -------- d-----w- c:\users\Gideon\AppData\Local\temp
2013-03-23 09:51 . 2013-03-23 09:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-23 07:12 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{17A130A3-82FD-4CC2-A853-9D23DDDEE124}\mpengine.dll
2013-03-22 17:57 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-22 04:52 . 2012-12-13 05:38 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A7F501CA-215A-4EBC-999F-8231B1D61A88}\gapaengine.dll
2013-03-17 12:50 . 2013-03-17 13:47 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-03-17 10:13 . 2013-03-17 10:13 -------- d-----w- c:\users\Anti\AppData\Roaming\Malwarebytes
2013-03-17 10:13 . 2013-03-17 10:13 -------- d-----w- c:\programdata\Malwarebytes
2013-03-17 10:13 . 2013-03-17 10:13 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-17 10:13 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-17 10:13 . 2013-03-17 10:13 -------- d-----w- c:\users\Anti\AppData\Local\Programs
2013-03-16 21:01 . 2013-03-16 21:01 -------- d-----w- c:\programdata\Blizzard Entertainment
2013-03-16 21:00 . 2013-03-16 21:00 -------- d-----w- c:\programdata\Battle.net
2013-03-14 05:38 . 2013-02-02 06:47 1392128 ----a-w- c:\windows\system32\wininet.dll
2013-03-13 05:36 . 2012-12-13 05:38 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-03-09 13:31 . 2013-03-09 13:31 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-02-26 18:17 . 2013-02-26 18:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-16 15:13 . 2010-07-07 17:35 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-03-14 05:40 . 2009-11-07 11:10 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-12 19:03 . 2012-04-11 06:05 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-12 19:03 . 2012-03-24 07:14 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-12 05:45 . 2013-03-14 05:19 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-14 05:19 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-14 05:19 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 05:45 . 2013-03-14 05:19 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 04:48 . 2013-03-14 05:19 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-14 05:19 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-10 03:25 . 2012-11-03 15:17 17987192 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-10 03:25 . 2012-11-03 15:17 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-10 03:25 . 2012-11-03 15:17 2854344 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-10 03:25 . 2012-11-03 15:17 2528840 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-10 03:25 . 2012-11-03 15:17 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-10 01:04 . 2012-11-03 15:19 6393120 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-10 01:04 . 2012-11-03 15:19 3472672 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-10 01:04 . 2012-11-03 15:19 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-02-10 01:04 . 2012-11-03 15:19 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-02-10 01:04 . 2012-11-03 15:19 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-02-10 01:04 . 2012-11-03 15:19 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-02-09 17:43 . 2013-02-09 17:43 555808 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-01-30 10:53 . 2009-11-07 11:11 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 14:59 . 2013-01-20 14:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59 . 2012-08-30 21:03 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-05 05:53 . 2013-02-13 05:27 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-13 05:27 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-13 05:26 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-13 05:26 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-13 05:26 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-13 05:26 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-13 05:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-13 05:26 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-13 05:26 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-13 05:26 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-13 05:26 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-13 05:26 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-13 05:26 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-20 1476104]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-12-18 578560]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-12-20 844296]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18709248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AsioThk32Reg"="CTASIO.DLL" [2007-04-09 80896]
"CTHelper"="CTHELPER.EXE" [2007-04-09 19456]
"CTxfiHlp"="CTXFIHLP.EXE" [2007-04-09 19968]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2010-03-10 300400]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"AsioReg"="CTASIO.DLL" [2007-04-09 80896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DevconDefaultDB"="c:\windows\system32\READREG" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-19 871408]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-10-05 87600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-02-09 383264]
S2 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [2012-05-18 127488]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTCore64;RTCore64;c:\program files (x86)\EVGA Precision X\RTCore64.sys [2012-10-17 15176]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2012-07-02 35112]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-09-28 395264]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 19:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"="CTASIO.DLL" [BU]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.meinvz.de/
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\
FF - ExtSQL: 2013-02-14 18:33; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF - ExtSQL: 2013-02-14 18:35; {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}; c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF - ExtSQL: 2013-02-14 18:35; browserprotect@browserprotect.com; c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\extensions\browserprotect@browserprotect.com.xpi
FF - ExtSQL: 2013-02-14 18:38; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2099689543-711430740-2413729619-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:83,44,a9,fd,0c,d7,36,5b,6f,de,4b,5f,44,84,e1,cc,34,7b,ea,53,99,c4,35,
94,c4,51,30,51,ee,13,8a,5b,60,8f,8b,e5,89,a2,01,33,8e,52,27,7c,ea,a9,d1,2c,\
"??"=hex:41,e0,42,8c,cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b
.
[HKEY_USERS\S-1-5-21-2099689543-711430740-2413729619-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:d6,f6,cc,9c,34,1e,37,d3,c5,00,e7,ac,81,cf,a7,f5,1c,8a,6e,be,79,
da,3c,e9,9d,65,7b,6b,ec,69,02,55,e6,90,b3,66,e5,0a,2c,6a,fd,77,63,37,5f,df,\
"rkeysecu"=hex:75,f7,ec,8a,6e,fd,4a,62,4b,6f,18,cd,d0,d3,57,15
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-03-23 10:53:12
ComboFix-quarantined-files.txt 2013-03-23 09:53
.
Vor Suchlauf: 21 Verzeichnis(se), 49.915.154.432 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 49.706.426.368 Bytes frei
.
- - End Of File - - AFE90F402BC6B0DF5503709912F751CB
|
|
23.03.2013, 16:24
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.03.2013, 12:26
| #15 |
| | mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B Hallo Cosinus: Junkware Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.3 (03.23.2013:1)
OS: Windows 7 Ultimate x64
Ran by Anti on 24.03.2013 at 9:56:34,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\daemon tools toolbar"
~~~ FireFox
Successfully deleted: [File] C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\browserprotect@browserprotect.com.xpi
Successfully deleted the following from C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\prefs.js
user_pref("extensions.browserprotect.searchProviderExceptions", "hxxp://en.wikipedia.org/wiki/Special:Search;hxxp://search.yahoo.com/search;hxxp://www.amazon.com/exec/obidos/e
Emptied folder: C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\minidumps [131 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.03.2013 at 10:04:10,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.115 - Datei am 24/03/2013 um 10:56:08 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : Anti - CHAOS-KISTE
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Anti\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\Anti\AppData\Roaming\Mozilla\Firefox\Profiles\vtxa9re5.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [1294 octets] - [24/03/2013 10:33:56]
AdwCleaner[S1].txt - [330 octets] - [24/03/2013 10:34:26]
AdwCleaner[S2].txt - [1288 octets] - [24/03/2013 10:56:08]
########## EOF - C:\AdwCleaner[S2].txt - [1348 octets] ##########
und OTL OTL Logfile: Code:
ATTFilter OTL logfile created on: 24.03.2013 11:00:28 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anti\Desktop\Neuer Ordner 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 58,95% Memory free 14,00 Gb Paging File | 12,08 Gb Available in Paging File | 86,32% Paging File free Paging file location(s): h:\pagefile.sys 10240 10240 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,65 Gb Total Space | 47,01 Gb Free Space | 48,14% Space Free | Partition Type: NTFS Drive D: | 100,01 Gb Total Space | 78,13 Gb Free Space | 78,13% Space Free | Partition Type: NTFS Drive F: | 195,31 Gb Total Space | 33,46 Gb Free Space | 17,13% Space Free | Partition Type: NTFS Drive G: | 97,65 Gb Total Space | 18,33 Gb Free Space | 18,77% Space Free | Partition Type: NTFS Drive H: | 104,06 Gb Total Space | 93,45 Gb Free Space | 89,80% Space Free | Partition Type: NTFS Drive J: | 7,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: CHAOS-KISTE | User Name: Anti | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Anti\Desktop\Neuer Ordner\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe () PRC - C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe () PRC - C:\Program Files (x86)\EVGA Precision X\Bundle\EVGAVoltageTuner\EVGAVoltageTuner.exe (EVGA Corp.) PRC - C:\Fraps\fraps.exe (Beepa P/L) PRC - C:\Windows\SysWOW64\PnkBstrB.exe () PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.) PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - G:\Setupordner\Systemprogramme\lcdsirreal278\LCDSirReal.exe () PRC - C:\Windows\SysWOW64\CtHelper.exe (Creative Technology Ltd) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll () MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe () MOD - C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe () MOD - C:\Program Files (x86)\EVGA Precision X\RTMUI.dll () MOD - C:\Program Files (x86)\EVGA Precision X\RTHAL.dll () MOD - C:\Program Files (x86)\EVGA Precision X\RTCore.dll () MOD - C:\Program Files (x86)\EVGA Precision X\RTUI.dll () MOD - C:\Program Files (x86)\EVGA Precision X\RTFC.dll () MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSSHooks.dll () MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTMUI.dll () MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTUI.dll () MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTFC.dll () MOD - C:\Program Files (x86)\EVGA Precision X\RTTSH.dll () MOD - C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTTSH.dll () MOD - G:\Setupordner\Systemprogramme\lcdsirreal278\LCDSirReal.exe () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation) SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe () SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH) DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys () DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (COMMONFX.DLL) -- C:\Windows\SysNative\COMMONFX.DLL (Creative Technology Ltd) DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd) DRV:64bit: - (hap17v2k) -- C:\Windows\SysNative\drivers\haP17v2k.sys (Creative Technology Ltd) DRV:64bit: - (hap16v2k) -- C:\Windows\SysNative\drivers\haP16v2k.sys (Creative Technology Ltd) DRV:64bit: - (ha10kx2k) -- C:\Windows\SysNative\drivers\ha10kx2k.sys (Creative Technology Ltd) DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd) DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd) DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd) DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.) DRV:64bit: - (ctaud2k) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd) DRV:64bit: - (CTHWIUT.DLL) -- C:\Windows\SysNative\CTHWIUT.DLL (Creative Technology Ltd.) DRV:64bit: - (CT20XUT.DLL) -- C:\Windows\SysNative\CT20XUT.DLL (Creative Technology Ltd.) DRV:64bit: - (CTEXFIFX.DLL) -- C:\Windows\SysNative\CTEXFIFX.DLL (Creative Technology Ltd.) DRV:64bit: - (CTEDSPSY.DLL) -- C:\Windows\SysNative\CTEDSPSY.DLL (Creative Technology Ltd) DRV:64bit: - (CTEDSPIO.DLL) -- C:\Windows\SysNative\CTEDSPIO.DLL (Creative Technology Ltd) DRV:64bit: - (CTERFXFX.DLL) -- C:\Windows\SysNative\CTERFXFX.DLL (Creative Technology Ltd) DRV:64bit: - (CTEDSPFX.DLL) -- C:\Windows\SysNative\CTEDSPFX.DLL (Creative Technology Ltd) DRV:64bit: - (CTEAPSFX.DLL) -- C:\Windows\SysNative\CTEAPSFX.DLL (Creative Technology Ltd) DRV:64bit: - (CTSBLFX.DLL) -- C:\Windows\SysNative\CTSBLFX.DLL (Creative Technology Ltd) DRV:64bit: - (CTAUDFX.DLL) -- C:\Windows\SysNative\CTAUDFX.DLL (Creative Technology Ltd) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV - (RTCore64) -- C:\Program Files (x86)\EVGA Precision X\RTCore64.sys () DRV - (SSPORT) -- C:\Windows\SysWOW64\drivers\SSPORT.SYS (Samsung Electronics) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.meinvz.de/ IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 4A C5 72 3A 59 CD 01 [binary data] IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..\SearchScopes\{57B5E9C0-DDCC-4FC0-9AAA-A99EFED6CEFC}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms} IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..\SearchScopes\{900EEA37-B77F-404B-B225-D2EC298058DC}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2099689543-711430740-2413729619-1007\..\SearchScopes,DefaultScope = ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129 FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.8 FF - prefs.js..extensions.enabledAddons: nasanightlaunch%40example.com:0.6.20130206 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 06:41:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 19:24:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 06:41:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.08 19:24:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.17 13:50:41 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.06.11 18:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Extensions [2009.12.21 01:08:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013.03.24 10:03:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions [2013.03.03 08:09:04 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2013.01.31 15:45:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Anti\AppData\Roaming\mozilla\Firefox\Profiles\vtxa9re5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013.02.23 10:59:45 | 002,345,043 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\nasanightlaunch@example.com.xpi [2013.03.05 06:05:17 | 000,531,283 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.02.14 07:23:01 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.02.14 18:35:19 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2013.02.14 18:33:16 | 000,698,764 | ---- | M] () (No name found) -- C:\Users\Anti\AppData\Roaming\mozilla\firefox\profiles\vtxa9re5.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2013.03.08 06:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.08 06:41:24 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.03.11 00:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2010.03.11 00:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2010.03.11 00:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2010.03.11 00:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2012.02.18 11:21:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.03.11 00:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2011.03.22 19:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010.03.11 00:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2012.06.01 17:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.09 20:59:55 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.01 17:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.01 17:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.01 17:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.01 17:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.03.23 10:37:19 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O4:64bit: - HKLM..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL File not found O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [AsioReg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd) O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd) O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\.DEFAULT..\Run: [DevconDefaultDB] C:\Windows\SysWow64\READREG.exe (Creative Technology Limited) O4 - HKU\S-1-5-18..\Run: [DevconDefaultDB] C:\Windows\SysWow64\READREG.exe (Creative Technology Limited) O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1007..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2099689543-711430740-2413729619-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-2099689543-711430740-2413729619-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2099689543-711430740-2413729619-1001\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites) O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com.tw/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7880B74D-1DFC-4B1E-9DFE-1EED515B6BDC}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found O18:64bit: - Protocol\Filter\ica - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.08.03 16:57:48 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012.11.02 00:38:02 | 000,000,058 | -H-- | M] () - J:\autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.24 09:56:31 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.03.24 09:56:11 | 000,000,000 | ---D | C] -- C:\JRT [2013.03.24 09:51:53 | 000,550,069 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Anti\Desktop\JRT.exe [2013.03.23 21:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.03.23 21:59:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013.03.23 21:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2013.03.23 21:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2013.03.23 21:59:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2013.03.23 21:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2013.03.23 21:55:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2013.03.23 21:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2013.03.23 21:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2013.03.23 20:37:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.03.23 10:53:14 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.03.23 10:26:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.03.23 10:26:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.03.23 10:26:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.03.23 10:26:22 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.03.23 10:26:05 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.03.23 10:23:08 | 005,042,224 | R--- | C] (Swearware) -- C:\Users\Anti\Desktop\ComboFix.exe [2013.03.21 16:42:06 | 000,000,000 | ---D | C] -- C:\Users\Anti\Desktop\mbar-1.01.0.1021 [2013.03.18 20:12:45 | 000,000,000 | ---D | C] -- C:\Users\Anti\Desktop\Neuer Ordner [2013.03.17 13:50:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.03.17 11:13:49 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Roaming\Malwarebytes [2013.03.17 11:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.03.17 11:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.17 11:13:34 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.03.17 11:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.03.17 11:13:16 | 000,000,000 | ---D | C] -- C:\Users\Anti\AppData\Local\Programs [2013.03.16 22:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [2013.03.16 22:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2013.03.16 22:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2013.03.16 21:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e95598d0.temp [2013.03.16 21:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e7271c42.temp [2013.03.16 20:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.3a018b42.temp [2013.03.16 17:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.e6f2b040.temp [2013.03.16 17:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.d48c6a9e.temp [2013.03.16 17:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.a0d452d4.temp [2013.03.16 16:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.3aaca235.temp [2013.03.16 16:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II.temp [2013.03.16 16:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2013.03.14 06:39:04 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.14 06:39:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.14 06:39:03 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.03.14 06:39:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.03.14 06:39:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.14 06:39:02 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.14 06:39:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.14 06:39:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.14 06:39:01 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.14 06:39:01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.14 06:39:00 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.03.14 06:39:00 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.03.14 06:38:58 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.03.14 06:38:58 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.03.14 06:38:58 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.09 15:31:09 | 000,000,000 | ---D | C] -- C:\Users\Anti\Desktop\div. Programme [2013.03.09 14:31:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013.03.09 14:28:52 | 026,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013.03.09 14:28:52 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013.03.09 14:28:52 | 020,534,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2013.03.09 14:28:52 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2013.03.09 14:28:52 | 012,862,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2013.03.09 14:28:52 | 009,422,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013.03.09 14:28:52 | 007,964,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2013.03.09 14:28:52 | 007,569,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013.03.09 14:28:52 | 006,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2013.03.09 14:28:52 | 002,911,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013.03.09 14:28:52 | 002,726,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2013.03.09 14:28:52 | 002,350,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013.03.09 14:28:52 | 001,990,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2013.03.09 14:28:52 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420294.dll [2013.03.09 14:28:52 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6420162.dll [2013.03.08 06:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.27 06:38:15 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.02.27 06:38:15 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.02.27 06:38:15 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.02.27 06:38:15 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.02.27 06:38:12 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.02.27 06:38:12 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.02.27 06:38:10 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.02.27 06:38:10 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.27 06:38:10 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.27 06:38:10 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.27 06:38:10 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.27 06:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.27 06:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.27 06:38:10 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.27 06:38:10 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.27 06:38:09 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.02.27 06:38:09 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.02.27 06:38:09 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.02.27 06:38:09 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.02.27 06:38:09 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.02.27 06:38:09 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.27 06:38:09 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.27 06:38:09 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.27 06:38:09 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.27 06:38:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.27 06:38:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.27 06:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.27 06:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.27 06:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.27 06:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.27 06:38:08 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.02.27 06:38:08 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.02.27 06:38:08 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.02.27 06:38:08 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.02.27 06:38:08 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.02.27 06:38:08 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.02.27 06:38:08 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.02.27 06:38:07 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.02.27 06:38:07 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.02.27 06:38:07 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.02.27 06:38:07 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.02.26 19:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.02.26 19:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.24 11:03:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.24 10:58:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.24 10:57:52 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys [2013.03.24 10:52:49 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.24 10:52:49 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.24 09:52:31 | 000,609,993 | ---- | M] () -- C:\Users\Anti\Desktop\adwcleaner.exe [2013.03.24 09:52:11 | 000,550,069 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Anti\Desktop\JRT.exe [2013.03.23 20:40:00 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys [2013.03.23 10:37:19 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.03.23 10:23:30 | 005,042,224 | R--- | M] (Swearware) -- C:\Users\Anti\Desktop\ComboFix.exe [2013.03.18 18:38:00 | 000,000,020 | ---- | M] () -- C:\Users\Anti\defogger_reenable [2013.03.16 22:01:06 | 000,000,739 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2013.03.16 14:15:12 | 000,033,688 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.16 14:15:12 | 000,033,688 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.16 14:15:12 | 000,029,604 | ---- | M] () -- C:\Windows\SysNative\BMXCtrlState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.16 14:15:12 | 000,029,604 | ---- | M] () -- C:\Windows\SysNative\BMXBkpCtrlState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.16 14:15:12 | 000,011,564 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000008-00000000-00000002-00001102-00000008-10211102}.rfx [2013.03.14 06:37:55 | 004,958,588 | ---- | M] () -- C:\Windows\{00000008-00000000-00000002-00001102-00000008-10211102}.CDF [2013.03.12 20:03:47 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.03.12 20:03:47 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.03.09 10:31:59 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk [2013.03.06 18:11:16 | 001,642,284 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.03.06 18:11:16 | 000,707,316 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.03.06 18:11:16 | 000,660,934 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.03.06 18:11:16 | 000,152,908 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.03.06 18:11:16 | 000,125,124 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.24 09:52:27 | 000,609,993 | ---- | C] () -- C:\Users\Anti\Desktop\adwcleaner.exe [2013.03.23 10:26:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.03.23 10:26:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.03.23 10:26:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.03.23 10:26:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.03.23 10:26:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.03.18 18:38:00 | 000,000,020 | ---- | C] () -- C:\Users\Anti\defogger_reenable [2013.03.16 22:01:04 | 000,000,739 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2013.03.09 10:31:59 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk [2013.03.08 19:24:39 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2012.08.28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.08.28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.08.28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.08.28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.08.28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.06.20 17:17:59 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2012.06.15 19:21:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.04.18 18:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.04.06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.04.06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.01.10 22:27:55 | 000,000,412 | ---- | C] () -- C:\Users\Anti\AppData\Roaming\All CPU Meter_Settings.ini [2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009.11.07 19:05:35 | 000,007,605 | ---- | C] () -- C:\Users\Anti\AppData\Local\Resmon.ResmonCfg [2009.11.07 16:26:30 | 000,000,092 | ---- | C] () -- C:\Users\Anti\AppData\Local\fusioncache.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > sowie Extras OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 24.03.2013 11:00:28 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anti\Desktop\Neuer Ordner
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 58,95% Memory free
14,00 Gb Paging File | 12,08 Gb Available in Paging File | 86,32% Paging File free
Paging file location(s): h:\pagefile.sys 10240 10240 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,65 Gb Total Space | 47,01 Gb Free Space | 48,14% Space Free | Partition Type: NTFS
Drive D: | 100,01 Gb Total Space | 78,13 Gb Free Space | 78,13% Space Free | Partition Type: NTFS
Drive F: | 195,31 Gb Total Space | 33,46 Gb Free Space | 17,13% Space Free | Partition Type: NTFS
Drive G: | 97,65 Gb Total Space | 18,33 Gb Free Space | 18,77% Space Free | Partition Type: NTFS
Drive H: | 104,06 Gb Total Space | 93,45 Gb Free Space | 89,80% Space Free | Partition Type: NTFS
Drive J: | 7,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: CHAOS-KISTE | User Name: Anti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09839E28-ABC0-4EA5-84A6-C580F3D27107}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{15E38D09-512D-4451-85EE-1643B616963F}" = lport=58912 | protocol=17 | dir=in | name=pando media booster |
"{26D796BD-8D95-4F00-BC65-C7D6343506C0}" = lport=40980 | protocol=6 | dir=in | name=test authoring and execution framework service |
"{2926B42D-DBB0-4AE9-9978-A99D94299ACE}" = lport=58912 | protocol=6 | dir=in | name=pando media booster |
"{432EA76B-4942-4674-9B0F-4FBBCB43C9F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5B920D1A-3875-41B9-92C0-09C1B2743775}" = lport=rpc-epmap | protocol=6 | dir=in | name=test authoring and execution framework service (rpc endpoint mapper) |
"{5E7CDEBC-27D6-4A3B-AFB4-F8525D82073B}" = lport=445 | protocol=6 | dir=in | app=system |
"{6098B9E1-CFA0-4913-B701-8BDDB0ECA4E8}" = rport=445 | protocol=6 | dir=out | app=system |
"{6739CEF6-3B16-4347-AE82-CD15EE3D8831}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9716D1F8-70E4-4DC1-B8BD-647AC15F8628}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9A7B5E8D-8385-44AA-9E66-831CE332A3E2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B4FE28D-283B-4A53-A8FC-86D381829E54}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5311E5B-AF0F-4032-920E-89D800200892}" = lport=139 | protocol=6 | dir=in | app=system |
"{A5634912-DC51-49B9-9675-2B8025D224BA}" = lport=58912 | protocol=17 | dir=in | name=pando media booster |
"{BB4EAE86-5B7C-4EDC-9215-0FE484A7E5F3}" = lport=58912 | protocol=6 | dir=in | name=pando media booster |
"{BBC3905F-11E1-42DB-987A-B1117B46A7D5}" = rport=139 | protocol=6 | dir=out | app=system |
"{CF10ABEB-752B-4F50-80FA-F8B50743CB63}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D262D3E9-5914-469F-994E-7A8892F09F42}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D825D0DF-D942-4E2B-B030-132318ECE4DF}" = lport=137 | protocol=17 | dir=in | app=system |
"{DC5A2D6E-65F9-4600-BDEF-07F8E700AA6E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E690912F-1279-4008-A697-ABE0D527FE82}" = lport=138 | protocol=17 | dir=in | app=system |
"{E80E45A4-E645-4FC9-914D-6A7C7938F4DB}" = rport=138 | protocol=17 | dir=out | app=system |
"{E8AA8E93-48C4-461D-9802-40745A1FB09A}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02DDB7DD-176F-46E0-8896-1E813AC823E1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0C3B484D-AF1C-4960-BC5F-D8E1C9D5B29A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{0CB8A718-33E9-41DE-99CD-48543C1EF520}" = protocol=6 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\game.dat |
"{15D02AC0-838B-402D-911A-7E5678B592D0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.exe |
"{1D73AC2D-0F48-4128-88EE-F8478809F61D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1FC1CFE2-7E11-4E94-A1B8-FF850D84B69C}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{2038EBA0-27F8-41E0-A494-F9AAC7D7F159}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2D32ECB0-DFD4-4D03-968D-5D11E85195DA}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{2DE03716-68A2-44EA-919F-65A3429D6A27}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2DE522A4-9FEE-4837-9CA5-2AF98C87009E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{2E486553-B2EA-4CD0-A4B0-66794C0A66EB}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{2EA54C13-3CA1-420F-A6A9-26E6527BA57C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{2FBBB557-F1CE-47F2-9C47-9D036CE59234}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{384D9010-4A0F-4E73-BA4B-67D0CA8FAADF}" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\masseffect2launcher.exe |
"{38A55526-A768-4556-B563-B2E815C88C4A}" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii public test.exe |
"{3925B5C4-71F7-43D5-A690-08162B9996BF}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{3C56E207-E997-4375-A152-494B470C64ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{41A26827-FEDE-43DD-BC84-55A12BF53B82}" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\binaries\masseffect2.exe |
"{448E043E-D23D-4B73-A4F3-9B98023DE740}" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\binaries\masseffect2.exe |
"{47C9EC04-093A-4736-A9C0-60E9F42610CD}" = protocol=6 | dir=in | app=f:\spiele-7\wot\worldoftanks.exe |
"{4A5A06CB-BBE5-4F0F-B0E1-4715E261D28E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D5C5E87-59F9-4315-AAFE-F08FC3A72662}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{50A12E94-5577-4639-BA34-EB721A16295C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5196814F-E8A8-4DBB-8683-F9E5C6988B7A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{57622651-0FDD-4D3A-85ED-010AB86BCDEA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{597BCAD2-F66D-45D5-ACE2-3FC044C9C54A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5BF61A3A-219F-4D81-BA49-B9A2662CB8FB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5C846A4F-0183-4F6D-A687-5A9132962638}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{5CA36A3F-5B8B-474C-BECC-80049F660408}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5EFC2240-DDF4-487D-A3C1-4DFB17FA5423}" = protocol=17 | dir=in | app=f:\spiele-7\wot\wotlauncher.exe |
"{62C54429-4C55-4309-991A-FE9C16A31FD2}" = protocol=6 | dir=in | app=f:\spiele-7\wot\wotlauncher.exe |
"{66F17F62-E3EF-41ED-B687-E7DC646575EC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{67275120-00BF-4C5B-AFE7-1CD9F3810AE4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6ED489B5-737C-4FE8-8680-AC1C0459CD47}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{73E14F3D-2241-4B49-A5F9-94B22BFA0916}" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\masseffect2launcher.exe |
"{74C3096E-7161-4125-BF45-14F983FCEA81}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{794E24B4-D7F2-445B-9E08-D25187B3E2A5}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{79DAAD6E-60FA-46D7-9119-B6FC5D1D15DA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{7A0AF599-A862-452B-B489-11D09CC72EC5}" = protocol=17 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\game.dat |
"{7B0EA50E-63C2-4B1B-925C-DBEF47AB2F14}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{7B4B93FF-1CE7-4848-B361-B57E9E43E8A2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{81E39794-2740-4C72-8509-568D10FDF616}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{84940352-FED9-40FD-BAAC-E6F741BB790F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{86D14627-41EF-407E-814D-89F27C7E96B0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{8A886395-C3DC-4201-BC97-5F1631E5D1E1}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{98BBEA95-315C-448B-9673-493860E5CF54}" = protocol=17 | dir=in | app=f:\spiele-7\diablo3\diablo iii\diablo iii.exe |
"{9C92E0D0-6CAC-48AC-B777-3A67C1FBA851}" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii public test.exe |
"{9D3F2E67-9FD5-4C68-8492-E25B9AB4CC5D}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{9DD56909-39FD-43F9-B5C1-E70D72824AF9}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{A09D62C8-D5DB-42D2-91FD-37E58F4CBEE2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A30206A4-22AA-4916-9636-9A33E31102CB}" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii.exe |
"{A38A8801-8823-491F-9760-6FFFBCACD04E}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A559BE55-7CE4-4942-92EC-64BF018784D5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A6245B2A-4DED-4BC9-97CB-B8C50506F325}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{A8E074B9-C532-4E58-869F-AAB8DA9675B6}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{A96AB6BC-47CB-4865-8A2B-AFE7D62CB8B7}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{B167FF0A-3F5F-4E8A-9442-37DC3E61A786}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{B1939052-93B9-4E06-A371-39B0ABAE660A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B2BCC57F-16C7-4138-9DC2-B9405667E633}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B56C7ED0-D1E3-4CF0-B575-8B9E588964C0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{B67D324F-10AD-4AEE-8839-23857FEE59FB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.exe |
"{BC3F7C99-CAB1-406E-B646-2924CF16CBBA}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe |
"{C2A97B82-A585-44EE-9EF1-69E973F8F656}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{C2F907CB-F01E-4D95-9093-9FF7234C2AB9}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{CC08C57E-939A-441B-A2C4-17F4AD5013C5}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{D7F8167B-E09E-46CD-A36F-D3B95C0D700F}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{D88A52D6-70AE-45B9-A998-AA3C75B4E962}" = protocol=17 | dir=in | app=f:\spiele-7\wot\worldoftanks.exe |
"{DB678A6D-AD39-4A16-B6B0-C59C117F5055}" = protocol=17 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
"{E01019EC-744D-4D82-A263-F32E77C80A7F}" = protocol=6 | dir=in | app=f:\spiele-7\diablo3\diablo iii\diablo iii.exe |
"{E0A7976A-F99F-421E-B320-FC8C8E151183}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EEA311B4-FAA8-4B13-91D7-376BDFBB5EEB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F4DADB3C-C2F5-4471-A223-7ED34872928E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F64FC89F-47D0-4AF9-80B5-4FAB9A80DB24}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F950C5D7-1D3E-44D7-8922-4462B0E4DAB9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FA55BA45-5DB4-45E5-8B22-7250A7F3F041}" = protocol=6 | dir=in | app=f:\spiele\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{FC325BDA-78AC-4DD4-A257-F8CDEEEF529F}" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\starcraft ii.exe |
"TCP Query User{13C32560-1425-4969-B6AD-EF9816AB61AF}F:\spiele-7\hdr-schlacht um mittelerde\patchget.dat" = protocol=6 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\patchget.dat |
"TCP Query User{15450AE5-9AA0-4F1A-B837-8ADF655448B4}F:\spiele-7\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=f:\spiele-7\guild wars 2\gw2.exe |
"TCP Query User{6CFDB880-D270-4167-8806-5FE84AF66AAD}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{9C7DDDFC-CF25-43DB-9666-45DD1F04AA1B}F:\spiele-7\lotro\lotroclient.exe" = protocol=6 | dir=in | app=f:\spiele-7\lotro\lotroclient.exe |
"TCP Query User{A5E768D8-1514-4596-ABD4-910588E4900E}F:\spiele\steam\steam.exe" = protocol=6 | dir=in | app=f:\spiele\steam\steam.exe |
"TCP Query User{CC505C34-D773-478D-87CB-D9209D2A6907}F:\spiele-7\starcraft ii\versions\base24944\sc2.exe" = protocol=6 | dir=in | app=f:\spiele-7\starcraft ii\versions\base24944\sc2.exe |
"TCP Query User{CCBDA70B-0F7D-4BE2-BCB0-F0B9382AA2AF}F:\spiele-7\mass effect 2\binaries\eacoreserver.exe" = protocol=6 | dir=in | app=f:\spiele-7\mass effect 2\binaries\eacoreserver.exe |
"UDP Query User{2A7F565A-B4CA-4785-9DF3-5394D652C6B3}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{8738BDA9-F7E6-4F71-B745-A7B92124EB2E}F:\spiele-7\mass effect 2\binaries\eacoreserver.exe" = protocol=17 | dir=in | app=f:\spiele-7\mass effect 2\binaries\eacoreserver.exe |
"UDP Query User{9FB92513-373A-452E-B7BF-AC4F26AA5699}F:\spiele-7\starcraft ii\versions\base24944\sc2.exe" = protocol=17 | dir=in | app=f:\spiele-7\starcraft ii\versions\base24944\sc2.exe |
"UDP Query User{DD2097BB-F408-44A4-A1B0-3F161B337989}F:\spiele-7\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=f:\spiele-7\guild wars 2\gw2.exe |
"UDP Query User{E6BE6D34-A68D-476E-92A1-FDB0C6A1B537}F:\spiele\steam\steam.exe" = protocol=17 | dir=in | app=f:\spiele\steam\steam.exe |
"UDP Query User{E82EA5AB-340E-4D48-ABDE-E0C8B4019D34}F:\spiele-7\hdr-schlacht um mittelerde\patchget.dat" = protocol=17 | dir=in | app=f:\spiele-7\hdr-schlacht um mittelerde\patchget.dat |
"UDP Query User{F6807266-FBD5-4F4B-BD03-71974F569FC6}F:\spiele-7\lotro\lotroclient.exe" = protocol=17 | dir=in | app=f:\spiele-7\lotro\lotroclient.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1F85668C-CEB7-7A2E-356C-C42F950A982C}" = AMD Accelerated Video Transcoding
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{4161341F-AE84-E404-4291-4E0322CCE809}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{7FD0FD0D-AC40-A3BF-F2D4-54EFEDB0008F}" = AMD Drag and Drop Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AB58402A-43DE-551C-2B40-DD1CF0E21240}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.07
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}" = AMD Catalyst Install Manager
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60.1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"SP6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{023D64D7-E7B4-47C7-BE6E-B7C2E8960D08}" = Citrix Online Plug-in (Web)
"{0B03071A-C96E-34CA-E5A3-4D8DA8ACCB3D}" = CCC Help Polish
"{1472627A-6E9F-DCB1-8894-E2BD249FD5E4}" = CCC Help Thai
"{1A2C316B-F842-6FB3-3C87-6FE02861F396}" = Catalyst Control Center
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{218BE476-B206-2879-B912-971E6E89E44D}" = CCC Help Finnish
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2DFFE333-1B60-4CAA-F836-3CF0C99777CA}" = CCC Help Norwegian
"{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{364374D2-FE10-2170-2397-5B01F9D00093}" = CCC Help Spanish
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{3ff842b6-4ab0-4291-8ebf-0a26b3701b04}" = Windows Driver Kit
"{40786C7F-7078-5147-444E-D45DE808B684}" = CCC Help Portuguese
"{43D3EA3E-2B72-57F3-40E0-318A614D0FDD}" = CCC Help Czech
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F7823C4-BB28-A63E-CE08-1B463D4682DE}" = CCC Help Dutch
"{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper Version 3.2.0
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{60D66D9B-760B-4006-9443-08960A811D4C}" = Windows Driver Frameworks Update Packages
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D7B8E2C-4356-619D-134F-FB36B0809958}" = CCC Help German
"{6DA2AF51-EE25-BB21-9106-FF69FC83DDB7}" = Kits Configuration Installer
"{6F173E00-2766-E174-C2E0-AD88F24685BD}" = CCC Help Swedish
"{6F8EAC65-314D-4D86-9557-BC9312AACCB0}" = Citrix Online Plug-in (USB)
"{6FAEC41D-0654-12C1-0068-770D19FC2446}" = CCC Help Italian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73D239CC-D6B1-ADEC-A7BE-E100C7112004}" = CCC Help Korean
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8144262B-25B4-44F6-8204-FCC8EF50179F}" = Citrix Online Plug-in (DV)
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D3D92F0-852F-D832-FD8B-029C8C231C13}" = CCC Help Russian
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{963FFEAB-16E5-EB69-4E64-338B3D319FB4}" = CCC Help Chinese Standard
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F7E9D7B-3291-96CE-A27F-DD4F6EB230EA}" = CCC Help Chinese Traditional
"{A11E24AD-A7EB-78C9-F792-AD9CDDB8B651}" = Catalyst Control Center InstallProxy
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6FDE264-C48D-36CE-CFA7-ABBEB861AC10}" = Catalyst Control Center Localization All
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B31A9284-632D-683E-3BD0-F6926D445A7B}" = CCC Help Danish
"{B7A75523-3D7F-CF23-12F7-999EAF6C7167}" = CCC Help Japanese
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C821D689-95BE-0D60-255E-D9B89CB3019F}" = Catalyst Control Center Graphics Previews Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{CE1458AA-23A7-332D-68D9-86B799898DA6}" = CCC Help Greek
"{D08A5DFE-F0C2-74FC-DD56-A3B371E9344D}" = EA Shared Game Component: Activation
"{D1C1F497-452C-89D8-EE26-014184714B78}" = Windows Driver Kit
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{E0655E94-1D4D-8484-64C6-E6F847B7BE92}" = CCC Help Turkish
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E555950B-1496-C37C-CA2C-2DF8745A5BE9}" = CCC Help English
"{EA74A293-3FAC-4D1B-AE3A-3BD47FADDC20}" = Citrix Online Plug-in (HDX)
"{EE229D0E-3D9E-636C-6E75-9436A87C7E49}" = CCC Help French
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F536CCF1-C4C1-5FB9-6B17-F883DFFAE569}" = CCC Help Hungarian
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Stalker Complete 2009 v1.4.4}}_is1" = Stalker Complete 2009 v1.4.4
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = Der Herr der Ringe Online v03.05.01.8027
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"CitrixOnlinePluginPackWeb" = Citrix Online Plug-in - Web
"com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Shared Game Component: Activation
"Diablo III" = Diablo III
"EA Installer.-2062380449" = EA Installer
"Fraps" = Fraps
"Guild Wars" = GUILD WARS
"Guild Wars 2" = Guild Wars 2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20962D9D-D7B9-4AEE-B72B-5C9A45A1B402}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{3521F7CF-9343-4C1F-AE5E-0D2A57A18D2B}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{CC862A04-B2B0-4A79-ADD2-4B76D6CF4DCD}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 17.0.4 (x86 de)" = Mozilla Thunderbird 17.0.4 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PrecisionX" = EVGA Precision X 3.0.4
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218" = Source SDK Base 2007
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 8" = TeamViewer 8
"Winamp" = Winamp
"WinRAR archiver" = WinRAR Archivierer
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2099689543-711430740-2413729619-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 24.03.2013 05:24:03 | Computer Name = Chaos-Kiste | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.
Neue
Signaturversion: Vorherige Signaturversion: 1.147.356.0 Aktualisierungsquelle: %%859
Aktualisierungsphase:
%%852 Quellpfad: hxxp://www.microsoft.com Signaturtyp: %%800 Aktualisierungstyp: %%803
Benutzer:
NT-AUTORITÄT\SYSTEM Aktuelle Modulversion: Vorherige Modulversion: 1.1.9302.0 Fehlercode:
0x8024402c Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates.
Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie
unter "Hilfe und Support".
Error - 24.03.2013 05:45:19 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 24.03.2013 05:45:25 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 24.03.2013 05:58:11 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 24.03.2013 05:58:19 | Computer Name = Chaos-Kiste | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
Gruß Fitzendrix |
|
| Themen zu mögliche Infektion durch den Trojaner:Trojan:JS/Seedabutor.B |
| 7-zip, black, cpu-z, explorer, firefox, flash player, hängen, install.exe, installation, js/seedabutor.b, launch, microsoft essentials, mozilla, ntdll.dll, object, office 2007, pando media booster, plug-in, problem, prüfen, registry, rundll, scan, security, senden, software, svchost.exe, teamspeak, trojan:js/seedabutor.b, trojaner, windows |
Linear-Darstellung
